Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json)
Hash identifier: d6hIuqw5UZ3WMOFMhlwdaCNJmc+8WcsJnmv7hYAO2nc=
Subject key identifier: 86:59:0E:EB:28:1E:19:BF:F4:DB:3F:E2:69:B5:50:4B:82:DC:E3:FE
Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Certificate serial: 019CAF7EFAC7FF775A07CE57F889A480C2E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
Manifest number: 022A
Signing time: Mon 02 Mar 2026 17:01:00 +0000
Manifest this update: Mon 02 Mar 2026 17:01:00 +0000
Manifest next update: Tue 03 Mar 2026 17:01:00 +0000
Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: jnVgCb3XwhUnaZdVzUWsE6N+jfuP2eOMJpOMp3EY/3g=)
2: vVXnYinPG4h5TcTea17Iv2i5FYs.roa (hash: vQ3FQGy71ne2HeyP0gu2+P/Q4WprPJAgNPNHKJfJ9Dk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:7e:fa:c7:ff:77:5a:07:ce:57:f8:89:a4:80:c2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Validity
Not Before: Mar 2 17:01:00 2026 GMT
Not After : Mar 3 17:01:00 2026 GMT
Subject: CN=86590eeb281e19bff4db3fe269b5504b82dce3fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:f4:63:a1:0a:92:5e:d0:4b:30:f9:60:9b:
80:f7:71:15:a3:a6:18:f0:45:60:28:aa:9f:00:ce:
1e:bc:19:54:5d:0e:3d:46:85:c1:94:3c:28:99:df:
e7:d0:04:c9:ea:da:78:62:61:af:6c:81:18:ca:cb:
45:e8:af:a6:3c:0a:73:d4:02:13:ff:00:96:42:c6:
ba:16:66:37:2f:05:0b:8c:56:15:95:e8:2f:11:6a:
92:55:43:94:2f:86:b7:7d:ac:2f:f7:3c:a9:a6:1f:
64:34:fb:e7:cc:3e:32:19:26:38:81:b0:2c:e4:7e:
b2:66:50:0e:89:c3:5e:f5:21:dd:23:8b:c8:6d:d1:
f4:be:25:56:90:a7:ab:37:21:0c:97:51:5f:12:04:
b2:34:75:cc:bb:d3:4d:12:83:ab:38:ed:e7:9e:92:
de:38:89:81:18:d8:38:0c:50:38:bc:7a:dd:d7:88:
11:9d:5a:89:c0:f8:77:4b:f1:3b:8a:00:8b:84:e6:
f6:b5:45:fd:1b:7a:36:a3:a4:bc:d5:f3:57:17:9a:
a7:1d:58:b9:96:f4:d4:65:b3:f2:50:a8:15:31:a2:
75:3a:e1:c4:56:a8:c5:73:36:f6:f6:b7:c5:d3:f3:
3a:95:40:8c:0f:41:77:15:8d:a9:d5:5b:18:27:82:
d4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:59:0E:EB:28:1E:19:BF:F4:DB:3F:E2:69:B5:50:4B:82:DC:E3:FE
X509v3 Authority Key Identifier:
keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:29:0a:83:30:00:e3:0a:c5:64:6e:0a:e8:ce:19:51:10:12:
eb:57:4d:b2:35:09:d7:07:6f:dc:42:3e:91:8d:5b:06:3a:06:
b9:d2:43:85:3d:1f:a7:e2:97:74:b8:ed:09:79:9e:53:ab:46:
bb:85:37:c9:14:7f:19:12:06:97:ea:d8:ef:41:82:9b:f3:61:
89:78:56:66:2d:47:7c:bf:9e:e6:95:64:96:d7:72:2d:da:00:
b0:c2:22:d7:e1:37:28:52:e4:6b:1c:d2:49:84:05:81:b0:bb:
f1:bd:8e:73:01:e5:4a:c8:be:19:ce:0f:c5:46:c5:b6:37:66:
5f:a3:8b:06:e8:8a:66:5c:f9:24:f9:95:eb:22:84:1f:1d:17:
61:24:94:c7:66:c2:48:77:25:34:40:02:a6:6e:35:2e:44:02:
34:69:e1:7a:3b:be:35:09:3d:74:ea:82:e3:67:60:ec:95:3b:
89:ad:fb:2e:e2:43:3f:f4:19:1d:5a:6e:92:3d:71:9c:db:44:
52:87:15:7f:0a:7e:a7:83:03:41:d7:9f:19:fe:7a:45:cf:4a:
0b:07:1a:ae:3f:a8:43:22:19:6c:8c:ba:29:24:3c:8f:cc:df:
20:83:d1:86:11:62:5b:66:90:27:44:31:9c:43:84:12:d7:5e:
3b:85:84:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvfvrH/3daB85X+ImkgMLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm
ZTUyYjkwHhcNMjYwMzAyMTcwMTAwWhcNMjYwMzAzMTcwMTAwWjAzMTEwLwYDVQQD
Eyg4NjU5MGVlYjI4MWUxOWJmZjRkYjNmZTI2OWI1NTA0YjgyZGNlM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTj0Y6EKkl7QSzD5YJuA93EVo6YY
8EVgKKqfAM4evBlUXQ49RoXBlDwomd/n0ATJ6tp4YmGvbIEYystF6K+mPApz1AIT
/wCWQsa6FmY3LwULjFYVlegvEWqSVUOUL4a3fawv9zypph9kNPvnzD4yGSY4gbAs
5H6yZlAOicNe9SHdI4vIbdH0viVWkKerNyEMl1FfEgSyNHXMu9NNEoOrOO3nnpLe
OImBGNg4DFA4vHrd14gRnVqJwPh3S/E7igCLhOb2tUX9G3o2o6S81fNXF5qnHVi5
lvTUZbPyUKgVMaJ1OuHEVqjFczb29rfF0/M6lUCMD0F3FY2p1VsYJ4LUbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZZDusoHhm/9Ns/4mm1UEuC3OP+MB8GA1UdIwQY
MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt
NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0
LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnCkKgzAA
4wrFZG4K6M4ZURAS61dNsjUJ1wdv3EI+kY1bBjoGudJDhT0fp+KXdLjtCXmeU6tG
u4U3yRR/GRIGl+rY70GCm/NhiXhWZi1HfL+e5pVkltdyLdoAsMIi1+E3KFLkaxzS
SYQFgbC78b2OcwHlSsi+Gc4PxUbFtjdmX6OLBuiKZlz5JPmV6yKEHx0XYSSUx2bC
SHclNEACpm41LkQCNGnheju+NQk9dOqC42dg7JU7ia37LuJDP/QZHVpukj1xnNtE
UocVfwp+p4MDQdefGf56Rc9KCwcarj+oQyIZbIy6KSQ8j8zfIIPRhhFiW2aQJ0Qx
nEOEEtdeO4WE0g==
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:18:41 2026 by rpki-client