Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.mft
File: AR2IJGq1fiBN6lHpJDxnJS3LpYU.mft (raw, json)
Hash identifier: muejnlGzd/PpuorJO7AEpsu/QrUeGfHBwVkw2kM3HKU=
Subject key identifier: 3B:43:A9:8A:C0:26:D8:DA:96:02:F8:9E:F1:3C:79:FE:55:96:07:9E
Authority key identifier: 01:1D:88:24:6A:B5:7E:20:4D:EA:51:E9:24:3C:67:25:2D:CB:A5:85
Certificate issuer: /CN=011d88246ab57e204dea51e9243c67252dcba585
Certificate serial: 019D39AE6F16BCFC4D2AEDCD7F8550C6B173
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AR2IJGq1fiBN6lHpJDxnJS3LpYU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.mft
Manifest number: 0CD8
Signing time: Sun 29 Mar 2026 13:00:26 +0000
Manifest this update: Sun 29 Mar 2026 13:00:26 +0000
Manifest next update: Mon 30 Mar 2026 13:00:26 +0000
Files and hashes: 1: AR2IJGq1fiBN6lHpJDxnJS3LpYU.crl (hash: AnlVNBSrPuAh3X5biF4MgpmwR3jeFyDCvGUVRksXWE8=)
2: Jjp2KFwtMPxSLsSW4d1b-JvojqQ.roa (hash: GDfbVOyE0Py9w2hVGKPYN/f02RSF/cLpQ/kkLYZ8PZc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.mft
rsync://rpki.ripe.net/repository/DEFAULT/AR2IJGq1fiBN6lHpJDxnJS3LpYU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:6f:16:bc:fc:4d:2a:ed:cd:7f:85:50:c6:b1:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=011d88246ab57e204dea51e9243c67252dcba585
Validity
Not Before: Mar 29 13:00:26 2026 GMT
Not After : Mar 30 13:00:26 2026 GMT
Subject: CN=3b43a98ac026d8da9602f89ef13c79fe5596079e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:ca:98:a9:18:0c:1a:e0:26:63:ce:01:57:
04:d1:a0:ba:cd:72:ca:f5:41:81:f5:43:44:10:8b:
24:c6:55:9d:11:ea:68:62:a3:f2:cb:97:c5:bf:3a:
38:d9:9e:bc:06:d0:7b:31:70:ab:c4:f5:36:f1:da:
27:07:de:b3:f4:5f:9a:bc:1b:8e:3c:0c:65:d7:db:
b4:d6:7f:a7:d6:3d:24:02:bb:30:03:50:cf:5e:d6:
51:fa:c7:e4:75:69:8c:c4:d9:3d:bd:4c:64:b2:78:
c2:8d:f5:6c:c4:1a:43:f9:95:50:6c:4e:b2:e6:35:
63:80:87:67:51:ad:42:20:5e:aa:7f:7d:e6:99:a8:
66:c2:bb:3e:50:2f:f3:6a:7a:3e:75:42:bd:a2:25:
0b:87:fa:a4:db:54:af:ba:3c:a4:bb:13:69:dc:48:
03:23:d7:fb:47:6e:c3:54:12:96:bd:31:fd:cb:37:
ac:7c:83:3a:6a:cf:8f:9f:b5:9b:fb:94:31:72:c5:
71:77:c7:a0:da:6c:fa:d6:3c:13:60:d0:5a:5f:e1:
04:2f:30:28:f8:af:e0:89:f0:3d:3b:5f:b4:ca:b8:
f0:c8:27:19:98:79:38:54:f6:7c:34:ac:57:38:c5:
21:bb:48:c9:ff:1a:b4:d2:8e:47:50:98:ac:b4:be:
2e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:43:A9:8A:C0:26:D8:DA:96:02:F8:9E:F1:3C:79:FE:55:96:07:9E
X509v3 Authority Key Identifier:
keyid:01:1D:88:24:6A:B5:7E:20:4D:EA:51:E9:24:3C:67:25:2D:CB:A5:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AR2IJGq1fiBN6lHpJDxnJS3LpYU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/cd9976-2cd2-466f-abe7-008a80f6ff11/1/AR2IJGq1fiBN6lHpJDxnJS3LpYU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:ea:bc:ec:5c:7b:ac:a2:c6:54:f1:d2:07:05:d2:d4:33:28:
cb:58:89:c7:c6:37:87:f6:af:47:b5:15:a7:91:41:75:19:98:
a3:5d:a7:e6:b4:9c:84:b1:09:fb:d5:d9:6d:9e:28:3b:1f:a1:
7f:0c:17:59:8d:fe:c6:3c:50:ac:1f:ec:4a:49:62:b9:3b:77:
4f:2f:7c:c1:b3:a3:33:a1:9b:a9:b0:0d:a1:12:d4:80:a0:35:
14:66:23:82:a9:de:9a:d8:e3:a0:8e:f2:9f:8a:0f:cb:8d:46:
13:ef:6c:15:5a:b2:65:2b:65:06:45:a4:39:8f:9f:da:e1:7c:
db:3a:68:a2:7e:61:b3:08:ae:f7:23:7a:de:d4:61:43:9b:71:
20:c4:96:55:c8:a1:37:81:00:02:a8:b1:c6:70:84:d3:90:e6:
02:70:17:80:3f:11:89:a2:5e:16:0e:cd:cd:46:52:3e:11:f2:
1a:5d:5d:62:bb:82:c5:e3:eb:51:a0:6c:06:46:33:93:1f:48:
cd:7b:f3:94:87:9d:db:e2:11:a9:d6:70:3f:ed:f6:03:0f:cb:
81:5b:38:6a:9e:5d:10:53:08:c3:fe:d0:d4:8d:45:74:a4:47:
6d:31:00:39:fe:5f:d9:6f:37:a2:51:6f:74:46:32:be:d9:c9:
69:f4:11:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rm8WvPxNKu3Nf4VQxrFzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMWQ4ODI0NmFiNTdlMjA0ZGVhNTFlOTI0M2M2NzI1MmRj
YmE1ODUwHhcNMjYwMzI5MTMwMDI2WhcNMjYwMzMwMTMwMDI2WjAzMTEwLwYDVQQD
EygzYjQzYTk4YWMwMjZkOGRhOTYwMmY4OWVmMTNjNzlmZTU1OTYwNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbDKmKkYDBrgJmPOAVcE0aC6zXLK
9UGB9UNEEIskxlWdEepoYqPyy5fFvzo42Z68BtB7MXCrxPU28donB96z9F+avBuO
PAxl19u01n+n1j0kArswA1DPXtZR+sfkdWmMxNk9vUxksnjCjfVsxBpD+ZVQbE6y
5jVjgIdnUa1CIF6qf33mmahmwrs+UC/zano+dUK9oiULh/qk21SvujykuxNp3EgD
I9f7R27DVBKWvTH9yzesfIM6as+Pn7Wb+5QxcsVxd8eg2mz61jwTYNBaX+EELzAo
+K/gifA9O1+0yrjwyCcZmHk4VPZ8NKxXOMUhu0jJ/xq00o5HUJistL4u7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtDqYrAJtjalgL4nvE8ef5VlgeeMB8GA1UdIwQY
MBaAFAEdiCRqtX4gTepR6SQ8ZyUty6WFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVIySUpHcTFmaUJONmxIcEpEeG5KUzNMcFlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9jZDk5NzYtMmNkMi00NjZmLWFiZTct
MDA4YTgwZjZmZjExLzEvQVIySUpHcTFmaUJONmxIcEpEeG5KUzNMcFlVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9jZDk5NzYtMmNkMi00NjZmLWFiZTctMDA4YTgwZjZmZjEx
LzEvQVIySUpHcTFmaUJONmxIcEpEeG5KUzNMcFlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK+q87Fx7
rKLGVPHSBwXS1DMoy1iJx8Y3h/avR7UVp5FBdRmYo12n5rSchLEJ+9XZbZ4oOx+h
fwwXWY3+xjxQrB/sSkliuTt3Ty98wbOjM6GbqbANoRLUgKA1FGYjgqnemtjjoI7y
n4oPy41GE+9sFVqyZStlBkWkOY+f2uF82zpoon5hswiu9yN63tRhQ5txIMSWVcih
N4EAAqixxnCE05DmAnAXgD8RiaJeFg7NzUZSPhHyGl1dYruCxePrUaBsBkYzkx9I
zXvzlIed2+IRqdZwP+32Aw/LgVs4ap5dEFMIw/7Q1I1FdKRHbTEAOf5f2W83olFv
dEYyvtnJafQRoA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:46:34 2026 by rpki-client