Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: aSBikfO2g8q5m8x5BAsfpYsTdv1W1DTMOD2zXGgJqNE=
Subject key identifier: 42:9F:71:0D:00:CC:B2:2B:AC:1C:CA:3E:1B:94:9D:15:BE:2A:21:7E
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 019E300571D8557639351AF19103D2E0F4CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 1915
Signing time: Sat 16 May 2026 09:02:03 +0000
Manifest this update: Sat 16 May 2026 09:02:03 +0000
Manifest next update: Sun 17 May 2026 09:02:03 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: iOERi0BSpELUqyUE6UZ6iITguiSy5fxdFGD1SqxPr/c=)
2: EMYZWM6m9RpWCTQk3MWhN1mZ9-0.roa (hash: c9D6HF2YxGeHbf3oxM7nmQWg4IZpAm/i+q7H/DzFs4k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 09:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:05:71:d8:55:76:39:35:1a:f1:91:03:d2:e0:f4:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: May 16 09:02:03 2026 GMT
Not After : May 17 09:02:03 2026 GMT
Subject: CN=429f710d00ccb22bac1cca3e1b949d15be2a217e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:54:8c:e6:29:84:2a:81:81:28:2b:32:f6:55:
d0:89:e3:d5:e5:6d:97:01:bc:23:c1:97:1b:2f:52:
85:c0:98:19:2a:01:c2:87:f9:52:7f:2c:b7:f7:2e:
0b:36:36:cc:5a:bd:1d:9c:61:66:98:f1:71:26:e9:
c9:de:30:8b:a5:06:6f:50:c8:b5:d2:db:97:5b:96:
b8:5d:c8:98:5f:36:7c:0a:f9:af:bf:c0:6c:b5:3c:
5c:7d:ad:d3:a3:ae:63:1e:07:ef:c2:68:d7:41:b0:
28:f0:89:39:4b:f4:73:16:ce:47:89:c9:94:58:e2:
b3:77:33:8f:b4:71:0e:84:18:67:7e:b7:a6:9d:c5:
84:c0:cf:8e:94:73:88:a0:28:2c:1c:80:a2:4d:1f:
a9:83:eb:bf:3c:ff:d1:25:dd:ea:ad:e4:49:28:67:
a2:9e:64:57:c5:bc:34:39:44:93:8a:ca:11:94:6f:
94:6d:eb:fc:5a:8c:68:25:86:29:c1:d8:44:e6:fb:
49:e7:39:05:bf:a6:43:27:c3:a9:ab:f4:36:5f:61:
df:96:4b:c5:11:b0:7a:20:d3:3c:7d:e9:c0:c8:53:
c4:a0:91:d2:b9:00:75:88:69:14:13:18:64:5c:f3:
32:7a:3a:30:fe:f8:37:bd:c6:0b:3d:b4:62:6f:00:
df:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9F:71:0D:00:CC:B2:2B:AC:1C:CA:3E:1B:94:9D:15:BE:2A:21:7E
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:f0:05:35:9b:15:7c:03:4b:1c:2a:14:bc:f5:28:a7:af:f0:
4f:95:6a:dd:6c:cf:a8:66:7e:5c:4a:ce:27:a7:da:29:aa:8b:
1d:e6:74:54:e6:b4:6c:13:07:2e:0e:79:56:f7:b3:b2:55:f2:
12:7c:29:c7:85:8f:cf:9c:2d:7d:d4:e2:a9:bc:d3:7d:04:1b:
d6:34:0f:ae:8b:61:e7:70:a3:f0:28:bb:e0:ac:8c:10:82:71:
19:fd:88:21:a9:9c:d6:02:75:ee:b7:34:28:8f:de:19:30:b5:
d8:62:b7:08:63:67:80:7d:3b:fa:41:0f:39:51:5d:7e:ca:51:
a4:0e:c3:7a:ca:3b:c5:67:0e:31:86:82:42:5a:9b:97:7c:a5:
9a:2e:81:ce:48:ef:ec:b6:31:1c:d8:3f:f4:2e:58:a4:52:ec:
4f:25:13:e5:30:c1:94:02:55:17:27:29:df:f5:e1:d3:2d:06:
ae:95:40:a4:49:5d:9b:28:e9:5d:a6:1e:15:47:c9:89:0d:ab:
e9:31:fa:b7:af:96:fe:4b:e9:80:61:52:d2:5c:aa:4e:2f:9b:
8f:f9:64:f9:2b:c4:26:8e:0e:8b:32:a7:b5:89:69:21:00:4c:
05:d2:e2:42:4d:e1:06:02:56:1b:e1:10:4a:ac:3b:f6:1a:1b:
2e:ec:f2:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wBXHYVXY5NRrxkQPS4PTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjYwNTE2MDkwMjAzWhcNMjYwNTE3MDkwMjAzWjAzMTEwLwYDVQQD
Eyg0MjlmNzEwZDAwY2NiMjJiYWMxY2NhM2UxYjk0OWQxNWJlMmEyMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFSM5imEKoGBKCsy9lXQiePV5W2X
AbwjwZcbL1KFwJgZKgHCh/lSfyy39y4LNjbMWr0dnGFmmPFxJunJ3jCLpQZvUMi1
0tuXW5a4XciYXzZ8Cvmvv8BstTxcfa3To65jHgfvwmjXQbAo8Ik5S/RzFs5HicmU
WOKzdzOPtHEOhBhnfremncWEwM+OlHOIoCgsHICiTR+pg+u/PP/RJd3qreRJKGei
nmRXxbw0OUSTisoRlG+Ubev8WoxoJYYpwdhE5vtJ5zkFv6ZDJ8Opq/Q2X2HflkvF
EbB6INM8fenAyFPEoJHSuQB1iGkUExhkXPMyejow/vg3vcYLPbRibwDfswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKfcQ0AzLIrrBzKPhuUnRW+KiF+MB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPPAFNZsV
fANLHCoUvPUop6/wT5Vq3WzPqGZ+XErOJ6faKaqLHeZ0VOa0bBMHLg55VvezslXy
Enwpx4WPz5wtfdTiqbzTfQQb1jQProth53Cj8Ci74KyMEIJxGf2IIamc1gJ17rc0
KI/eGTC12GK3CGNngH07+kEPOVFdfspRpA7Deso7xWcOMYaCQlqbl3ylmi6Bzkjv
7LYxHNg/9C5YpFLsTyUT5TDBlAJVFycp3/Xh0y0GrpVApEldmyjpXaYeFUfJiQ2r
6TH6t6+W/kvpgGFS0lyqTi+bj/lk+SvEJo4OizKntYlpIQBMBdLiQk3hBgJWG+EQ
Sqw79hobLuzyCg==
-----END CERTIFICATE-----
Generated at Sat May 16 16:24:38 2026 by rpki-client