Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
File: 2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft (raw, json)
Hash identifier: MSrMnWr2kUB5346XbdacEsgNHZwKob9Vt+iBsrslS1U=
Subject key identifier: CB:AC:FF:1C:DC:69:EE:5A:44:48:F9:4C:1D:FB:7A:A5:57:96:E6:9F
Authority key identifier: D8:18:43:03:21:64:E0:B6:2E:D6:DA:7C:67:55:7B:F4:68:95:D0:F0
Certificate issuer: /CN=d81843032164e0b62ed6da7c67557bf46895d0f0
Certificate serial: 019D382EA9FBDF1349F2EBE72429F05963EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BhDAyFk4LYu1tp8Z1V79GiV0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
Manifest number: 0995
Signing time: Sun 29 Mar 2026 06:01:15 +0000
Manifest this update: Sun 29 Mar 2026 06:01:15 +0000
Manifest next update: Mon 30 Mar 2026 06:01:15 +0000
Files and hashes: 1: 2BhDAyFk4LYu1tp8Z1V79GiV0PA.crl (hash: wIyZtD5ci4h6vZtkeNPTEh+MY2tU1w833LTZ1wgW0MQ=)
2: t5gDJTwEX_7MnOD4QMV2-iNg9e8.roa (hash: Av2GUWR+Q2vX5K8GexOH8XltfedpKMt8MiGL4TnfRkM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BhDAyFk4LYu1tp8Z1V79GiV0PA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:a9:fb:df:13:49:f2:eb:e7:24:29:f0:59:63:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81843032164e0b62ed6da7c67557bf46895d0f0
Validity
Not Before: Mar 29 06:01:15 2026 GMT
Not After : Mar 30 06:01:15 2026 GMT
Subject: CN=cbacff1cdc69ee5a4448f94c1dfb7aa55796e69f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:93:24:48:81:9f:60:cc:f3:3f:ca:2d:14:d4:
51:b5:40:68:ec:c5:2a:56:d5:c1:c6:1a:76:c1:39:
57:2c:f9:ff:99:9d:4d:cd:ff:9d:75:48:b0:41:3c:
af:e0:79:c5:58:8f:b9:67:90:eb:04:25:ce:ef:42:
aa:2b:de:4f:80:5b:26:73:7f:fd:bd:83:46:7b:10:
5c:0e:61:61:7d:6f:2a:1b:6b:4b:63:49:d6:89:f9:
95:4a:f3:eb:6a:f8:01:73:a7:ec:60:ef:32:06:85:
5e:c9:df:09:69:2a:ab:9f:10:bb:e5:1d:67:24:12:
75:e5:cb:f5:25:87:c4:36:ef:06:32:4a:6c:0e:bd:
37:a2:97:dd:d5:84:b3:ef:10:89:57:72:a8:3b:c5:
50:af:59:74:22:b9:f6:13:65:10:ad:60:22:38:81:
7b:e3:7c:15:b7:19:bb:59:53:e3:36:41:fd:1c:14:
18:1e:75:68:94:e8:59:5a:d1:ba:e6:3e:35:25:5e:
e7:29:a0:e2:e5:fd:78:a1:5c:b5:2d:dd:de:41:6e:
8e:d3:b1:4e:e8:62:f0:e7:ed:38:f6:5c:e7:af:d2:
59:88:8e:bd:a7:f6:07:21:71:e8:3f:02:0c:7b:3d:
de:7b:0a:95:b9:80:a8:c5:50:ba:dc:ca:2b:4b:c7:
e3:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:AC:FF:1C:DC:69:EE:5A:44:48:F9:4C:1D:FB:7A:A5:57:96:E6:9F
X509v3 Authority Key Identifier:
keyid:D8:18:43:03:21:64:E0:B6:2E:D6:DA:7C:67:55:7B:F4:68:95:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BhDAyFk4LYu1tp8Z1V79GiV0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ab:31:3e:58:c1:ec:7e:2b:85:62:ca:37:50:d4:25:f5:7f:b0:
42:09:f7:ab:52:86:ba:db:01:77:36:a2:c6:2b:de:b7:e9:c8:
a5:14:0c:1e:ef:5b:6f:2c:27:eb:74:67:2d:1a:ef:4c:20:01:
cd:ba:7b:e4:0f:9c:04:df:e3:36:df:83:4b:5c:73:64:44:9e:
72:d5:2c:f3:f9:47:97:7c:63:54:92:08:57:6b:bf:34:d4:1d:
ac:84:f0:e8:21:25:67:a7:45:7c:56:c9:c7:d1:45:fc:87:5c:
c2:95:fb:84:d5:f5:a7:13:eb:1c:1d:cb:b5:79:8b:b2:e1:30:
3c:8f:81:b7:47:67:72:11:58:8c:26:e0:65:c6:41:5c:1f:56:
66:5d:c5:c3:d5:4c:c3:73:32:17:47:91:5d:78:59:1c:2b:9c:
be:3b:ad:d6:10:5f:16:b0:01:ce:e6:4d:bb:48:d6:f4:b0:1a:
84:03:dc:68:d9:f9:84:55:7f:16:60:f6:92:85:0e:13:8a:58:
71:d5:c9:14:32:a4:64:77:7e:2d:e5:d0:a3:a1:2c:28:a4:38:
c6:3c:78:af:f9:d7:1d:7d:0f:71:16:9b:52:e3:b6:f0:6a:87:
bd:f9:1d:bb:fc:6f:39:cb:14:c4:26:2c:d6:ef:5d:7e:a6:74:
b3:8e:2f:1e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Lqn73xNJ8uvnJCnwWWPuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTg0MzAzMjE2NGUwYjYyZWQ2ZGE3YzY3NTU3YmY0Njg5
NWQwZjAwHhcNMjYwMzI5MDYwMTE1WhcNMjYwMzMwMDYwMTE1WjAzMTEwLwYDVQQD
EyhjYmFjZmYxY2RjNjllZTVhNDQ0OGY5NGMxZGZiN2FhNTU3OTZlNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlpMkSIGfYMzzP8otFNRRtUBo7MUq
VtXBxhp2wTlXLPn/mZ1Nzf+ddUiwQTyv4HnFWI+5Z5DrBCXO70KqK95PgFsmc3/9
vYNGexBcDmFhfW8qG2tLY0nWifmVSvPravgBc6fsYO8yBoVeyd8JaSqrnxC75R1n
JBJ15cv1JYfENu8GMkpsDr03opfd1YSz7xCJV3KoO8VQr1l0Irn2E2UQrWAiOIF7
43wVtxm7WVPjNkH9HBQYHnVolOhZWtG65j41JV7nKaDi5f14oVy1Ld3eQW6O07FO
6GLw5+049lznr9JZiI69p/YHIXHoPwIMez3eewqVuYCoxVC63MorS8fj/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMus/xzcae5aREj5TB37eqVXluafMB8GA1UdIwQY
MBaAFNgYQwMhZOC2LtbafGdVe/RoldDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJoREF5Rms0TFl1MXRwOFoxVjc5R2lWMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81YzFlZWMtMzcwMC00OWJiLWJmZWUt
NjVkMzczYWI1NzNmLzEvMkJoREF5Rms0TFl1MXRwOFoxVjc5R2lWMFBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81YzFlZWMtMzcwMC00OWJiLWJmZWUtNjVkMzczYWI1NzNm
LzEvMkJoREF5Rms0TFl1MXRwOFoxVjc5R2lWMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqzE+WMHs
fiuFYso3UNQl9X+wQgn3q1KGutsBdzaixivet+nIpRQMHu9bbywn63RnLRrvTCAB
zbp75A+cBN/jNt+DS1xzZESectUs8/lHl3xjVJIIV2u/NNQdrITw6CElZ6dFfFbJ
x9FF/IdcwpX7hNX1pxPrHB3LtXmLsuEwPI+Bt0dnchFYjCbgZcZBXB9WZl3Fw9VM
w3MyF0eRXXhZHCucvjut1hBfFrABzuZNu0jW9LAahAPcaNn5hFV/FmD2koUOE4pY
cdXJFDKkZHd+LeXQo6EsKKQ4xjx4r/nXHX0PcRabUuO28GqHvfkdu/xvOcsUxCYs
1u9dfqZ0s44vHg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:43 2026 by rpki-client