Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json)
Hash identifier: 3x7Ui1Pqng+rYQ94/SvTQfKFU9EbJh8qGPyUfmV7NxU=
Subject key identifier: 87:F1:08:99:D3:FF:EB:A6:68:5F:29:D9:54:42:FA:5B:11:41:00:DC
Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a
Certificate serial: 019D9A3EB021300B7B22FBB030D289FDC0CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
Manifest number: 17F1
Signing time: Fri 17 Apr 2026 07:01:32 +0000
Manifest this update: Fri 17 Apr 2026 07:01:32 +0000
Manifest next update: Sat 18 Apr 2026 07:01:32 +0000
Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: Fv+X2b/sKj2QdKaavQMIzT+IRmk6iOWSWSa4jPvMoJo=)
2: xhpLteHeEuI9N2i0WjCkJHYwXtM.roa (hash: ZhHw/D8clg9QeWX4KlvzTONGmYlvYOv2tFZIA342W2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:b0:21:30:0b:7b:22:fb:b0:30:d2:89:fd:c0:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a
Validity
Not Before: Apr 17 07:01:32 2026 GMT
Not After : Apr 18 07:01:32 2026 GMT
Subject: CN=87f10899d3ffeba6685f29d95442fa5b114100dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2d:73:f2:a2:71:d6:8a:c3:b7:5d:ad:25:38:
f4:ea:19:d5:b4:5d:48:51:25:da:f5:1d:88:f3:8a:
21:da:66:59:2d:40:e6:c7:91:af:1d:92:12:d2:1b:
68:6b:47:b2:76:38:30:08:9d:42:6b:09:0c:c8:22:
3e:69:2a:84:5f:c8:47:fd:3d:46:36:b4:e3:b3:27:
f8:f3:37:5f:8b:b9:1b:1c:cf:e2:a6:3b:56:f6:48:
31:1d:8a:3b:0d:29:e5:bf:49:4e:a6:e6:0b:b0:94:
98:92:91:7a:b3:7f:1d:7b:cd:df:cf:65:95:cc:77:
ff:2f:86:68:45:4c:4e:af:0c:42:70:62:50:eb:ca:
ff:a5:41:ac:e3:57:b2:23:20:61:f8:6e:35:d6:26:
8c:e4:57:1b:a2:08:7a:8a:83:3f:8f:df:07:5e:f3:
06:05:04:54:fe:c1:76:2f:bd:fc:be:f2:62:2d:c7:
9a:19:64:ac:5f:66:d3:11:41:00:8d:f3:b4:c7:9d:
44:fc:2c:15:a9:cc:b2:f3:69:53:9e:70:38:54:7f:
86:56:dc:6c:9b:4d:50:57:8c:04:53:f6:70:1f:f6:
08:88:14:c5:a5:75:f5:76:c6:48:cf:ad:aa:d6:0a:
4d:d2:29:1e:70:a9:5e:00:e0:53:f1:2e:b6:3e:2f:
c1:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:F1:08:99:D3:FF:EB:A6:68:5F:29:D9:54:42:FA:5B:11:41:00:DC
X509v3 Authority Key Identifier:
keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:e3:7f:07:0c:0b:3a:01:f7:29:84:06:17:98:7f:65:3e:26:
12:db:70:fd:6b:f9:08:cb:fe:50:34:af:6c:44:ef:f2:93:a9:
7b:8a:77:f3:ce:9e:b6:b3:b3:e0:92:ff:7d:b4:e2:d6:78:95:
32:35:60:e9:2a:93:9f:63:c8:f4:bd:02:e9:fe:03:25:7d:32:
2d:c7:5d:bc:88:0a:82:72:27:4b:95:8c:67:4d:ab:d2:90:5a:
b8:ee:33:7f:39:ce:c3:b9:03:b5:af:29:fc:eb:16:9d:6d:bc:
4f:b7:8d:5b:4b:e6:f7:6c:44:0c:08:fa:aa:99:0c:58:a6:6e:
1e:27:21:2e:fe:10:eb:22:4d:02:93:89:54:f8:b6:42:b6:c9:
19:e9:05:5b:dc:d4:8c:ef:75:ec:0a:4f:ee:14:ae:b8:c9:e3:
d6:09:bc:58:04:7f:a8:cd:9f:81:94:5c:73:13:bd:57:08:44:
6e:64:7b:72:98:70:92:c0:26:f8:99:b7:c4:1e:60:8d:af:38:
df:26:28:f7:dd:5b:be:57:a9:9c:a9:c2:25:31:40:de:00:a2:
3c:4c:e9:88:dc:a1:25:9f:aa:84:f0:0a:a2:fd:57:06:40:44:
14:7e:54:c5:f0:22:54:92:f9:01:02:38:9d:c0:85:11:9c:b4:
14:f4:24:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPrAhMAt7IvuwMNKJ/cDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk
OTEzM2EwHhcNMjYwNDE3MDcwMTMyWhcNMjYwNDE4MDcwMTMyWjAzMTEwLwYDVQQD
Eyg4N2YxMDg5OWQzZmZlYmE2Njg1ZjI5ZDk1NDQyZmE1YjExNDEwMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly1z8qJx1orDt12tJTj06hnVtF1I
USXa9R2I84oh2mZZLUDmx5GvHZIS0htoa0eydjgwCJ1CawkMyCI+aSqEX8hH/T1G
NrTjsyf48zdfi7kbHM/ipjtW9kgxHYo7DSnlv0lOpuYLsJSYkpF6s38de83fz2WV
zHf/L4ZoRUxOrwxCcGJQ68r/pUGs41eyIyBh+G411iaM5Fcbogh6ioM/j98HXvMG
BQRU/sF2L738vvJiLceaGWSsX2bTEUEAjfO0x51E/CwVqcyy82lTnnA4VH+GVtxs
m01QV4wEU/ZwH/YIiBTFpXX1dsZIz62q1gpN0ikecKleAOBT8S62Pi/BHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIfxCJnT/+umaF8p2VRC+lsRQQDcMB8GA1UdIwQY
MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt
NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx
LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAauN/BwwL
OgH3KYQGF5h/ZT4mEttw/Wv5CMv+UDSvbETv8pOpe4p3886etrOz4JL/fbTi1niV
MjVg6SqTn2PI9L0C6f4DJX0yLcddvIgKgnInS5WMZ02r0pBauO4zfznOw7kDta8p
/OsWnW28T7eNW0vm92xEDAj6qpkMWKZuHichLv4Q6yJNApOJVPi2QrbJGekFW9zU
jO917ApP7hSuuMnj1gm8WAR/qM2fgZRccxO9VwhEbmR7cphwksAm+Jm3xB5gja84
3yYo991bvlepnKnCJTFA3gCiPEzpiNyhJZ+qhPAKov1XBkBEFH5UxfAiVJL5AQI4
ncCFEZy0FPQkew==
-----END CERTIFICATE-----
Generated at Fri Apr 17 09:50:58 2026 by rpki-client