Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
File: 2q_pD50IEzTMko7e6bxzFUBwjf0.mft (raw, json)
Hash identifier: MovWI1LuW6XT2VTygpOrw6ZFEATZzp3va9x1YdxalOQ=
Subject key identifier: 9D:49:66:40:3E:48:4B:ED:F4:4A:24:7D:89:59:48:2C:23:DE:72:80
Authority key identifier: DA:AF:E9:0F:9D:08:13:34:CC:92:8E:DE:E9:BC:73:15:40:70:8D:FD
Certificate issuer: /CN=daafe90f9d081334cc928edee9bc731540708dfd
Certificate serial: 019D39416DC4F7F9F62AB46BEACB47639020
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
Manifest number: 0BE5
Signing time: Sun 29 Mar 2026 11:01:22 +0000
Manifest this update: Sun 29 Mar 2026 11:01:22 +0000
Manifest next update: Mon 30 Mar 2026 11:01:22 +0000
Files and hashes: 1: 1JQv5SOtSeXXkOrfiZJVS0aL7xU.roa (hash: AMT4fhj0NQTYFJqA1ljnLjH+q0LAKk7Eo+Nf4uYT4Lg=)
2: 2q_pD50IEzTMko7e6bxzFUBwjf0.crl (hash: lx32vUQwIt1HDA4nLXmHbq3ZLPN31ZMLniAgtmkdKdI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:6d:c4:f7:f9:f6:2a:b4:6b:ea:cb:47:63:90:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daafe90f9d081334cc928edee9bc731540708dfd
Validity
Not Before: Mar 29 11:01:22 2026 GMT
Not After : Mar 30 11:01:22 2026 GMT
Subject: CN=9d4966403e484bedf44a247d8959482c23de7280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:77:4c:cb:b0:bc:8e:a3:9d:59:31:2f:cd:7a:
88:40:6d:59:a7:89:4f:7c:39:94:05:d7:4f:1c:05:
eb:79:0e:1a:1d:78:94:4a:61:6f:2f:d6:82:33:8b:
6d:98:eb:15:85:e2:18:58:e9:08:4a:a8:b9:be:0f:
d5:c7:94:10:ab:93:ad:3e:3c:d6:f5:7c:87:90:62:
2c:92:a4:21:3e:8c:27:93:1b:e8:7c:db:62:12:bb:
9c:e5:58:0d:e0:da:35:06:42:36:59:f4:ba:e6:70:
bf:b0:90:e8:54:f7:81:cd:c4:23:c3:9b:3d:d0:29:
5a:d2:f2:1e:5b:27:a9:db:11:00:7e:a1:e0:6a:61:
99:28:cf:13:bf:68:d3:30:80:f0:c1:9b:c5:49:52:
66:01:9b:6a:94:32:a1:53:fd:95:ea:6e:ed:be:d5:
5b:ed:25:86:b7:52:39:6f:56:ab:13:cd:f9:e1:32:
75:91:41:7a:09:14:c6:09:43:ba:81:f3:22:bb:cc:
8c:d4:6b:49:93:41:f1:27:2c:cd:b3:8b:81:41:de:
47:b2:f2:c7:72:5e:3f:ec:7b:86:82:2e:b8:00:6d:
a6:a7:df:26:a5:48:31:09:46:c8:75:64:a0:e7:39:
9c:4d:64:7b:a5:e6:e7:71:24:ee:be:6d:f9:55:c4:
e1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:49:66:40:3E:48:4B:ED:F4:4A:24:7D:89:59:48:2C:23:DE:72:80
X509v3 Authority Key Identifier:
keyid:DA:AF:E9:0F:9D:08:13:34:CC:92:8E:DE:E9:BC:73:15:40:70:8D:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:71:0c:26:1b:3e:10:fe:80:49:fa:1c:60:76:1e:56:72:c4:
de:55:d3:ad:29:11:26:2d:63:98:00:3c:7a:01:bf:d0:55:65:
53:45:d4:96:3c:4d:6b:5f:91:15:3f:8e:8f:b2:6e:46:47:40:
45:e7:a9:1f:65:39:06:e1:22:60:58:d1:01:14:48:9c:2e:00:
86:81:46:9c:e0:de:fd:16:eb:f3:8f:47:26:c4:4f:a9:9f:d3:
0f:d9:23:23:65:e8:b7:94:5c:bf:b4:21:cf:0d:c5:8d:69:09:
38:0b:73:66:27:ab:7b:82:7e:70:94:66:0c:aa:32:d9:f4:df:
49:a9:03:ee:3f:d8:24:1e:62:d7:fc:f7:06:34:69:e5:e9:2a:
64:1c:05:16:ed:4e:8e:f5:af:59:db:48:69:3d:f7:f9:62:87:
52:45:bc:36:1f:85:59:0e:22:55:6c:62:16:04:f2:3d:23:cc:
5b:71:b6:16:1f:49:54:94:9c:b1:76:cb:85:e6:f6:aa:6e:44:
b0:e3:ed:f6:5c:3e:24:f5:d4:ee:ac:16:11:3b:45:ee:90:2d:
4f:cd:11:10:a2:cc:4a:12:d0:25:0c:b6:22:f6:1e:e6:96:c5:
0f:83:5b:51:da:65:c2:52:9e:7a:d1:8d:4e:2c:f9:d9:c6:b8:
7b:5b:5e:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QW3E9/n2KrRr6stHY5AgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWZlOTBmOWQwODEzMzRjYzkyOGVkZWU5YmM3MzE1NDA3
MDhkZmQwHhcNMjYwMzI5MTEwMTIyWhcNMjYwMzMwMTEwMTIyWjAzMTEwLwYDVQQD
Eyg5ZDQ5NjY0MDNlNDg0YmVkZjQ0YTI0N2Q4OTU5NDgyYzIzZGU3MjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3dMy7C8jqOdWTEvzXqIQG1Zp4lP
fDmUBddPHAXreQ4aHXiUSmFvL9aCM4ttmOsVheIYWOkISqi5vg/Vx5QQq5OtPjzW
9XyHkGIskqQhPownkxvofNtiEruc5VgN4No1BkI2WfS65nC/sJDoVPeBzcQjw5s9
0Cla0vIeWyep2xEAfqHgamGZKM8Tv2jTMIDwwZvFSVJmAZtqlDKhU/2V6m7tvtVb
7SWGt1I5b1arE8354TJ1kUF6CRTGCUO6gfMiu8yM1GtJk0HxJyzNs4uBQd5HsvLH
cl4/7HuGgi64AG2mp98mpUgxCUbIdWSg5zmcTWR7pebncSTuvm35VcThbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1JZkA+SEvt9EokfYlZSCwj3nKAMB8GA1UdIwQY
MBaAFNqv6Q+dCBM0zJKO3um8cxVAcI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84YmIzYzEtMTk5ZC00NDliLWFjNDYt
YmJkOTJjY2FmYTg4LzEvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84YmIzYzEtMTk5ZC00NDliLWFjNDYtYmJkOTJjY2FmYTg4
LzEvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA3EMJhs+
EP6ASfocYHYeVnLE3lXTrSkRJi1jmAA8egG/0FVlU0XUljxNa1+RFT+Oj7JuRkdA
ReepH2U5BuEiYFjRARRInC4AhoFGnODe/Rbr849HJsRPqZ/TD9kjI2Xot5Rcv7Qh
zw3FjWkJOAtzZiere4J+cJRmDKoy2fTfSakD7j/YJB5i1/z3BjRp5ekqZBwFFu1O
jvWvWdtIaT33+WKHUkW8Nh+FWQ4iVWxiFgTyPSPMW3G2Fh9JVJScsXbLheb2qm5E
sOPt9lw+JPXU7qwWETtF7pAtT80REKLMShLQJQy2IvYe5pbFD4NbUdplwlKeetGN
Tiz52ca4e1teEw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:12:51 2026 by rpki-client