Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft
File: 2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft (raw, json)
Hash identifier: rxy9PBdk3gOvSB0eOw4Mdn7p+cluGIpOZhGT59JpN88=
Subject key identifier: BD:0F:6B:2C:88:F4:5F:DA:14:9C:55:DA:7D:DA:25:5E:58:7B:C0:BF
Authority key identifier: D8:81:E5:77:7C:CE:99:0C:0B:2B:0F:4C:29:CC:8D:2C:F9:AF:E8:3B
Certificate issuer: /CN=d881e5777cce990c0b2b0f4c29cc8d2cf9afe83b
Certificate serial: 019CAA58D664DBB2D3E530614B4F62F8B654
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IHld3zOmQwLKw9MKcyNLPmv6Ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft
Manifest number: 17D7
Signing time: Sun 01 Mar 2026 17:01:14 +0000
Manifest this update: Sun 01 Mar 2026 17:01:14 +0000
Manifest next update: Mon 02 Mar 2026 17:01:14 +0000
Files and hashes: 1: 2IHld3zOmQwLKw9MKcyNLPmv6Ds.crl (hash: 1Be9/JZ3UskCn04CWa80Ff1OhcBYg85S3eJV5/E7PiA=)
2: BaQ-Dwx4jGTP-WyiH6nK6TF34ds.roa (hash: Nnb+Pm8QW6nU8DXHtnpp7btMXm7Fsm1NDGac760ezUQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft
rsync://rpki.ripe.net/repository/DEFAULT/2IHld3zOmQwLKw9MKcyNLPmv6Ds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:d6:64:db:b2:d3:e5:30:61:4b:4f:62:f8:b6:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d881e5777cce990c0b2b0f4c29cc8d2cf9afe83b
Validity
Not Before: Mar 1 17:01:14 2026 GMT
Not After : Mar 2 17:01:14 2026 GMT
Subject: CN=bd0f6b2c88f45fda149c55da7dda255e587bc0bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1e:e1:29:5c:03:39:48:0e:bf:90:e4:be:9a:
49:c1:b2:29:41:04:bd:e0:b6:da:30:6a:8b:69:63:
c3:77:9a:56:c9:82:0f:d1:dc:71:f1:8d:f3:74:a9:
a7:bb:ee:8c:dc:33:4d:45:a0:cb:68:f4:bc:f7:b7:
c3:bc:25:8c:5c:50:cd:27:16:a3:72:7d:20:a4:47:
bf:ba:0c:3a:ef:36:bb:2f:09:00:68:dc:28:39:b6:
e9:eb:ef:ae:9e:1d:e2:f5:04:f9:f1:17:b3:f6:01:
3c:01:e9:af:b2:59:da:7c:97:8f:bb:f8:35:f3:8a:
fa:d8:8d:2e:ee:00:55:75:b6:ed:c6:89:a8:d5:80:
69:aa:04:48:5c:69:5f:5c:37:53:28:02:56:cb:29:
d7:ea:3a:59:2e:a4:e2:95:a2:e2:12:b5:40:dc:2c:
b7:13:05:14:20:23:d1:e0:49:7f:d0:29:65:a7:1e:
de:b2:c6:9d:05:e8:32:49:80:d9:12:75:3b:d6:4d:
e7:5b:c9:e1:29:cf:6d:af:73:6b:1d:ab:b0:c2:7b:
84:26:d7:3e:26:2b:b6:89:c4:38:f3:7a:c8:07:7f:
94:90:65:f3:66:1c:78:0d:5f:d7:54:5d:22:70:d3:
44:86:0f:47:e2:fa:ed:24:56:27:d2:94:de:7b:ea:
1b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:0F:6B:2C:88:F4:5F:DA:14:9C:55:DA:7D:DA:25:5E:58:7B:C0:BF
X509v3 Authority Key Identifier:
keyid:D8:81:E5:77:7C:CE:99:0C:0B:2B:0F:4C:29:CC:8D:2C:F9:AF:E8:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IHld3zOmQwLKw9MKcyNLPmv6Ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/3c95f3-dc3d-48eb-b6d7-d835de08bcf6/1/2IHld3zOmQwLKw9MKcyNLPmv6Ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:7c:03:7c:68:b8:7c:85:99:02:c4:59:7c:e6:bc:6d:c5:d4:
0f:f7:57:5e:d6:47:92:b3:20:78:0a:25:18:e1:5f:70:19:c6:
40:72:11:40:24:8c:94:e2:10:88:3b:04:d2:c7:14:d2:f2:0d:
d6:e8:21:85:f0:18:ac:2d:47:64:42:cc:4f:a2:a9:8b:9d:6e:
34:cf:46:60:30:92:98:39:ce:81:8f:e3:a7:4f:cf:89:b3:6e:
12:d7:68:9c:2a:11:87:d7:2d:24:cb:4c:f9:54:74:28:0d:20:
59:cf:4a:6d:b6:79:2e:9b:e8:d8:8b:47:a8:e1:31:d4:2c:09:
a2:7c:43:72:b0:b8:ac:a2:27:6a:4f:26:97:11:c3:88:2d:22:
ec:8d:54:58:5b:15:48:f2:d2:60:fe:e3:0f:e9:31:40:45:8a:
56:1f:9f:90:02:88:0e:58:1a:48:3e:29:2f:c3:88:9e:ab:36:
30:dc:54:fd:e9:d6:9c:10:c1:e7:e5:30:42:c7:9a:a2:86:f9:
fe:6e:70:ce:02:ed:72:ca:45:5f:85:ca:7c:37:ca:a7:9a:6c:
0a:29:14:79:39:d6:f1:70:33:d4:ad:68:3d:52:d5:1b:f2:99:
7d:38:2c:fe:00:10:8f:8b:96:07:e1:3b:46:fe:51:aa:59:3e:
3a:f3:dc:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWNZk27LT5TBhS09i+LZUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODFlNTc3N2NjZTk5MGMwYjJiMGY0YzI5Y2M4ZDJjZjlh
ZmU4M2IwHhcNMjYwMzAxMTcwMTE0WhcNMjYwMzAyMTcwMTE0WjAzMTEwLwYDVQQD
EyhiZDBmNmIyYzg4ZjQ1ZmRhMTQ5YzU1ZGE3ZGRhMjU1ZTU4N2JjMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB7hKVwDOUgOv5DkvppJwbIpQQS9
4LbaMGqLaWPDd5pWyYIP0dxx8Y3zdKmnu+6M3DNNRaDLaPS897fDvCWMXFDNJxaj
cn0gpEe/ugw67za7LwkAaNwoObbp6++unh3i9QT58Rez9gE8AemvslnafJePu/g1
84r62I0u7gBVdbbtxomo1YBpqgRIXGlfXDdTKAJWyynX6jpZLqTilaLiErVA3Cy3
EwUUICPR4El/0Cllpx7essadBegySYDZEnU71k3nW8nhKc9tr3NrHauwwnuEJtc+
Jiu2icQ483rIB3+UkGXzZhx4DV/XVF0icNNEhg9H4vrtJFYn0pTee+ob7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL0PayyI9F/aFJxV2n3aJV5Ye8C/MB8GA1UdIwQY
MBaAFNiB5Xd8zpkMCysPTCnMjSz5r+g7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklIbGQzek9tUXdMS3c5TUtjeU5MUG12NkRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zYzk1ZjMtZGMzZC00OGViLWI2ZDct
ZDgzNWRlMDhiY2Y2LzEvMklIbGQzek9tUXdMS3c5TUtjeU5MUG12NkRzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8zYzk1ZjMtZGMzZC00OGViLWI2ZDctZDgzNWRlMDhiY2Y2
LzEvMklIbGQzek9tUXdMS3c5TUtjeU5MUG12NkRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoHwDfGi4
fIWZAsRZfOa8bcXUD/dXXtZHkrMgeAolGOFfcBnGQHIRQCSMlOIQiDsE0scU0vIN
1ughhfAYrC1HZELMT6Kpi51uNM9GYDCSmDnOgY/jp0/PibNuEtdonCoRh9ctJMtM
+VR0KA0gWc9KbbZ5Lpvo2ItHqOEx1CwJonxDcrC4rKInak8mlxHDiC0i7I1UWFsV
SPLSYP7jD+kxQEWKVh+fkAKIDlgaSD4pL8OInqs2MNxU/enWnBDB5+UwQseaoob5
/m5wzgLtcspFX4XKfDfKp5psCikUeTnW8XAz1K1oPVLVG/KZfTgs/gAQj4uWB+E7
Rv5Rqlk+OvPcUw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:06:52 2026 by rpki-client