Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json)
Hash identifier: SMILlcDkZZMdfXrf9qMfzAhkhe1RxLBLHWINE+AJNag=
Subject key identifier: 18:03:39:0C:68:1C:1C:40:C2:B2:DC:70:A3:E1:59:A0:69:34:E3:D2
Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05
Certificate serial: 019CAD594DE57967006DD587F2146116248C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
Manifest number: 0FFB
Signing time: Mon 02 Mar 2026 07:00:36 +0000
Manifest this update: Mon 02 Mar 2026 07:00:36 +0000
Manifest next update: Tue 03 Mar 2026 07:00:36 +0000
Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: Ga8hAbwZiWG6nLHrWjTwqUOE7PxpbX4p1jO4HKVb75E=)
2: 5iwb34X7et8A-ZwDnoqtR_xqPsw.roa (hash: WeDprzbgEpDRHXWUflU5QUsB4X7FqUJMR6LQN8vcE2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:4d:e5:79:67:00:6d:d5:87:f2:14:61:16:24:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05
Validity
Not Before: Mar 2 07:00:36 2026 GMT
Not After : Mar 3 07:00:36 2026 GMT
Subject: CN=1803390c681c1c40c2b2dc70a3e159a06934e3d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:eb:e0:fb:ea:9e:51:39:9a:83:9d:19:d6:40:
af:b6:d1:ed:7d:a8:02:f2:fb:f1:98:a5:9d:40:b8:
9c:5e:30:a3:49:2b:72:0d:62:02:7b:24:7a:95:ab:
66:2a:26:d6:0d:1b:3c:76:02:e6:19:2d:4f:09:30:
9a:f3:80:09:8d:1e:70:b0:03:70:c5:31:15:aa:80:
96:38:0d:73:12:20:7d:ae:49:30:4c:74:53:bb:aa:
5b:c8:4a:6b:10:a5:36:2b:c6:e0:91:6f:9d:39:69:
3b:73:d6:05:01:bb:44:ad:77:cf:6a:10:da:ec:50:
65:fb:97:37:a3:a3:a6:0c:34:2a:20:bd:f3:2e:52:
b6:09:9c:aa:22:29:ab:68:cb:9a:db:1f:38:36:5f:
ba:3e:96:58:e0:a0:8c:04:ef:a6:eb:c9:85:f7:24:
19:18:54:c6:38:d4:7d:a1:09:b6:b6:53:c4:bc:86:
1b:7c:ea:d9:52:ca:d7:81:fd:df:33:b0:c5:03:d0:
22:86:b7:eb:d9:e3:37:a5:91:fd:16:59:e8:42:7e:
d0:2f:79:02:4a:c0:a7:d8:7d:5c:ab:f9:15:37:ec:
a1:51:59:d9:85:b9:61:ac:3d:30:4d:bc:e6:ef:01:
f9:4e:e1:af:11:b2:dd:ed:84:36:be:5c:7b:dd:d1:
74:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:03:39:0C:68:1C:1C:40:C2:B2:DC:70:A3:E1:59:A0:69:34:E3:D2
X509v3 Authority Key Identifier:
keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:06:c2:e9:97:29:6c:32:82:ce:99:95:17:8c:72:8e:fe:74:
eb:45:ab:24:c6:17:16:6c:33:a9:95:49:dd:33:ed:0d:eb:4d:
5c:90:b2:c5:1c:30:fe:5f:d3:a2:78:6f:71:4b:f5:ff:fc:1f:
af:53:2a:2e:f5:2f:1e:88:2a:fb:c4:9f:f7:6e:c1:f8:2d:43:
09:48:16:c5:bb:f8:e9:7d:1b:d1:54:a9:f5:c4:4b:6b:ac:c9:
83:09:f6:80:00:d7:f6:a9:db:8c:92:49:3c:26:76:cb:5c:41:
12:61:57:cd:b6:63:fe:80:da:3d:47:0e:20:98:ce:a5:19:a9:
9b:1c:1b:c7:08:14:00:58:9b:57:7e:6d:cd:b7:66:fd:9e:8e:
49:ab:d5:76:d8:68:21:47:90:c7:5c:06:ef:cd:d2:1f:64:ff:
50:77:cf:60:24:50:07:34:de:6c:9f:f0:c8:ac:43:66:46:f0:
a3:82:9a:b5:96:d3:0f:eb:d4:dc:d9:3f:d9:da:2f:de:54:c9:
57:13:5a:6b:bc:f7:28:0e:81:db:bb:06:06:2e:14:a2:99:d8:
97:ca:0e:78:69:49:9d:c6:42:3b:27:d7:9a:a6:11:92:4f:05:
6e:34:08:5c:08:0a:f8:57:82:69:f6:f0:ab:90:c0:56:1a:84:
9e:a1:a0:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWU3leWcAbdWH8hRhFiSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz
MzNhMDUwHhcNMjYwMzAyMDcwMDM2WhcNMjYwMzAzMDcwMDM2WjAzMTEwLwYDVQQD
EygxODAzMzkwYzY4MWMxYzQwYzJiMmRjNzBhM2UxNTlhMDY5MzRlM2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Ovg++qeUTmag50Z1kCvttHtfagC
8vvxmKWdQLicXjCjSStyDWICeyR6latmKibWDRs8dgLmGS1PCTCa84AJjR5wsANw
xTEVqoCWOA1zEiB9rkkwTHRTu6pbyEprEKU2K8bgkW+dOWk7c9YFAbtErXfPahDa
7FBl+5c3o6OmDDQqIL3zLlK2CZyqIimraMua2x84Nl+6PpZY4KCMBO+m68mF9yQZ
GFTGONR9oQm2tlPEvIYbfOrZUsrXgf3fM7DFA9Aihrfr2eM3pZH9FlnoQn7QL3kC
SsCn2H1cq/kVN+yhUVnZhblhrD0wTbzm7wH5TuGvEbLd7YQ2vlx73dF0FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBgDOQxoHBxAwrLccKPhWaBpNOPSMB8GA1UdIwQY
MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt
NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw
LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXgbC6Zcp
bDKCzpmVF4xyjv5060WrJMYXFmwzqZVJ3TPtDetNXJCyxRww/l/TonhvcUv1//wf
r1MqLvUvHogq+8Sf927B+C1DCUgWxbv46X0b0VSp9cRLa6zJgwn2gADX9qnbjJJJ
PCZ2y1xBEmFXzbZj/oDaPUcOIJjOpRmpmxwbxwgUAFibV35tzbdm/Z6OSavVdtho
IUeQx1wG783SH2T/UHfPYCRQBzTebJ/wyKxDZkbwo4KatZbTD+vU3Nk/2dov3lTJ
VxNaa7z3KA6B27sGBi4UopnYl8oOeGlJncZCOyfXmqYRkk8FbjQIXAgK+FeCafbw
q5DAVhqEnqGgxw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:33:59 2026 by rpki-client