Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
File: 2pa1va-ygzLa_oR87RT3pfrUXmk.mft (raw, json)
Hash identifier: EEX3M/rgQFCvzk6OM0C3rZ/mDp3ysJgMPcYPpTJvqTA=
Subject key identifier: 90:24:DD:BA:3E:19:5B:FE:82:D9:A8:69:89:67:BB:2B:60:EA:7C:8D
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial: 019CADC821573DEA81639B07BA9CF2D4F728
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
Manifest number: 1847
Signing time: Mon 02 Mar 2026 09:01:39 +0000
Manifest this update: Mon 02 Mar 2026 09:01:39 +0000
Manifest next update: Tue 03 Mar 2026 09:01:39 +0000
Files and hashes: 1: 2pa1va-ygzLa_oR87RT3pfrUXmk.crl (hash: DaN2uTAE5GXUSBE7hd2Hotq0qWskfBFdTfIEnOzrZd0=)
2: L2PV0X2D64oMo0GnEAuj-1lDAIc.roa (hash: kUPruxzCipMwCfnCm4k203rxKLbGUtvwDpyAt+2Wqic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:c8:21:57:3d:ea:81:63:9b:07:ba:9c:f2:d4:f7:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Validity
Not Before: Mar 2 09:01:39 2026 GMT
Not After : Mar 3 09:01:39 2026 GMT
Subject: CN=9024ddba3e195bfe82d9a8698967bb2b60ea7c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:71:7b:e7:35:08:99:08:9f:9e:9a:01:21:c2:
27:b9:ef:69:d5:8b:58:d9:c2:9c:7c:e1:4f:4a:de:
c8:57:cc:f9:c8:f3:6c:78:02:d9:9a:d3:94:7c:68:
67:2d:fc:23:03:95:5f:f7:d5:8d:74:9e:dc:ac:8f:
b8:89:f6:84:e3:47:98:6f:86:79:4c:cd:30:78:97:
06:89:a7:dd:70:d0:e7:9f:84:50:45:65:bd:3f:46:
c1:e8:55:cb:e1:96:36:68:d0:b0:ca:8a:48:9e:cd:
6b:73:d5:43:d6:fa:a1:8c:91:d8:76:57:24:6e:ac:
c6:a1:b9:20:f9:e2:69:9c:ad:3f:7b:d7:74:1b:be:
87:7a:23:98:30:05:be:ff:db:59:d7:5b:c2:b7:51:
3e:e1:67:1a:95:f6:f8:58:5c:27:bb:98:00:03:2b:
f8:b3:c5:ab:7d:c2:d5:cd:6a:75:cd:a4:02:3b:e8:
2c:c9:72:b7:8e:fa:f2:b7:0b:4e:ed:24:1b:74:5b:
b3:68:c4:f4:f3:97:94:c2:ee:74:c2:32:11:3f:e1:
18:1d:21:25:dd:64:29:b1:d3:e4:57:7f:74:7e:fd:
af:2a:37:63:65:90:3b:53:ff:f1:e6:e3:06:63:b9:
94:55:4d:d6:76:da:70:f2:70:76:4e:8d:1b:69:f2:
6e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:24:DD:BA:3E:19:5B:FE:82:D9:A8:69:89:67:BB:2B:60:EA:7C:8D
X509v3 Authority Key Identifier:
keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:45:2a:6c:7a:c9:e8:87:1a:4f:ba:d6:75:1c:9f:6a:aa:a6:
13:69:31:57:a9:1a:6e:40:d7:3d:7c:e7:79:6b:af:19:57:e1:
67:d0:8f:09:6c:84:77:c4:d5:33:82:34:c5:bf:79:cc:be:ed:
d1:ab:6e:84:86:62:a6:19:0b:1a:b4:0a:3b:30:8e:ba:35:92:
b2:c2:72:50:5a:03:0e:5d:63:30:e3:9d:5d:2e:d8:f6:f8:fa:
15:a9:ab:c5:3c:05:59:89:61:66:80:d5:f1:73:d6:ee:22:15:
3f:92:56:ad:ad:1a:51:b0:de:18:77:43:d0:fe:dc:ad:a6:5e:
40:7a:a3:85:94:0a:51:b5:56:6a:92:8f:a0:48:5b:d0:c1:89:
4f:31:a3:d1:67:ab:b5:fa:2b:63:26:ac:7d:c3:96:94:bd:64:
ce:88:11:6e:25:f7:b4:91:0f:ad:cc:8d:35:98:21:d5:26:37:
ed:b1:2b:a4:20:09:b2:09:f4:24:ed:03:d2:6c:8e:25:22:e3:
2e:43:cb:e7:55:b5:51:45:f0:e4:21:70:67:ae:9c:aa:7c:65:
ca:e8:49:32:40:2a:b4:50:06:e4:bf:12:bd:d5:e1:42:1f:e9:
72:31:ec:6e:28:1d:10:28:62:77:a9:ab:65:8c:34:e7:d1:2e:
71:f4:0b:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytyCFXPeqBY5sHupzy1PcoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk
NDVlNjkwHhcNMjYwMzAyMDkwMTM5WhcNMjYwMzAzMDkwMTM5WjAzMTEwLwYDVQQD
Eyg5MDI0ZGRiYTNlMTk1YmZlODJkOWE4Njk4OTY3YmIyYjYwZWE3YzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3F75zUImQifnpoBIcInue9p1YtY
2cKcfOFPSt7IV8z5yPNseALZmtOUfGhnLfwjA5Vf99WNdJ7crI+4ifaE40eYb4Z5
TM0weJcGiafdcNDnn4RQRWW9P0bB6FXL4ZY2aNCwyopIns1rc9VD1vqhjJHYdlck
bqzGobkg+eJpnK0/e9d0G76HeiOYMAW+/9tZ11vCt1E+4Wcalfb4WFwnu5gAAyv4
s8WrfcLVzWp1zaQCO+gsyXK3jvrytwtO7SQbdFuzaMT085eUwu50wjIRP+EYHSEl
3WQpsdPkV390fv2vKjdjZZA7U//x5uMGY7mUVU3Wdtpw8nB2To0bafJu+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJAk3bo+GVv+gtmoaYlnuytg6nyNMB8GA1UdIwQY
MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It
NDI1Mzk1MGYxMTU1LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1
LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0UqbHrJ
6IcaT7rWdRyfaqqmE2kxV6kabkDXPXzneWuvGVfhZ9CPCWyEd8TVM4I0xb95zL7t
0atuhIZiphkLGrQKOzCOujWSssJyUFoDDl1jMOOdXS7Y9vj6FamrxTwFWYlhZoDV
8XPW7iIVP5JWra0aUbDeGHdD0P7craZeQHqjhZQKUbVWapKPoEhb0MGJTzGj0Wer
tforYyasfcOWlL1kzogRbiX3tJEPrcyNNZgh1SY37bErpCAJsgn0JO0D0myOJSLj
LkPL51W1UUXw5CFwZ66cqnxlyuhJMkAqtFAG5L8SvdXhQh/pcjHsbigdEChid6mr
ZYw059EucfQL/A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:55:24 2026 by rpki-client