Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
File: 2AtWXXc2dT2-f2YkvfHSvBiW98A.mft (raw, json)
Hash identifier: VHCyPv3p7xQCLgmjdskjSnDm0MKCZMg+7zkuyZ46CBU=
Subject key identifier: 17:7C:0A:57:34:DB:3E:20:86:62:DA:41:3D:A3:B5:6A:17:56:F2:EF
Authority key identifier: D8:0B:56:5D:77:36:75:3D:BE:7F:66:24:BD:F1:D2:BC:18:96:F7:C0
Certificate issuer: /CN=d80b565d7736753dbe7f6624bdf1d2bc1896f7c0
Certificate serial: 019DB08FA9C4CDAABA57D7C6655F95DA0C28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
Manifest number: 1229
Signing time: Tue 21 Apr 2026 15:01:38 +0000
Manifest this update: Tue 21 Apr 2026 15:01:38 +0000
Manifest next update: Wed 22 Apr 2026 15:01:38 +0000
Files and hashes: 1: 2AtWXXc2dT2-f2YkvfHSvBiW98A.crl (hash: 46Aa+c7zhh1b4HSm5Ir6Bri52hk5jqb/Hm1trPNIn28=)
2: 5XOq4BMraJ6-AegtlaIWTtUkqxo.roa (hash: hDvJTYUbzgM4Etq6PCbmzufkHK2RaHqzKqogboxsQ0c=)
3: iIJMhiXnC0TkNFq6MHPCGZcJKp4.roa (hash: 6M+PNBTs7Ydc22YxEOoAXWjHO6P/9d3SsLY8rQkfu3Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:21:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:8f:a9:c4:cd:aa:ba:57:d7:c6:65:5f:95:da:0c:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d80b565d7736753dbe7f6624bdf1d2bc1896f7c0
Validity
Not Before: Apr 21 15:01:38 2026 GMT
Not After : Apr 22 15:01:38 2026 GMT
Subject: CN=177c0a5734db3e208662da413da3b56a1756f2ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ff:b2:5f:2c:93:7d:c6:21:b8:66:bd:92:4d:
11:ff:20:96:8f:ac:f6:1a:59:69:eb:24:95:ba:a9:
7e:36:ff:0b:f5:d9:f9:c8:26:24:e7:b8:f1:f0:0b:
ad:28:09:c7:fd:37:6b:3f:6b:1a:c5:49:d4:dc:25:
a2:70:2b:4e:fd:88:16:48:93:ff:2f:6c:37:67:9e:
e6:97:9b:ed:1f:2b:0e:7a:f7:d4:f6:0e:d5:05:18:
53:2a:80:0b:78:97:ff:cb:c1:c1:e9:f0:34:67:d7:
52:7b:b8:65:60:f7:d6:d2:99:39:b9:74:b7:85:ed:
c9:8b:0a:5a:cc:11:c1:c0:7d:f9:09:81:43:c7:92:
8d:4a:99:cc:1e:5c:7f:bc:98:36:12:cb:17:56:f5:
c7:8c:68:0e:88:0b:c5:8b:90:ac:32:b9:c5:33:cb:
9a:51:50:3f:69:e4:3b:ef:5c:68:0e:4d:c0:a2:4e:
51:45:3f:df:97:b3:77:5a:3f:cb:87:9e:39:68:c8:
4f:e1:84:11:82:f2:24:00:34:70:23:62:be:8d:c3:
a1:bc:da:d9:e8:ff:9b:3c:bf:c2:34:ab:e1:cb:68:
74:1b:66:02:6f:e4:78:75:3d:73:34:6e:9a:f9:ce:
54:ae:3e:4d:ca:60:0b:26:89:c7:d3:31:20:64:ed:
8e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:7C:0A:57:34:DB:3E:20:86:62:DA:41:3D:A3:B5:6A:17:56:F2:EF
X509v3 Authority Key Identifier:
keyid:D8:0B:56:5D:77:36:75:3D:BE:7F:66:24:BD:F1:D2:BC:18:96:F7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:a9:61:2a:28:00:bc:dc:3a:e9:79:de:fb:78:4a:91:ae:b4:
82:13:18:92:fb:89:10:0b:16:71:bb:bc:e9:80:11:d6:d8:49:
70:21:b9:1d:52:1f:0f:89:0c:b2:e6:a2:54:a2:10:f5:a8:3a:
18:1a:b2:c6:a6:3b:7a:43:7b:9a:5a:92:44:9d:eb:97:4a:09:
44:eb:e3:5b:fd:8c:81:22:7f:ba:b9:32:4b:fe:b5:45:36:3c:
ff:08:ef:59:d0:ee:0e:7f:4a:aa:30:fc:04:90:54:71:d4:2a:
f6:13:3e:00:8c:c3:39:15:63:62:a6:11:83:8b:5f:f1:f4:56:
2b:f1:87:07:1a:4e:2a:4c:a8:b3:23:a5:14:e9:bb:c4:94:2a:
1f:5c:3d:33:a6:89:0b:ad:b6:68:fe:68:73:ec:e6:ac:7c:f4:
aa:26:9a:25:1f:06:81:94:97:57:a5:62:ec:a4:62:47:4e:0d:
98:0b:e1:73:de:ac:03:a8:38:fc:c2:d9:41:45:00:31:e7:4b:
a9:49:ec:d7:2f:2d:6f:d6:b6:e7:78:27:7b:59:40:dc:1b:4c:
cc:bf:4c:37:12:66:57:57:43:18:f0:e7:b9:3a:4c:e3:b7:38:
1e:17:01:67:0c:41:d8:85:50:56:2a:08:10:d7:d9:d3:4f:b6:
19:c1:73:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2wj6nEzaq6V9fGZV+V2gwoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MGI1NjVkNzczNjc1M2RiZTdmNjYyNGJkZjFkMmJjMTg5
NmY3YzAwHhcNMjYwNDIxMTUwMTM4WhcNMjYwNDIyMTUwMTM4WjAzMTEwLwYDVQQD
EygxNzdjMGE1NzM0ZGIzZTIwODY2MmRhNDEzZGEzYjU2YTE3NTZmMmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/+yXyyTfcYhuGa9kk0R/yCWj6z2
Gllp6ySVuql+Nv8L9dn5yCYk57jx8AutKAnH/TdrP2saxUnU3CWicCtO/YgWSJP/
L2w3Z57ml5vtHysOevfU9g7VBRhTKoALeJf/y8HB6fA0Z9dSe7hlYPfW0pk5uXS3
he3JiwpazBHBwH35CYFDx5KNSpnMHlx/vJg2EssXVvXHjGgOiAvFi5CsMrnFM8ua
UVA/aeQ771xoDk3Aok5RRT/fl7N3Wj/Lh545aMhP4YQRgvIkADRwI2K+jcOhvNrZ
6P+bPL/CNKvhy2h0G2YCb+R4dT1zNG6a+c5Urj5NymALJonH0zEgZO2OpQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBd8Clc02z4ghmLaQT2jtWoXVvLvMB8GA1UdIwQY
MBaAFNgLVl13NnU9vn9mJL3x0rwYlvfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mNzYzMzktMTcxNC00MDNiLTk5Mjct
MjMyNzc4MjJmZWZhLzEvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mNzYzMzktMTcxNC00MDNiLTk5MjctMjMyNzc4MjJmZWZh
LzEvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqlhKigA
vNw66Xne+3hKka60ghMYkvuJEAsWcbu86YAR1thJcCG5HVIfD4kMsuaiVKIQ9ag6
GBqyxqY7ekN7mlqSRJ3rl0oJROvjW/2MgSJ/urkyS/61RTY8/wjvWdDuDn9KqjD8
BJBUcdQq9hM+AIzDORVjYqYRg4tf8fRWK/GHBxpOKkyosyOlFOm7xJQqH1w9M6aJ
C622aP5oc+zmrHz0qiaaJR8GgZSXV6Vi7KRiR04NmAvhc96sA6g4/MLZQUUAMedL
qUns1y8tb9a253gne1lA3BtMzL9MNxJmV1dDGPDnuTpM47c4HhcBZwxB2IVQVioI
ENfZ00+2GcFz3w==
-----END CERTIFICATE-----
Generated at Wed Apr 22 00:19:21 2026 by rpki-client