Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
File: 2f8MyFNVS935CZqjzuvTUka5KPU.mft (raw, json)
Hash identifier: vWawfPVbQMuIpVvDKEeAL9+6iDKlbx5N1TYJm8h5e2I=
Subject key identifier: 29:90:31:68:A3:D1:4E:D1:6A:40:56:05:0D:8B:B9:00:DF:C7:1B:21
Authority key identifier: D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
Certificate issuer: /CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Certificate serial: 019D9B19CE1AA0AAFDD3449CE1489DF371A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
Manifest number: 0105
Signing time: Fri 17 Apr 2026 11:00:52 +0000
Manifest this update: Fri 17 Apr 2026 11:00:52 +0000
Manifest next update: Sat 18 Apr 2026 11:00:52 +0000
Files and hashes: 1: 1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa (hash: Dj+AT1jX9rfVhJFGXz9XaLtPSZgqG/nTfTCrODe4StE=)
2: 2f8MyFNVS935CZqjzuvTUka5KPU.crl (hash: 6HT6SZ5ZkgZ4Df8t26urFdsPZlwVZBnK3lQS70T0rAc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:ce:1a:a0:aa:fd:d3:44:9c:e1:48:9d:f3:71:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Validity
Not Before: Apr 17 11:00:52 2026 GMT
Not After : Apr 18 11:00:52 2026 GMT
Subject: CN=29903168a3d14ed16a4056050d8bb900dfc71b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fe:47:a1:a5:52:c5:8c:1f:db:1d:bd:4a:b2:
2f:40:67:7a:73:87:ec:93:2e:bc:d9:75:4d:a4:99:
0f:fc:ff:7a:2c:dc:69:85:8d:7e:c6:38:42:07:17:
f9:34:24:d8:01:bd:5b:f0:64:63:2c:dd:84:c4:bb:
92:b9:7c:10:ef:3d:e2:93:d8:83:30:14:65:75:d9:
b4:07:0f:02:82:a1:59:5f:a8:f7:67:39:63:09:88:
36:3f:d9:54:ab:2a:46:dd:7d:ef:4a:f2:64:63:7b:
cd:cd:a8:ae:1c:03:a1:c5:97:b2:e3:69:e6:e0:bf:
ec:7b:93:c0:47:c7:45:e9:1e:8b:ce:8f:9a:56:be:
a1:9d:b9:8b:4c:e9:b7:3b:54:49:1e:f7:48:85:39:
2b:c9:f1:14:18:83:2f:77:a7:2e:68:45:65:07:dc:
7c:4e:20:71:07:eb:49:b6:b9:bb:21:e5:e6:08:8a:
c1:10:0f:cb:3a:04:c6:4f:3c:68:04:cc:f4:7d:ee:
9b:ae:a5:49:66:39:ae:73:c9:dd:bb:65:db:61:b8:
e0:d8:d2:f1:b0:44:81:94:56:ea:b3:28:84:d3:7e:
c5:a9:55:a1:aa:99:cc:bd:04:9b:ac:47:dc:aa:75:
52:a8:f1:89:72:8f:45:10:f0:5c:9a:1a:a1:a1:13:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:90:31:68:A3:D1:4E:D1:6A:40:56:05:0D:8B:B9:00:DF:C7:1B:21
X509v3 Authority Key Identifier:
keyid:D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:42:97:d1:55:08:13:14:ea:a8:f1:4d:77:f6:95:47:25:28:
50:9c:67:ee:08:05:30:cc:ae:3e:23:36:3d:a4:58:fe:90:82:
9b:61:d8:ee:25:b9:aa:46:7c:54:c6:b8:37:0c:9f:85:f8:71:
24:97:84:6f:f4:a8:56:47:48:f2:4e:d8:57:6e:d5:cc:b5:3a:
71:79:fe:e6:4a:42:fa:6c:a4:b0:8e:2d:09:97:08:d7:ef:57:
d4:ff:be:27:1a:98:a7:33:64:2f:94:41:9e:e3:76:8c:5f:07:
7e:41:ca:35:a7:fd:56:7d:92:39:98:6c:d1:31:45:a9:1a:a1:
59:94:32:29:eb:59:d4:20:7d:5d:db:44:46:32:ea:12:f1:b6:
6e:aa:2e:6c:e8:f9:c3:b8:af:dc:a7:89:70:29:db:42:cc:84:
2d:9e:46:3a:ae:25:95:5c:49:ac:28:92:30:4f:26:aa:16:66:
36:c5:d2:88:f7:77:c2:ca:d4:3d:70:df:f9:a2:c6:dd:cf:1a:
d3:61:25:e7:2d:7f:aa:ab:dc:6e:bc:8f:a6:d1:0d:99:11:f3:
d5:fc:ec:68:df:f9:69:bc:92:be:6c:dc:fc:fe:c8:08:e2:69:
6c:7d:5c:e1:24:2d:4f:1b:2d:68:c2:00:b7:2e:c5:08:96:c9:
6d:1d:9c:aa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGc4aoKr900Sc4Uid83GiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmYwY2M4NTM1NTRiZGRmOTA5OWFhM2NlZWJkMzUyNDZi
OTI4ZjUwHhcNMjYwNDE3MTEwMDUyWhcNMjYwNDE4MTEwMDUyWjAzMTEwLwYDVQQD
EygyOTkwMzE2OGEzZDE0ZWQxNmE0MDU2MDUwZDhiYjkwMGRmYzcxYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/5HoaVSxYwf2x29SrIvQGd6c4fs
ky682XVNpJkP/P96LNxphY1+xjhCBxf5NCTYAb1b8GRjLN2ExLuSuXwQ7z3ik9iD
MBRlddm0Bw8CgqFZX6j3ZzljCYg2P9lUqypG3X3vSvJkY3vNzaiuHAOhxZey42nm
4L/se5PAR8dF6R6Lzo+aVr6hnbmLTOm3O1RJHvdIhTkryfEUGIMvd6cuaEVlB9x8
TiBxB+tJtrm7IeXmCIrBEA/LOgTGTzxoBMz0fe6brqVJZjmuc8ndu2XbYbjg2NLx
sESBlFbqsyiE037FqVWhqpnMvQSbrEfcqnVSqPGJco9FEPBcmhqhoRPBPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCmQMWij0U7RakBWBQ2LuQDfxxshMB8GA1UdIwQY
MBaAFNn/DMhTVUvd+Qmao87r01JGuSj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAt
Y2FmZTVlN2RiNzU4LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAtY2FmZTVlN2RiNzU4
LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL0KX0VUI
ExTqqPFNd/aVRyUoUJxn7ggFMMyuPiM2PaRY/pCCm2HY7iW5qkZ8VMa4Nwyfhfhx
JJeEb/SoVkdI8k7YV27VzLU6cXn+5kpC+myksI4tCZcI1+9X1P++JxqYpzNkL5RB
nuN2jF8HfkHKNaf9Vn2SOZhs0TFFqRqhWZQyKetZ1CB9XdtERjLqEvG2bqoubOj5
w7iv3KeJcCnbQsyELZ5GOq4llVxJrCiSME8mqhZmNsXSiPd3wsrUPXDf+aLG3c8a
02El5y1/qqvcbryPptENmRHz1fzsaN/5abySvmzc/P7ICOJpbH1c4SQtTxstaMIA
ty7FCJbJbR2cqg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:46:20 2026 by rpki-client