Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
File: 2KPKzfjzNRS-Or3FLFDshkZ16VU.mft (raw, json)
Hash identifier: SvhvYJ5qS3cKJ0AJI64LKAKqtepWov3Na58wbP73EAc=
Subject key identifier: ED:D6:F8:00:90:DA:B6:53:B8:B4:BA:58:BD:0A:53:7D:40:BD:75:37
Authority key identifier: D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
Certificate issuer: /CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Certificate serial: 019CAC7E21575567C106A3A8568FE4BEAA44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
Manifest number: 0D9F
Signing time: Mon 02 Mar 2026 03:01:12 +0000
Manifest this update: Mon 02 Mar 2026 03:01:12 +0000
Manifest next update: Tue 03 Mar 2026 03:01:12 +0000
Files and hashes: 1: 2KPKzfjzNRS-Or3FLFDshkZ16VU.crl (hash: reyKeOI8H9pqcIaM7IC3nbbaPVeOfRe3AfyN6GQeM6c=)
2: 55I-KJfDZCQf3-WIzaOmHLDw0UA.roa (hash: CHL8cZMB7OLAW5NGioo9AKdHll+9RPJn2SB7b3DCiOk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7e:21:57:55:67:c1:06:a3:a8:56:8f:e4:be:aa:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a3cacdf8f33514be3abdc52c50ec864675e955
Validity
Not Before: Mar 2 03:01:12 2026 GMT
Not After : Mar 3 03:01:12 2026 GMT
Subject: CN=edd6f80090dab653b8b4ba58bd0a537d40bd7537
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:19:3e:f2:12:0b:d1:59:bc:1b:e7:1a:3e:1c:
94:b3:aa:33:c5:1d:6b:60:78:2a:61:af:13:97:38:
2a:51:ad:3b:59:c1:f2:94:a5:e7:c3:ba:57:61:94:
b1:57:42:dc:44:f2:4d:ed:59:19:42:db:a4:ce:4b:
91:a2:55:a1:d1:81:58:19:a9:0f:2a:3c:0e:b4:bd:
22:c0:cb:c2:7f:6a:d8:5d:5f:09:70:62:dd:26:73:
b9:df:23:e0:2d:b0:8f:7c:33:12:c4:74:33:ca:de:
24:65:77:84:e3:51:04:63:9f:aa:6d:c0:11:b3:c3:
0b:c7:bc:22:88:4d:d2:ce:0d:be:49:65:df:dc:c2:
32:00:aa:48:16:9b:cd:74:37:bc:fd:7b:34:09:e3:
c0:7e:6b:10:7b:ee:1d:9f:d5:f1:09:34:80:9b:4a:
d7:a3:73:3b:bc:2f:5e:92:fa:bd:f7:14:65:b2:0b:
26:45:16:d1:b6:53:a2:9e:a5:40:56:59:22:90:aa:
4d:59:13:5c:09:10:5a:40:bd:11:3e:2b:81:94:bc:
e5:4c:49:49:0d:ea:d1:f7:c1:9b:a8:a6:ab:f3:ab:
6d:a4:1b:10:c8:dd:34:18:a4:76:56:69:b6:2c:9c:
3f:64:0f:3e:17:56:f6:66:11:85:83:f4:dc:5c:c3:
c9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D6:F8:00:90:DA:B6:53:B8:B4:BA:58:BD:0A:53:7D:40:BD:75:37
X509v3 Authority Key Identifier:
keyid:D8:A3:CA:CD:F8:F3:35:14:BE:3A:BD:C5:2C:50:EC:86:46:75:E9:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KPKzfjzNRS-Or3FLFDshkZ16VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/333c1a-e4a5-496d-9a81-b791b989af29/1/2KPKzfjzNRS-Or3FLFDshkZ16VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a1:1a:23:dd:e7:0f:a3:87:79:66:fc:e2:a3:3e:d1:90:cb:82:
7d:db:1b:95:0d:7e:a2:9c:46:f4:57:a6:74:62:14:10:5e:26:
cb:b3:e1:46:67:62:0c:5b:43:dd:0d:62:37:a0:f4:cb:75:ef:
02:c5:21:2c:39:0a:a8:78:46:77:47:cf:d2:db:49:9c:52:85:
0b:34:c5:af:57:88:42:39:05:0c:c0:cd:b7:94:ce:9d:a8:07:
c0:25:b6:03:47:e9:ce:23:3a:66:ee:b5:0b:cb:2f:b9:da:70:
49:de:a4:2b:ad:93:79:da:f7:ea:c5:dd:0b:65:ff:9a:46:3b:
1e:cd:e6:96:af:e4:c3:20:8c:c6:a5:ea:a9:90:ad:f9:65:06:
6b:92:0a:26:ec:81:24:ca:9d:0b:a9:63:62:91:5d:a8:9f:67:
65:8f:66:31:bf:a9:fe:d0:3d:8f:06:55:7e:c8:df:6e:7d:aa:
d8:49:03:8c:56:66:0e:bf:41:92:5e:28:6a:5a:fc:a4:93:0f:
16:bf:13:e7:89:7e:1c:09:b7:6f:2b:fc:3f:b2:3f:53:6f:80:
30:e6:30:3e:d9:87:ba:cc:19:e0:ef:04:9e:00:d7:6e:b9:81:
12:b7:f2:e1:f4:2d:27:71:bf:66:a8:f3:a8:94:c8:52:37:a5:
d9:27:6e:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfiFXVWfBBqOoVo/kvqpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YTNjYWNkZjhmMzM1MTRiZTNhYmRjNTJjNTBlYzg2NDY3
NWU5NTUwHhcNMjYwMzAyMDMwMTEyWhcNMjYwMzAzMDMwMTEyWjAzMTEwLwYDVQQD
EyhlZGQ2ZjgwMDkwZGFiNjUzYjhiNGJhNThiZDBhNTM3ZDQwYmQ3NTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhk+8hIL0Vm8G+caPhyUs6ozxR1r
YHgqYa8TlzgqUa07WcHylKXnw7pXYZSxV0LcRPJN7VkZQtukzkuRolWh0YFYGakP
KjwOtL0iwMvCf2rYXV8JcGLdJnO53yPgLbCPfDMSxHQzyt4kZXeE41EEY5+qbcAR
s8MLx7wiiE3Szg2+SWXf3MIyAKpIFpvNdDe8/Xs0CePAfmsQe+4dn9XxCTSAm0rX
o3M7vC9ekvq99xRlsgsmRRbRtlOinqVAVlkikKpNWRNcCRBaQL0RPiuBlLzlTElJ
DerR98GbqKar86ttpBsQyN00GKR2Vmm2LJw/ZA8+F1b2ZhGFg/TcXMPJyQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3W+ACQ2rZTuLS6WL0KU31AvXU3MB8GA1UdIwQY
MBaAFNijys348zUUvjq9xSxQ7IZGdelVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEt
Yjc5MWI5ODlhZjI5LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zMzNjMWEtZTRhNS00OTZkLTlhODEtYjc5MWI5ODlhZjI5
LzEvMktQS3pmanpOUlMtT3IzRkxGRHNoa1oxNlZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoRoj3ecP
o4d5Zvzioz7RkMuCfdsblQ1+opxG9FemdGIUEF4my7PhRmdiDFtD3Q1iN6D0y3Xv
AsUhLDkKqHhGd0fP0ttJnFKFCzTFr1eIQjkFDMDNt5TOnagHwCW2A0fpziM6Zu61
C8svudpwSd6kK62Tedr36sXdC2X/mkY7Hs3mlq/kwyCMxqXqqZCt+WUGa5IKJuyB
JMqdC6ljYpFdqJ9nZY9mMb+p/tA9jwZVfsjfbn2q2EkDjFZmDr9Bkl4oalr8pJMP
Fr8T54l+HAm3byv8P7I/U2+AMOYwPtmHuswZ4O8EngDXbrmBErfy4fQtJ3G/Zqjz
qJTIUjel2Sduqw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:17:06 2026 by rpki-client