Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json)
Hash identifier: sfRHn1ln/rJ3mjMHih82DOQiaupEvDVg1mVYc7ohsNY=
Subject key identifier: 61:AE:A5:6B:F3:AB:AA:E1:D8:58:9F:B8:F3:0A:A0:84:77:90:3C:4E
Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Certificate serial: 019CABD94257B1ADD2C44381BA1E6781C0DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
Manifest number: 0560
Signing time: Mon 02 Mar 2026 00:01:07 +0000
Manifest this update: Mon 02 Mar 2026 00:01:07 +0000
Manifest next update: Tue 03 Mar 2026 00:01:07 +0000
Files and hashes: 1: MmHcaoSID19FRmGF5kFPH25PR2Q.roa (hash: Pv88TmQb3cGeVyGfPSrdF1R8Obs/Bo3T58FvtRvVnRM=)
2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: vlqSbwtybelUm6/dHqFkWcccRjOo8of2dJXqzdDXV30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:42:57:b1:ad:d2:c4:43:81:ba:1e:67:81:c0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Validity
Not Before: Mar 2 00:01:07 2026 GMT
Not After : Mar 3 00:01:07 2026 GMT
Subject: CN=61aea56bf3abaae1d8589fb8f30aa08477903c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:70:93:ba:bd:b1:68:51:87:fb:f3:7b:48:13:
c7:46:44:9d:15:d5:90:58:3d:22:02:57:4b:32:8f:
7e:ef:11:7f:f0:d0:d6:c1:d9:17:d8:7a:d2:de:7f:
85:58:64:bf:0b:ad:5a:5c:2b:1d:44:33:06:8e:7d:
96:98:48:74:f4:33:91:7c:26:a7:6a:e9:53:cd:2b:
69:0f:07:cd:18:06:d5:fd:45:2a:15:43:3c:ec:40:
4b:02:49:d9:7e:37:5b:5e:ec:3d:98:a3:8d:48:48:
62:49:43:7b:50:7b:c5:06:db:d1:d0:c9:bc:1d:52:
66:65:6b:e4:29:cb:29:36:1c:19:07:eb:94:2a:16:
10:6b:fd:4c:0a:93:03:a8:4a:c6:15:b9:01:55:e8:
90:cb:f0:b9:9b:5a:3d:93:72:8a:98:64:4e:14:8f:
4e:23:d5:19:a8:1c:0a:8d:d0:17:5d:a7:dd:0e:6b:
33:79:1e:64:8e:bd:b3:d1:b6:54:f5:ce:e1:56:1d:
f2:9a:de:7b:5e:ab:7c:93:a8:34:c6:6d:67:63:32:
ef:5a:c9:77:24:bc:2c:46:e3:2e:69:2a:26:6f:85:
d9:7c:09:1b:7d:3d:10:9d:4d:12:2d:5e:f7:c8:8d:
dc:a2:0d:ba:c0:35:56:c5:4b:b6:fe:2d:c8:5f:68:
e8:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:AE:A5:6B:F3:AB:AA:E1:D8:58:9F:B8:F3:0A:A0:84:77:90:3C:4E
X509v3 Authority Key Identifier:
keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:00:33:48:09:e2:39:3a:ba:34:42:b3:1e:ed:ff:50:df:d0:
ac:a0:71:2c:bc:88:4d:7c:54:84:41:c6:44:eb:bc:19:d4:35:
c6:32:ad:2b:95:16:ec:e7:83:0f:f2:a9:1b:ef:90:66:f2:ab:
f1:7e:28:59:2a:4a:8a:30:90:83:b0:22:05:20:d6:1f:2f:c6:
da:92:81:2f:60:53:eb:d3:24:20:2f:52:20:e2:75:17:5c:2e:
30:f4:10:34:39:24:df:3f:55:38:69:fb:0e:b2:20:6f:c5:24:
7c:6d:d1:e3:e6:48:fe:fc:8e:5b:14:12:11:15:d7:48:0b:6e:
f3:b3:a8:4c:fa:e0:cb:8e:85:62:f0:bc:83:25:36:92:96:e9:
8e:83:a7:e2:a0:2e:2d:35:9a:bb:89:d9:5e:7c:80:d6:63:ea:
3d:a9:28:b3:d8:fe:cf:59:42:6e:49:ab:06:e5:bd:42:53:50:
cb:2b:1e:47:52:c3:18:29:e0:fc:05:32:a1:16:7b:3b:c7:b3:
01:f4:be:ed:3a:91:06:cf:a1:6a:13:bc:71:1e:13:25:46:c5:
77:0c:27:28:92:c0:27:73:18:fd:f9:09:0c:28:c9:24:49:ea:
f9:96:da:de:73:67:70:80:2d:d6:aa:8f:89:d9:bf:96:d0:e7:
34:10:0a:13
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2UJXsa3SxEOBuh5ngcDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm
NGQ4YzkwHhcNMjYwMzAyMDAwMTA3WhcNMjYwMzAzMDAwMTA3WjAzMTEwLwYDVQQD
Eyg2MWFlYTU2YmYzYWJhYWUxZDg1ODlmYjhmMzBhYTA4NDc3OTAzYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynCTur2xaFGH+/N7SBPHRkSdFdWQ
WD0iAldLMo9+7xF/8NDWwdkX2HrS3n+FWGS/C61aXCsdRDMGjn2WmEh09DORfCan
aulTzStpDwfNGAbV/UUqFUM87EBLAknZfjdbXuw9mKONSEhiSUN7UHvFBtvR0Mm8
HVJmZWvkKcspNhwZB+uUKhYQa/1MCpMDqErGFbkBVeiQy/C5m1o9k3KKmGROFI9O
I9UZqBwKjdAXXafdDmszeR5kjr2z0bZU9c7hVh3ymt57Xqt8k6g0xm1nYzLvWsl3
JLwsRuMuaSomb4XZfAkbfT0QnU0SLV73yI3cog26wDVWxUu2/i3IX2joJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGGupWvzq6rh2FifuPMKoIR3kDxOMB8GA1UdIwQY
MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt
MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk
LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHgAzSAni
OTq6NEKzHu3/UN/QrKBxLLyITXxUhEHGROu8GdQ1xjKtK5UW7OeDD/KpG++QZvKr
8X4oWSpKijCQg7AiBSDWHy/G2pKBL2BT69MkIC9SIOJ1F1wuMPQQNDkk3z9VOGn7
DrIgb8UkfG3R4+ZI/vyOWxQSERXXSAtu87OoTPrgy46FYvC8gyU2kpbpjoOn4qAu
LTWau4nZXnyA1mPqPakos9j+z1lCbkmrBuW9QlNQyyseR1LDGCng/AUyoRZ7O8ez
AfS+7TqRBs+hahO8cR4TJUbFdwwnKJLAJ3MY/fkJDCjJJEnq+Zba3nNncIAt1qqP
idm/ltDnNBAKEw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:33:19 2026 by rpki-client