Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft
File: 2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft (raw, json)
Hash identifier: DA4iSU09jPR8eNmq6hKuz6iDC+l6Yv9x0ZRX8W/BaLg=
Subject key identifier: 4C:93:6E:CC:6D:D1:EB:15:22:8C:E7:1B:25:B7:1D:EE:E9:EE:74:A7
Authority key identifier: D8:50:B9:60:AD:E9:44:9F:1E:80:81:43:A3:71:CE:2E:3A:18:7E:48
Certificate issuer: /CN=d850b960ade9449f1e808143a371ce2e3a187e48
Certificate serial: 019D389C17B3972029DF566EF3643A17C33A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FC5YK3pRJ8egIFDo3HOLjoYfkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft
Manifest number: 0157
Signing time: Sun 29 Mar 2026 08:00:46 +0000
Manifest this update: Sun 29 Mar 2026 08:00:46 +0000
Manifest next update: Mon 30 Mar 2026 08:00:46 +0000
Files and hashes: 1: 2FC5YK3pRJ8egIFDo3HOLjoYfkg.crl (hash: d/9Vc1JKCnMgqiuUQOE99LRUx/WfCfZqy7LNnBQ4/1k=)
2: hW7s4O9TdBAfT4Osak2Oj5BJAz4.asa (hash: R04Z5dzTVpp/mJ118ZonHq/GgrG1tGSGF8iWqD8/YV8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2FC5YK3pRJ8egIFDo3HOLjoYfkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:17:b3:97:20:29:df:56:6e:f3:64:3a:17:c3:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d850b960ade9449f1e808143a371ce2e3a187e48
Validity
Not Before: Mar 29 08:00:46 2026 GMT
Not After : Mar 30 08:00:46 2026 GMT
Subject: CN=4c936ecc6dd1eb15228ce71b25b71deee9ee74a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3a:ca:82:c1:d8:d2:c7:61:ea:8b:5b:1a:be:
ad:aa:99:05:ae:43:9a:b3:0c:6f:a4:4c:44:83:df:
b0:63:95:e4:9f:f9:78:27:0e:68:cf:da:53:0d:fb:
7d:7d:65:4b:d3:7f:68:d4:da:0f:c5:22:7b:d7:45:
1f:c2:ce:19:55:59:22:a1:26:93:64:24:64:1f:26:
89:8d:b4:8d:87:b9:79:a6:ab:f6:31:72:9a:a6:d8:
fd:11:cc:cf:f3:d1:a0:69:80:11:b9:36:53:2b:ab:
08:6c:80:3c:d3:4b:bd:87:52:2f:b9:df:d6:a6:7b:
0c:85:27:6c:b3:ec:fa:2a:02:c7:fb:f5:b1:6c:de:
6b:65:46:d4:b6:20:3b:e0:cc:ae:e2:52:13:ce:31:
9f:ed:9d:8d:be:0a:93:5d:b6:63:2a:b5:0b:7e:66:
e6:f5:e6:ed:39:ea:e7:04:95:e4:78:2a:9e:20:61:
e1:98:cb:84:67:9d:bb:4e:da:55:55:36:c0:12:4c:
24:2a:31:9b:14:eb:0e:88:15:9e:0c:6b:38:fd:87:
34:0c:6e:ce:fb:cc:4d:67:e1:0d:7a:aa:91:f2:92:
ff:99:2e:22:0c:68:52:9f:54:16:db:21:89:50:14:
5e:2b:54:88:f5:ee:0d:87:42:fa:62:0a:71:5c:e5:
94:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:93:6E:CC:6D:D1:EB:15:22:8C:E7:1B:25:B7:1D:EE:E9:EE:74:A7
X509v3 Authority Key Identifier:
keyid:D8:50:B9:60:AD:E9:44:9F:1E:80:81:43:A3:71:CE:2E:3A:18:7E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FC5YK3pRJ8egIFDo3HOLjoYfkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/98b2f5-75e1-4245-976d-0150c94f940d/1/2FC5YK3pRJ8egIFDo3HOLjoYfkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:68:75:bc:82:44:cc:dd:0d:bc:03:52:8d:8b:31:f0:7b:a3:
d4:fb:ce:09:5d:c8:c5:a9:90:a6:5b:e6:bb:1e:ed:1f:0d:fa:
3d:a5:81:23:48:30:23:41:77:86:b2:4d:bf:4e:46:9c:13:ae:
7a:0a:40:29:bb:36:51:27:82:95:79:bd:24:24:d4:4b:07:81:
56:0a:00:3b:57:bd:ec:a0:63:3f:6d:50:99:2e:31:a2:20:3b:
0d:f8:d9:fa:b8:8b:0b:2e:a1:84:fc:01:69:81:2d:38:5a:39:
4b:57:d9:67:96:d5:8d:23:87:f2:b5:84:ac:f5:49:1f:7d:4e:
29:3f:2d:8b:8a:df:48:e6:b7:e3:9b:29:4b:93:2b:00:62:2e:
6a:08:0a:66:0b:f6:19:98:aa:09:60:bd:4c:21:6d:8f:02:c4:
a9:4d:4b:bc:97:d8:82:7c:fa:3e:ee:8b:55:c1:2b:e7:d3:42:
1d:70:65:3f:a7:72:67:47:cc:6b:8a:e7:0c:5a:8f:ee:2a:8a:
e0:8f:83:69:01:5d:57:df:eb:01:03:62:4f:3b:1d:89:12:ad:
35:e6:8c:6f:45:9e:10:a1:0e:62:b5:71:16:51:75:43:3e:90:
bb:de:42:f5:bf:a9:9a:ad:ad:cc:b1:4f:e1:ba:03:9c:8e:cb:
d5:37:58:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nBezlyAp31Zu82Q6F8M6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NTBiOTYwYWRlOTQ0OWYxZTgwODE0M2EzNzFjZTJlM2Ex
ODdlNDgwHhcNMjYwMzI5MDgwMDQ2WhcNMjYwMzMwMDgwMDQ2WjAzMTEwLwYDVQQD
Eyg0YzkzNmVjYzZkZDFlYjE1MjI4Y2U3MWIyNWI3MWRlZWU5ZWU3NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjrKgsHY0sdh6otbGr6tqpkFrkOa
swxvpExEg9+wY5Xkn/l4Jw5oz9pTDft9fWVL039o1NoPxSJ710Ufws4ZVVkioSaT
ZCRkHyaJjbSNh7l5pqv2MXKaptj9EczP89GgaYARuTZTK6sIbIA800u9h1Ivud/W
pnsMhSdss+z6KgLH+/WxbN5rZUbUtiA74Myu4lITzjGf7Z2NvgqTXbZjKrULfmbm
9ebtOernBJXkeCqeIGHhmMuEZ527TtpVVTbAEkwkKjGbFOsOiBWeDGs4/Yc0DG7O
+8xNZ+ENeqqR8pL/mS4iDGhSn1QW2yGJUBReK1SI9e4Nh0L6YgpxXOWUlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEyTbsxt0esVIoznGyW3He7p7nSnMB8GA1UdIwQY
MBaAFNhQuWCt6USfHoCBQ6Nxzi46GH5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkZDNVlLM3BSSjhlZ0lGRG8zSE9Mam9ZZmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC85OGIyZjUtNzVlMS00MjQ1LTk3NmQt
MDE1MGM5NGY5NDBkLzEvMkZDNVlLM3BSSjhlZ0lGRG8zSE9Mam9ZZmtnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC85OGIyZjUtNzVlMS00MjQ1LTk3NmQtMDE1MGM5NGY5NDBk
LzEvMkZDNVlLM3BSSjhlZ0lGRG8zSE9Mam9ZZmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhmh1vIJE
zN0NvANSjYsx8Huj1PvOCV3IxamQplvmux7tHw36PaWBI0gwI0F3hrJNv05GnBOu
egpAKbs2USeClXm9JCTUSweBVgoAO1e97KBjP21QmS4xoiA7DfjZ+riLCy6hhPwB
aYEtOFo5S1fZZ5bVjSOH8rWErPVJH31OKT8ti4rfSOa345spS5MrAGIuaggKZgv2
GZiqCWC9TCFtjwLEqU1LvJfYgnz6Pu6LVcEr59NCHXBlP6dyZ0fMa4rnDFqP7iqK
4I+DaQFdV9/rAQNiTzsdiRKtNeaMb0WeEKEOYrVxFlF1Qz6Qu95C9b+pmq2tzLFP
4boDnI7L1TdYXg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:54 2026 by rpki-client