Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
File: 2671wyvqS1TRfiQbXMyvB7wKjuk.mft (raw, json)
Hash identifier: qsQi8fOQFkxlMQO4Td17mMPirOXh4+x2WH+LKsmCv18=
Subject key identifier: AC:FF:BE:7F:21:C0:4A:53:3E:CD:04:13:AA:1B:10:2F:5A:6A:14:09
Authority key identifier: DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
Certificate issuer: /CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Certificate serial: 019D390A09EBADAAFDDF7B3DFD9AF54DBA44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
Manifest number: 1209
Signing time: Sun 29 Mar 2026 10:00:52 +0000
Manifest this update: Sun 29 Mar 2026 10:00:52 +0000
Manifest next update: Mon 30 Mar 2026 10:00:52 +0000
Files and hashes: 1: 1-95gw9KACRY59GXkCu6E44De0Qk.roa (hash: iKh5qfmB78EvSPQTYq74QtU0CuU4qb/tMvQfB/d/g9c=)
2: 2671wyvqS1TRfiQbXMyvB7wKjuk.crl (hash: sy5BLNgIeDwWpDVNkc4UBsbW6wRYDVUELc+K8qwlJPY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:09:eb:ad:aa:fd:df:7b:3d:fd:9a:f5:4d:ba:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Validity
Not Before: Mar 29 10:00:52 2026 GMT
Not After : Mar 30 10:00:52 2026 GMT
Subject: CN=acffbe7f21c04a533ecd0413aa1b102f5a6a1409
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7f:e4:a7:de:9e:5b:7e:86:83:da:63:74:bb:
9f:08:79:71:bd:99:73:ff:11:86:79:2d:8c:5a:48:
1f:8a:0f:2f:8f:5d:2b:26:3e:e8:09:f7:00:0d:da:
0b:d9:f8:e5:70:db:06:c9:38:db:b9:28:cf:d7:1e:
47:0e:d9:6f:79:bf:e9:c1:84:eb:46:23:5c:20:4c:
82:97:95:ab:b7:d4:7f:e1:66:76:3e:fc:1e:d9:20:
8d:82:aa:68:e4:98:e8:ad:b2:75:ac:e3:df:62:0a:
96:49:25:1a:4a:ee:8f:5b:1e:ca:eb:5d:8f:3f:fa:
d6:cc:b6:49:79:87:f2:b6:a2:c0:44:fb:b5:ca:a8:
4f:57:92:c6:57:ca:0e:93:c9:8d:d8:07:5b:b0:7f:
04:7b:47:2e:37:c1:ad:f0:c7:e3:87:27:fb:4b:b4:
e1:f2:c7:e2:64:bf:a5:c3:6d:6c:94:d7:b0:87:b5:
15:ba:f7:0e:e0:87:d8:05:2c:9a:a9:d6:c9:8b:20:
57:3a:ec:2c:37:51:98:fd:76:ca:85:04:1e:d8:8a:
77:d9:a3:a9:7c:3d:f5:07:03:7e:1b:f2:3e:b8:0a:
4d:9e:44:d8:cc:b7:00:af:15:c2:62:a5:98:d0:0c:
23:a5:a8:46:3c:e6:d4:cf:a3:f6:33:b0:88:f9:ca:
00:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:FF:BE:7F:21:C0:4A:53:3E:CD:04:13:AA:1B:10:2F:5A:6A:14:09
X509v3 Authority Key Identifier:
keyid:DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:d4:c9:2d:85:a1:20:27:64:5f:41:95:11:7c:6b:b0:1f:ea:
1e:a9:4f:d1:d1:c1:e8:5e:40:32:ef:58:f9:ff:1f:b8:55:52:
dc:6e:24:96:f6:0c:99:a8:4b:63:ff:2e:40:a5:d2:2f:39:c0:
6f:6b:ab:da:5d:07:e7:ee:83:f4:5f:95:29:65:95:36:41:5b:
f3:cf:33:0b:c3:aa:83:2d:b7:f0:15:10:0a:56:ab:01:e9:53:
1f:7b:10:01:75:cf:a6:26:1d:c8:05:de:52:f1:b2:3d:98:5b:
80:7a:c6:87:b8:53:e6:39:bc:a0:62:05:11:79:9f:09:15:55:
50:2b:0f:74:ed:24:6f:e5:de:0f:34:7c:f1:f8:96:ef:43:5e:
f2:3d:4f:a1:54:9b:e7:80:11:73:e2:1a:7c:37:ed:5a:59:16:
37:72:27:dd:b3:9c:d2:8d:31:ac:b8:b2:eb:fa:2e:a4:68:7d:
3f:4f:54:e6:54:6a:8b:25:67:fd:f1:43:0c:20:03:08:df:cd:
8b:4c:67:95:e4:41:44:0b:d9:f1:ab:1b:66:e4:a9:7a:dd:72:
e6:5d:c5:70:a1:1b:6a:56:bf:5e:b2:c1:99:e8:f8:33:14:bc:
ff:ca:58:30:24:a1:6f:c3:84:80:d6:7a:af:48:0f:a2:47:82:
4f:a0:ca:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cgnrrar933s9/Zr1TbpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYWVmNWMzMmJlYTRiNTRkMTdlMjQxYjVjY2NhZjA3YmMw
YThlZTkwHhcNMjYwMzI5MTAwMDUyWhcNMjYwMzMwMTAwMDUyWjAzMTEwLwYDVQQD
EyhhY2ZmYmU3ZjIxYzA0YTUzM2VjZDA0MTNhYTFiMTAyZjVhNmExNDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3/kp96eW36Gg9pjdLufCHlxvZlz
/xGGeS2MWkgfig8vj10rJj7oCfcADdoL2fjlcNsGyTjbuSjP1x5HDtlveb/pwYTr
RiNcIEyCl5Wrt9R/4WZ2Pvwe2SCNgqpo5JjorbJ1rOPfYgqWSSUaSu6PWx7K612P
P/rWzLZJeYfytqLARPu1yqhPV5LGV8oOk8mN2AdbsH8Ee0cuN8Gt8Mfjhyf7S7Th
8sfiZL+lw21slNewh7UVuvcO4IfYBSyaqdbJiyBXOuwsN1GY/XbKhQQe2Ip32aOp
fD31BwN+G/I+uApNnkTYzLcArxXCYqWY0AwjpahGPObUz6P2M7CI+coAeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKz/vn8hwEpTPs0EE6obEC9aahQJMB8GA1UdIwQY
MBaAFNuu9cMr6ktU0X4kG1zMrwe8Co7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmIt
NjQyY2U2NzRmOTc0LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmItNjQyY2U2NzRmOTc0
LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP9TJLYWh
ICdkX0GVEXxrsB/qHqlP0dHB6F5AMu9Y+f8fuFVS3G4klvYMmahLY/8uQKXSLznA
b2ur2l0H5+6D9F+VKWWVNkFb888zC8Oqgy238BUQClarAelTH3sQAXXPpiYdyAXe
UvGyPZhbgHrGh7hT5jm8oGIFEXmfCRVVUCsPdO0kb+XeDzR88fiW70Ne8j1PoVSb
54ARc+IafDftWlkWN3In3bOc0o0xrLiy6/oupGh9P09U5lRqiyVn/fFDDCADCN/N
i0xnleRBRAvZ8asbZuSpet1y5l3FcKEbala/XrLBmej4MxS8/8pYMCShb8OEgNZ6
r0gPokeCT6DKJw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:39:06 2026 by rpki-client