Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.mft (raw, json)
Hash identifier: /20kyXCX4v736kAPS7BpV32oswTw/HksU+6khfeAdac=
Subject key identifier: 36:20:1C:9B:80:C1:27:F7:68:7B:E4:43:7E:1D:AC:F5:E0:8A:9C:38
Authority key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Certificate issuer: /CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Certificate serial: 019D3940AF197FA7560B5AEFF95A675B58BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
Manifest number: 159D
Signing time: Sun 29 Mar 2026 11:00:33 +0000
Manifest this update: Sun 29 Mar 2026 11:00:33 +0000
Manifest next update: Mon 30 Mar 2026 11:00:33 +0000
Files and hashes: 1: 2HGZiqFAq3wf8kDqsMkjWRPJboo.crl (hash: wzkIy8V82J07pX+npW1LbV7Bk8tsPH0Qkc2TskMZyFM=)
2: ZVHQNn8NDHrKDlrXSjskIERGk-w.roa (hash: GPFXQQAYnCScqN6Tj+UkAGSIUrlH/xEf/by5WbPkz1Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:af:19:7f:a7:56:0b:5a:ef:f9:5a:67:5b:58:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Validity
Not Before: Mar 29 11:00:33 2026 GMT
Not After : Mar 30 11:00:33 2026 GMT
Subject: CN=36201c9b80c127f7687be4437e1dacf5e08a9c38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9c:ca:a4:7f:ca:1f:3e:9a:5b:08:76:7d:3b:
77:52:31:84:bd:7d:44:8f:86:ad:87:e4:0a:62:75:
b3:ef:be:f3:7e:a9:2d:e7:68:5d:92:a3:cc:8e:de:
ca:1a:ff:c8:1d:6f:c2:7d:3a:28:9b:07:60:8e:c1:
87:9d:12:a4:0a:3f:68:51:15:89:2d:a6:1c:65:c5:
50:04:2c:b0:fc:35:5d:96:0d:9a:a7:13:9c:03:8c:
4d:f7:a5:9f:62:dc:68:5b:73:51:6a:10:40:c3:89:
06:5b:ce:f0:16:d3:92:96:54:96:ca:cb:7b:52:c8:
ed:55:49:f2:a3:31:3a:9d:e1:de:55:38:73:8f:c3:
c9:7c:08:27:49:e8:ca:8d:38:3a:b7:ea:b1:04:46:
e5:fc:d9:c5:7c:89:e7:43:f4:92:d8:47:65:1c:ed:
4a:c1:6f:c5:2b:2c:f0:31:c4:61:14:ff:6d:9d:d5:
46:86:b5:89:ff:59:e7:2c:b3:8f:7e:89:a8:be:13:
58:fb:fb:5d:ca:af:46:ad:e3:0e:b2:a4:e9:80:dd:
48:b3:ce:10:ee:21:2c:b8:c6:16:b9:79:12:e4:39:
c1:aa:91:9d:85:b9:1a:f7:79:09:e7:c6:d2:77:71:
4c:50:65:12:2f:79:1b:13:11:9c:0d:18:36:41:24:
3b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:20:1C:9B:80:C1:27:F7:68:7B:E4:43:7E:1D:AC:F5:E0:8A:9C:38
X509v3 Authority Key Identifier:
keyid:D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:b5:2d:65:00:4f:9e:16:c7:46:3e:aa:f5:a8:3b:9f:31:19:
c9:fe:7c:35:c4:8c:18:37:44:ad:bb:44:96:30:04:84:20:b7:
84:6f:1e:02:75:d4:19:f4:a0:57:90:d7:fc:7f:2d:de:16:b3:
65:1f:1b:89:ce:c7:7c:a4:c8:cf:aa:27:47:0f:d1:eb:68:9a:
b7:a7:82:1a:95:28:14:a1:53:4e:a7:02:42:62:97:2f:c7:35:
23:5d:f7:6b:be:2c:c5:a9:4a:07:75:18:68:f5:d9:21:69:67:
fe:e4:8f:24:16:01:65:12:22:4b:72:63:ce:37:f0:3e:f5:33:
59:a6:26:05:e8:e8:fa:f5:89:89:b5:b0:50:c1:fe:f8:cd:02:
08:2c:df:f1:e7:20:07:84:8e:05:e5:92:81:be:c5:fb:dc:64:
0a:c2:eb:e6:6d:95:41:a1:b9:a3:35:8a:1a:6d:c4:08:d4:06:
3b:f9:54:bb:83:d4:c8:da:94:04:7b:73:89:ad:e3:0b:41:0c:
5d:85:21:c2:da:43:35:90:81:0f:d3:08:04:94:c4:03:b7:d3:
3c:b9:7a:de:d0:2c:72:4f:5f:07:7a:2e:1e:e8:53:8e:5f:84:
5b:26:68:e9:73:17:26:6b:4e:24:19:1f:ac:3e:45:6d:2c:a9:
a3:a6:56:a4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QK8Zf6dWC1rv+VpnW1i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzE5OThhYTE0MGFiN2MxZmYyNDBlYWIwYzkyMzU5MTNj
OTZlOGEwHhcNMjYwMzI5MTEwMDMzWhcNMjYwMzMwMTEwMDMzWjAzMTEwLwYDVQQD
EygzNjIwMWM5YjgwYzEyN2Y3Njg3YmU0NDM3ZTFkYWNmNWUwOGE5YzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJzKpH/KHz6aWwh2fTt3UjGEvX1E
j4ath+QKYnWz777zfqkt52hdkqPMjt7KGv/IHW/CfToomwdgjsGHnRKkCj9oURWJ
LaYcZcVQBCyw/DVdlg2apxOcA4xN96WfYtxoW3NRahBAw4kGW87wFtOSllSWyst7
UsjtVUnyozE6neHeVThzj8PJfAgnSejKjTg6t+qxBEbl/NnFfInnQ/SS2EdlHO1K
wW/FKyzwMcRhFP9tndVGhrWJ/1nnLLOPfomovhNY+/tdyq9GreMOsqTpgN1Is84Q
7iEsuMYWuXkS5DnBqpGdhbka93kJ58bSd3FMUGUSL3kbExGcDRg2QSQ7MQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDYgHJuAwSf3aHvkQ34drPXgipw4MB8GA1UdIwQY
MBaAFNhxmYqhQKt8H/JA6rDJI1kTyW6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUt
NWEzNGU1MmIwYjEwLzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUtNWEzNGU1MmIwYjEw
LzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGbUtZQBP
nhbHRj6q9ag7nzEZyf58NcSMGDdErbtEljAEhCC3hG8eAnXUGfSgV5DX/H8t3haz
ZR8bic7HfKTIz6onRw/R62iat6eCGpUoFKFTTqcCQmKXL8c1I133a74sxalKB3UY
aPXZIWln/uSPJBYBZRIiS3JjzjfwPvUzWaYmBejo+vWJibWwUMH++M0CCCzf8ecg
B4SOBeWSgb7F+9xkCsLr5m2VQaG5ozWKGm3ECNQGO/lUu4PUyNqUBHtzia3jC0EM
XYUhwtpDNZCBD9MIBJTEA7fTPLl63tAsck9fB3ouHuhTjl+EWyZo6XMXJmtOJBkf
rD5FbSypo6ZWpA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:17:05 2026 by rpki-client