Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json)
Hash identifier: +c4yJbumczDchucxk4KJJzh+6oHc1QqZ/52LAvEs0HQ=
Subject key identifier: 37:55:1F:A0:9D:C2:48:3D:9E:69:BE:70:9B:30:19:9B:7F:A6:ED:B2
Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a
Certificate serial: 019D37C0F9527A14974D15E009EEF7D90AE9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
Manifest number: 17BE
Signing time: Sun 29 Mar 2026 04:01:26 +0000
Manifest this update: Sun 29 Mar 2026 04:01:26 +0000
Manifest next update: Mon 30 Mar 2026 04:01:26 +0000
Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: azEdRbdSnj4tBgy/pdCWRYorpeSv3CmTRlqVgiKU0Rk=)
2: xhpLteHeEuI9N2i0WjCkJHYwXtM.roa (hash: ZhHw/D8clg9QeWX4KlvzTONGmYlvYOv2tFZIA342W2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:f9:52:7a:14:97:4d:15:e0:09:ee:f7:d9:0a:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a
Validity
Not Before: Mar 29 04:01:26 2026 GMT
Not After : Mar 30 04:01:26 2026 GMT
Subject: CN=37551fa09dc2483d9e69be709b30199b7fa6edb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ed:d8:fb:0e:d2:fc:f1:73:2a:86:50:65:78:
fa:b8:06:e3:fe:35:84:0a:a0:5c:23:e2:de:c3:82:
93:2f:c6:22:a8:2b:3c:5f:3e:e1:9d:5a:d1:dc:80:
65:87:46:98:fa:c3:99:4f:f3:52:a5:9e:82:f2:8c:
92:2e:b2:8d:8c:03:9c:0c:26:94:a0:c2:65:c9:41:
0a:a7:e9:7e:c3:31:67:bb:2e:62:bc:9e:3e:87:54:
82:49:3d:54:f8:dc:f8:81:25:75:32:4e:bc:81:e8:
a1:3d:08:39:5a:77:53:74:57:42:96:dc:8c:c1:9d:
3d:3c:b1:59:73:87:dd:f0:ce:fd:b6:9b:7b:1d:22:
43:2e:2d:07:c6:dd:2f:ea:1c:26:40:19:4f:ba:e8:
f5:8e:38:f7:d8:c5:79:22:b1:06:be:37:5e:93:e6:
2b:cd:ff:e3:51:6a:b1:ab:fe:45:19:d2:61:6f:2e:
bf:fc:55:c8:2e:42:b9:ba:1c:d0:86:8e:11:64:7c:
39:8e:dc:cd:b8:38:65:9a:2c:c2:e2:f6:40:93:fe:
7d:ab:75:ac:66:39:5b:f0:e2:09:9e:3a:37:c2:8e:
a4:dd:02:1e:38:a0:0e:5a:ad:24:49:f5:9e:04:d1:
84:c9:ad:7e:57:60:1f:ff:dc:8c:9f:cc:c1:06:40:
e6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:55:1F:A0:9D:C2:48:3D:9E:69:BE:70:9B:30:19:9B:7F:A6:ED:B2
X509v3 Authority Key Identifier:
keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:f9:59:a9:d3:73:e6:c2:cf:f0:84:fc:c2:83:99:1e:b0:78:
98:c9:55:d6:02:d4:76:ee:58:31:39:d6:8a:67:1a:7c:32:e9:
02:4e:be:23:93:69:66:f4:01:4d:39:f4:09:d5:42:27:f1:23:
ca:ba:ca:9e:9f:c4:42:eb:e5:e0:c3:c8:73:9b:eb:2b:f3:29:
ac:e5:f5:46:19:b9:78:a5:fd:fc:ba:df:ed:93:cf:91:be:e7:
db:85:7f:ac:95:7d:67:07:83:f7:c8:c0:40:f7:9a:d7:49:87:
7a:aa:19:45:c6:85:ae:78:00:76:48:8b:7e:81:7a:c1:d9:d4:
e5:09:3b:86:a1:38:33:db:18:3f:0b:7b:3e:7f:e0:6f:df:37:
56:cd:d9:e4:c9:e0:2f:4f:9e:31:7b:6e:e5:d3:18:6d:86:c7:
f2:ad:f3:7b:09:37:8d:63:9c:0f:fb:b2:6a:55:fb:bc:6f:fe:
18:30:19:1b:9d:24:95:4a:fc:76:86:0b:dc:66:65:a4:f6:16:
f3:54:f8:6b:ae:b0:96:30:3c:30:69:20:df:87:b9:34:1d:ab:
a9:83:e3:8a:90:ea:05:53:97:c5:7f:8d:ff:f4:78:20:bd:91:
1e:32:e0:5f:c9:b1:89:86:f0:c7:20:ca:4c:af:21:49:18:3d:
75:e2:d3:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wPlSehSXTRXgCe732QrpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk
OTEzM2EwHhcNMjYwMzI5MDQwMTI2WhcNMjYwMzMwMDQwMTI2WjAzMTEwLwYDVQQD
EygzNzU1MWZhMDlkYzI0ODNkOWU2OWJlNzA5YjMwMTk5YjdmYTZlZGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+3Y+w7S/PFzKoZQZXj6uAbj/jWE
CqBcI+Lew4KTL8YiqCs8Xz7hnVrR3IBlh0aY+sOZT/NSpZ6C8oySLrKNjAOcDCaU
oMJlyUEKp+l+wzFnuy5ivJ4+h1SCST1U+Nz4gSV1Mk68geihPQg5WndTdFdCltyM
wZ09PLFZc4fd8M79tpt7HSJDLi0Hxt0v6hwmQBlPuuj1jjj32MV5IrEGvjdek+Yr
zf/jUWqxq/5FGdJhby6//FXILkK5uhzQho4RZHw5jtzNuDhlmizC4vZAk/59q3Ws
Zjlb8OIJnjo3wo6k3QIeOKAOWq0kSfWeBNGEya1+V2Af/9yMn8zBBkDm5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDdVH6Cdwkg9nmm+cJswGZt/pu2yMB8GA1UdIwQY
MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt
NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx
LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACvlZqdNz
5sLP8IT8woOZHrB4mMlV1gLUdu5YMTnWimcafDLpAk6+I5NpZvQBTTn0CdVCJ/Ej
yrrKnp/EQuvl4MPIc5vrK/MprOX1Rhm5eKX9/Lrf7ZPPkb7n24V/rJV9ZweD98jA
QPea10mHeqoZRcaFrngAdkiLfoF6wdnU5Qk7hqE4M9sYPwt7Pn/gb983Vs3Z5Mng
L0+eMXtu5dMYbYbH8q3zewk3jWOcD/uyalX7vG/+GDAZG50klUr8doYL3GZlpPYW
81T4a66wljA8MGkg34e5NB2rqYPjipDqBVOXxX+N//R4IL2RHjLgX8mxiYbwxyDK
TK8hSRg9deLT3w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:52:27 2026 by rpki-client