Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft
File: 2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft (raw, json)
Hash identifier: kv2kt6oi/hhlgvhvGz5yjmNoi0dLTSeBtXxNZpZMSmo=
Subject key identifier: 3B:67:81:7B:26:5B:82:8E:C2:B3:80:4E:9E:C7:61:C2:E8:94:A5:F2
Authority key identifier: DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D
Certificate issuer: /CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d
Certificate serial: 019D389BF3B36C2D4ECB52D34A033AC7FE60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft
Manifest number: 11A0
Signing time: Sun 29 Mar 2026 08:00:37 +0000
Manifest this update: Sun 29 Mar 2026 08:00:37 +0000
Manifest next update: Mon 30 Mar 2026 08:00:37 +0000
Files and hashes: 1: 2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl (hash: JAEbmR4l4PJh+KRToYeBB11eBZcA+s0d0scTRVIq5Ok=)
2: AoMLPhZExe6a-acTOonY5G6p87o.roa (hash: GlOEB6CrWza06BRV4TlREAMAdwdF9KjOr3x10SdKDlg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:f3:b3:6c:2d:4e:cb:52:d3:4a:03:3a:c7:fe:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da90d04bf57fa4868e69997c83b3ad771fd50a9d
Validity
Not Before: Mar 29 08:00:37 2026 GMT
Not After : Mar 30 08:00:37 2026 GMT
Subject: CN=3b67817b265b828ec2b3804e9ec761c2e894a5f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:62:a5:53:36:a2:fe:29:95:b4:90:3d:32:95:
94:65:74:f5:a7:0c:f4:73:31:d0:72:02:3c:ac:f9:
8f:6f:e1:f0:09:67:71:2b:c6:ff:a1:6d:5e:1e:cf:
84:8e:02:5b:e5:56:9d:fa:f0:2b:60:66:10:4d:72:
ec:1a:39:a8:e6:30:8d:f9:84:2d:d3:da:3c:7f:db:
a3:9c:e8:ea:72:2c:06:c5:71:f9:41:8e:fc:47:85:
be:2e:c8:9b:c8:47:17:41:dd:60:33:4b:5a:81:0b:
7e:28:25:43:3d:24:53:85:0f:36:05:e1:96:f6:4f:
1b:b5:15:13:ec:01:b0:f7:5e:34:32:aa:77:81:00:
47:e8:70:93:df:95:6a:e2:a2:d3:f3:b6:91:0c:43:
08:d8:59:b9:c5:80:c5:fd:02:dc:e6:c9:c0:83:db:
a9:47:a4:27:59:4b:25:1c:62:87:2e:80:28:1b:03:
59:8d:14:83:ef:9c:c0:a8:eb:6d:58:b3:dc:fb:74:
83:79:7f:7d:8f:a8:46:1e:fe:d2:39:ad:d8:39:99:
38:31:05:03:2b:66:2d:58:65:4b:17:d9:fd:ae:62:
cd:e7:32:93:58:89:21:6f:59:e3:3a:a9:f8:d8:16:
ae:05:75:01:0a:7f:31:1d:f7:a1:d6:9f:1d:f2:3f:
b8:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:67:81:7B:26:5B:82:8E:C2:B3:80:4E:9E:C7:61:C2:E8:94:A5:F2
X509v3 Authority Key Identifier:
keyid:DA:90:D0:4B:F5:7F:A4:86:8E:69:99:7C:83:B3:AD:77:1F:D5:0A:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pDQS_V_pIaOaZl8g7Otdx_VCp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/4d2545-a7d5-465c-9618-51ad9c382a8d/1/2pDQS_V_pIaOaZl8g7Otdx_VCp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:99:ab:ff:b0:0f:fe:ba:d2:f4:ac:ad:9d:fc:04:87:1c:f7:
d1:a2:6c:f3:7c:7f:3e:46:fe:75:00:b3:7d:60:66:89:3d:40:
3b:0e:dd:e9:ad:58:8c:40:18:f7:81:b1:91:5e:4a:6e:c3:e1:
62:c2:24:73:97:6d:10:a5:88:f1:bd:b1:5c:fb:d8:c9:e6:47:
d3:00:1f:89:b0:d9:e4:d8:47:84:71:c5:ff:58:23:9a:92:75:
6f:94:f8:3d:c5:90:3c:10:8e:55:5f:93:9d:a4:13:98:e0:fd:
5c:e1:5c:b4:37:44:ab:f8:d3:ce:e1:d6:93:cd:8a:b3:e0:bb:
1a:31:1f:b0:d3:b0:04:8f:c0:72:3e:af:d8:fc:41:6a:75:54:
5e:5a:3f:dc:bd:b1:c9:ec:94:f3:5a:df:c5:81:84:7d:ff:ca:
31:d1:b7:2a:72:71:6e:91:81:a3:85:f7:b1:d7:96:45:4a:5e:
a8:ab:b1:46:09:7c:65:ac:26:08:87:cf:5d:58:38:b7:84:9a:
1f:70:ea:24:2c:c6:94:fc:35:c7:72:f4:17:60:27:43:23:13:
5c:ed:d1:99:3a:03:9e:9d:52:0c:1d:ad:6e:5f:a7:56:0b:1a:
14:c4:c6:e1:6b:f4:28:b8:da:08:87:28:f4:33:c7:0e:66:a1:
e8:d9:05:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m/OzbC1Oy1LTSgM6x/5gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTBkMDRiZjU3ZmE0ODY4ZTY5OTk3YzgzYjNhZDc3MWZk
NTBhOWQwHhcNMjYwMzI5MDgwMDM3WhcNMjYwMzMwMDgwMDM3WjAzMTEwLwYDVQQD
EygzYjY3ODE3YjI2NWI4MjhlYzJiMzgwNGU5ZWM3NjFjMmU4OTRhNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmKlUzai/imVtJA9MpWUZXT1pwz0
czHQcgI8rPmPb+HwCWdxK8b/oW1eHs+EjgJb5Vad+vArYGYQTXLsGjmo5jCN+YQt
09o8f9ujnOjqciwGxXH5QY78R4W+LsibyEcXQd1gM0tagQt+KCVDPSRThQ82BeGW
9k8btRUT7AGw9140Mqp3gQBH6HCT35Vq4qLT87aRDEMI2Fm5xYDF/QLc5snAg9up
R6QnWUslHGKHLoAoGwNZjRSD75zAqOttWLPc+3SDeX99j6hGHv7SOa3YOZk4MQUD
K2YtWGVLF9n9rmLN5zKTWIkhb1njOqn42BauBXUBCn8xHfeh1p8d8j+4IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtngXsmW4KOwrOATp7HYcLolKXyMB8GA1UdIwQY
MBaAFNqQ0Ev1f6SGjmmZfIOzrXcf1QqdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgt
NTFhZDljMzgyYThkLzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC80ZDI1NDUtYTdkNS00NjVjLTk2MTgtNTFhZDljMzgyYThk
LzEvMnBEUVNfVl9wSWFPYVpsOGc3T3RkeF9WQ3AwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF5mr/7AP
/rrS9KytnfwEhxz30aJs83x/Pkb+dQCzfWBmiT1AOw7d6a1YjEAY94GxkV5KbsPh
YsIkc5dtEKWI8b2xXPvYyeZH0wAfibDZ5NhHhHHF/1gjmpJ1b5T4PcWQPBCOVV+T
naQTmOD9XOFctDdEq/jTzuHWk82Ks+C7GjEfsNOwBI/Acj6v2PxBanVUXlo/3L2x
yeyU81rfxYGEff/KMdG3KnJxbpGBo4X3sdeWRUpeqKuxRgl8ZawmCIfPXVg4t4Sa
H3DqJCzGlPw1x3L0F2AnQyMTXO3RmToDnp1SDB2tbl+nVgsaFMTG4Wv0KLjaCIco
9DPHDmah6NkFbA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:14 2026 by rpki-client