Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
File: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft (raw, json)
Hash identifier: A6v5j+jP8NjOdCaIYNE47PuCrTydfb7EeiT6p3mY9xc=
Subject key identifier: 68:FD:86:94:C6:71:CF:D5:5A:7A:60:F5:97:1D:0E:7A:A0:A5:42:B6
Authority key identifier: D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
Certificate issuer: /CN=d97a77930122879a766470df8d660c98442a9932
Certificate serial: 019DA4C1B226D82D370E8D875C15E100F914
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
Manifest number: 03A0
Signing time: Sun 19 Apr 2026 08:00:50 +0000
Manifest this update: Sun 19 Apr 2026 08:00:50 +0000
Manifest next update: Mon 20 Apr 2026 08:00:50 +0000
Files and hashes: 1: 2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl (hash: +GWWLKX5vSwR/TY1qVEwJ2GMksowoPKLIllE0kq7+Yw=)
2: g5qpXHQ9YaIQcSP18I2z298mHVU.roa (hash: OPcErLNEwIQeoOOXzCBshI4BboTsjuLPiVED3RVYlVs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:c1:b2:26:d8:2d:37:0e:8d:87:5c:15:e1:00:f9:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d97a77930122879a766470df8d660c98442a9932
Validity
Not Before: Apr 19 08:00:50 2026 GMT
Not After : Apr 20 08:00:50 2026 GMT
Subject: CN=68fd8694c671cfd55a7a60f5971d0e7aa0a542b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:32:9a:1c:6a:7b:cb:89:1f:da:e3:f3:60:c9:
3f:47:40:96:59:8f:ae:ef:0f:ce:9e:e1:b8:15:6b:
f9:6e:27:07:aa:76:68:89:d2:c5:a4:87:9a:89:3c:
53:da:7f:e1:e6:a6:1d:f9:56:72:87:54:f0:50:72:
9e:5a:f4:da:36:24:29:a2:35:a2:f5:21:1d:e5:b7:
50:67:5a:02:2c:31:bc:65:7c:e2:9b:66:60:c6:4e:
8e:14:84:47:1c:66:90:b2:46:22:9b:ef:d7:9b:62:
cd:d3:2b:89:71:21:64:99:3e:ef:a3:0f:66:59:1e:
27:4d:3a:42:5b:48:c2:1f:94:f3:c0:0c:00:57:9f:
b1:ba:b0:7a:8c:6d:76:74:59:7d:f9:b2:e4:96:c7:
fd:fb:d7:ae:0c:67:f3:1c:b4:24:1e:38:68:0d:18:
02:af:3f:b6:41:84:87:ad:32:84:ca:3b:14:4a:4e:
2f:a6:89:ac:c6:dc:89:19:b1:fe:c0:ee:f8:ae:f1:
01:42:2d:7b:5a:23:9b:4a:13:ba:47:9a:a1:24:93:
e8:53:20:aa:a9:dc:9b:24:2e:5d:1f:df:49:92:79:
37:d7:bb:cf:6c:0a:5b:f0:0d:45:df:5b:aa:75:b3:
0e:17:7d:20:7b:d7:5a:35:e1:75:56:de:cf:f0:10:
d2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FD:86:94:C6:71:CF:D5:5A:7A:60:F5:97:1D:0E:7A:A0:A5:42:B6
X509v3 Authority Key Identifier:
keyid:D9:7A:77:93:01:22:87:9A:76:64:70:DF:8D:66:0C:98:44:2A:99:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/2a4922-434b-47b1-b304-cd459a65721b/1/2Xp3kwEih5p2ZHDfjWYMmEQqmTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:a1:34:ab:05:27:1d:f5:04:22:11:8a:04:69:3e:51:14:92:
3e:03:6c:18:81:7f:ca:63:99:6b:fb:f8:a4:16:95:57:6b:d4:
eb:c2:06:c6:ef:30:9f:5c:55:91:50:93:21:d1:1e:ab:6a:7e:
b4:fc:40:37:b3:da:f6:aa:0a:1f:47:96:d5:db:40:1f:be:0f:
cd:26:a1:ed:32:01:c9:90:a0:78:be:a8:eb:84:97:e1:9b:65:
0a:23:37:1a:f4:0f:3a:44:4b:dc:43:0b:d6:95:45:30:c5:c5:
76:17:43:aa:32:a9:30:d7:f1:d8:dc:cc:a6:95:0d:f1:d8:96:
a6:52:ee:82:a2:5a:42:d6:90:25:a5:81:a7:3b:57:63:c0:77:
9f:e8:3b:72:0e:b6:60:46:94:70:11:f0:87:be:ce:1e:72:58:
73:e3:43:d7:a2:98:c6:24:75:c4:4c:fe:5a:1f:1a:b8:af:7f:
d9:9a:bc:6c:2a:f1:51:91:98:44:ed:c2:df:66:f0:16:ad:b3:
ff:cc:66:5b:e6:85:02:b1:1c:10:0f:25:90:15:c5:11:e3:7b:
92:11:26:dd:c6:4a:d8:3d:65:fa:45:63:02:5c:cb:52:25:3d:
35:06:25:57:59:7f:93:e3:6a:a2:13:b3:66:65:3b:14:e8:0f:
bb:ea:83:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kwbIm2C03Do2HXBXhAPkUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5N2E3NzkzMDEyMjg3OWE3NjY0NzBkZjhkNjYwYzk4NDQy
YTk5MzIwHhcNMjYwNDE5MDgwMDUwWhcNMjYwNDIwMDgwMDUwWjAzMTEwLwYDVQQD
Eyg2OGZkODY5NGM2NzFjZmQ1NWE3YTYwZjU5NzFkMGU3YWEwYTU0MmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jKaHGp7y4kf2uPzYMk/R0CWWY+u
7w/OnuG4FWv5bicHqnZoidLFpIeaiTxT2n/h5qYd+VZyh1TwUHKeWvTaNiQpojWi
9SEd5bdQZ1oCLDG8ZXzim2Zgxk6OFIRHHGaQskYim+/Xm2LN0yuJcSFkmT7vow9m
WR4nTTpCW0jCH5TzwAwAV5+xurB6jG12dFl9+bLklsf9+9euDGfzHLQkHjhoDRgC
rz+2QYSHrTKEyjsUSk4vpomsxtyJGbH+wO74rvEBQi17WiObShO6R5qhJJPoUyCq
qdybJC5dH99Jknk317vPbApb8A1F31uqdbMOF30ge9daNeF1Vt7P8BDS0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGj9hpTGcc/VWnpg9ZcdDnqgpUK2MB8GA1UdIwQY
MBaAFNl6d5MBIoeadmRw341mDJhEKpkyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQt
Y2Q0NTlhNjU3MjFiLzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8yYTQ5MjItNDM0Yi00N2IxLWIzMDQtY2Q0NTlhNjU3MjFi
LzEvMlhwM2t3RWloNXAyWkhEZmpXWU1tRVFxbVRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKE0qwUn
HfUEIhGKBGk+URSSPgNsGIF/ymOZa/v4pBaVV2vU68IGxu8wn1xVkVCTIdEeq2p+
tPxAN7Pa9qoKH0eW1dtAH74PzSah7TIByZCgeL6o64SX4ZtlCiM3GvQPOkRL3EML
1pVFMMXFdhdDqjKpMNfx2NzMppUN8diWplLugqJaQtaQJaWBpztXY8B3n+g7cg62
YEaUcBHwh77OHnJYc+ND16KYxiR1xEz+Wh8auK9/2Zq8bCrxUZGYRO3C32bwFq2z
/8xmW+aFArEcEA8lkBXFEeN7khEm3cZK2D1l+kVjAlzLUiU9NQYlV1l/k+NqohOz
ZmU7FOgPu+qD6Q==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:22:22 2026 by rpki-client