Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
File: 2TwNCKbGLnc4LoBBfocgmABMpOw.mft (raw, json)
Hash identifier: GTmoINpMIwM+sF/SGSkFNL8UOv9lI0+1bLrQtocg8PY=
Subject key identifier: 42:25:10:51:B3:D9:27:DE:E9:11:E5:A6:C2:86:B9:11:B6:F6:10:E9
Authority key identifier: D9:3C:0D:08:A6:C6:2E:77:38:2E:80:41:7E:87:20:98:00:4C:A4:EC
Certificate issuer: /CN=d93c0d08a6c62e77382e80417e872098004ca4ec
Certificate serial: 019CAF7E90BADC93EAE8E8E464D40F421955
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
Manifest number: 32
Signing time: Mon 02 Mar 2026 17:00:33 +0000
Manifest this update: Mon 02 Mar 2026 17:00:33 +0000
Manifest next update: Tue 03 Mar 2026 17:00:33 +0000
Files and hashes: 1: 2TwNCKbGLnc4LoBBfocgmABMpOw.crl (hash: bXDmbmUyjycM+cnT2Tqps1L4v6NRtWwid3Vns8wnqoU=)
2: p1uSbL-UUVgMZUo_Jd2UtMfEjhg.roa (hash: 7ew9SV6essXaEgFcCj2o+LahCeQ3dZ5MSY5zyuMRzxM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 17:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:7e:90:ba:dc:93:ea:e8:e8:e4:64:d4:0f:42:19:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93c0d08a6c62e77382e80417e872098004ca4ec
Validity
Not Before: Mar 2 17:00:33 2026 GMT
Not After : Mar 3 17:00:33 2026 GMT
Subject: CN=42251051b3d927dee911e5a6c286b911b6f610e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:9a:53:d7:10:12:01:2a:11:fa:6c:0d:aa:
78:04:88:93:1d:64:10:eb:f6:c7:6f:ea:43:2e:70:
5c:76:0d:2e:67:a9:01:59:f2:45:e8:9f:2c:e5:f5:
42:86:6f:67:0b:ff:00:67:ae:6c:3c:67:52:cf:98:
ee:c0:a9:82:ea:99:7f:ae:c4:b2:b6:2c:46:5d:4a:
de:1c:d0:8f:db:3f:d6:73:ca:0a:14:1a:53:53:74:
e2:ef:34:00:f3:8e:e9:67:8d:54:b1:95:cf:56:b4:
9c:ea:38:e8:e8:a4:56:20:ec:c1:99:92:60:c3:b3:
0b:64:49:cb:a9:18:e6:fb:4a:1a:c4:b7:57:ff:b3:
e0:a6:d9:93:be:9e:a7:4d:a9:a5:e8:1d:ce:01:7c:
8c:6f:e2:76:57:1c:06:84:f7:d4:9a:b4:8f:fb:85:
7f:54:31:09:f6:67:fb:f8:28:93:d8:75:f9:d9:7e:
66:51:8b:8e:cb:a5:6a:19:94:3a:53:72:3d:28:a3:
05:dc:c9:08:82:4e:e7:fe:55:e8:9b:8d:64:bb:6e:
88:06:a9:83:f5:65:4a:99:2b:fd:02:28:09:c1:4b:
98:ca:1c:bd:92:98:7e:d7:0b:44:13:3d:7d:55:78:
05:7a:02:c6:c8:1a:ae:07:74:51:83:da:d1:0a:fe:
ed:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:25:10:51:B3:D9:27:DE:E9:11:E5:A6:C2:86:B9:11:B6:F6:10:E9
X509v3 Authority Key Identifier:
keyid:D9:3C:0D:08:A6:C6:2E:77:38:2E:80:41:7E:87:20:98:00:4C:A4:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2TwNCKbGLnc4LoBBfocgmABMpOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/e798b1-4b2d-4c1e-ba37-9e92625cda97/1/2TwNCKbGLnc4LoBBfocgmABMpOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:d5:7e:fc:e8:d0:7e:81:28:3c:50:36:14:16:04:60:82:ec:
ae:31:b2:d6:b9:c1:1d:15:4f:e1:7e:b5:28:67:55:ce:0a:21:
90:74:35:a2:c5:83:fd:aa:65:2b:cc:49:11:36:a1:ba:6d:5e:
24:eb:73:8d:98:b0:42:ff:a6:6d:b7:d4:ba:9d:1b:90:f3:30:
4f:87:eb:0b:7a:0f:87:64:d4:59:13:57:82:84:52:26:2a:1a:
05:a9:11:d8:82:de:f9:e7:31:d3:43:28:fe:d1:f6:b0:71:55:
2a:5f:ca:77:2a:82:1c:fa:5f:0b:f0:e0:27:c2:12:08:60:62:
2b:5b:76:a0:86:6f:71:ed:24:1f:8d:28:eb:e8:ad:33:e7:3a:
db:bb:a2:03:e9:f4:59:f7:4e:1f:3f:1a:78:d8:b9:f0:19:bc:
d2:cf:3a:ed:2f:9d:b3:82:a7:44:46:e4:48:03:14:65:c0:7f:
51:99:39:8f:20:c4:03:15:4a:58:40:87:9d:df:e4:32:da:b7:
3b:39:b8:57:3d:c1:7f:ba:20:b7:9c:79:3c:de:12:18:21:4b:
ad:7e:75:62:9a:24:07:39:f9:aa:6d:50:f9:1c:cf:f7:6b:d7:
be:9a:14:36:50:53:e5:46:e5:0d:f6:b7:c2:67:5b:b8:75:fe:
da:94:ca:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyvfpC63JPq6OjkZNQPQhlVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2MwZDA4YTZjNjJlNzczODJlODA0MTdlODcyMDk4MDA0
Y2E0ZWMwHhcNMjYwMzAyMTcwMDMzWhcNMjYwMzAzMTcwMDMzWjAzMTEwLwYDVQQD
Eyg0MjI1MTA1MWIzZDkyN2RlZTkxMWU1YTZjMjg2YjkxMWI2ZjYxMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5maU9cQEgEqEfpsDap4BIiTHWQQ
6/bHb+pDLnBcdg0uZ6kBWfJF6J8s5fVChm9nC/8AZ65sPGdSz5juwKmC6pl/rsSy
tixGXUreHNCP2z/Wc8oKFBpTU3Ti7zQA847pZ41UsZXPVrSc6jjo6KRWIOzBmZJg
w7MLZEnLqRjm+0oaxLdX/7PgptmTvp6nTaml6B3OAXyMb+J2VxwGhPfUmrSP+4V/
VDEJ9mf7+CiT2HX52X5mUYuOy6VqGZQ6U3I9KKMF3MkIgk7n/lXom41ku26IBqmD
9WVKmSv9AigJwUuYyhy9kph+1wtEEz19VXgFegLGyBquB3RRg9rRCv7tNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIlEFGz2Sfe6RHlpsKGuRG29hDpMB8GA1UdIwQY
MBaAFNk8DQimxi53OC6AQX6HIJgATKTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lNzk4YjEtNGIyZC00YzFlLWJhMzct
OWU5MjYyNWNkYTk3LzEvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lNzk4YjEtNGIyZC00YzFlLWJhMzctOWU5MjYyNWNkYTk3
LzEvMlR3TkNLYkdMbmM0TG9CQmZvY2dtQUJNcE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ9V+/OjQ
foEoPFA2FBYEYILsrjGy1rnBHRVP4X61KGdVzgohkHQ1osWD/aplK8xJETahum1e
JOtzjZiwQv+mbbfUup0bkPMwT4frC3oPh2TUWRNXgoRSJioaBakR2ILe+ecx00Mo
/tH2sHFVKl/KdyqCHPpfC/DgJ8ISCGBiK1t2oIZvce0kH40o6+itM+c627uiA+n0
WfdOHz8aeNi58Bm80s867S+ds4KnREbkSAMUZcB/UZk5jyDEAxVKWECHnd/kMtq3
Ozm4Vz3Bf7ogt5x5PN4SGCFLrX51YpokBzn5qm1Q+RzP92vXvpoUNlBT5UblDfa3
wmdbuHX+2pTKEg==
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:56:01 2026 by rpki-client