Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
File: 2KzzS-KwTHzO8iIejR_LbKu0FZE.mft (raw, json)
Hash identifier: Hz/CeXL2mLVj+NA5gNszgHaX5F5/3E2oN9b9Za5zjzk=
Subject key identifier: 2C:EC:4E:F6:EA:37:F1:DA:56:C9:C4:23:C1:69:24:68:0D:B4:9B:F3
Authority key identifier: D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
Certificate issuer: /CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Certificate serial: 019CAD901AD8970B847B5CEE28B252544FC3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
Manifest number: 1848
Signing time: Mon 02 Mar 2026 08:00:28 +0000
Manifest this update: Mon 02 Mar 2026 08:00:28 +0000
Manifest next update: Tue 03 Mar 2026 08:00:28 +0000
Files and hashes: 1: 1VZy0G-wHQ_TX2BXwKD4dH12AVw.roa (hash: mifTRRl6FrcrdgjIAd+uxzGUQnWJ54FTfDl9SZZKo7c=)
2: 2KzzS-KwTHzO8iIejR_LbKu0FZE.crl (hash: s1KGvlWNBzv7gAN18la74Fi5TsMoTSlsLJZcjVnynnU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:1a:d8:97:0b:84:7b:5c:ee:28:b2:52:54:4f:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Validity
Not Before: Mar 2 08:00:28 2026 GMT
Not After : Mar 3 08:00:28 2026 GMT
Subject: CN=2cec4ef6ea37f1da56c9c423c16924680db49bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:54:93:ac:74:73:5a:e6:ec:8f:80:f4:71:b1:
76:b6:4f:53:a0:8e:89:84:aa:9f:d2:0f:dc:74:c0:
56:48:dd:9e:79:5d:ed:cd:d3:ac:ed:6b:5a:3f:20:
a4:4a:41:fe:87:c9:e7:8f:7a:2e:76:08:73:ae:97:
e1:c6:8a:49:a6:2d:50:3e:f2:56:d1:37:eb:24:1f:
df:3b:9b:8a:7a:e1:4e:e5:58:2c:19:88:e6:63:73:
66:d8:ad:14:98:0d:bb:40:53:98:f5:4a:b5:b8:ec:
32:eb:d9:3c:49:bd:75:ac:5a:f4:2e:e1:98:ca:73:
02:e2:53:5e:7d:48:48:bf:2e:df:67:d0:1f:8e:74:
ee:93:ec:51:e3:9c:36:34:61:32:e1:44:79:ef:d1:
47:8e:ab:c7:34:52:2e:b5:43:03:41:79:12:72:7e:
7f:93:37:e3:5f:d8:84:8f:95:09:87:12:ca:34:3e:
5d:65:c0:dd:03:e9:ee:62:1c:dc:97:15:0b:78:1a:
00:4a:f7:dc:4c:42:68:ad:09:53:8f:a6:32:cd:30:
72:b2:3d:61:a1:be:a8:94:1f:44:03:bb:07:83:e6:
a5:d7:73:f3:e2:cf:e8:04:69:29:ed:08:d7:aa:8f:
98:ff:9b:ee:c7:50:87:8a:1d:c5:4d:6e:11:d8:72:
d8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EC:4E:F6:EA:37:F1:DA:56:C9:C4:23:C1:69:24:68:0D:B4:9B:F3
X509v3 Authority Key Identifier:
keyid:D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:4a:eb:15:81:4a:c5:88:30:be:6c:40:c4:19:b9:ae:77:18:
01:bf:9e:47:94:a2:ca:fa:63:50:09:1f:a1:89:1b:09:54:e7:
b0:72:78:de:2e:f4:21:ca:e0:4d:ef:aa:39:2f:51:01:10:b5:
24:68:58:f4:11:75:77:ee:2f:e8:a5:aa:ca:e1:7e:22:91:e3:
4f:30:11:33:de:1e:8d:de:e4:7a:bd:e1:88:6e:75:6a:da:0d:
73:ca:af:e4:a7:8e:35:b4:de:00:8f:84:c7:67:db:9b:f7:62:
17:c1:ac:13:e7:34:c5:db:43:c7:d2:8c:7b:cd:8b:81:9d:df:
3e:be:8d:5c:d4:d5:e6:6c:fc:94:66:7d:2e:27:73:da:34:12:
6b:1a:1c:ab:ce:c9:0d:23:55:b9:73:cb:2e:94:76:26:93:0a:
17:ec:38:50:9d:4a:cf:db:35:66:bb:b1:b9:f5:ad:ca:cd:f1:
5d:6a:4a:1d:6c:24:d6:b6:73:7d:7f:62:40:26:a1:28:03:81:
5f:d1:cd:ac:b5:3c:4c:45:37:fc:9f:bb:6e:4b:28:05:5e:30:
a3:3a:2c:b7:0f:8b:a6:8a:d0:20:18:01:bb:f1:40:89:66:e6:
55:af:91:06:3a:90:ff:c9:6c:14:3d:d6:1b:0f:ba:56:20:c4:
8f:26:b7:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkBrYlwuEe1zuKLJSVE/DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YWNmMzRiZTJiMDRjN2NjZWYyMjIxZThkMWZjYjZjYWJi
NDE1OTEwHhcNMjYwMzAyMDgwMDI4WhcNMjYwMzAzMDgwMDI4WjAzMTEwLwYDVQQD
EygyY2VjNGVmNmVhMzdmMWRhNTZjOWM0MjNjMTY5MjQ2ODBkYjQ5YmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA41STrHRzWubsj4D0cbF2tk9ToI6J
hKqf0g/cdMBWSN2eeV3tzdOs7WtaPyCkSkH+h8nnj3oudghzrpfhxopJpi1QPvJW
0TfrJB/fO5uKeuFO5VgsGYjmY3Nm2K0UmA27QFOY9Uq1uOwy69k8Sb11rFr0LuGY
ynMC4lNefUhIvy7fZ9AfjnTuk+xR45w2NGEy4UR579FHjqvHNFIutUMDQXkScn5/
kzfjX9iEj5UJhxLKND5dZcDdA+nuYhzclxULeBoASvfcTEJorQlTj6YyzTBysj1h
ob6olB9EA7sHg+al13Pz4s/oBGkp7QjXqo+Y/5vux1CHih3FTW4R2HLYhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCzsTvbqN/HaVsnEI8FpJGgNtJvzMB8GA1UdIwQY
MBaAFNis80visEx8zvIiHo0fy2yrtBWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjct
NDRkNjRiOWRhNDU5LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjctNDRkNjRiOWRhNDU5
LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0rrFYFK
xYgwvmxAxBm5rncYAb+eR5SiyvpjUAkfoYkbCVTnsHJ43i70IcrgTe+qOS9RARC1
JGhY9BF1d+4v6KWqyuF+IpHjTzARM94ejd7ker3hiG51atoNc8qv5KeONbTeAI+E
x2fbm/diF8GsE+c0xdtDx9KMe82LgZ3fPr6NXNTV5mz8lGZ9Lidz2jQSaxocq87J
DSNVuXPLLpR2JpMKF+w4UJ1Kz9s1ZruxufWtys3xXWpKHWwk1rZzfX9iQCahKAOB
X9HNrLU8TEU3/J+7bksoBV4wozostw+LporQIBgBu/FAiWbmVa+RBjqQ/8lsFD3W
Gw+6ViDEjya3FA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 13:50:10 2026 by rpki-client