Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
File: 2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json)
Hash identifier: q2pT9yI+RAxmYT/Nn/a4JDwGks1lBNKk2T4Uxfjdd+w=
Subject key identifier: BE:46:54:63:F2:B2:62:A6:25:F4:C6:45:68:D3:44:41:93:5B:08:47
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial: 019CACEB944EABEB15E21153EB0A92E2CD89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
Manifest number: 1415
Signing time: Mon 02 Mar 2026 05:00:45 +0000
Manifest this update: Mon 02 Mar 2026 05:00:45 +0000
Manifest next update: Tue 03 Mar 2026 05:00:45 +0000
Files and hashes: 1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: U9++quwClJG+1QkvK5IljBjLUnwtinhds5lyeikhhl0=)
2: D5r66qCGlpT6UM1S2JZDnwLEq_g.roa (hash: AsE96zhoWPvQynJOqug2jdhORzzqgKtcCYsyjnQ29Aw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:eb:94:4e:ab:eb:15:e2:11:53:eb:0a:92:e2:cd:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Validity
Not Before: Mar 2 05:00:45 2026 GMT
Not After : Mar 3 05:00:45 2026 GMT
Subject: CN=be465463f2b262a625f4c64568d34441935b0847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:62:d4:19:a2:fe:b5:ca:8a:30:ac:8c:bb:
4b:c2:e6:cf:39:e9:77:9a:f9:c1:cf:a4:41:76:bc:
aa:f8:c6:73:ae:2f:78:02:a2:c0:dc:b7:e9:ec:09:
d1:f6:83:2e:ac:b4:d2:bb:b5:78:39:ae:8a:0b:68:
36:83:32:ea:03:91:c9:6c:23:76:c5:49:f8:61:21:
52:b8:e5:8a:d9:b5:2d:bb:dd:e7:4b:25:fa:42:b8:
ff:ed:1e:46:63:32:b5:17:ec:04:2f:cc:9c:90:be:
41:7e:c1:ac:19:e7:f2:37:e1:65:b1:71:a6:e5:26:
6d:a6:ba:ee:72:a7:51:5a:66:5e:f1:fd:a1:ad:7b:
d9:3a:ec:ce:13:d4:a7:47:cb:4e:4c:81:ef:f8:1e:
cb:25:26:2a:22:ea:42:34:98:ea:92:eb:05:0f:ab:
22:3a:28:2c:b1:67:73:47:e8:56:57:f6:7a:d2:ab:
f2:2f:3a:f0:e9:ab:86:6b:5d:64:d5:e0:55:b9:90:
8d:4d:3a:fe:a1:fa:62:94:7b:48:f6:57:2c:e4:3d:
ce:76:28:6d:b4:26:b0:e5:2d:4a:3c:43:0d:d1:f9:
ae:2a:cd:7b:90:be:12:5d:a2:45:65:17:cf:a0:9c:
3c:34:55:5e:e7:b5:51:cb:07:fa:f2:1e:fd:1a:a5:
43:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:46:54:63:F2:B2:62:A6:25:F4:C6:45:68:D3:44:41:93:5B:08:47
X509v3 Authority Key Identifier:
keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:ec:5f:65:29:a4:b7:90:68:ad:e2:d1:d7:70:35:fc:07:c7:
20:16:b3:6f:cd:70:58:a6:07:d4:2b:17:d8:e0:0b:04:d1:7f:
f0:6e:07:9d:c8:51:87:42:b4:a0:f4:96:5f:be:cf:3d:aa:32:
51:99:84:10:fa:46:3a:91:87:4d:44:92:91:95:08:8b:9a:2f:
b9:f0:ff:b7:27:2b:84:89:f0:38:96:ee:97:5a:cb:99:4f:15:
15:58:10:34:bf:6a:eb:4b:69:87:d5:35:0e:1e:0b:d5:28:e3:
50:69:ef:91:39:5d:ba:ac:dd:7d:d4:8d:7a:57:49:b1:e0:9f:
da:78:98:fa:b6:f4:e6:d2:9b:15:2b:41:16:16:73:43:30:ac:
5a:20:0d:e2:12:4e:81:a4:61:d0:1d:7e:6a:10:5a:6f:be:43:
4f:63:2f:6d:d0:ad:b1:92:1b:f2:ef:26:d5:57:6a:2f:de:1f:
3e:cf:47:e1:d5:1d:54:a2:74:35:99:67:79:8f:35:ed:27:28:
b9:12:58:4f:19:b4:3c:81:45:06:84:6c:87:91:43:3e:84:05:
eb:20:9a:06:28:ef:6e:1d:3d:ae:63:e3:b1:9b:ae:fe:3f:12:
a1:66:be:31:e9:4b:ba:2a:d5:3f:13:28:e0:79:2e:67:35:4a:
fa:67:12:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZys65ROq+sV4hFT6wqS4s2JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjYwMzAyMDUwMDQ1WhcNMjYwMzAzMDUwMDQ1WjAzMTEwLwYDVQQD
EyhiZTQ2NTQ2M2YyYjI2MmE2MjVmNGM2NDU2OGQzNDQ0MTkzNWIwODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIZi1Bmi/rXKijCsjLtLwubPOel3
mvnBz6RBdryq+MZzri94AqLA3Lfp7AnR9oMurLTSu7V4Oa6KC2g2gzLqA5HJbCN2
xUn4YSFSuOWK2bUtu93nSyX6Qrj/7R5GYzK1F+wEL8yckL5BfsGsGefyN+FlsXGm
5SZtprrucqdRWmZe8f2hrXvZOuzOE9SnR8tOTIHv+B7LJSYqIupCNJjqkusFD6si
OigssWdzR+hWV/Z60qvyLzrw6auGa11k1eBVuZCNTTr+ofpilHtI9lcs5D3Odiht
tCaw5S1KPEMN0fmuKs17kL4SXaJFZRfPoJw8NFVe57VRywf68h79GqVDGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5GVGPysmKmJfTGRWjTREGTWwhHMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADOxfZSmk
t5BoreLR13A1/AfHIBazb81wWKYH1CsX2OALBNF/8G4HnchRh0K0oPSWX77PPaoy
UZmEEPpGOpGHTUSSkZUIi5ovufD/tycrhInwOJbul1rLmU8VFVgQNL9q60tph9U1
Dh4L1SjjUGnvkTlduqzdfdSNeldJseCf2niY+rb05tKbFStBFhZzQzCsWiAN4hJO
gaRh0B1+ahBab75DT2MvbdCtsZIb8u8m1VdqL94fPs9H4dUdVKJ0NZlneY817Sco
uRJYTxm0PIFFBoRsh5FDPoQF6yCaBijvbh09rmPjsZuu/j8SoWa+MelLuirVPxMo
4HkuZzVK+mcSUg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:24:02 2026 by rpki-client