Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
File: 2f-H9S43t2bsv0s_nLJlWN0wiCA.mft (raw, json)
Hash identifier: PHq5QHL0X5479J+mfa+yec9uZ1wSZGM6WSQzJ/3fcsc=
Subject key identifier: 7F:73:B1:48:1D:F6:D2:B3:DB:A9:B2:7E:BF:FB:14:D9:24:C8:C6:71
Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
Certificate issuer: /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Certificate serial: 019D3909DFD3446FB620B9F52137C6EF5049
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
Manifest number: 0E5E
Signing time: Sun 29 Mar 2026 10:00:41 +0000
Manifest this update: Sun 29 Mar 2026 10:00:41 +0000
Manifest next update: Mon 30 Mar 2026 10:00:41 +0000
Files and hashes: 1: 2f-H9S43t2bsv0s_nLJlWN0wiCA.crl (hash: nOwRBNWgMB5NOp0Y+JaUuSerEdrtXRnBfwFomI5k0gs=)
2: 4FYy4IVc0E0edu7Aspaqd269s3k.roa (hash: AewBAICqPk/AoyYo2Nui0QpeK5+BqYlSJNp/7pYYLxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:df:d3:44:6f:b6:20:b9:f5:21:37:c6:ef:50:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Validity
Not Before: Mar 29 10:00:41 2026 GMT
Not After : Mar 30 10:00:41 2026 GMT
Subject: CN=7f73b1481df6d2b3dba9b27ebffb14d924c8c671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:17:b7:fb:9e:c0:10:6a:b2:87:4b:c8:d7:30:
e6:12:ef:93:62:ae:ab:2e:b7:af:30:dc:c6:55:9f:
58:49:00:2c:79:4a:ff:12:01:d3:d4:ff:b6:63:2a:
3a:d2:4a:cc:1d:c6:f5:a6:f1:be:39:0d:7b:8b:4f:
99:d0:4b:fb:47:bf:28:f2:d5:c8:fe:c6:b1:b4:3d:
8a:54:4f:8c:64:32:0b:29:dd:63:ad:e1:09:99:a6:
92:b1:74:1b:d2:de:1b:2b:1b:f2:10:58:43:3d:ad:
5d:62:ca:9b:35:25:3f:64:0a:6e:ad:ed:b9:35:75:
36:04:53:ec:a3:ba:36:4e:a0:c1:8e:fb:34:b2:84:
30:23:41:62:19:f2:f5:a5:fe:c8:15:03:66:8d:ea:
ef:44:c7:b1:7a:38:16:14:9c:cd:55:18:48:31:d7:
fa:49:6d:06:1b:01:f5:23:85:94:e1:43:89:f5:10:
f6:c7:79:65:80:d8:50:8f:58:46:fd:64:82:c6:02:
83:52:8b:eb:a1:ed:0f:82:a4:4f:32:28:e6:00:df:
42:fc:e2:fb:7f:7d:13:c8:4a:3d:32:4e:f3:71:22:
d5:f3:31:87:2d:59:f4:f0:b7:c6:30:d4:cb:b7:d9:
2c:98:11:6b:fd:1d:9a:9e:13:f5:87:1b:51:0f:d9:
68:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:73:B1:48:1D:F6:D2:B3:DB:A9:B2:7E:BF:FB:14:D9:24:C8:C6:71
X509v3 Authority Key Identifier:
keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:fd:ea:81:b2:c0:5b:ab:85:ff:c5:5c:b2:19:4c:ce:fc:38:
f2:91:d2:6c:fa:41:8c:74:09:31:a6:01:00:79:ed:23:1a:88:
3e:21:db:4a:cf:d8:3f:69:fb:3b:2c:60:31:4b:1e:db:58:c1:
bc:31:65:8d:e7:ec:b7:bd:c5:d3:d2:e7:f7:ab:dd:8b:85:b3:
24:3f:62:55:fa:c7:e6:bb:71:85:33:69:a4:1a:f1:59:f8:47:
b8:28:83:a7:08:84:6d:dd:28:2a:08:d2:19:7d:01:a0:cd:6d:
19:69:57:3e:dd:49:ee:b6:21:b2:f5:e1:69:c7:d7:51:a5:1f:
29:0b:54:3c:4e:40:12:18:a2:91:97:ad:c8:e4:ba:f0:c1:32:
ae:b2:74:2a:e0:bd:48:7b:be:69:3e:ea:9a:ea:0b:68:52:7e:
93:b7:1e:16:88:37:50:65:53:5c:dc:6b:8c:68:c9:d0:5a:da:
2a:75:4d:87:4c:45:2c:33:fa:6b:2f:00:86:ef:15:ce:5b:a5:
1b:b6:81:2d:a9:a6:ac:19:27:3f:3d:ef:0e:7f:35:98:26:87:
bf:16:80:ba:d9:40:b1:bc:d0:15:1b:a2:22:e4:58:60:b3:64:
65:f2:04:2c:87:0a:ea:59:0b:77:d6:0e:dd:96:e8:00:d4:56:
a5:2c:33:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cd/TRG+2ILn1ITfG71BJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz
MDg4MjAwHhcNMjYwMzI5MTAwMDQxWhcNMjYwMzMwMTAwMDQxWjAzMTEwLwYDVQQD
Eyg3ZjczYjE0ODFkZjZkMmIzZGJhOWIyN2ViZmZiMTRkOTI0YzhjNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhe3+57AEGqyh0vI1zDmEu+TYq6r
LrevMNzGVZ9YSQAseUr/EgHT1P+2Yyo60krMHcb1pvG+OQ17i0+Z0Ev7R78o8tXI
/saxtD2KVE+MZDILKd1jreEJmaaSsXQb0t4bKxvyEFhDPa1dYsqbNSU/ZApure25
NXU2BFPso7o2TqDBjvs0soQwI0FiGfL1pf7IFQNmjervRMexejgWFJzNVRhIMdf6
SW0GGwH1I4WU4UOJ9RD2x3llgNhQj1hG/WSCxgKDUovroe0PgqRPMijmAN9C/OL7
f30TyEo9Mk7zcSLV8zGHLVn08LfGMNTLt9ksmBFr/R2anhP1hxtRD9lomQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9zsUgd9tKz26myfr/7FNkkyMZxMB8GA1UdIwQY
MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt
MWU3MzAwY2NkYTM2LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2
LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeP3qgbLA
W6uF/8VcshlMzvw48pHSbPpBjHQJMaYBAHntIxqIPiHbSs/YP2n7OyxgMUse21jB
vDFljefst73F09Ln96vdi4WzJD9iVfrH5rtxhTNppBrxWfhHuCiDpwiEbd0oKgjS
GX0BoM1tGWlXPt1J7rYhsvXhacfXUaUfKQtUPE5AEhiikZetyOS68MEyrrJ0KuC9
SHu+aT7qmuoLaFJ+k7ceFog3UGVTXNxrjGjJ0FraKnVNh0xFLDP6ay8Ahu8Vzlul
G7aBLammrBknPz3vDn81mCaHvxaAutlAsbzQFRuiIuRYYLNkZfIELIcK6lkLd9YO
3ZboANRWpSwzhQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:04:10 2026 by rpki-client