Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json)
Hash identifier: AlfTSoWks0lcbEd+agPZUoBseINZIdOkPZ5IBNeny4s=
Subject key identifier: BF:70:9E:EF:9F:8D:D3:1F:A9:42:09:E6:CF:9C:05:33:BA:3B:A7:89
Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05
Certificate serial: 019CC8637675B8782B968882EA05D96E343D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
Manifest number: 1009
Signing time: Sat 07 Mar 2026 13:01:27 +0000
Manifest this update: Sat 07 Mar 2026 13:01:27 +0000
Manifest next update: Sun 08 Mar 2026 13:01:27 +0000
Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: XRz39vlOScke3lpvTrmbzZP9/DmzwG6mLOXsK7Cjleo=)
2: 5iwb34X7et8A-ZwDnoqtR_xqPsw.roa (hash: WeDprzbgEpDRHXWUflU5QUsB4X7FqUJMR6LQN8vcE2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Mar 2026 10:49:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c8:63:76:75:b8:78:2b:96:88:82:ea:05:d9:6e:34:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05
Validity
Not Before: Mar 7 13:01:27 2026 GMT
Not After : Mar 8 13:01:27 2026 GMT
Subject: CN=bf709eef9f8dd31fa94209e6cf9c0533ba3ba789
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d4:f0:20:08:d3:c7:e5:e0:5f:cc:41:08:99:
24:b8:bd:2f:93:a5:41:f4:4b:56:06:7a:57:84:17:
4a:e1:07:fc:e0:ce:1f:3a:20:83:b0:ee:87:1e:e1:
99:2c:a4:a0:b5:be:b3:8e:3d:b5:f6:de:04:e3:46:
16:20:e2:74:d2:41:e8:16:4c:83:24:53:ae:11:88:
94:e7:2d:b4:bb:c4:54:b7:2c:43:de:cc:ee:00:8c:
e9:0a:12:a3:5b:93:b7:ad:e6:ac:5c:41:c3:83:24:
93:cb:84:38:bf:61:4f:2d:78:da:db:f1:d1:2c:4f:
43:36:8c:42:6d:2c:1a:29:49:a0:4d:c4:32:04:44:
a8:be:9c:14:8a:78:6e:db:71:fb:b8:d2:45:e5:89:
07:a9:46:d2:74:f5:1f:f3:73:ee:cc:27:47:45:11:
a2:81:1f:ef:07:79:54:1e:96:46:ae:03:1f:51:2b:
c3:e4:e6:d7:1c:78:d5:93:1b:83:c3:00:92:71:70:
10:7f:b5:69:c0:53:97:1d:75:6c:bf:b2:d0:64:d1:
d4:df:d1:e2:c4:d0:73:93:30:1c:2a:09:da:c8:01:
1a:76:c0:30:48:e0:ef:6e:08:e2:f8:a7:ab:7a:bd:
76:61:8e:b0:ba:70:45:cf:a6:ca:06:1f:86:19:f8:
f6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:70:9E:EF:9F:8D:D3:1F:A9:42:09:E6:CF:9C:05:33:BA:3B:A7:89
X509v3 Authority Key Identifier:
keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:7c:65:68:70:38:87:41:5a:20:d5:f5:4e:67:11:fd:cf:73:
cc:53:f7:12:0e:6d:16:f2:0a:05:69:16:a8:b8:93:c1:ad:f1:
70:f4:e4:e7:93:d1:3d:59:62:1b:71:71:52:cc:b0:35:e4:73:
df:13:88:0a:5d:e7:db:8f:b1:55:5c:5c:b2:c8:45:25:c0:ef:
d7:d9:e7:d4:94:92:99:43:04:1b:39:2c:b7:c5:ba:f5:5b:74:
22:fc:3f:c2:cb:00:2e:43:93:f4:c1:e2:77:75:8c:5f:00:56:
f4:8c:03:a1:73:ee:f1:9e:dd:5b:64:10:fc:d8:eb:5a:4c:9c:
bc:5c:3d:83:f0:50:a7:d9:47:8f:48:80:d2:d7:d3:d7:42:0f:
3a:62:ac:e2:5c:ac:9d:28:a2:ea:1b:73:54:e8:5a:4c:c4:76:
b6:0d:7b:01:01:82:37:f2:4c:0e:82:9b:35:02:60:08:38:01:
eb:4d:37:cf:cd:1d:fc:c7:5a:56:3c:d6:eb:a4:ac:af:36:7c:
12:89:e2:8b:34:d1:51:dd:02:75:0f:a9:f6:db:59:50:0e:19:
1f:43:59:f4:ef:9b:88:20:44:d6:b9:71:ed:43:2e:a9:78:10:
05:78:63:e7:c5:d4:c8:2a:fc:4d:39:8b:a5:5d:4f:66:6d:2f:
4f:08:cd:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzIY3Z1uHgrloiC6gXZbjQ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz
MzNhMDUwHhcNMjYwMzA3MTMwMTI3WhcNMjYwMzA4MTMwMTI3WjAzMTEwLwYDVQQD
EyhiZjcwOWVlZjlmOGRkMzFmYTk0MjA5ZTZjZjljMDUzM2JhM2JhNzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNTwIAjTx+XgX8xBCJkkuL0vk6VB
9EtWBnpXhBdK4Qf84M4fOiCDsO6HHuGZLKSgtb6zjj219t4E40YWIOJ00kHoFkyD
JFOuEYiU5y20u8RUtyxD3szuAIzpChKjW5O3reasXEHDgySTy4Q4v2FPLXja2/HR
LE9DNoxCbSwaKUmgTcQyBESovpwUinhu23H7uNJF5YkHqUbSdPUf83PuzCdHRRGi
gR/vB3lUHpZGrgMfUSvD5ObXHHjVkxuDwwCScXAQf7VpwFOXHXVsv7LQZNHU39Hi
xNBzkzAcKgnayAEadsAwSODvbgji+Kerer12YY6wunBFz6bKBh+GGfj2MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9wnu+fjdMfqUIJ5s+cBTO6O6eJMB8GA1UdIwQY
MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt
NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw
LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXxlaHA4
h0FaINX1TmcR/c9zzFP3Eg5tFvIKBWkWqLiTwa3xcPTk55PRPVliG3FxUsywNeRz
3xOICl3n24+xVVxcsshFJcDv19nn1JSSmUMEGzkst8W69Vt0Ivw/wssALkOT9MHi
d3WMXwBW9IwDoXPu8Z7dW2QQ/NjrWkycvFw9g/BQp9lHj0iA0tfT10IPOmKs4lys
nSii6htzVOhaTMR2tg17AQGCN/JMDoKbNQJgCDgB6003z80d/MdaVjzW66SsrzZ8
EoniizTRUd0CdQ+p9ttZUA4ZH0NZ9O+biCBE1rlx7UMuqXgQBXhj58XUyCr8TTmL
pV1PZm0vTwjNRg==
-----END CERTIFICATE-----
Generated at Sat Mar 7 21:06:39 2026 by rpki-client