Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json)
Hash identifier: 1WjU/09kb04UxJDhMZ/KeR6Te0LSV+nK39aDPh3QRaE=
Subject key identifier: C5:F8:30:46:AE:A6:37:8A:DA:D0:E9:01:DC:CC:C7:4E:0C:DC:CD:A7
Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Certificate serial: 019DCF3E08AA5CCC26B0B7A869720B0E497E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
Manifest number: 02BF
Signing time: Mon 27 Apr 2026 14:00:42 +0000
Manifest this update: Mon 27 Apr 2026 14:00:42 +0000
Manifest next update: Tue 28 Apr 2026 14:00:42 +0000
Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: 9wQFV35PNyb77o6hRDMNGzbhqJJn/jvCqzqHBVVEGjw=)
2: vVXnYinPG4h5TcTea17Iv2i5FYs.roa (hash: vQ3FQGy71ne2HeyP0gu2+P/Q4WprPJAgNPNHKJfJ9Dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:3e:08:aa:5c:cc:26:b0:b7:a8:69:72:0b:0e:49:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Validity
Not Before: Apr 27 14:00:42 2026 GMT
Not After : Apr 28 14:00:42 2026 GMT
Subject: CN=c5f83046aea6378adad0e901dcccc74e0cdccda7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:96:2a:1c:16:77:73:5c:99:80:2d:c0:c0:db:
12:5c:df:09:52:a7:5a:92:54:4d:1c:a7:b7:49:b5:
5a:7d:ee:e3:f3:3c:55:2f:40:11:05:d6:f5:86:44:
44:70:7d:1b:82:79:a2:73:a0:d3:db:a5:a5:05:da:
3e:47:82:3b:3b:c6:38:c8:b7:fd:ad:de:87:18:f5:
34:87:62:65:33:79:cb:0d:d9:00:66:b3:be:16:c4:
6b:4e:96:ee:dc:26:de:8b:14:11:79:18:f4:fd:f8:
68:05:11:30:69:89:68:3f:54:d0:61:b4:ef:2f:90:
55:80:56:58:f3:3f:f5:2d:2d:eb:b5:5d:ac:1d:77:
82:6c:bd:72:86:23:e4:35:a9:65:76:e4:fd:9c:c2:
dc:4c:fb:13:dd:ea:90:7e:5e:fc:93:ba:ee:a1:3c:
7b:25:1e:12:5f:b8:d7:f6:10:12:41:86:a6:5d:1d:
67:cd:40:7a:ec:65:b7:7f:a0:5d:7e:0d:ea:42:fb:
c8:01:0f:9f:ec:f7:82:5f:4f:ea:99:73:27:7e:d1:
b0:62:20:58:c7:f3:a7:80:e9:7f:db:38:97:4a:b8:
d9:57:0a:67:55:25:5e:2c:b2:41:a7:58:3c:50:e5:
15:8f:58:6e:99:18:37:28:16:8a:6c:a5:cc:2e:5c:
8d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F8:30:46:AE:A6:37:8A:DA:D0:E9:01:DC:CC:C7:4E:0C:DC:CD:A7
X509v3 Authority Key Identifier:
keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
80:c2:b6:58:2e:27:45:ea:a3:1b:43:ff:8e:1d:4e:08:d1:61:
63:60:98:f9:56:51:00:92:e8:4f:92:e6:a8:04:e1:12:dc:81:
0a:1f:7c:5f:6e:5c:b6:5a:08:34:dd:e3:a9:d8:c9:e0:94:e5:
bc:0d:56:de:d1:2c:d5:d6:f2:24:79:03:27:75:5d:37:ae:82:
8b:3a:52:72:5a:6a:61:15:57:0b:95:c4:5f:10:e4:40:d1:eb:
a6:7f:6e:cc:0a:f2:75:41:fd:8a:01:a0:c6:a9:e3:63:5f:be:
42:df:5e:82:c9:e1:7f:88:67:d5:14:ea:20:c5:08:22:e9:aa:
ef:6a:42:d0:2f:c4:d2:c7:93:e3:1a:98:ce:bf:28:df:7f:b3:
37:d2:60:20:6d:8e:f5:1e:43:bb:d5:8f:37:23:2a:d6:81:da:
c6:ca:2e:8c:86:14:ca:da:c5:9c:d2:f5:ee:73:90:e5:87:e3:
d1:2c:9d:ba:ea:22:60:dd:d8:07:40:d3:1b:36:12:79:09:df:
c5:ef:4e:ca:bb:f9:5d:b7:1b:aa:29:99:88:10:02:3e:56:36:
21:dc:b8:5a:4b:1f:81:82:d8:51:34:b6:59:89:84:1f:a9:c0:
49:59:df:01:43:ba:cd:d2:29:ca:1e:f9:47:1a:8e:2b:a5:6d:
a3:f5:22:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3PPgiqXMwmsLeoaXILDkl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm
ZTUyYjkwHhcNMjYwNDI3MTQwMDQyWhcNMjYwNDI4MTQwMDQyWjAzMTEwLwYDVQQD
EyhjNWY4MzA0NmFlYTYzNzhhZGFkMGU5MDFkY2NjYzc0ZTBjZGNjZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpYqHBZ3c1yZgC3AwNsSXN8JUqda
klRNHKe3SbVafe7j8zxVL0ARBdb1hkREcH0bgnmic6DT26WlBdo+R4I7O8Y4yLf9
rd6HGPU0h2JlM3nLDdkAZrO+FsRrTpbu3CbeixQReRj0/fhoBREwaYloP1TQYbTv
L5BVgFZY8z/1LS3rtV2sHXeCbL1yhiPkNallduT9nMLcTPsT3eqQfl78k7ruoTx7
JR4SX7jX9hASQYamXR1nzUB67GW3f6Bdfg3qQvvIAQ+f7PeCX0/qmXMnftGwYiBY
x/OngOl/2ziXSrjZVwpnVSVeLLJBp1g8UOUVj1humRg3KBaKbKXMLlyNFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMX4MEaupjeK2tDpAdzMx04M3M2nMB8GA1UdIwQY
MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt
NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0
LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgMK2WC4n
ReqjG0P/jh1OCNFhY2CY+VZRAJLoT5LmqAThEtyBCh98X25ctloINN3jqdjJ4JTl
vA1W3tEs1dbyJHkDJ3VdN66CizpSclpqYRVXC5XEXxDkQNHrpn9uzArydUH9igGg
xqnjY1++Qt9egsnhf4hn1RTqIMUIIumq72pC0C/E0seT4xqYzr8o33+zN9JgIG2O
9R5Du9WPNyMq1oHaxsoujIYUytrFnNL17nOQ5Yfj0SyduuoiYN3YB0DTGzYSeQnf
xe9Oyrv5XbcbqimZiBACPlY2Idy4WksfgYLYUTS2WYmEH6nASVnfAUO6zdIpyh75
RxqOK6Vto/UiZA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:50:06 2026 by rpki-client