Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
File: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft (raw, json)
Hash identifier: HX/9mqfrOwztJKG0gp++AHJXCzvZcrEnoQA2VMHGeVw=
Subject key identifier: FB:E6:AF:99:5D:3C:7D:4B:3A:88:D4:05:5C:A3:66:24:AF:AD:E4:AC
Authority key identifier: D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
Certificate issuer: /CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Certificate serial: 019D3789700D2334261F1B6529275CA1E23A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
Manifest number: 032B
Signing time: Sun 29 Mar 2026 03:00:47 +0000
Manifest this update: Sun 29 Mar 2026 03:00:47 +0000
Manifest next update: Mon 30 Mar 2026 03:00:47 +0000
Files and hashes: 1: 2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl (hash: XicoevFMndQNRg+nfOFNmSkqmBivJCqIHft/rwxyCn8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:70:0d:23:34:26:1f:1b:65:29:27:5c:a1:e2:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8682d2ccad4e41a55209497ee0fe27f3901bb51
Validity
Not Before: Mar 29 03:00:47 2026 GMT
Not After : Mar 30 03:00:47 2026 GMT
Subject: CN=fbe6af995d3c7d4b3a88d4055ca36624afade4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:ee:bb:7b:43:04:9f:eb:e5:fb:db:b7:09:
0e:9c:53:02:38:c5:e2:58:0d:54:43:ba:2e:4b:02:
2c:91:d3:a9:21:e0:3b:c4:c3:c0:a8:77:6b:53:1d:
3d:1a:39:b1:2c:99:3b:70:20:d0:8c:31:0a:fa:2f:
b5:46:c3:dc:5e:7e:ad:91:52:a0:c2:24:d5:33:7e:
51:2c:a9:e2:8d:78:1f:46:5f:da:b5:22:e0:af:f6:
2e:43:c8:c7:4a:a9:72:9e:05:1f:2f:8a:01:ab:0c:
d2:0e:c9:3a:d1:16:21:ac:78:53:5d:45:b9:c7:b3:
13:4b:a2:c0:d1:20:a4:06:c8:1c:42:ac:0e:76:20:
6d:ff:6b:71:9f:30:7a:33:68:e2:c0:a0:cf:92:39:
f9:28:dc:a7:1c:71:3c:09:66:ab:64:f6:0a:ca:80:
34:06:af:2f:50:62:62:69:d9:9a:13:cc:ea:e5:23:
6e:8c:d9:6f:fa:30:b9:51:81:32:37:68:72:8a:b1:
3a:e2:4c:83:27:73:31:f1:d6:e0:41:63:99:1c:b7:
cb:e7:fc:6b:a8:c7:48:c4:c1:d7:87:c2:90:e1:d3:
67:03:24:46:e6:bf:c2:bb:5f:a4:34:07:1b:b5:bc:
e4:ea:d8:03:d1:f0:f9:dc:ff:d9:df:da:13:6d:65:
77:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E6:AF:99:5D:3C:7D:4B:3A:88:D4:05:5C:A3:66:24:AF:AD:E4:AC
X509v3 Authority Key Identifier:
keyid:D8:68:2D:2C:CA:D4:E4:1A:55:20:94:97:EE:0F:E2:7F:39:01:BB:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GgtLMrU5BpVIJSX7g_ifzkBu1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c69aa2-498d-441b-8b17-5c7e9fe6e1a9/1/2GgtLMrU5BpVIJSX7g_ifzkBu1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c9:2c:6c:85:40:cf:02:82:0f:87:c9:42:a3:ee:06:82:8e:e2:
0b:8e:b3:3a:8a:25:29:2f:c3:7f:d5:4e:bf:b0:e1:51:d1:5e:
a8:00:1d:27:04:19:c0:54:87:f5:9a:9d:7d:cc:64:b2:ec:88:
56:47:ee:3b:de:ac:dd:15:1c:54:27:ca:24:f4:18:32:e7:ce:
d2:50:c8:50:2e:24:76:44:28:66:1d:4e:8d:d6:9d:c5:a7:85:
5b:c7:61:84:9d:98:c2:02:46:06:2a:5e:43:93:f7:e9:19:c0:
d6:ef:27:e7:f8:98:8f:7b:1c:d6:07:23:e3:29:cc:69:48:4b:
cd:ea:e0:f9:ea:8a:18:69:8b:50:40:83:57:6e:c5:77:5d:4f:
38:4d:3f:4a:4e:af:8b:3f:d2:a2:ba:58:32:06:23:70:db:71:
b6:8c:35:e4:ee:4b:b4:49:2c:85:71:39:05:30:35:98:b2:ee:
dc:d5:94:29:d3:8f:86:26:e8:82:e6:c2:09:28:43:e1:31:38:
8b:9d:86:c3:ee:02:1a:9c:f1:d3:51:31:f7:c0:af:df:68:86:
3c:5d:ed:0d:9d:ce:e7:d0:69:c8:52:e6:b1:df:fa:ad:a5:e4:
45:7e:4a:11:c0:2e:e0:59:37:98:d1:a0:c2:14:bb:2a:dc:95:
67:31:da:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iXANIzQmHxtlKSdcoeI6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjgyZDJjY2FkNGU0MWE1NTIwOTQ5N2VlMGZlMjdmMzkw
MWJiNTEwHhcNMjYwMzI5MDMwMDQ3WhcNMjYwMzMwMDMwMDQ3WjAzMTEwLwYDVQQD
EyhmYmU2YWY5OTVkM2M3ZDRiM2E4OGQ0MDU1Y2EzNjYyNGFmYWRlNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAHuu3tDBJ/r5fvbtwkOnFMCOMXi
WA1UQ7ouSwIskdOpIeA7xMPAqHdrUx09GjmxLJk7cCDQjDEK+i+1RsPcXn6tkVKg
wiTVM35RLKnijXgfRl/atSLgr/YuQ8jHSqlyngUfL4oBqwzSDsk60RYhrHhTXUW5
x7MTS6LA0SCkBsgcQqwOdiBt/2txnzB6M2jiwKDPkjn5KNynHHE8CWarZPYKyoA0
Bq8vUGJiadmaE8zq5SNujNlv+jC5UYEyN2hyirE64kyDJ3Mx8dbgQWOZHLfL5/xr
qMdIxMHXh8KQ4dNnAyRG5r/Cu1+kNAcbtbzk6tgD0fD53P/Z39oTbWV3OwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvmr5ldPH1LOojUBVyjZiSvreSsMB8GA1UdIwQY
MBaAFNhoLSzK1OQaVSCUl+4P4n85AbtRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTct
NWM3ZTlmZTZlMWE5LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNjlhYTItNDk4ZC00NDFiLThiMTctNWM3ZTlmZTZlMWE5
LzEvMkdndExNclU1QnBWSUpTWDdnX2lmemtCdTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAySxshUDP
AoIPh8lCo+4Ggo7iC46zOoolKS/Df9VOv7DhUdFeqAAdJwQZwFSH9ZqdfcxksuyI
VkfuO96s3RUcVCfKJPQYMufO0lDIUC4kdkQoZh1OjdadxaeFW8dhhJ2YwgJGBipe
Q5P36RnA1u8n5/iYj3sc1gcj4ynMaUhLzerg+eqKGGmLUECDV27Fd11POE0/Sk6v
iz/SorpYMgYjcNtxtow15O5LtEkshXE5BTA1mLLu3NWUKdOPhibogubCCShD4TE4
i52Gw+4CGpzx01Ex98Cv32iGPF3tDZ3O59BpyFLmsd/6raXkRX5KEcAu4Fk3mNGg
whS7KtyVZzHaSQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:41 2026 by rpki-client