Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
File: 2iTzVyHKMag-L26TfhdAjm57LGE.mft (raw, json)
Hash identifier: Jec73b1KmNiHFQLFs8MXMt38GcXwk2vIKrbW/pYJJ6k=
Subject key identifier: 2D:BF:C8:A3:D3:5A:2B:51:59:2E:D0:3E:89:33:AD:90:A1:A2:92:E1
Authority key identifier: DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
Certificate issuer: /CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Certificate serial: 019F17C34D63015BB6442899D66EADB01A6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
Manifest number: 198D
Signing time: Tue 30 Jun 2026 09:01:43 +0000
Manifest this update: Tue 30 Jun 2026 09:01:43 +0000
Manifest next update: Wed 01 Jul 2026 09:01:43 +0000
Files and hashes: 1: 2iTzVyHKMag-L26TfhdAjm57LGE.crl (hash: F/iWeiEHeuOXFiULiVjYJbf49vYMB+zPueA4wCkChHU=)
2: EMYZWM6m9RpWCTQk3MWhN1mZ9-0.roa (hash: c9D6HF2YxGeHbf3oxM7nmQWg4IZpAm/i+q7H/DzFs4k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 09:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:17:c3:4d:63:01:5b:b6:44:28:99:d6:6e:ad:b0:1a:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da24f35721ca31a83e2f6e937e17408e6e7b2c61
Validity
Not Before: Jun 30 09:01:43 2026 GMT
Not After : Jul 1 09:01:43 2026 GMT
Subject: CN=2dbfc8a3d35a2b51592ed03e8933ad90a1a292e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e0:19:1e:d3:14:6b:e5:9f:fb:97:3a:bd:1f:
35:42:48:09:80:cc:b7:cc:37:67:a7:9b:80:5d:4a:
2e:fa:d2:ee:03:f1:64:e0:dd:9d:a3:fb:d6:9b:cc:
2c:7d:39:2f:65:76:a8:0c:12:ed:c2:61:27:9f:e6:
17:01:0a:bd:c3:51:53:b3:f5:4a:69:b4:e6:31:f8:
be:d2:01:99:29:9e:ae:9d:ce:29:68:fe:e4:0f:70:
49:a2:dc:d8:0e:46:68:10:bc:0c:a1:2b:60:c9:6d:
68:7d:45:47:68:c2:92:4a:79:3c:1d:85:48:b1:56:
10:69:3f:bb:06:09:46:04:7f:9f:74:8b:0f:87:d4:
e4:37:21:b4:67:8c:e2:5d:68:e8:70:e1:3f:e3:28:
d8:dc:49:b7:2d:02:ab:f4:c4:a9:37:f0:a5:3c:5b:
7b:62:69:f9:cc:dc:7b:92:7c:1b:e9:ce:02:ea:7f:
78:9d:b5:1e:43:ee:00:6b:ba:79:75:62:f9:c4:96:
23:27:bd:03:02:2d:6a:fe:eb:23:1c:44:c2:e0:74:
71:50:61:00:e2:9a:81:2f:7d:ef:0b:b1:92:18:eb:
7b:ca:ee:31:24:ea:0e:13:7b:2f:fc:bf:b1:f9:32:
27:d6:ef:4f:65:4b:a7:d5:0b:ee:0b:69:7e:2d:f4:
d2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BF:C8:A3:D3:5A:2B:51:59:2E:D0:3E:89:33:AD:90:A1:A2:92:E1
X509v3 Authority Key Identifier:
keyid:DA:24:F3:57:21:CA:31:A8:3E:2F:6E:93:7E:17:40:8E:6E:7B:2C:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iTzVyHKMag-L26TfhdAjm57LGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/ececf4-e930-4192-84dd-80f31d3ea152/1/2iTzVyHKMag-L26TfhdAjm57LGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:4f:ec:0b:10:79:f8:e6:86:ab:f9:e3:5b:8f:ee:6e:70:01:
50:71:03:87:c0:4f:ab:5d:29:35:83:16:5e:8a:d8:d4:c2:5e:
74:cf:c8:ba:51:86:6b:47:4f:ee:88:ce:d4:72:ee:ce:b8:f4:
7d:ac:ad:08:68:f6:89:29:99:ea:e1:d0:b1:73:c8:98:ff:f3:
0d:2c:8c:dd:d6:42:d5:8c:ca:7c:bd:7d:d8:de:bc:7c:3e:86:
64:c3:31:2c:8b:a3:31:da:8a:b9:97:4b:c7:78:c3:0d:46:d1:
60:65:e7:96:0a:51:77:f8:1a:dd:86:21:7d:b3:1b:9e:fa:03:
9f:dd:6a:c1:bf:61:d6:c1:77:a3:6d:7a:25:c7:40:17:57:2d:
ce:bf:98:43:4a:8e:e6:df:81:46:a0:46:e9:ac:e9:fe:6e:da:
62:d5:58:cd:46:90:b0:d4:7c:a2:a6:f0:46:be:ac:d2:9b:a3:
b2:8c:66:76:c6:87:f9:75:b2:96:a0:35:b4:de:08:10:eb:70:
5b:ab:e9:6c:31:c5:86:c8:25:9f:4e:bd:05:5d:1e:50:ad:ce:
2c:de:d4:e1:79:49:0a:21:53:d4:6e:bc:68:72:e9:df:f2:d1:
40:0a:b7:92:1f:b1:d1:c1:46:af:07:3e:d1:94:29:2b:37:4f:
03:9b:75:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8Xw01jAVu2RCiZ1m6tsBpsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjRmMzU3MjFjYTMxYTgzZTJmNmU5MzdlMTc0MDhlNmU3
YjJjNjEwHhcNMjYwNjMwMDkwMTQzWhcNMjYwNzAxMDkwMTQzWjAzMTEwLwYDVQQD
EygyZGJmYzhhM2QzNWEyYjUxNTkyZWQwM2U4OTMzYWQ5MGExYTI5MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+AZHtMUa+Wf+5c6vR81QkgJgMy3
zDdnp5uAXUou+tLuA/Fk4N2do/vWm8wsfTkvZXaoDBLtwmEnn+YXAQq9w1FTs/VK
abTmMfi+0gGZKZ6unc4paP7kD3BJotzYDkZoELwMoStgyW1ofUVHaMKSSnk8HYVI
sVYQaT+7BglGBH+fdIsPh9TkNyG0Z4ziXWjocOE/4yjY3Em3LQKr9MSpN/ClPFt7
Ymn5zNx7knwb6c4C6n94nbUeQ+4Aa7p5dWL5xJYjJ70DAi1q/usjHETC4HRxUGEA
4pqBL33vC7GSGOt7yu4xJOoOE3sv/L+x+TIn1u9PZUun1QvuC2l+LfTSWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC2/yKPTWitRWS7QPokzrZChopLhMB8GA1UdIwQY
MBaAFNok81chyjGoPi9uk34XQI5ueyxhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQt
ODBmMzFkM2VhMTUyLzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lY2VjZjQtZTkzMC00MTkyLTg0ZGQtODBmMzFkM2VhMTUy
LzEvMmlUelZ5SEtNYWctTDI2VGZoZEFqbTU3TEdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANU/sCxB5
+OaGq/njW4/ubnABUHEDh8BPq10pNYMWXorY1MJedM/IulGGa0dP7ojO1HLuzrj0
faytCGj2iSmZ6uHQsXPImP/zDSyM3dZC1YzKfL192N68fD6GZMMxLIujMdqKuZdL
x3jDDUbRYGXnlgpRd/ga3YYhfbMbnvoDn91qwb9h1sF3o216JcdAF1ctzr+YQ0qO
5t+BRqBG6azp/m7aYtVYzUaQsNR8oqbwRr6s0pujsoxmdsaH+XWylqA1tN4IEOtw
W6vpbDHFhsgln069BV0eUK3OLN7U4XlJCiFT1G68aHLp3/LRQAq3kh+x0cFGrwc+
0ZQpKzdPA5t1qQ==
-----END CERTIFICATE-----
Generated at Tue Jun 30 18:23:49 2026 by rpki-client