Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
File: 2zdeFqGTZ96ZuySsEV0lmioEgaw.mft (raw, json)
Hash identifier: rhwwQaWPHS33anV4C8oj7AQ1FzCediTIgLlLXyXqIRc=
Subject key identifier: 15:6C:3E:37:1E:09:EF:30:F8:C5:A8:AE:54:11:69:E4:D9:95:2A:7F
Authority key identifier: DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC
Certificate issuer: /CN=db375e16a19367de99bb24ac115d259a2a0481ac
Certificate serial: 019CADC8143229ED980EA127A98C73AD319E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
Manifest number: 0DE1
Signing time: Mon 02 Mar 2026 09:01:36 +0000
Manifest this update: Mon 02 Mar 2026 09:01:36 +0000
Manifest next update: Tue 03 Mar 2026 09:01:36 +0000
Files and hashes: 1: 2zdeFqGTZ96ZuySsEV0lmioEgaw.crl (hash: SI8J1+sqf1tSdWRfCOoKFXlFd0xkYru7sDY2QlvBoLw=)
2: uej861Aq66aiTbTh46AGK_JiRjQ.roa (hash: u2XmnqcYHbAJLSpNo2ks9hVCb6DlSKyd8Mczf2hO9GI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:01:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c8:14:32:29:ed:98:0e:a1:27:a9:8c:73:ad:31:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db375e16a19367de99bb24ac115d259a2a0481ac
Validity
Not Before: Mar 2 09:01:36 2026 GMT
Not After : Mar 3 09:01:36 2026 GMT
Subject: CN=156c3e371e09ef30f8c5a8ae541169e4d9952a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:75:20:b7:b9:64:78:74:6e:ea:5c:d3:da:c0:
05:0d:bc:a7:97:8e:b2:39:14:f0:aa:39:13:f2:52:
20:54:14:b2:4f:d6:b9:81:8f:6b:f5:df:de:34:c8:
c5:37:df:98:00:86:f4:2b:e5:ba:e7:06:63:d8:f0:
57:05:43:21:4d:c4:7b:81:55:3f:4b:fb:d7:a7:14:
f3:33:ad:b9:07:82:e0:93:7b:69:66:d1:86:cb:8e:
58:e3:02:1f:04:c5:18:04:86:e2:ad:22:9c:50:05:
e0:85:0e:94:69:a9:01:d1:cf:ae:01:56:a6:b9:c4:
1c:5d:46:f1:95:62:bd:d1:74:f9:87:e2:30:55:17:
41:93:e2:18:c9:ae:d8:35:93:b6:2a:71:f9:d9:74:
09:e4:a1:28:40:60:ec:be:86:61:b0:b9:df:2e:91:
7f:11:29:10:e3:e8:6e:8a:c3:10:d0:8c:b7:2a:17:
10:8e:80:b5:bf:b2:51:23:cd:ee:2d:aa:e6:80:37:
e2:0c:38:a2:d1:47:e0:7a:39:e3:70:34:2b:3e:b0:
be:79:79:c3:d9:b9:a7:59:e6:bf:c8:74:49:c5:b7:
98:60:dc:d4:5c:75:21:e4:b8:89:0a:ca:3c:5c:5a:
d2:23:ec:56:22:be:0e:29:82:bb:36:1c:9f:41:24:
81:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:6C:3E:37:1E:09:EF:30:F8:C5:A8:AE:54:11:69:E4:D9:95:2A:7F
X509v3 Authority Key Identifier:
keyid:DB:37:5E:16:A1:93:67:DE:99:BB:24:AC:11:5D:25:9A:2A:04:81:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2zdeFqGTZ96ZuySsEV0lmioEgaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/9bc5bc-8f99-42ed-a8ce-5b86ba585922/1/2zdeFqGTZ96ZuySsEV0lmioEgaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:3f:e8:b0:2c:06:e7:c3:6f:8d:86:3d:dc:81:fd:b0:0a:ae:
92:2d:46:80:2b:30:69:45:02:55:99:f5:c2:5d:3e:0e:2a:ee:
63:45:af:e3:40:a6:d6:12:aa:bf:f9:f6:09:fe:a3:ab:bb:21:
b8:8e:44:f3:05:8b:6f:3e:97:fb:7e:c2:0f:3e:42:80:45:e9:
aa:60:1f:77:3a:7b:59:4e:60:53:fe:e0:46:41:03:e0:e1:8c:
43:0a:54:99:99:2f:e3:04:7d:aa:f6:46:43:3b:c4:93:b7:01:
bf:8d:fd:88:7f:dd:1b:de:e3:5a:c5:fa:e7:e0:04:f6:68:50:
1c:b7:68:95:3a:92:65:b1:ef:15:3c:a5:d3:f7:61:af:05:f1:
e8:6a:ec:2f:56:27:6d:98:ac:43:81:0b:b5:ea:93:11:f6:f4:
34:e3:e9:f5:0b:35:a8:b9:4a:5b:17:d8:1c:34:1a:7a:b5:ec:
a8:b8:1c:73:ff:e2:26:b6:9b:ac:d9:40:84:36:57:2f:91:e2:
99:73:8f:d9:89:6f:b7:07:b3:10:ee:9a:5d:a5:f9:f4:ef:07:
e6:91:7c:22:8d:da:68:dd:5b:bd:db:55:5b:fb:4e:5b:df:a1:
91:6f:b3:7b:49:1d:75:1a:5c:4f:48:13:24:06:67:aa:cf:f6:
f0:61:85:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyBQyKe2YDqEnqYxzrTGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMzc1ZTE2YTE5MzY3ZGU5OWJiMjRhYzExNWQyNTlhMmEw
NDgxYWMwHhcNMjYwMzAyMDkwMTM2WhcNMjYwMzAzMDkwMTM2WjAzMTEwLwYDVQQD
EygxNTZjM2UzNzFlMDllZjMwZjhjNWE4YWU1NDExNjllNGQ5OTUyYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3Ugt7lkeHRu6lzT2sAFDbynl46y
ORTwqjkT8lIgVBSyT9a5gY9r9d/eNMjFN9+YAIb0K+W65wZj2PBXBUMhTcR7gVU/
S/vXpxTzM625B4Lgk3tpZtGGy45Y4wIfBMUYBIbirSKcUAXghQ6UaakB0c+uAVam
ucQcXUbxlWK90XT5h+IwVRdBk+IYya7YNZO2KnH52XQJ5KEoQGDsvoZhsLnfLpF/
ESkQ4+huisMQ0Iy3KhcQjoC1v7JRI83uLarmgDfiDDii0UfgejnjcDQrPrC+eXnD
2bmnWea/yHRJxbeYYNzUXHUh5LiJCso8XFrSI+xWIr4OKYK7NhyfQSSBdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBVsPjceCe8w+MWorlQRaeTZlSp/MB8GA1UdIwQY
MBaAFNs3Xhahk2fembskrBFdJZoqBIGsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2Ut
NWI4NmJhNTg1OTIyLzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy85YmM1YmMtOGY5OS00MmVkLWE4Y2UtNWI4NmJhNTg1OTIy
LzEvMnpkZUZxR1RaOTZadXlTc0VWMGxtaW9FZ2F3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAID/osCwG
58NvjYY93IH9sAquki1GgCswaUUCVZn1wl0+DiruY0Wv40Cm1hKqv/n2Cf6jq7sh
uI5E8wWLbz6X+37CDz5CgEXpqmAfdzp7WU5gU/7gRkED4OGMQwpUmZkv4wR9qvZG
QzvEk7cBv439iH/dG97jWsX65+AE9mhQHLdolTqSZbHvFTyl0/dhrwXx6GrsL1Yn
bZisQ4ELteqTEfb0NOPp9Qs1qLlKWxfYHDQaerXsqLgcc//iJrabrNlAhDZXL5Hi
mXOP2YlvtwezEO6aXaX59O8H5pF8Io3aaN1bvdtVW/tOW9+hkW+ze0kddRpcT0gT
JAZnqs/28GGFLQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:35:19 2026 by rpki-client