Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
File: 2f8MyFNVS935CZqjzuvTUka5KPU.mft (raw, json)
Hash identifier: aRiuRskjqezQM8C4gF0dIl31tTGNd0owEjKUdTOWUHU=
Subject key identifier: BF:EF:B6:F3:16:1F:17:69:66:C1:13:55:C5:02:56:A5:86:00:90:F7
Authority key identifier: D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
Certificate issuer: /CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Certificate serial: 019EC0A425E92FD4F4B4B9F5F279FE7E0B5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
Manifest number: 019D
Signing time: Sat 13 Jun 2026 11:00:43 +0000
Manifest this update: Sat 13 Jun 2026 11:00:43 +0000
Manifest next update: Sun 14 Jun 2026 11:00:43 +0000
Files and hashes: 1: 1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa (hash: Dj+AT1jX9rfVhJFGXz9XaLtPSZgqG/nTfTCrODe4StE=)
2: 2f8MyFNVS935CZqjzuvTUka5KPU.crl (hash: aV9J35Tclypr3WDK5f0ORNQLUClBhXbMBwUusyGO4II=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c0:a4:25:e9:2f:d4:f4:b4:b9:f5:f2:79:fe:7e:0b:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Validity
Not Before: Jun 13 11:00:43 2026 GMT
Not After : Jun 14 11:00:43 2026 GMT
Subject: CN=bfefb6f3161f176966c11355c50256a5860090f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:72:5a:22:22:61:6a:6c:04:d7:a2:5e:78:83:
1c:b7:6d:c4:90:09:50:1f:61:76:e7:df:e4:c1:3f:
a0:30:fc:2f:be:5b:64:3b:68:c8:a7:a6:35:ae:e6:
bc:7a:fe:9e:94:49:00:6a:2c:f6:ce:0f:b5:ec:d8:
a3:51:7e:e6:54:31:90:74:99:31:50:df:24:2a:df:
45:29:99:e3:3b:2d:14:74:ff:87:19:94:57:d1:e2:
9c:8a:e3:af:f7:65:3f:2f:dc:cd:42:6f:4d:db:57:
1d:d8:3c:da:0c:9d:22:c4:4e:90:2c:c3:31:26:23:
99:e2:b6:b2:e7:40:96:92:cf:63:d4:1a:9c:8e:66:
98:78:32:b9:de:69:d8:fa:6d:b4:fc:9f:de:4e:cb:
a0:98:55:42:d1:96:95:e8:f6:d8:98:51:6e:a1:0f:
c0:a6:fc:8c:9e:9f:67:8b:9f:db:cc:a3:2b:8c:92:
ad:fe:fd:b6:85:a6:77:be:35:62:8c:a7:05:4d:6e:
9e:47:f2:10:b6:26:68:3b:2a:bc:4f:e1:86:3d:f9:
ce:82:49:f6:ca:91:b9:22:e9:bc:f4:02:d3:83:44:
11:12:42:e4:e1:2f:bb:ed:6f:10:eb:38:07:77:59:
14:7a:38:83:d2:43:7e:f9:7b:4b:a2:2f:97:80:1e:
2c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:EF:B6:F3:16:1F:17:69:66:C1:13:55:C5:02:56:A5:86:00:90:F7
X509v3 Authority Key Identifier:
keyid:D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:98:0f:43:6a:3c:e8:a0:50:c4:30:da:83:a0:ad:f2:1b:a5:
0e:ba:b8:43:bc:c1:66:8a:1c:b7:ec:00:72:8b:8b:b4:9e:13:
47:ae:52:eb:b6:73:5a:cd:72:00:5f:9c:a1:d3:ea:5c:18:70:
2c:fe:69:13:a6:d0:49:0c:15:a4:28:9d:8f:80:36:fa:23:d0:
6d:84:76:0e:55:14:c7:dd:7a:e4:ca:d3:40:1d:d1:d9:e7:b5:
b3:8d:c5:bb:43:ac:a7:19:a1:b2:87:4c:31:79:c3:b7:94:d6:
ed:fa:f4:51:71:53:fc:7c:60:67:4d:c6:c9:3a:7f:bc:f2:3d:
10:73:e2:59:df:47:da:48:1c:6e:78:bd:44:ad:50:24:b9:9e:
0e:ab:73:41:4a:cc:3a:95:63:d1:bc:7d:f7:aa:e5:af:81:7e:
7f:d6:76:f6:81:dd:32:e8:9c:fd:f0:3e:d8:fa:b5:20:44:59:
bd:a5:67:a6:0e:c1:74:bb:37:a6:92:b8:d7:57:dd:68:a1:db:
66:50:3e:66:a6:77:5a:3c:91:86:0b:dc:07:f8:97:af:39:f7:
8c:58:b0:db:a8:c1:9b:71:1d:4f:21:a8:e5:fe:d6:9b:e6:5f:
0c:af:4a:47:04:37:03:a9:04:30:1a:7d:d6:3a:84:45:71:0b:
8d:b0:3b:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ7ApCXpL9T0tLn18nn+fgtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmYwY2M4NTM1NTRiZGRmOTA5OWFhM2NlZWJkMzUyNDZi
OTI4ZjUwHhcNMjYwNjEzMTEwMDQzWhcNMjYwNjE0MTEwMDQzWjAzMTEwLwYDVQQD
EyhiZmVmYjZmMzE2MWYxNzY5NjZjMTEzNTVjNTAyNTZhNTg2MDA5MGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHJaIiJhamwE16JeeIMct23EkAlQ
H2F259/kwT+gMPwvvltkO2jIp6Y1rua8ev6elEkAaiz2zg+17NijUX7mVDGQdJkx
UN8kKt9FKZnjOy0UdP+HGZRX0eKciuOv92U/L9zNQm9N21cd2DzaDJ0ixE6QLMMx
JiOZ4ray50CWks9j1BqcjmaYeDK53mnY+m20/J/eTsugmFVC0ZaV6PbYmFFuoQ/A
pvyMnp9ni5/bzKMrjJKt/v22haZ3vjVijKcFTW6eR/IQtiZoOyq8T+GGPfnOgkn2
ypG5Ium89ALTg0QREkLk4S+77W8Q6zgHd1kUejiD0kN++XtLoi+XgB4sTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL/vtvMWHxdpZsETVcUCVqWGAJD3MB8GA1UdIwQY
MBaAFNn/DMhTVUvd+Qmao87r01JGuSj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAt
Y2FmZTVlN2RiNzU4LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAtY2FmZTVlN2RiNzU4
LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANpgPQ2o8
6KBQxDDag6Ct8hulDrq4Q7zBZooct+wAcouLtJ4TR65S67ZzWs1yAF+codPqXBhw
LP5pE6bQSQwVpCidj4A2+iPQbYR2DlUUx9165MrTQB3R2ee1s43Fu0OspxmhsodM
MXnDt5TW7fr0UXFT/HxgZ03GyTp/vPI9EHPiWd9H2kgcbni9RK1QJLmeDqtzQUrM
OpVj0bx996rlr4F+f9Z29oHdMuic/fA+2Pq1IERZvaVnpg7BdLs3ppK411fdaKHb
ZlA+ZqZ3WjyRhgvcB/iXrzn3jFiw26jBm3EdTyGo5f7Wm+ZfDK9KRwQ3A6kEMBp9
1jqERXELjbA7+A==
-----END CERTIFICATE-----
Generated at Sat Jun 13 14:21:28 2026 by rpki-client