Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
File: 2xTnpr6Xzsb1vBpninbqbRYZwwY.mft (raw, json)
Hash identifier: kxeaNWuzb7Ro4sDw6QE8Egbyr1XnjW6GySvUDcUmVyg=
Subject key identifier: 00:3A:27:23:D9:C4:F2:39:0C:C9:A5:5E:3F:D7:FA:D8:DC:B7:3B:D1
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 019D37522251628B2766D56C07267F3F5C95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
Manifest number: 1652
Signing time: Sun 29 Mar 2026 02:00:22 +0000
Manifest this update: Sun 29 Mar 2026 02:00:22 +0000
Manifest next update: Mon 30 Mar 2026 02:00:22 +0000
Files and hashes: 1: 2xTnpr6Xzsb1vBpninbqbRYZwwY.crl (hash: gpGrXKxm+8lADRT5Af8/7UWaRDTtYPDo528X/waaOwY=)
2: hJR5NdWu4-Lv4WFC0Lu_BxFdjI8.roa (hash: N6VCG9vXtUWHshJ3njO134sBkm0kEo7esti0M/kqZCQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:22:51:62:8b:27:66:d5:6c:07:26:7f:3f:5c:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Mar 29 02:00:22 2026 GMT
Not After : Mar 30 02:00:22 2026 GMT
Subject: CN=003a2723d9c4f2390cc9a55e3fd7fad8dcb73bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ab:fe:59:d9:6f:20:f4:b0:a3:c2:0b:a0:3a:
3c:6b:8d:67:0e:b0:ca:a9:3c:d1:10:4a:5e:68:b9:
49:a9:8a:c9:62:c7:1a:e4:31:d9:7a:b5:1b:06:67:
c3:5d:ad:cc:ca:d3:cb:88:cc:90:e0:6a:e7:e0:85:
d6:13:17:50:ba:d0:e9:a0:65:a3:ee:6b:64:c9:b9:
f8:1c:fa:37:4b:c6:7a:ff:62:33:c2:61:72:00:b1:
d2:bc:44:0a:92:bb:29:4d:d4:11:35:f5:0d:30:67:
61:31:fc:4c:04:f2:bb:90:6a:13:bd:42:2e:60:41:
df:c0:90:7a:e4:4f:93:16:21:70:a1:a9:fc:79:05:
2e:a8:42:3d:2b:da:78:7e:e2:0c:60:c2:fd:9d:4e:
5e:63:37:fa:24:3f:9f:8b:1e:0e:53:49:e7:a0:d3:
12:fb:7b:b4:bd:cd:a6:3b:6e:f5:41:de:60:aa:0b:
14:7a:05:56:f3:cc:9e:9b:3f:c4:7f:ea:6f:ba:1c:
74:29:52:39:7b:5b:31:26:14:fb:10:f7:29:7f:fe:
81:08:0a:15:e5:21:eb:44:b2:c6:2c:3c:55:f6:ea:
8b:c1:b0:b0:c3:d4:e2:9b:39:64:79:81:92:52:0d:
9b:0e:7d:76:64:67:d6:07:1d:89:de:44:ea:11:e0:
01:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:3A:27:23:D9:C4:F2:39:0C:C9:A5:5E:3F:D7:FA:D8:DC:B7:3B:D1
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:2f:01:04:bf:aa:4d:68:19:4f:e2:24:db:54:7f:85:20:76:
f4:07:e9:22:4c:4d:af:51:fd:93:d9:9d:58:4b:e2:69:60:72:
12:f3:8e:d5:93:76:1e:82:3a:38:cf:d5:fa:33:03:ed:71:7d:
6c:ac:e8:a1:2a:da:b2:16:c5:e8:88:aa:91:14:44:8a:a9:dd:
c8:25:d2:11:d3:ba:0b:ae:77:a1:85:7b:3e:e0:79:e6:1f:0e:
ce:cb:fe:e5:18:ef:3f:82:84:32:ab:9f:dd:19:8d:38:92:04:
5d:53:86:0d:c4:7a:86:7f:e7:ea:4f:28:fd:97:b3:6f:f8:f0:
a0:ae:70:ef:e9:67:f9:8f:95:9a:25:17:79:f4:7b:a7:34:1e:
f6:09:3f:9f:c0:7d:74:7d:6e:4e:8c:1e:d3:37:ea:b1:d5:84:
84:c7:a5:3c:4f:f3:2c:37:72:9d:17:1d:73:5d:80:8e:31:eb:
83:3e:b7:de:7a:da:fd:bf:b9:30:ab:1a:e7:0c:64:90:07:02:
0d:71:53:59:dd:62:3b:15:b4:57:05:d3:2f:bf:ec:70:47:c1:
cf:e7:00:76:ae:da:58:81:a8:f7:0f:97:29:1d:75:b0:0b:21:
67:b6:52:c7:49:23:e8:8f:5a:be:49:12:00:23:c0:38:e5:87:
90:9b:38:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UiJRYosnZtVsByZ/P1yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx
OWMzMDYwHhcNMjYwMzI5MDIwMDIyWhcNMjYwMzMwMDIwMDIyWjAzMTEwLwYDVQQD
EygwMDNhMjcyM2Q5YzRmMjM5MGNjOWE1NWUzZmQ3ZmFkOGRjYjczYmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1av+WdlvIPSwo8ILoDo8a41nDrDK
qTzREEpeaLlJqYrJYsca5DHZerUbBmfDXa3MytPLiMyQ4Grn4IXWExdQutDpoGWj
7mtkybn4HPo3S8Z6/2IzwmFyALHSvEQKkrspTdQRNfUNMGdhMfxMBPK7kGoTvUIu
YEHfwJB65E+TFiFwoan8eQUuqEI9K9p4fuIMYML9nU5eYzf6JD+fix4OU0nnoNMS
+3u0vc2mO271Qd5gqgsUegVW88yemz/Ef+pvuhx0KVI5e1sxJhT7EPcpf/6BCAoV
5SHrRLLGLDxV9uqLwbCww9TimzlkeYGSUg2bDn12ZGfWBx2J3kTqEeABCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAA6JyPZxPI5DMmlXj/X+tjctzvRMB8GA1UdIwQY
MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt
MTFmOTFkMDczOWM5LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5
LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOC8BBL+q
TWgZT+Ik21R/hSB29AfpIkxNr1H9k9mdWEviaWByEvOO1ZN2HoI6OM/V+jMD7XF9
bKzooSrashbF6IiqkRREiqndyCXSEdO6C653oYV7PuB55h8Ozsv+5RjvP4KEMquf
3RmNOJIEXVOGDcR6hn/n6k8o/Zezb/jwoK5w7+ln+Y+VmiUXefR7pzQe9gk/n8B9
dH1uTowe0zfqsdWEhMelPE/zLDdynRcdc12AjjHrgz633nra/b+5MKsa5wxkkAcC
DXFTWd1iOxW0VwXTL7/scEfBz+cAdq7aWIGo9w+XKR11sAshZ7ZSx0kj6I9avkkS
ACPAOOWHkJs4aQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:37 2026 by rpki-client