Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
File: 2sedKFW4l0GCCNR7puUUYAFbXXs.mft (raw, json)
Hash identifier: cMSJAx33YemwSJJ7hAi33NPn/qdxxO4zEEIY69nAkHo=
Subject key identifier: 2B:9A:A8:40:EA:85:8D:54:45:0A:26:12:0D:A7:89:46:F0:EB:E4:E5
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Certificate issuer: /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial: 019D397787FC9C0D333C8E00B5182499229A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 12:00:28 +0000
Manifest this update: Sun 29 Mar 2026 12:00:28 +0000
Manifest next update: Mon 30 Mar 2026 12:00:28 +0000
Files and hashes: 1: 2sedKFW4l0GCCNR7puUUYAFbXXs.crl (hash: durxPjALA1z3oOgJsy19pcpj4gODJkN4Wt5sKdwjBSA=)
2: W0kRvlqE-31Sr-Gr1-WP6xucUMc.roa (hash: gwMXWawf0NyUE9CiPlgwtD8ZYkvJzBBryShpQ/lSl0c=)
3: vU_maC-JH0IvkViWYKyQOXCGBcE.roa (hash: NRSTpXd/DsQ6yidtnBy9uKfhJ+R2u9Rlp24X6kqd1ao=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:87:fc:9c:0d:33:3c:8e:00:b5:18:24:99:22:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
Validity
Not Before: Mar 29 12:00:28 2026 GMT
Not After : Mar 30 12:00:28 2026 GMT
Subject: CN=2b9aa840ea858d54450a26120da78946f0ebe4e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:89:31:92:27:33:f7:97:80:96:92:c0:b7:cf:
75:9a:6b:2b:38:2d:de:50:bb:2f:74:2b:af:a1:50:
d1:35:8f:21:9c:22:e1:19:d9:72:d1:b0:cb:ad:65:
f7:4f:1a:b6:c9:6b:58:e6:69:78:9e:ad:75:c4:21:
9d:2e:ee:28:91:5c:a3:14:f0:67:68:eb:7a:41:58:
e7:35:48:fa:ad:9d:14:7c:ea:74:5f:cc:d7:c4:d8:
82:27:9a:ce:35:8b:5c:60:57:a6:99:30:da:4f:ba:
48:0a:8a:5c:d6:d6:66:13:e7:6a:2d:d8:8f:7e:43:
a7:12:bb:b0:25:54:c9:06:4b:dd:60:b1:21:8b:e8:
b4:aa:e0:fa:c5:55:39:4d:00:f1:37:5b:15:24:18:
4d:01:c6:1f:d1:e1:c0:7f:60:30:db:71:35:89:ea:
57:ec:5f:2e:79:b3:07:32:e2:11:db:76:fc:14:27:
ae:c8:42:41:c6:62:f0:9d:87:df:53:10:2b:8a:17:
c3:18:c6:76:20:e7:16:21:f9:88:d8:bd:6e:84:89:
93:bf:62:65:d6:67:b1:e3:15:45:0d:be:7c:ee:48:
9a:97:ee:d8:12:c1:94:e3:0e:22:d7:76:a9:fd:db:
0d:22:98:1b:98:8a:22:44:0f:db:61:47:6a:d2:b8:
17:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:9A:A8:40:EA:85:8D:54:45:0A:26:12:0D:A7:89:46:F0:EB:E4:E5
X509v3 Authority Key Identifier:
keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:b8:e2:09:1f:4d:d5:01:f0:28:c6:fe:2f:73:8b:f0:f2:13:
25:32:83:d3:67:3c:bb:ae:71:bb:4a:e0:46:fb:4a:99:a7:dc:
a0:c1:f1:9f:f2:c6:9f:0a:6e:4a:ef:19:35:02:60:24:46:4c:
a4:e9:7b:bf:44:75:fd:da:af:74:82:ce:b3:8b:46:f3:14:dd:
a6:f7:cf:e2:39:c2:90:ce:e7:4a:22:68:d5:e4:78:33:d5:c7:
74:4e:42:3a:5e:f9:72:55:82:b2:39:a9:3f:a9:e2:fa:ae:65:
3c:cd:2c:3c:ac:1e:0f:34:fb:1f:f1:a4:a6:d4:a4:c0:70:ad:
e1:8e:2c:36:4b:a0:61:52:93:83:6d:98:69:8a:1b:a7:f7:78:
f6:77:67:7f:4a:23:2d:f7:e5:df:51:46:2c:65:77:46:14:9b:
4c:20:c5:0a:66:5b:59:8a:f6:01:53:14:f9:91:f4:60:4d:dc:
9b:79:2d:b9:62:ca:d3:60:9b:db:64:bf:4d:6b:58:08:86:7d:
0f:aa:d0:5a:01:f4:74:58:01:3f:98:88:da:4e:e5:84:2e:26:
9b:1b:fc:65:6d:a3:3a:4d:cc:43:ed:ab:4c:19:0a:c6:ab:bf:
b6:f5:45:e6:a3:82:26:ff:54:44:3f:98:37:a5:4b:3f:39:1f:
6d:1d:cc:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4f8nA0zPI4AtRgkmSKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzc5ZDI4NTViODk3NDE4MjA4ZDQ3YmE2ZTUxNDYwMDE1
YjVkN2IwHhcNMjYwMzI5MTIwMDI4WhcNMjYwMzMwMTIwMDI4WjAzMTEwLwYDVQQD
EygyYjlhYTg0MGVhODU4ZDU0NDUwYTI2MTIwZGE3ODk0NmYwZWJlNGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuokxkicz95eAlpLAt891mmsrOC3e
ULsvdCuvoVDRNY8hnCLhGdly0bDLrWX3Txq2yWtY5ml4nq11xCGdLu4okVyjFPBn
aOt6QVjnNUj6rZ0UfOp0X8zXxNiCJ5rONYtcYFemmTDaT7pICopc1tZmE+dqLdiP
fkOnEruwJVTJBkvdYLEhi+i0quD6xVU5TQDxN1sVJBhNAcYf0eHAf2Aw23E1iepX
7F8uebMHMuIR23b8FCeuyEJBxmLwnYffUxArihfDGMZ2IOcWIfmI2L1uhImTv2Jl
1mex4xVFDb587kial+7YEsGU4w4i13ap/dsNIpgbmIoiRA/bYUdq0rgXhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCuaqEDqhY1URQomEg2niUbw6+TlMB8GA1UdIwQY
MBaAFNrHnShVuJdBggjUe6blFGABW117MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDct
NDQ1ZDQ1ODhjMzEyLzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDctNDQ1ZDQ1ODhjMzEy
LzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl7jiCR9N
1QHwKMb+L3OL8PITJTKD02c8u65xu0rgRvtKmafcoMHxn/LGnwpuSu8ZNQJgJEZM
pOl7v0R1/dqvdILOs4tG8xTdpvfP4jnCkM7nSiJo1eR4M9XHdE5COl75clWCsjmp
P6ni+q5lPM0sPKweDzT7H/GkptSkwHCt4Y4sNkugYVKTg22YaYobp/d49ndnf0oj
Lffl31FGLGV3RhSbTCDFCmZbWYr2AVMU+ZH0YE3cm3ktuWLK02Cb22S/TWtYCIZ9
D6rQWgH0dFgBP5iI2k7lhC4mmxv8ZW2jOk3MQ+2rTBkKxqu/tvVF5qOCJv9URD+Y
N6VLPzkfbR3M0A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:20 2026 by rpki-client