Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.mft
File: m2JkjpE6NkDwMbY6a9krDijhOfs.mft (raw, json)
Hash identifier: /nDjUmfsfQGdFGyGYzaRRA7uwK6480nplPtqbo0Sn8E=
Subject key identifier: 70:D1:15:2F:00:29:12:0B:7C:A2:2B:23:4E:DA:BB:25:92:5A:F2:D2
Authority key identifier: 9B:62:64:8E:91:3A:36:40:F0:31:B6:3A:6B:D9:2B:0E:28:E1:39:FB
Certificate issuer: /CN=9b62648e913a3640f031b63a6bd92b0e28e139fb
Certificate serial: 019D3977891D24A3A5FBADDFEC9BDF3D2E92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2JkjpE6NkDwMbY6a9krDijhOfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.mft
Manifest number: 0429
Signing time: Sun 29 Mar 2026 12:00:28 +0000
Manifest this update: Sun 29 Mar 2026 12:00:28 +0000
Manifest next update: Mon 30 Mar 2026 12:00:28 +0000
Files and hashes: 1: S4wgEzwu0A2vm1VQWPPTFVYsI9o.roa (hash: wQE4gq6WepgedvHZAUnDuDNwD8qtyedRwrEsafYQxBY=)
2: m2JkjpE6NkDwMbY6a9krDijhOfs.crl (hash: j3jRTjbwdUsjuTTBpNL7ZOqtmed8hH7D7BFMHfTD6Yc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/m2JkjpE6NkDwMbY6a9krDijhOfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:89:1d:24:a3:a5:fb:ad:df:ec:9b:df:3d:2e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b62648e913a3640f031b63a6bd92b0e28e139fb
Validity
Not Before: Mar 29 12:00:28 2026 GMT
Not After : Mar 30 12:00:28 2026 GMT
Subject: CN=70d1152f0029120b7ca22b234edabb25925af2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:67:b1:dc:67:71:f7:f9:35:10:a1:01:4d:7a:
a9:81:cb:18:56:45:1e:1a:df:60:45:42:34:3f:d0:
c1:cb:3e:9d:1e:18:80:ec:71:62:c7:fc:90:00:9d:
35:f2:34:6b:bf:18:57:5a:fe:ff:b6:ce:b0:59:16:
00:36:a3:aa:a2:86:a4:70:d9:d0:52:e7:5d:1c:6d:
31:02:ed:bd:0c:d0:cf:f0:5f:18:fb:3c:b5:e1:c4:
9a:27:84:73:9d:68:39:03:31:76:df:1f:dd:3e:5e:
fa:5a:29:6f:7d:3d:f6:92:5d:c0:a0:a2:b2:75:70:
c8:b4:34:36:c7:85:7d:f7:ab:75:3c:0f:88:92:12:
4c:ad:f7:04:55:27:a1:eb:1b:e7:61:4b:fd:f4:61:
4a:93:d7:5c:d1:34:ad:26:6d:ba:c0:96:36:0f:f3:
d7:97:d9:d2:97:af:e1:0c:d3:f0:36:6e:ed:7f:99:
1d:08:5c:ad:a8:56:47:19:f4:d2:a1:b4:3f:8f:6a:
68:83:91:c5:d5:3c:d8:f2:cb:1b:f3:d4:9f:2c:c3:
83:a6:32:cb:59:97:01:72:8b:4c:d2:85:44:66:c5:
d3:f0:ee:03:5a:93:b6:ab:1b:99:72:60:55:fa:59:
84:1d:97:2a:fe:95:82:3b:c6:bf:ff:bc:36:d3:06:
2c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D1:15:2F:00:29:12:0B:7C:A2:2B:23:4E:DA:BB:25:92:5A:F2:D2
X509v3 Authority Key Identifier:
keyid:9B:62:64:8E:91:3A:36:40:F0:31:B6:3A:6B:D9:2B:0E:28:E1:39:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2JkjpE6NkDwMbY6a9krDijhOfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8865d7-9fea-47f6-a3fc-98bd156029c0/1/m2JkjpE6NkDwMbY6a9krDijhOfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:11:00:45:14:18:b8:32:f6:e5:5c:67:6a:70:1e:ba:58:c4:
1c:05:91:30:3f:d2:ba:23:be:10:1d:8f:1c:7d:c1:78:17:c4:
c6:08:15:50:94:ce:2e:34:12:e9:64:b6:83:59:6e:43:eb:9a:
30:4a:ad:15:de:81:9a:0f:9d:de:5f:bb:e7:a9:f7:3a:e8:91:
2d:3c:3e:9f:dd:48:65:90:fb:c6:2a:e0:f8:78:fd:37:a8:d0:
9e:8e:f6:d1:4b:36:49:0b:96:e4:3c:cc:a6:86:ce:bf:42:e8:
f8:b3:20:eb:2e:8d:f8:98:57:de:ae:e5:7f:5a:53:cd:af:ce:
4e:be:8a:a8:e6:98:c2:eb:9a:c3:fc:45:78:dc:44:63:5e:e3:
c2:9d:61:8a:df:41:b0:b9:1d:d4:02:2e:31:58:58:1f:d3:b4:
d8:cd:c0:e1:fd:7a:65:a1:27:92:85:81:2a:7a:70:ab:2d:19:
5b:77:23:6d:56:df:3a:be:dd:65:6f:68:ee:8f:26:3b:bd:94:
a2:7f:ca:24:be:04:c0:43:df:a6:ed:54:27:4a:8a:6d:fa:42:
1a:c9:d1:6b:c3:de:b1:e1:b3:f3:aa:55:11:9c:4f:b2:18:7b:
65:54:1d:c4:e4:4a:c5:42:8e:98:d8:fd:ab:4e:1d:1a:1f:9e:
3b:0a:be:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4kdJKOl+63f7JvfPS6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjI2NDhlOTEzYTM2NDBmMDMxYjYzYTZiZDkyYjBlMjhl
MTM5ZmIwHhcNMjYwMzI5MTIwMDI4WhcNMjYwMzMwMTIwMDI4WjAzMTEwLwYDVQQD
Eyg3MGQxMTUyZjAwMjkxMjBiN2NhMjJiMjM0ZWRhYmIyNTkyNWFmMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomex3Gdx9/k1EKEBTXqpgcsYVkUe
Gt9gRUI0P9DByz6dHhiA7HFix/yQAJ018jRrvxhXWv7/ts6wWRYANqOqooakcNnQ
UuddHG0xAu29DNDP8F8Y+zy14cSaJ4RznWg5AzF23x/dPl76WilvfT32kl3AoKKy
dXDItDQ2x4V996t1PA+IkhJMrfcEVSeh6xvnYUv99GFKk9dc0TStJm26wJY2D/PX
l9nSl6/hDNPwNm7tf5kdCFytqFZHGfTSobQ/j2pog5HF1TzY8ssb89SfLMODpjLL
WZcBcotM0oVEZsXT8O4DWpO2qxuZcmBV+lmEHZcq/pWCO8a//7w20wYsOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDRFS8AKRILfKIrI07auyWSWvLSMB8GA1UdIwQY
MBaAFJtiZI6ROjZA8DG2OmvZKw4o4Tn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJKa2pwRTZOa0R3TWJZNmE5a3JEaWpoT2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ODY1ZDctOWZlYS00N2Y2LWEzZmMt
OThiZDE1NjAyOWMwLzEvbTJKa2pwRTZOa0R3TWJZNmE5a3JEaWpoT2ZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ODY1ZDctOWZlYS00N2Y2LWEzZmMtOThiZDE1NjAyOWMw
LzEvbTJKa2pwRTZOa0R3TWJZNmE5a3JEaWpoT2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqREARRQY
uDL25VxnanAeuljEHAWRMD/SuiO+EB2PHH3BeBfExggVUJTOLjQS6WS2g1luQ+ua
MEqtFd6Bmg+d3l+756n3OuiRLTw+n91IZZD7xirg+Hj9N6jQno720Us2SQuW5DzM
pobOv0Lo+LMg6y6N+JhX3q7lf1pTza/OTr6KqOaYwuuaw/xFeNxEY17jwp1hit9B
sLkd1AIuMVhYH9O02M3A4f16ZaEnkoWBKnpwqy0ZW3cjbVbfOr7dZW9o7o8mO72U
on/KJL4EwEPfpu1UJ0qKbfpCGsnRa8PeseGz86pVEZxPshh7ZVQdxORKxUKOmNj9
q04dGh+eOwq+LQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 15:26:42 2026 by rpki-client