Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/d3ae28-3993-4a7a-b292-881444c30afa/1/2M_K6qcDvRAJO7OgXhfVXjEHJTc.mft
File: 2M_K6qcDvRAJO7OgXhfVXjEHJTc.mft (raw, json)
Hash identifier: wbNOOMZOCjIqd+zar9vMnom1m0izGcPULxtxeAKv2XY=
Subject key identifier: 3B:6E:4E:17:0D:1B:E5:64:22:82:BE:71:0D:22:D3:EC:70:B5:BC:2F
Authority key identifier: D8:CF:CA:EA:A7:03:BD:10:09:3B:B3:A0:5E:17:D5:5E:31:07:25:37
Certificate issuer: /CN=d8cfcaeaa703bd10093bb3a05e17d55e31072537
Certificate serial: 019DB0FCE037D6FEC1EA82E059732C9F5029
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2M_K6qcDvRAJO7OgXhfVXjEHJTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3ae28-3993-4a7a-b292-881444c30afa/1/2M_K6qcDvRAJO7OgXhfVXjEHJTc.mft
Manifest number: BD
Signing time: Tue 21 Apr 2026 17:00:55 +0000
Manifest this update: Tue 21 Apr 2026 17:00:55 +0000
Manifest next update: Wed 22 Apr 2026 17:00:55 +0000
Files and hashes: 1: 2M_K6qcDvRAJO7OgXhfVXjEHJTc.crl (hash: KRoQCXmSH45epvx6Y6rBQE2vSJwvnPXSBjRYlXAmCLg=)
2: xiQvAVPOWmMsMsIO6z5gVHt7Q-Y.asa (hash: bYzR5NTvsD3Rkdru+CrJJqIOX0ZfMuE7+skUItcA04Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/d3ae28-3993-4a7a-b292-881444c30afa/1/2M_K6qcDvRAJO7OgXhfVXjEHJTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/d3ae28-3993-4a7a-b292-881444c30afa/1/2M_K6qcDvRAJO7OgXhfVXjEHJTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2M_K6qcDvRAJO7OgXhfVXjEHJTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 17:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:fc:e0:37:d6:fe:c1:ea:82:e0:59:73:2c:9f:50:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8cfcaeaa703bd10093bb3a05e17d55e31072537
Validity
Not Before: Apr 21 17:00:55 2026 GMT
Not After : Apr 22 17:00:55 2026 GMT
Subject: CN=3b6e4e170d1be5642282be710d22d3ec70b5bc2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:5c:d1:2c:54:ba:6e:61:43:fc:51:be:36:65:
75:48:a4:eb:65:5d:4f:f4:7e:17:ad:4f:b2:ec:23:
a2:6a:4c:62:8c:80:00:6d:96:95:03:48:a7:24:db:
a1:46:91:54:c2:7e:80:ba:47:5a:24:fe:d0:5e:9f:
5f:59:6d:50:de:dc:87:20:be:58:db:8b:67:14:31:
cd:cc:ac:0e:b3:40:66:c5:38:5b:8f:6d:8c:2c:e5:
3a:43:aa:78:fd:88:31:8d:00:a0:96:a4:60:d8:b8:
f1:c2:01:b0:c6:e3:d2:af:56:f8:36:51:f0:57:a4:
31:18:f9:0c:e3:01:43:92:21:6c:26:c5:18:37:78:
30:e4:70:a0:83:3a:df:d5:e8:7b:b9:de:9a:22:41:
97:49:a1:9d:8f:c2:23:4f:45:05:2d:b5:f7:28:e5:
b5:d3:bf:12:22:f0:f6:dc:3b:a5:19:f0:48:d2:9d:
bc:69:f6:da:28:f8:98:b4:b4:c7:3d:80:29:b2:2e:
9d:aa:79:31:23:a6:27:7f:aa:49:5a:57:57:b3:6b:
42:b2:64:79:7a:5c:d8:ea:bd:05:9e:2d:69:12:2d:
69:a6:a7:1b:1d:82:ec:73:20:d9:f4:c2:7f:c3:b0:
f3:a2:c8:c9:4b:f6:35:5c:2c:ab:50:b0:36:ce:a6:
0e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6E:4E:17:0D:1B:E5:64:22:82:BE:71:0D:22:D3:EC:70:B5:BC:2F
X509v3 Authority Key Identifier:
keyid:D8:CF:CA:EA:A7:03:BD:10:09:3B:B3:A0:5E:17:D5:5E:31:07:25:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2M_K6qcDvRAJO7OgXhfVXjEHJTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3ae28-3993-4a7a-b292-881444c30afa/1/2M_K6qcDvRAJO7OgXhfVXjEHJTc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/d3ae28-3993-4a7a-b292-881444c30afa/1/2M_K6qcDvRAJO7OgXhfVXjEHJTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d7:19:b8:90:21:93:bf:e6:4a:44:c8:bf:e8:1f:e7:58:89:97:
f0:2f:11:07:d5:e2:be:1b:c2:b4:eb:37:a8:ca:a1:52:c4:47:
2e:4f:c3:53:24:df:65:85:ef:ca:82:a9:54:9d:d1:0f:55:57:
3f:2f:c7:3e:4c:38:dd:00:6a:98:47:f1:25:01:d4:64:95:24:
40:c4:5b:01:4c:d1:4a:d2:3a:79:f3:0a:7f:ff:1d:fb:f0:46:
d6:4d:70:1a:12:78:10:92:08:e5:33:52:d6:1d:6a:eb:b9:0a:
ab:5c:48:e7:28:ab:fd:b0:76:58:35:ab:26:0c:36:bf:ce:7e:
45:d4:62:09:3a:3e:54:f5:73:aa:de:56:a8:7d:08:29:06:ca:
6b:66:fa:70:fa:88:d9:03:17:9e:a7:88:09:98:86:8a:b2:5a:
72:92:33:88:3d:76:e6:59:b0:45:39:54:6c:e3:fe:90:25:b9:
f9:b3:ec:43:be:8d:87:df:55:d4:8f:bd:22:63:09:ce:c9:10:
8d:37:be:3c:1c:b9:7a:44:a1:12:b5:fb:96:df:06:7a:4a:aa:
b8:50:55:4a:9a:a2:f4:60:ef:0a:f4:19:10:6d:8a:81:7d:10:
39:19:67:98:b6:68:b4:13:ca:53:21:33:52:be:4c:34:0b:2b:
3f:7e:56:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2w/OA31v7B6oLgWXMsn1ApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4Y2ZjYWVhYTcwM2JkMTAwOTNiYjNhMDVlMTdkNTVlMzEw
NzI1MzcwHhcNMjYwNDIxMTcwMDU1WhcNMjYwNDIyMTcwMDU1WjAzMTEwLwYDVQQD
EygzYjZlNGUxNzBkMWJlNTY0MjI4MmJlNzEwZDIyZDNlYzcwYjViYzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6VzRLFS6bmFD/FG+NmV1SKTrZV1P
9H4XrU+y7COiakxijIAAbZaVA0inJNuhRpFUwn6AukdaJP7QXp9fWW1Q3tyHIL5Y
24tnFDHNzKwOs0BmxThbj22MLOU6Q6p4/YgxjQCglqRg2LjxwgGwxuPSr1b4NlHw
V6QxGPkM4wFDkiFsJsUYN3gw5HCggzrf1eh7ud6aIkGXSaGdj8IjT0UFLbX3KOW1
078SIvD23DulGfBI0p28afbaKPiYtLTHPYApsi6dqnkxI6Ynf6pJWldXs2tCsmR5
elzY6r0Fni1pEi1ppqcbHYLscyDZ9MJ/w7DzosjJS/Y1XCyrULA2zqYO4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtuThcNG+VkIoK+cQ0i0+xwtbwvMB8GA1UdIwQY
MBaAFNjPyuqnA70QCTuzoF4X1V4xByU3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk1fSzZxY0R2UkFKTzdPZ1hoZlZYakVISlRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kM2FlMjgtMzk5My00YTdhLWIyOTIt
ODgxNDQ0YzMwYWZhLzEvMk1fSzZxY0R2UkFKTzdPZ1hoZlZYakVISlRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9kM2FlMjgtMzk5My00YTdhLWIyOTItODgxNDQ0YzMwYWZh
LzEvMk1fSzZxY0R2UkFKTzdPZ1hoZlZYakVISlRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1xm4kCGT
v+ZKRMi/6B/nWImX8C8RB9XivhvCtOs3qMqhUsRHLk/DUyTfZYXvyoKpVJ3RD1VX
Py/HPkw43QBqmEfxJQHUZJUkQMRbAUzRStI6efMKf/8d+/BG1k1wGhJ4EJII5TNS
1h1q67kKq1xI5yir/bB2WDWrJgw2v85+RdRiCTo+VPVzqt5WqH0IKQbKa2b6cPqI
2QMXnqeICZiGirJacpIziD125lmwRTlUbOP+kCW5+bPsQ76Nh99V1I+9ImMJzskQ
jTe+PBy5ekShErX7lt8GekqquFBVSpqi9GDvCvQZEG2KgX0QORlnmLZotBPKUyEz
Ur5MNAsrP35WQg==
-----END CERTIFICATE-----
Generated at Wed Apr 22 04:10:45 2026 by rpki-client