Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: 5qEjH88++GoeioqjRwMg07+4sKGvncsjP1/kFe1iZNA=
Subject key identifier: 03:2E:2F:70:22:FB:BC:D5:D3:1F:7A:66:51:FE:6E:F2:42:88:43:2B
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 019D38D3ADE552E7EA40CF91EE50105742BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 1895
Signing time: Sun 29 Mar 2026 09:01:29 +0000
Manifest this update: Sun 29 Mar 2026 09:01:29 +0000
Manifest next update: Mon 30 Mar 2026 09:01:29 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: j8q7t3QJNbZoqUNF6TwPLq/koW4cRUFG+p1FAEACi0o=)
2: EMYZWM6m9RpWCTQk3MWhN1mZ9-0.roa (hash: c9D6HF2YxGeHbf3oxM7nmQWg4IZpAm/i+q7H/DzFs4k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:ad:e5:52:e7:ea:40:cf:91:ee:50:10:57:42:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Mar 29 09:01:29 2026 GMT
Not After : Mar 30 09:01:29 2026 GMT
Subject: CN=032e2f7022fbbcd5d31f7a6651fe6ef24288432b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:13:a4:db:76:81:62:f5:8d:14:68:50:06:9e:
68:67:7a:5c:b6:e1:34:a7:47:62:f3:c9:fc:83:aa:
a3:6c:dc:1b:a0:aa:14:b1:94:15:19:52:89:da:c5:
64:b9:70:9d:ab:00:96:ce:a3:cc:81:93:e1:89:05:
23:45:50:1d:f2:2a:5e:8f:a2:88:aa:eb:c0:09:7f:
8a:1f:69:33:56:95:d8:de:6c:9d:16:fd:d8:59:12:
7a:19:15:33:41:2b:25:2d:cf:9a:fd:d1:82:81:1a:
01:dd:fe:f9:00:dc:ec:44:ea:28:db:c8:cf:8d:9b:
1d:60:9a:22:9f:22:d9:63:2b:ea:ea:0f:c7:6d:ee:
47:02:5e:b2:d6:7d:65:5e:16:44:06:c6:64:a9:bc:
69:de:52:6b:55:cd:01:d1:89:a9:bc:dd:2f:73:c4:
d5:95:d7:11:de:1b:3f:60:b0:db:dd:24:5a:54:15:
e3:ab:e8:e1:79:92:df:c6:55:bb:d0:36:b0:08:3b:
3e:a8:97:57:5d:d9:2c:65:46:83:88:32:04:d5:37:
c0:e0:b0:e7:71:30:28:e7:d0:6f:22:42:d8:b5:9d:
7e:74:45:fb:bf:34:cb:70:50:3e:6b:65:48:c6:cc:
7e:b2:c5:17:57:cc:86:73:b4:75:03:d1:d3:f6:ad:
dd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:2E:2F:70:22:FB:BC:D5:D3:1F:7A:66:51:FE:6E:F2:42:88:43:2B
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:6c:64:2c:66:6e:74:0f:20:d2:7a:32:a0:b0:e5:bb:5f:73:
00:59:9c:a7:25:fe:6e:b0:ea:05:ce:4b:6c:22:84:ca:e8:10:
4e:00:58:d1:8f:c4:3e:0e:a8:b5:fa:69:72:b5:aa:9a:82:28:
d3:02:83:1d:dd:50:d5:fe:70:52:d9:57:a0:a2:a6:f9:dd:5f:
0d:ff:c7:e4:67:a7:a6:b9:ed:11:9c:a9:64:71:78:45:01:51:
0f:1e:cb:c1:7d:06:19:d0:31:e9:28:99:56:94:39:40:43:00:
59:05:a2:82:f1:3b:f7:36:7a:04:c5:39:91:88:49:c8:da:a9:
80:b1:92:c9:c0:b7:7d:c3:9b:ec:83:0f:81:e0:6f:40:0a:25:
31:4b:a8:c9:df:27:1e:9d:c2:3c:30:05:48:55:69:ce:94:02:
9d:ce:51:96:59:6c:b9:73:5d:0b:5e:db:17:9f:ed:8f:4b:9e:
54:91:07:cc:7a:d3:38:24:ae:5a:6b:9c:d9:54:d5:ac:78:77:
46:f6:2a:c4:56:fb:90:dd:c9:02:3d:52:89:d6:11:c1:5a:b0:
1b:b7:55:e7:40:c8:97:84:d7:57:a3:65:5a:50:99:9d:c2:6c:
de:67:f3:7e:db:aa:a0:aa:93:bf:e6:30:a9:21:83:90:ab:0a:
f7:a9:59:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04063lUufqQM+R7lAQV0K8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjYwMzI5MDkwMTI5WhcNMjYwMzMwMDkwMTI5WjAzMTEwLwYDVQQD
EygwMzJlMmY3MDIyZmJiY2Q1ZDMxZjdhNjY1MWZlNmVmMjQyODg0MzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshOk23aBYvWNFGhQBp5oZ3pctuE0
p0di88n8g6qjbNwboKoUsZQVGVKJ2sVkuXCdqwCWzqPMgZPhiQUjRVAd8ipej6KI
quvACX+KH2kzVpXY3mydFv3YWRJ6GRUzQSslLc+a/dGCgRoB3f75ANzsROoo28jP
jZsdYJoinyLZYyvq6g/Hbe5HAl6y1n1lXhZEBsZkqbxp3lJrVc0B0YmpvN0vc8TV
ldcR3hs/YLDb3SRaVBXjq+jheZLfxlW70DawCDs+qJdXXdksZUaDiDIE1TfA4LDn
cTAo59BvIkLYtZ1+dEX7vzTLcFA+a2VIxsx+ssUXV8yGc7R1A9HT9q3ddQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMuL3Ai+7zV0x96ZlH+bvJCiEMrMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcWxkLGZu
dA8g0noyoLDlu19zAFmcpyX+brDqBc5LbCKEyugQTgBY0Y/EPg6otfppcrWqmoIo
0wKDHd1Q1f5wUtlXoKKm+d1fDf/H5GenprntEZypZHF4RQFRDx7LwX0GGdAx6SiZ
VpQ5QEMAWQWigvE79zZ6BMU5kYhJyNqpgLGSycC3fcOb7IMPgeBvQAolMUuoyd8n
Hp3CPDAFSFVpzpQCnc5RlllsuXNdC17bF5/tj0ueVJEHzHrTOCSuWmuc2VTVrHh3
RvYqxFb7kN3JAj1SidYRwVqwG7dV50DIl4TXV6NlWlCZncJs3mfzftuqoKqTv+Yw
qSGDkKsK96lZxQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:43:47 2026 by rpki-client