Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
File: 2f8MyFNVS935CZqjzuvTUka5KPU.mft (raw, json)
Hash identifier: KmtdcHs2QY/e/kISQ85n5o6qLQGPtf0Jner8/DMeYXU=
Subject key identifier: 46:E2:87:1F:EB:EF:35:D0:16:81:FB:B9:63:14:45:05:52:22:C6:FA
Authority key identifier: D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
Certificate issuer: /CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Certificate serial: 019CAD905C5AF3AAF0B5E44259D26322DB29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
Manifest number: 8A
Signing time: Mon 02 Mar 2026 08:00:45 +0000
Manifest this update: Mon 02 Mar 2026 08:00:45 +0000
Manifest next update: Tue 03 Mar 2026 08:00:45 +0000
Files and hashes: 1: 1-OkpooCR750DOU3KO4Q0Au9Ls5A.roa (hash: Dj+AT1jX9rfVhJFGXz9XaLtPSZgqG/nTfTCrODe4StE=)
2: 2f8MyFNVS935CZqjzuvTUka5KPU.crl (hash: 5z+/6m0qI/Hcd/Jbo4SVKZ0/+kMiawVeFZ0TFNPX+pc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:5c:5a:f3:aa:f0:b5:e4:42:59:d2:63:22:db:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff0cc853554bddf9099aa3ceebd35246b928f5
Validity
Not Before: Mar 2 08:00:45 2026 GMT
Not After : Mar 3 08:00:45 2026 GMT
Subject: CN=46e2871febef35d01681fbb9631445055222c6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ef:4d:ce:9b:54:84:9c:3a:7a:3e:07:38:fb:
df:7e:a9:a5:74:b2:5d:a9:77:16:e1:ab:36:cf:5a:
3b:96:e2:b3:88:5f:6f:ad:0e:d2:dd:15:80:db:ee:
2f:44:cf:6f:e2:13:cf:34:e8:a7:a6:ad:e9:71:f4:
da:d6:41:0c:48:fb:a4:1c:48:9e:93:cf:c0:f4:f0:
e1:d0:8c:84:3a:87:27:ca:66:3c:b6:8a:d9:a7:2b:
c4:cc:92:75:0e:62:0b:40:70:6f:aa:c6:c1:09:71:
3c:95:b2:12:84:ea:e7:75:0f:b7:07:14:74:27:84:
d2:e8:9b:73:25:33:f8:65:89:8b:91:a1:7c:b8:b9:
c5:0c:26:2c:fe:bf:43:6a:7a:74:7d:e6:92:96:a7:
4f:a2:c1:cb:b2:a6:07:a6:c4:cd:fd:ee:e3:83:eb:
f7:cf:b6:17:a1:3c:f0:3d:4b:3a:88:f5:00:c1:0e:
de:e1:b1:d5:21:aa:6a:6c:97:44:ec:55:09:57:75:
69:61:8a:e4:4d:09:5c:4c:5b:8a:55:bb:19:ab:0c:
cc:53:db:6c:27:57:fe:bb:cf:6b:13:99:30:07:eb:
31:fc:b0:08:2a:00:39:f2:d1:d3:2b:ff:40:da:e7:
2b:6e:90:c0:fb:e2:9e:6a:22:70:43:a0:03:b1:9e:
7e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:E2:87:1F:EB:EF:35:D0:16:81:FB:B9:63:14:45:05:52:22:C6:FA
X509v3 Authority Key Identifier:
keyid:D9:FF:0C:C8:53:55:4B:DD:F9:09:9A:A3:CE:EB:D3:52:46:B9:28:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f8MyFNVS935CZqjzuvTUka5KPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/aaa05d-e7b1-4e39-8470-cafe5e7db758/1/2f8MyFNVS935CZqjzuvTUka5KPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:7e:fc:3c:90:8e:39:ed:54:89:54:d4:d2:2d:58:0b:ed:24:
f8:8b:18:db:4d:98:c5:ce:17:05:a9:33:0b:7c:cb:92:be:d3:
e8:74:1e:05:4d:9c:d9:05:97:41:20:da:74:19:a0:16:21:fa:
0a:ad:89:a6:da:69:78:b2:98:49:32:37:dd:3b:3b:8f:a0:d1:
ec:97:34:c5:75:cc:6d:03:8b:d4:6a:a5:d2:ea:c8:5d:74:7e:
13:b7:ea:d9:c3:b7:1f:43:1c:bb:ca:92:a9:ff:76:db:67:bd:
b5:4d:28:e8:07:f0:6a:b2:6e:96:3c:95:57:1f:a8:7d:66:9a:
f4:2f:84:d7:7e:d4:ec:1f:9d:0b:5f:bc:b8:1e:c8:54:96:80:
58:16:7f:07:d3:1f:f5:67:65:74:8d:50:01:a0:cc:10:36:bb:
8d:ed:23:b4:6d:a9:d5:fb:d1:b1:b7:bc:eb:1c:b7:bc:1d:80:
f5:78:75:a2:10:72:f6:9a:ba:b8:aa:08:d9:91:1b:3c:22:c9:
21:a0:a1:33:0d:79:76:4d:0e:68:db:04:50:26:db:86:15:8f:
10:61:a9:cf:38:7a:0e:31:35:7e:cb:e8:3c:a9:f8:17:15:57:
b9:5d:dd:45:c5:28:c0:ac:c6:17:6b:43:72:d9:4e:03:82:22:
01:16:bb:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkFxa86rwteRCWdJjItspMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmYwY2M4NTM1NTRiZGRmOTA5OWFhM2NlZWJkMzUyNDZi
OTI4ZjUwHhcNMjYwMzAyMDgwMDQ1WhcNMjYwMzAzMDgwMDQ1WjAzMTEwLwYDVQQD
Eyg0NmUyODcxZmViZWYzNWQwMTY4MWZiYjk2MzE0NDUwNTUyMjJjNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0u9NzptUhJw6ej4HOPvffqmldLJd
qXcW4as2z1o7luKziF9vrQ7S3RWA2+4vRM9v4hPPNOinpq3pcfTa1kEMSPukHEie
k8/A9PDh0IyEOocnymY8torZpyvEzJJ1DmILQHBvqsbBCXE8lbIShOrndQ+3BxR0
J4TS6JtzJTP4ZYmLkaF8uLnFDCYs/r9Danp0feaSlqdPosHLsqYHpsTN/e7jg+v3
z7YXoTzwPUs6iPUAwQ7e4bHVIapqbJdE7FUJV3VpYYrkTQlcTFuKVbsZqwzMU9ts
J1f+u89rE5kwB+sx/LAIKgA58tHTK/9A2ucrbpDA++KeaiJwQ6ADsZ5+awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEbihx/r7zXQFoH7uWMURQVSIsb6MB8GA1UdIwQY
MBaAFNn/DMhTVUvd+Qmao87r01JGuSj1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAt
Y2FmZTVlN2RiNzU4LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9hYWEwNWQtZTdiMS00ZTM5LTg0NzAtY2FmZTVlN2RiNzU4
LzEvMmY4TXlGTlZTOTM1Q1pxanp1dlRVa2E1S1BVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALH78PJCO
Oe1UiVTU0i1YC+0k+IsY202Yxc4XBakzC3zLkr7T6HQeBU2c2QWXQSDadBmgFiH6
Cq2JptppeLKYSTI33Ts7j6DR7Jc0xXXMbQOL1Gql0urIXXR+E7fq2cO3H0Mcu8qS
qf9222e9tU0o6AfwarJuljyVVx+ofWaa9C+E137U7B+dC1+8uB7IVJaAWBZ/B9Mf
9WdldI1QAaDMEDa7je0jtG2p1fvRsbe86xy3vB2A9Xh1ohBy9pq6uKoI2ZEbPCLJ
IaChMw15dk0OaNsEUCbbhhWPEGGpzzh6DjE1fsvoPKn4FxVXuV3dRcUowKzGF2tD
ctlOA4IiARa7nQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:10:46 2026 by rpki-client