Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
File: 2PWmbP0hpcrXopuOtc2SqkYDIMM.mft (raw, json)
Hash identifier: qD/Cg34C4nT/ftFHk7MbJGne6eG0Cu7lMd4ARDJqWsY=
Subject key identifier: 74:B8:81:EC:5C:C4:FA:8D:5B:1B:B5:A6:60:18:AA:D9:08:EC:40:2E
Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Certificate serial: 019D3865A3C9C701C53C88954EB51D3F74F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 07:01:18 +0000
Manifest this update: Sun 29 Mar 2026 07:01:18 +0000
Manifest next update: Mon 30 Mar 2026 07:01:18 +0000
Files and hashes: 1: 2PWmbP0hpcrXopuOtc2SqkYDIMM.crl (hash: 3+sYC5vBeBKP6Isi/UOJzVktveY7mt0O6eqCzDSmdU4=)
2: hSitky1wYRTLv14NEnwV-zxWb_o.roa (hash: PA0bbeChQyvoxmLwu2ifsRmhbm5WEw0zyVf1Uu/ZDBo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:a3:c9:c7:01:c5:3c:88:95:4e:b5:1d:3f:74:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Validity
Not Before: Mar 29 07:01:18 2026 GMT
Not After : Mar 30 07:01:18 2026 GMT
Subject: CN=74b881ec5cc4fa8d5b1bb5a66018aad908ec402e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:69:7a:e0:01:a3:36:5a:75:0c:49:ce:47:cd:
83:67:09:04:d1:e8:3e:7b:cb:0c:b4:d0:fe:23:c5:
f1:41:dc:34:a5:e1:dc:63:ec:94:16:1a:d3:fd:d3:
d4:d6:5f:f3:50:d3:1d:6d:97:d2:ef:6b:c7:1b:f8:
ad:73:26:85:a2:f7:01:b4:d6:00:f8:95:40:79:8b:
99:77:bd:6c:d6:54:02:f2:f2:9c:c0:7e:b4:5a:2a:
1f:af:ca:a9:08:a1:49:b4:ed:7c:6f:19:9f:b0:9d:
26:e4:ed:dc:82:ec:b3:b8:68:fb:f2:0a:23:d7:c9:
25:b4:2a:a1:a5:5d:74:a6:74:ed:a2:f6:da:f3:82:
b0:ff:7e:c4:a5:d0:a9:5b:52:e8:ab:e3:70:be:51:
86:86:a0:97:b9:f0:d6:c5:1a:d5:00:5b:e6:6c:28:
cd:cd:ac:e5:33:3c:fd:e7:97:6a:3d:7f:d7:94:f1:
ca:bf:4c:f5:03:ca:a4:6b:88:13:1f:a1:32:38:e7:
0c:ff:a2:39:6a:bc:b8:17:83:4a:5c:ba:b4:d6:97:
00:1d:0a:b0:45:1c:5f:45:e3:e7:72:75:d6:f8:36:
bd:60:f0:01:1a:fe:ce:9f:77:50:82:29:90:5d:e6:
76:cb:2d:da:b9:9c:35:47:7e:07:3b:87:f3:59:f5:
39:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B8:81:EC:5C:C4:FA:8D:5B:1B:B5:A6:60:18:AA:D9:08:EC:40:2E
X509v3 Authority Key Identifier:
keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:4e:69:df:1c:a2:f1:fe:08:b4:db:11:74:c8:5d:30:61:81:
40:58:81:bb:c8:d7:eb:74:f3:75:c6:1d:02:a3:10:d2:90:75:
19:2e:8b:f3:ca:79:d8:7c:0e:1a:c4:53:6c:cd:61:ab:c7:7b:
48:c7:95:bc:57:6e:ca:bd:33:90:5e:0d:94:91:e5:32:eb:2a:
3a:5e:0c:bd:a6:f3:c5:8e:ce:c8:52:11:ae:01:65:05:50:5d:
2a:2d:8e:c0:37:08:ab:30:12:15:eb:a5:45:c5:d0:d9:d6:a6:
59:65:46:02:11:f5:7a:56:29:27:97:1e:08:b8:57:3b:59:d7:
1d:fe:0a:dd:a7:c4:58:8d:29:41:7d:9b:93:bf:ed:44:e7:c9:
ed:6c:49:ee:db:70:fc:5c:61:1c:b8:13:9a:eb:33:f1:f3:c3:
8a:6a:16:46:46:16:5d:8e:74:dd:05:72:cd:bc:56:85:7b:3f:
f5:be:9e:97:88:80:94:bc:93:48:90:d2:c6:0f:1a:a0:70:20:
03:56:b3:22:99:d1:b2:97:66:91:8c:16:4f:c3:ef:bf:63:4a:
48:e7:ec:57:2d:9e:66:7b:b2:58:2b:cc:89:39:b5:85:a4:97:
64:fa:79:a0:da:91:05:84:09:f0:9e:c9:37:48:56:6a:22:d2:
3e:4b:25:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZaPJxwHFPIiVTrUdP3T4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjVhNjZjZmQyMWE1Y2FkN2EyOWI4ZWI1Y2Q5MmFhNDYw
MzIwYzMwHhcNMjYwMzI5MDcwMTE4WhcNMjYwMzMwMDcwMTE4WjAzMTEwLwYDVQQD
Eyg3NGI4ODFlYzVjYzRmYThkNWIxYmI1YTY2MDE4YWFkOTA4ZWM0MDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyml64AGjNlp1DEnOR82DZwkE0eg+
e8sMtND+I8XxQdw0peHcY+yUFhrT/dPU1l/zUNMdbZfS72vHG/itcyaFovcBtNYA
+JVAeYuZd71s1lQC8vKcwH60Wiofr8qpCKFJtO18bxmfsJ0m5O3cguyzuGj78goj
18kltCqhpV10pnTtovba84Kw/37EpdCpW1Loq+NwvlGGhqCXufDWxRrVAFvmbCjN
zazlMzz955dqPX/XlPHKv0z1A8qka4gTH6EyOOcM/6I5ary4F4NKXLq01pcAHQqw
RRxfRePncnXW+Da9YPABGv7On3dQgimQXeZ2yy3auZw1R34HO4fzWfU5xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHS4gexcxPqNWxu1pmAYqtkI7EAuMB8GA1UdIwQY
MBaAFNj1pmz9IaXK16KbjrXNkqpGAyDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTct
ODIxMGRiNzA0OWIxLzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTctODIxMGRiNzA0OWIx
LzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN05p3xyi
8f4ItNsRdMhdMGGBQFiBu8jX63TzdcYdAqMQ0pB1GS6L88p52HwOGsRTbM1hq8d7
SMeVvFduyr0zkF4NlJHlMusqOl4MvabzxY7OyFIRrgFlBVBdKi2OwDcIqzASFeul
RcXQ2damWWVGAhH1elYpJ5ceCLhXO1nXHf4K3afEWI0pQX2bk7/tROfJ7WxJ7ttw
/FxhHLgTmusz8fPDimoWRkYWXY503QVyzbxWhXs/9b6el4iAlLyTSJDSxg8aoHAg
A1azIpnRspdmkYwWT8Pvv2NKSOfsVy2eZnuyWCvMiTm1haSXZPp5oNqRBYQJ8J7J
N0hWaiLSPkslsA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:36:28 2026 by rpki-client