Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
File: 2lTIIO5UFUMsaLATYZJ1_0xubqU.mft (raw, json)
Hash identifier: aiClOpVMcVh/dHtQhnC0N7aZtoyDok+UXCPpKEiBGGc=
Subject key identifier: 0E:21:23:1E:3B:DB:3A:87:AA:C6:8E:E7:65:14:6B:CD:05:BB:42:8A
Authority key identifier: DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
Certificate issuer: /CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Certificate serial: 019F194346D796EF21047D53E5C48C58F80C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
Manifest number: 0A0C
Signing time: Tue 30 Jun 2026 16:01:07 +0000
Manifest this update: Tue 30 Jun 2026 16:01:07 +0000
Manifest next update: Wed 01 Jul 2026 16:01:07 +0000
Files and hashes: 1: 2lTIIO5UFUMsaLATYZJ1_0xubqU.crl (hash: qbkrExrk4jvrmPG1WyTTIpeArndb5CRaeTZCVsQFXiI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:19:43:46:d7:96:ef:21:04:7d:53:e5:c4:8c:58:f8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da54c820ee5415432c68b013619275ff4c6e6ea5
Validity
Not Before: Jun 30 16:01:07 2026 GMT
Not After : Jul 1 16:01:07 2026 GMT
Subject: CN=0e21231e3bdb3a87aac68ee765146bcd05bb428a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:02:c0:6c:af:8d:78:62:7b:e4:2c:24:35:70:
2b:da:3f:e2:42:28:f3:45:97:31:42:89:24:e3:d3:
91:3f:33:5f:9e:aa:9a:69:98:47:82:eb:67:81:b3:
6f:95:29:4c:75:93:c5:a8:fb:b2:1a:63:7d:77:b4:
d8:32:92:59:65:11:ba:ea:e3:0e:64:44:60:7e:de:
59:e7:b3:b3:60:5c:2a:6b:92:72:0d:ba:e4:19:43:
98:87:bc:eb:75:c0:03:05:a3:f0:2f:6f:1f:42:60:
63:df:b3:8a:e2:63:f2:69:e0:b3:83:7f:51:e6:da:
85:31:07:ec:97:ea:18:13:69:5f:c7:56:3a:3e:db:
db:76:9c:be:c9:bf:15:14:38:a4:b8:c1:19:6f:a7:
60:c8:5a:1e:53:7c:49:10:a8:65:58:3e:ec:a0:be:
6a:8f:32:d9:e3:e8:25:72:b3:06:49:df:fd:28:1c:
f4:54:b7:ea:e3:e5:20:8d:c0:34:59:3f:88:98:e1:
29:6d:34:e9:c0:8c:7b:6f:98:35:e9:49:4d:6f:17:
50:42:de:bb:77:15:e9:fa:12:a2:7e:79:98:01:2d:
9f:12:39:53:8f:b2:b0:71:f0:c8:7c:b0:c6:ba:d7:
45:2d:33:5a:26:c7:64:64:67:14:9b:0f:69:d2:61:
12:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:21:23:1E:3B:DB:3A:87:AA:C6:8E:E7:65:14:6B:CD:05:BB:42:8A
X509v3 Authority Key Identifier:
keyid:DA:54:C8:20:EE:54:15:43:2C:68:B0:13:61:92:75:FF:4C:6E:6E:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2lTIIO5UFUMsaLATYZJ1_0xubqU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/87a9d9-667f-41f3-aec9-8098205f872e/1/2lTIIO5UFUMsaLATYZJ1_0xubqU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:a7:c2:e5:10:06:cd:76:da:ff:7a:64:90:70:ed:79:4f:4b:
89:71:70:57:67:66:e8:79:e2:1b:30:3b:86:f5:38:0d:e2:da:
08:59:ac:f7:9a:9c:5e:d7:89:5e:e9:b5:ab:6e:75:0f:92:db:
fe:fa:af:89:3f:0e:af:40:78:05:ca:a6:0d:4b:4f:6a:db:2d:
d7:46:38:81:6b:08:32:77:38:21:7d:87:85:49:b4:28:41:35:
f2:e7:c5:57:2b:6e:21:52:59:1c:01:7a:30:1c:6c:eb:49:de:
57:bb:70:d0:05:9e:d1:61:a9:6b:50:1a:f1:6f:9f:e4:7b:2b:
e2:cc:a6:74:47:27:e3:bc:dd:b7:eb:d8:b1:76:ae:0d:b1:3d:
31:67:79:93:15:c6:aa:f4:cc:85:e0:de:cc:a7:38:d8:42:fd:
cc:4a:40:b1:2e:3a:17:90:c9:f9:1d:30:94:d9:90:08:89:d8:
64:04:a2:18:97:77:11:6b:3f:ce:d3:b2:0b:7f:72:89:6e:a1:
4f:cd:b2:fe:e4:44:c0:58:7f:7b:6d:cd:0c:89:74:a3:93:65:
ed:55:88:5a:c5:87:8a:74:ca:00:e9:b0:d9:96:68:54:6f:7a:
3f:e3:bc:1e:2e:4e:cd:b0:7c:2d:c7:45:6e:73:2b:b9:20:b9:
08:91:bf:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ0bXlu8hBH1T5cSMWPgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNTRjODIwZWU1NDE1NDMyYzY4YjAxMzYxOTI3NWZmNGM2
ZTZlYTUwHhcNMjYwNjMwMTYwMTA3WhcNMjYwNzAxMTYwMTA3WjAzMTEwLwYDVQQD
EygwZTIxMjMxZTNiZGIzYTg3YWFjNjhlZTc2NTE0NmJjZDA1YmI0MjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wLAbK+NeGJ75CwkNXAr2j/iQijz
RZcxQokk49ORPzNfnqqaaZhHgutngbNvlSlMdZPFqPuyGmN9d7TYMpJZZRG66uMO
ZERgft5Z57OzYFwqa5JyDbrkGUOYh7zrdcADBaPwL28fQmBj37OK4mPyaeCzg39R
5tqFMQfsl+oYE2lfx1Y6Ptvbdpy+yb8VFDikuMEZb6dgyFoeU3xJEKhlWD7soL5q
jzLZ4+glcrMGSd/9KBz0VLfq4+UgjcA0WT+ImOEpbTTpwIx7b5g16UlNbxdQQt67
dxXp+hKifnmYAS2fEjlTj7KwcfDIfLDGutdFLTNaJsdkZGcUmw9p0mES6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA4hIx472zqHqsaO52UUa80Fu0KKMB8GA1UdIwQY
MBaAFNpUyCDuVBVDLGiwE2GSdf9Mbm6lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzkt
ODA5ODIwNWY4NzJlLzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84N2E5ZDktNjY3Zi00MWYzLWFlYzktODA5ODIwNWY4NzJl
LzEvMmxUSUlPNVVGVU1zYUxBVFlaSjFfMHh1YnFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAA6fC5RAG
zXba/3pkkHDteU9LiXFwV2dm6HniGzA7hvU4DeLaCFms95qcXteJXum1q251D5Lb
/vqviT8Or0B4BcqmDUtPatst10Y4gWsIMnc4IX2HhUm0KEE18ufFVytuIVJZHAF6
MBxs60neV7tw0AWe0WGpa1Aa8W+f5Hsr4symdEcn47zdt+vYsXauDbE9MWd5kxXG
qvTMheDezKc42EL9zEpAsS46F5DJ+R0wlNmQCInYZASiGJd3EWs/ztOyC39yiW6h
T82y/uREwFh/e23NDIl0o5Nl7VWIWsWHinTKAOmw2ZZoVG96P+O8Hi5OzbB8LcdF
bnMruSC5CJG/BA==
-----END CERTIFICATE-----
Generated at Tue Jun 30 19:37:26 2026 by rpki-client