Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
File: 2VSrlORZUZTSw5sdP-aokfHrkrw.mft (raw, json)
Hash identifier: CUfnWzsONqtf0qRXNp3HtvHxyVhwVQEBF9hc8rFSk+4=
Subject key identifier: 69:AE:2C:BF:52:BB:36:35:0C:22:89:50:04:0B:75:D2:23:61:B5:08
Authority key identifier: D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
Certificate issuer: /CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Certificate serial: 019CAA58B214401B93C5B955277A38DB134B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
Manifest number: 09A5
Signing time: Sun 01 Mar 2026 17:01:05 +0000
Manifest this update: Sun 01 Mar 2026 17:01:05 +0000
Manifest next update: Mon 02 Mar 2026 17:01:05 +0000
Files and hashes: 1: 2VSrlORZUZTSw5sdP-aokfHrkrw.crl (hash: GaMIT56gJ9xpslBf3+7/0QBNk/5MJVMeAezHNrMWyWE=)
2: qgMkoT1JMEGlzQ-9amlEk3JLWC4.roa (hash: y8/qKOIU/VnL+2E1k4DTDJCvpW8Lts5guxMB4ltkk0o=)
3: r3-oGCZiu-f0pzfjoZyY5hfWHE0.roa (hash: axK8NfXG0oP4PqyHKrnwHUrltZg/uDJF8UJbff87uoU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:b2:14:40:1b:93:c5:b9:55:27:7a:38:db:13:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Validity
Not Before: Mar 1 17:01:05 2026 GMT
Not After : Mar 2 17:01:05 2026 GMT
Subject: CN=69ae2cbf52bb36350c228950040b75d22361b508
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f0:33:ba:07:54:1a:8d:96:0e:8c:7f:4a:2c:
c1:84:e6:d1:1b:be:33:10:87:9b:31:c3:15:c3:2d:
47:38:3b:fe:34:31:8e:cb:ff:ac:86:6a:66:97:7d:
8f:d2:e3:cf:9a:39:99:b6:3f:06:ec:8c:47:f7:ca:
03:c4:ff:4b:e3:1f:5b:e5:8e:ec:ec:5a:43:5e:a4:
48:41:44:69:b2:b7:75:3b:57:4e:8e:02:bf:85:a8:
8e:04:2b:3c:25:65:18:63:22:01:35:c3:52:0b:e9:
e9:c0:38:54:59:70:d9:7f:1a:d4:ee:52:5f:89:66:
55:bc:85:d5:c5:f6:d9:b8:09:e5:af:31:f7:90:36:
e4:33:3b:f9:c0:07:0a:72:0c:d8:ba:bd:1d:75:48:
10:9f:03:e1:46:db:97:c5:ae:b2:98:d4:82:f5:73:
4d:e3:0b:d7:93:47:d6:26:d3:53:53:b3:d9:7e:ab:
4c:15:41:89:8b:70:7d:48:9a:31:50:31:57:86:1d:
7c:b1:45:d9:c0:16:42:53:b1:fd:38:9e:d0:4d:c4:
fd:16:59:14:c1:19:dc:01:56:94:97:31:cf:c7:22:
2c:f5:55:e6:f2:47:b2:e2:20:10:49:b0:99:af:2a:
d3:c7:f4:82:2c:ad:0a:23:7d:fe:8c:42:6d:99:48:
f0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:AE:2C:BF:52:BB:36:35:0C:22:89:50:04:0B:75:D2:23:61:B5:08
X509v3 Authority Key Identifier:
keyid:D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:f2:46:0b:0f:fa:e7:ca:bd:6b:9c:c5:8b:dd:60:8b:ed:65:
36:5c:c1:f7:ce:47:f6:23:1d:4c:6b:c6:a2:52:92:3c:91:71:
89:17:b0:8f:79:6d:73:6f:ea:2b:5c:2b:1f:96:0a:77:c7:3f:
66:1c:fe:85:3b:09:80:76:f7:09:3d:3b:b3:66:e9:46:6b:01:
e4:b3:93:97:7f:85:c4:c9:9a:ee:10:e0:16:a9:d3:40:e1:63:
82:94:19:90:8d:be:24:8a:0a:21:f5:c9:f2:c2:df:ca:31:60:
1d:49:29:b8:eb:2a:1d:d0:7e:35:48:4e:de:9e:97:a7:45:cb:
ea:af:80:cb:04:b2:72:a9:59:c5:f7:21:f1:1a:06:15:21:de:
d1:16:b4:91:ec:33:a1:ec:e5:db:e0:b9:99:7d:4c:92:ef:53:
c9:75:16:d0:11:c2:9a:95:6c:c1:5e:32:ca:3e:1e:ad:d1:2a:
6a:7f:23:14:26:9f:b2:22:16:af:6b:e2:aa:97:b0:1a:86:26:
78:79:b6:9a:c2:01:1b:6f:98:69:00:76:e5:82:b2:0e:e7:b2:
13:4a:1a:14:3e:b3:4e:10:1d:4a:63:1a:2b:3e:a1:1a:0b:a8:
fe:3d:59:13:5f:7c:59:90:e3:a1:7f:db:b4:18:58:65:6f:6d:
9c:48:7c:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWLIUQBuTxblVJ3o42xNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NTRhYjk0ZTQ1OTUxOTRkMmMzOWIxZDNmZTZhODkxZjFl
YjkyYmMwHhcNMjYwMzAxMTcwMTA1WhcNMjYwMzAyMTcwMTA1WjAzMTEwLwYDVQQD
Eyg2OWFlMmNiZjUyYmIzNjM1MGMyMjg5NTAwNDBiNzVkMjIzNjFiNTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPAzugdUGo2WDox/SizBhObRG74z
EIebMcMVwy1HODv+NDGOy/+shmpml32P0uPPmjmZtj8G7IxH98oDxP9L4x9b5Y7s
7FpDXqRIQURpsrd1O1dOjgK/haiOBCs8JWUYYyIBNcNSC+npwDhUWXDZfxrU7lJf
iWZVvIXVxfbZuAnlrzH3kDbkMzv5wAcKcgzYur0ddUgQnwPhRtuXxa6ymNSC9XNN
4wvXk0fWJtNTU7PZfqtMFUGJi3B9SJoxUDFXhh18sUXZwBZCU7H9OJ7QTcT9FlkU
wRncAVaUlzHPxyIs9VXm8key4iAQSbCZryrTx/SCLK0KI33+jEJtmUjwnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmuLL9SuzY1DCKJUAQLddIjYbUIMB8GA1UdIwQY
MBaAFNlUq5TkWVGU0sObHT/mqJHx65K8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjkt
MzM1MWM1NzdiNDMyLzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjktMzM1MWM1NzdiNDMy
LzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnfJGCw/6
58q9a5zFi91gi+1lNlzB985H9iMdTGvGolKSPJFxiRewj3ltc2/qK1wrH5YKd8c/
Zhz+hTsJgHb3CT07s2bpRmsB5LOTl3+FxMma7hDgFqnTQOFjgpQZkI2+JIoKIfXJ
8sLfyjFgHUkpuOsqHdB+NUhO3p6Xp0XL6q+AywSycqlZxfch8RoGFSHe0Ra0kewz
oezl2+C5mX1Mku9TyXUW0BHCmpVswV4yyj4erdEqan8jFCafsiIWr2viqpewGoYm
eHm2msIBG2+YaQB25YKyDueyE0oaFD6zThAdSmMaKz6hGguo/j1ZE198WZDjoX/b
tBhYZW9tnEh8FA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:45:54 2026 by rpki-client