Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.mft
File: 2Q0mgVFK7-6dPIbh6uNXNshNHAk.mft (raw, json)
Hash identifier: IIT49IHGs92umm9GFK73z0CwTg2E7L9SeaW+5nKj1xU=
Subject key identifier: B6:2F:C0:34:80:4C:8D:F8:29:AC:FC:1D:1F:BD:B0:22:BB:01:A4:26
Authority key identifier: D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
Certificate issuer: /CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Certificate serial: 019D20CAD37D584868BCCEC044ED925703E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.mft
Manifest number: 1886
Signing time: Tue 24 Mar 2026 17:00:56 +0000
Manifest this update: Tue 24 Mar 2026 17:00:56 +0000
Manifest next update: Wed 25 Mar 2026 17:00:56 +0000
Files and hashes: 1: 2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl (hash: apFNk6ZUTWkQ0VrJto8NLgdst1TRBP7gpg1Paxw0jTo=)
2: ffYBPHr80VYEZ9nh35N1GnYUaq0.roa (hash: eJAJO7UVqMGX5rHA6v1I/gJpbdqT70QsYP5GPkz+BRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 25 Mar 2026 15:17:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:ca:d3:7d:58:48:68:bc:ce:c0:44:ed:92:57:03:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d90d2681514aefee9d3c86e1eae35736c84d1c09
Validity
Not Before: Mar 24 17:00:56 2026 GMT
Not After : Mar 25 17:00:56 2026 GMT
Subject: CN=b62fc034804c8df829acfc1d1fbdb022bb01a426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:a9:87:2c:61:7d:ce:be:88:29:aa:b4:06:
40:eb:74:9d:26:af:ab:4c:ab:6a:cc:29:d0:32:49:
b3:c8:3f:c3:45:4d:68:1a:1d:84:c2:6c:1a:14:c4:
ab:6a:37:47:b7:3f:30:98:36:d0:ed:7b:90:9e:1f:
9c:ac:23:5b:a8:1a:e7:e8:30:f9:bd:ec:18:c0:e1:
08:f4:d2:64:2d:5a:20:b1:e8:bc:67:36:f6:1d:a8:
3a:68:cb:b2:bf:59:d1:91:40:90:8f:5c:06:2b:32:
92:d3:bf:44:ad:ad:e4:04:88:94:b1:4e:60:0f:d6:
d8:25:78:4b:de:86:06:63:59:90:a5:8c:0b:fc:b9:
43:f8:2e:ce:da:8f:89:c0:e9:72:4b:c6:5f:7c:8a:
c9:c9:07:af:1f:95:46:b8:4a:9a:53:d7:38:ea:e0:
55:1a:7a:ed:03:bc:6b:fb:41:d0:6a:3c:d3:2a:f0:
43:34:29:89:6b:f8:28:e2:9e:7a:f5:08:32:57:77:
28:23:bc:f8:73:60:6d:f4:ff:b5:7a:37:60:37:7e:
5f:8d:c5:f5:4e:b3:b9:81:34:65:9a:66:a1:04:33:
14:20:17:76:60:ef:ee:79:93:3d:b5:ed:bb:03:1e:
3f:e9:c1:93:39:93:3e:bf:cb:e1:be:76:99:54:75:
b0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:2F:C0:34:80:4C:8D:F8:29:AC:FC:1D:1F:BD:B0:22:BB:01:A4:26
X509v3 Authority Key Identifier:
keyid:D9:0D:26:81:51:4A:EF:EE:9D:3C:86:E1:EA:E3:57:36:C8:4D:1C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Q0mgVFK7-6dPIbh6uNXNshNHAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e0d956-7b87-4edd-b944-1d0f29b4b97f/1/2Q0mgVFK7-6dPIbh6uNXNshNHAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:ad:cc:30:6e:95:78:d2:49:be:88:54:96:25:e8:f9:b9:f7:
7c:e8:94:00:f1:7a:17:52:47:04:c9:50:43:8a:9c:17:72:ca:
5e:48:52:80:63:0c:f0:24:56:7a:f8:e1:ef:d1:48:37:cd:00:
c9:3b:e5:cc:f5:b8:2f:04:42:51:8e:69:55:9e:5d:b7:9e:68:
bd:1c:64:94:e8:d6:39:49:83:b2:7d:b0:82:18:a8:be:38:bd:
e8:23:7c:b6:8f:08:fd:7a:10:c6:69:f6:6a:21:be:cb:35:68:
23:cf:f2:6a:e7:af:76:88:c0:98:fa:d9:4d:c3:54:76:e9:83:
2b:fb:20:ca:69:97:c9:a5:73:99:ca:0a:de:c6:5d:36:09:8d:
52:15:cf:e5:aa:18:18:f7:6d:eb:9c:29:08:68:81:55:90:8d:
32:20:91:bb:89:2e:53:1a:b1:91:0b:e3:5c:dd:0f:6c:eb:ed:
a2:df:f2:b5:56:77:0b:cd:5f:fe:09:ac:ce:53:c2:3e:d7:2c:
7e:ce:60:c6:30:c3:c3:f1:d0:8c:36:4f:2a:d7:ab:db:9a:01:
aa:f4:c8:6c:bf:37:7e:86:eb:0b:82:d0:57:55:14:4f:c8:90:
a8:11:1f:ae:39:06:b1:a3:26:3e:f7:67:0f:12:65:d5:3e:1c:
17:19:cf:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0gytN9WEhovM7ARO2SVwPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MGQyNjgxNTE0YWVmZWU5ZDNjODZlMWVhZTM1NzM2Yzg0
ZDFjMDkwHhcNMjYwMzI0MTcwMDU2WhcNMjYwMzI1MTcwMDU2WjAzMTEwLwYDVQQD
EyhiNjJmYzAzNDgwNGM4ZGY4MjlhY2ZjMWQxZmJkYjAyMmJiMDFhNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDaphyxhfc6+iCmqtAZA63SdJq+r
TKtqzCnQMkmzyD/DRU1oGh2EwmwaFMSrajdHtz8wmDbQ7XuQnh+crCNbqBrn6DD5
vewYwOEI9NJkLVogsei8Zzb2Hag6aMuyv1nRkUCQj1wGKzKS079Era3kBIiUsU5g
D9bYJXhL3oYGY1mQpYwL/LlD+C7O2o+JwOlyS8ZffIrJyQevH5VGuEqaU9c46uBV
GnrtA7xr+0HQajzTKvBDNCmJa/go4p569QgyV3coI7z4c2Bt9P+1ejdgN35fjcX1
TrO5gTRlmmahBDMUIBd2YO/ueZM9te27Ax4/6cGTOZM+v8vhvnaZVHWwMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYvwDSATI34Kaz8HR+9sCK7AaQmMB8GA1UdIwQY
MBaAFNkNJoFRSu/unTyG4erjVzbITRwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQt
MWQwZjI5YjRiOTdmLzEvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMGQ5NTYtN2I4Ny00ZWRkLWI5NDQtMWQwZjI5YjRiOTdm
LzEvMlEwbWdWRks3LTZkUEliaDZ1TlhOc2hOSEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXa3MMG6V
eNJJvohUliXo+bn3fOiUAPF6F1JHBMlQQ4qcF3LKXkhSgGMM8CRWevjh79FIN80A
yTvlzPW4LwRCUY5pVZ5dt55ovRxklOjWOUmDsn2wghiovji96CN8to8I/XoQxmn2
aiG+yzVoI8/yauevdojAmPrZTcNUdumDK/sgymmXyaVzmcoK3sZdNgmNUhXP5aoY
GPdt65wpCGiBVZCNMiCRu4kuUxqxkQvjXN0PbOvtot/ytVZ3C81f/gmszlPCPtcs
fs5gxjDDw/HQjDZPKter25oBqvTIbL83fobrC4LQV1UUT8iQqBEfrjkGsaMmPvdn
DxJl1T4cFxnPgA==
-----END CERTIFICATE-----
Generated at Wed Mar 25 02:31:49 2026 by rpki-client