Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
File: 2iHQJGSziv86MckIeNYnI7nHQqY.mft (raw, json)
Hash identifier: eVD105f6j0ENcd1GX2h6icUgHWS1tdrR9MvtYJs3b4g=
Subject key identifier: F6:E2:66:94:29:56:E3:CC:59:ED:16:78:C7:2D:8C:1F:D3:23:22:C7
Authority key identifier: DA:21:D0:24:64:B3:8A:FF:3A:31:C9:08:78:D6:27:23:B9:C7:42:A6
Certificate issuer: /CN=da21d02464b38aff3a31c90878d62723b9c742a6
Certificate serial: 019D3940A1D265896828A37C8A2459093221
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iHQJGSziv86MckIeNYnI7nHQqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
Manifest number: 028D
Signing time: Sun 29 Mar 2026 11:00:30 +0000
Manifest this update: Sun 29 Mar 2026 11:00:30 +0000
Manifest next update: Mon 30 Mar 2026 11:00:30 +0000
Files and hashes: 1: 2iHQJGSziv86MckIeNYnI7nHQqY.crl (hash: xa5StFoXiQIaE5o5ADez33oSHQ6xev62TOuMPkDabAA=)
2: ULNyY9ornMb2XkpkkXNvWN1gP2I.roa (hash: r5UnkkjvCogYCq6Zu3PdGG9tZrgdqzPy7q2Pvmc7Y4w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iHQJGSziv86MckIeNYnI7nHQqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:a1:d2:65:89:68:28:a3:7c:8a:24:59:09:32:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da21d02464b38aff3a31c90878d62723b9c742a6
Validity
Not Before: Mar 29 11:00:30 2026 GMT
Not After : Mar 30 11:00:30 2026 GMT
Subject: CN=f6e266942956e3cc59ed1678c72d8c1fd32322c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b8:a7:11:dd:bb:2d:66:f5:8d:ec:ec:ff:98:
b1:0e:98:47:f5:f8:5b:5e:f0:f4:b8:d2:2a:35:9a:
f9:80:74:1a:54:20:05:72:72:8b:4a:3a:b0:68:9b:
6b:bf:cc:96:3a:ba:45:51:88:b4:37:fe:a9:8b:be:
58:4f:d4:af:bd:b0:b2:47:5d:0e:85:5c:d7:c7:c8:
c5:ed:08:89:3b:75:a1:5e:53:4b:56:42:af:7c:e0:
77:b9:dd:db:12:97:65:cd:de:b9:74:84:66:e2:99:
97:5b:de:ec:16:8b:15:87:a0:29:44:92:3d:78:be:
54:3c:b8:34:61:bb:aa:cb:3e:3a:c7:9c:b0:23:61:
c8:da:cb:58:79:6c:bc:15:71:6c:22:2b:28:e9:0f:
62:dd:4a:8c:34:8d:ec:27:a2:26:6a:17:96:0f:c6:
ff:10:4d:de:01:57:3c:0e:4d:30:7f:28:08:d0:44:
8c:dd:14:0d:b1:10:2b:92:cf:0d:95:98:d8:b8:e5:
53:b8:eb:2f:49:17:a3:e7:32:23:30:88:0f:48:9d:
69:0c:22:66:73:48:f3:ee:85:93:28:2f:36:32:7f:
d8:ee:d1:fd:5a:7a:85:c9:3d:e8:1f:4d:90:4f:11:
20:23:85:5d:54:e5:36:10:55:2d:48:31:8e:52:42:
cc:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E2:66:94:29:56:E3:CC:59:ED:16:78:C7:2D:8C:1F:D3:23:22:C7
X509v3 Authority Key Identifier:
keyid:DA:21:D0:24:64:B3:8A:FF:3A:31:C9:08:78:D6:27:23:B9:C7:42:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iHQJGSziv86MckIeNYnI7nHQqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:3c:d0:8a:ed:ff:a6:3a:bf:7c:31:c4:da:e6:4d:22:03:10:
e9:ba:58:c7:c3:90:32:43:87:9c:fa:6f:ac:1a:a2:12:13:00:
e1:ce:21:66:48:e8:99:c9:ad:51:36:ea:96:c0:9a:03:37:a9:
93:b4:73:18:ac:47:d6:f8:37:93:1a:f3:6f:47:23:c7:d4:7b:
06:c1:39:52:78:c2:e3:4a:92:b8:ea:5b:0a:77:91:f7:75:ad:
30:7d:59:59:21:82:0d:e4:16:0f:dc:78:4c:45:bd:e2:d1:18:
70:ce:1c:32:fc:5b:41:57:c0:5f:65:24:f0:6b:d5:f1:02:04:
7c:33:15:f2:63:93:aa:82:2f:2f:1a:e3:c0:e3:cd:b1:fb:df:
b4:08:b6:87:88:82:19:49:61:59:98:dd:66:87:aa:65:67:91:
50:e0:3c:8d:f9:ed:d2:e8:65:ec:0f:33:e6:9a:5f:06:02:f0:
10:e3:da:c7:af:8b:e0:24:e4:e6:1c:7f:06:94:d5:4a:26:7a:
ac:ce:3d:07:c5:44:a4:5f:41:98:d0:e5:cd:e2:1d:f9:4d:2e:
49:e3:70:0c:3c:35:9b:75:a6:e7:9c:20:ee:ae:a5:68:4b:c7:
84:e6:18:a9:03:bb:b3:3d:eb:8d:4b:b5:5a:4a:f6:17:53:98:
60:3b:7e:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKHSZYloKKN8iiRZCTIhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjFkMDI0NjRiMzhhZmYzYTMxYzkwODc4ZDYyNzIzYjlj
NzQyYTYwHhcNMjYwMzI5MTEwMDMwWhcNMjYwMzMwMTEwMDMwWjAzMTEwLwYDVQQD
EyhmNmUyNjY5NDI5NTZlM2NjNTllZDE2NzhjNzJkOGMxZmQzMjMyMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbinEd27LWb1jezs/5ixDphH9fhb
XvD0uNIqNZr5gHQaVCAFcnKLSjqwaJtrv8yWOrpFUYi0N/6pi75YT9SvvbCyR10O
hVzXx8jF7QiJO3WhXlNLVkKvfOB3ud3bEpdlzd65dIRm4pmXW97sFosVh6ApRJI9
eL5UPLg0Ybuqyz46x5ywI2HI2stYeWy8FXFsIiso6Q9i3UqMNI3sJ6ImaheWD8b/
EE3eAVc8Dk0wfygI0ESM3RQNsRArks8NlZjYuOVTuOsvSRej5zIjMIgPSJ1pDCJm
c0jz7oWTKC82Mn/Y7tH9WnqFyT3oH02QTxEgI4VdVOU2EFUtSDGOUkLMlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPbiZpQpVuPMWe0WeMctjB/TIyLHMB8GA1UdIwQY
MBaAFNoh0CRks4r/OjHJCHjWJyO5x0KmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlIUUpHU3ppdjg2TWNrSWVOWW5JN25IUXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84ZTYxZjQtMWE0MS00Y2NhLWI4NWMt
NzZmNTJiMWRkNzE4LzEvMmlIUUpHU3ppdjg2TWNrSWVOWW5JN25IUXFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84ZTYxZjQtMWE0MS00Y2NhLWI4NWMtNzZmNTJiMWRkNzE4
LzEvMmlIUUpHU3ppdjg2TWNrSWVOWW5JN25IUXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDzQiu3/
pjq/fDHE2uZNIgMQ6bpYx8OQMkOHnPpvrBqiEhMA4c4hZkjomcmtUTbqlsCaAzep
k7RzGKxH1vg3kxrzb0cjx9R7BsE5UnjC40qSuOpbCneR93WtMH1ZWSGCDeQWD9x4
TEW94tEYcM4cMvxbQVfAX2Uk8GvV8QIEfDMV8mOTqoIvLxrjwOPNsfvftAi2h4iC
GUlhWZjdZoeqZWeRUOA8jfnt0uhl7A8z5ppfBgLwEOPax6+L4CTk5hx/BpTVSiZ6
rM49B8VEpF9BmNDlzeId+U0uSeNwDDw1m3Wm55wg7q6laEvHhOYYqQO7sz3rjUu1
Wkr2F1OYYDt+zg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:23:17 2026 by rpki-client