Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
File: 2HGZiqFAq3wf8kDqsMkjWRPJboo.mft (raw, json)
Hash identifier: Rwe2IPKVDKCf7amQ+SoDjdKwYrqzVPUG+odgRfCCEnY=
Subject key identifier: 35:1A:FD:E4:3E:02:06:10:1A:80:06:AD:39:A3:6B:3F:A9:F6:8C:DE
Authority key identifier: D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
Certificate issuer: /CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Certificate serial: 019CAA591903642BCFB785060540D5C27212
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
Manifest number: 1553
Signing time: Sun 01 Mar 2026 17:01:31 +0000
Manifest this update: Sun 01 Mar 2026 17:01:31 +0000
Manifest next update: Mon 02 Mar 2026 17:01:31 +0000
Files and hashes: 1: 2HGZiqFAq3wf8kDqsMkjWRPJboo.crl (hash: lCCZUk6m/RD8WbDoOJXAaDgI8qYV4eetxZ+3hmwrN7c=)
2: ZVHQNn8NDHrKDlrXSjskIERGk-w.roa (hash: GPFXQQAYnCScqN6Tj+UkAGSIUrlH/xEf/by5WbPkz1Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:59:19:03:64:2b:cf:b7:85:06:05:40:d5:c2:72:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d871998aa140ab7c1ff240eab0c9235913c96e8a
Validity
Not Before: Mar 1 17:01:31 2026 GMT
Not After : Mar 2 17:01:31 2026 GMT
Subject: CN=351afde43e0206101a8006ad39a36b3fa9f68cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9b:ad:fd:1c:fe:77:22:84:87:bb:77:b5:45:
76:7e:0a:ef:fb:3d:b0:0a:aa:9d:b4:80:fa:02:38:
2f:fc:61:83:1d:4c:57:b2:71:d2:73:0d:bc:87:ec:
9b:d4:7f:8c:bb:64:9a:8e:20:c3:6e:c8:12:ee:47:
60:57:e5:64:81:6b:41:a4:cd:7c:44:9e:f3:e1:88:
a8:d7:29:ae:a8:7e:ab:84:e7:9b:a6:0a:d6:41:bb:
03:bb:66:79:4d:20:a9:aa:d5:22:a9:4e:07:c5:2c:
9a:64:5f:b2:cb:ee:ec:cf:50:52:ef:bd:b3:63:a8:
02:02:47:6f:45:fb:6c:bf:37:10:96:9b:ce:7d:ad:
1c:25:c4:64:2d:94:21:dc:e1:82:79:d5:a0:86:2e:
cf:a0:93:7d:5b:10:b8:f2:11:9c:1b:17:a4:38:ac:
6b:ad:a6:b4:90:a8:cb:d6:91:3f:c5:d4:de:68:0c:
77:80:94:fc:57:9a:ed:42:bd:36:a7:37:33:2a:a9:
ee:e6:ab:49:4b:da:be:45:1c:9d:33:db:81:36:d1:
48:d4:98:db:dd:df:25:27:01:66:cf:98:e8:ee:77:
49:95:ed:52:08:ef:d7:78:9f:8b:f5:5e:41:e4:a8:
2b:01:a9:84:d4:21:f0:93:0d:b9:1b:66:ac:34:7e:
ab:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:1A:FD:E4:3E:02:06:10:1A:80:06:AD:39:A3:6B:3F:A9:F6:8C:DE
X509v3 Authority Key Identifier:
keyid:D8:71:99:8A:A1:40:AB:7C:1F:F2:40:EA:B0:C9:23:59:13:C9:6E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HGZiqFAq3wf8kDqsMkjWRPJboo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/33aa24-35ea-4adc-8c05-5a34e52b0b10/1/2HGZiqFAq3wf8kDqsMkjWRPJboo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:5b:df:e7:be:ba:d3:52:29:98:4f:e4:76:50:55:e0:49:f8:
86:16:fe:20:ad:b4:4f:a9:7b:da:88:85:93:d9:c9:af:64:3b:
7b:24:ac:5b:2f:03:8b:ef:76:fd:67:6b:4a:5d:42:d5:d6:b6:
2f:93:a0:21:e7:ac:28:34:38:91:43:2f:b7:48:97:98:a3:37:
e7:9b:3c:15:00:68:23:ac:92:98:8a:72:11:d9:50:9c:ba:99:
1c:84:cb:71:a6:6b:6a:43:65:88:ee:62:23:98:7f:cb:14:32:
71:6d:75:ad:33:a8:ce:75:84:22:18:92:16:5c:9e:7b:7a:3c:
aa:b7:17:a0:bb:65:a4:e8:da:fb:35:b7:41:c0:dc:9a:60:78:
e4:66:a0:66:79:1e:64:81:13:43:be:2b:e3:7f:95:d5:07:9c:
33:02:dd:e8:bb:7d:ac:77:5b:da:9b:c9:f8:f7:3e:1d:a0:09:
38:e0:9e:db:ef:da:29:ce:74:c6:35:34:f4:a8:f5:15:7f:59:
27:c5:85:14:53:4a:3d:66:f4:8e:2f:a4:9b:53:a9:3a:71:b7:
d9:9e:21:6f:7c:c8:b9:78:2f:16:bf:e0:96:35:1d:79:b1:c7:
fc:75:66:ab:c1:dd:7e:15:32:5d:f9:06:74:3e:72:dd:20:78:
c1:b7:74:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWRkDZCvPt4UGBUDVwnISMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NzE5OThhYTE0MGFiN2MxZmYyNDBlYWIwYzkyMzU5MTNj
OTZlOGEwHhcNMjYwMzAxMTcwMTMxWhcNMjYwMzAyMTcwMTMxWjAzMTEwLwYDVQQD
EygzNTFhZmRlNDNlMDIwNjEwMWE4MDA2YWQzOWEzNmIzZmE5ZjY4Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5ut/Rz+dyKEh7t3tUV2fgrv+z2w
CqqdtID6Ajgv/GGDHUxXsnHScw28h+yb1H+Mu2SajiDDbsgS7kdgV+VkgWtBpM18
RJ7z4Yio1ymuqH6rhOebpgrWQbsDu2Z5TSCpqtUiqU4HxSyaZF+yy+7sz1BS772z
Y6gCAkdvRftsvzcQlpvOfa0cJcRkLZQh3OGCedWghi7PoJN9WxC48hGcGxekOKxr
raa0kKjL1pE/xdTeaAx3gJT8V5rtQr02pzczKqnu5qtJS9q+RRydM9uBNtFI1Jjb
3d8lJwFmz5jo7ndJle1SCO/XeJ+L9V5B5KgrAamE1CHwkw25G2asNH6rBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDUa/eQ+AgYQGoAGrTmjaz+p9ozeMB8GA1UdIwQY
MBaAFNhxmYqhQKt8H/JA6rDJI1kTyW6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUt
NWEzNGU1MmIwYjEwLzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi8zM2FhMjQtMzVlYS00YWRjLThjMDUtNWEzNGU1MmIwYjEw
LzEvMkhHWmlxRkFxM3dmOGtEcXNNa2pXUlBKYm9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjVvf5766
01IpmE/kdlBV4En4hhb+IK20T6l72oiFk9nJr2Q7eySsWy8Di+92/WdrSl1C1da2
L5OgIeesKDQ4kUMvt0iXmKM355s8FQBoI6ySmIpyEdlQnLqZHITLcaZrakNliO5i
I5h/yxQycW11rTOoznWEIhiSFlyee3o8qrcXoLtlpOja+zW3QcDcmmB45GagZnke
ZIETQ74r43+V1QecMwLd6Lt9rHdb2pvJ+Pc+HaAJOOCe2+/aKc50xjU09Kj1FX9Z
J8WFFFNKPWb0ji+km1OpOnG32Z4hb3zIuXgvFr/gljUdebHH/HVmq8HdfhUyXfkG
dD5y3SB4wbd0Bg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:15:27 2026 by rpki-client