Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: tY5daCFDJyuvcGDINGBXbyM/NC/h+419Bb01TziWqN8=
Subject key identifier: BF:A3:40:16:15:42:BA:7D:26:27:67:9A:DC:53:EF:9F:1F:09:BE:06
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 019D2583643CD17E3B4163E24F3AA979EE9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 16D0
Signing time: Wed 25 Mar 2026 15:01:01 +0000
Manifest this update: Wed 25 Mar 2026 15:01:01 +0000
Manifest next update: Thu 26 Mar 2026 15:01:01 +0000
Files and hashes: 1: Afbz_CgFHMzfcYyB-LhD-CN5fJo.roa (hash: UVJ+Ac4Bp4WWuF6LeTd+T8dhUJ7FlhzP+dm7sJQtR5c=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: cH5x8oYc/zJRkNh3NVXupyKhnN8sk2QNP3Ih7mDWOPs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:83:64:3c:d1:7e:3b:41:63:e2:4f:3a:a9:79:ee:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Mar 25 15:01:01 2026 GMT
Not After : Mar 26 15:01:01 2026 GMT
Subject: CN=bfa340161542ba7d2627679adc53ef9f1f09be06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:95:73:86:d5:ef:a1:9a:e6:71:4e:9d:9a:85:
e8:3e:4b:7b:b4:eb:ea:47:80:34:a4:10:ab:ef:76:
ff:b1:6d:ef:13:61:91:4f:ab:29:e0:ab:eb:71:ea:
be:79:14:6b:6c:2c:6f:86:df:12:33:76:00:24:5f:
6e:6a:bb:4d:ea:d2:39:cf:14:12:93:aa:e8:87:62:
74:75:91:4d:33:37:9b:0d:dd:4a:ad:8a:98:0a:e7:
bf:0b:1f:e7:16:8e:4c:66:9f:7f:d1:62:79:35:e0:
ce:a9:6c:51:7a:50:48:57:1a:fb:30:7a:2d:b9:9f:
ab:f1:e6:29:c1:92:ab:c6:a8:3a:54:cd:c8:d5:7e:
bf:89:29:35:17:22:94:73:10:4b:9b:5e:61:4d:9a:
2f:c1:94:50:f4:9c:2b:46:4f:e7:5e:0b:c4:10:44:
8a:7a:a2:65:a1:ae:10:02:21:7b:7a:66:0d:ad:dd:
f9:dd:f2:b2:2b:fa:0f:89:fc:24:03:0d:a9:b5:fb:
ff:72:bf:84:a1:9b:87:38:26:4d:d1:97:b7:cc:ff:
09:9c:6b:56:bc:55:1f:81:ba:6b:ba:1e:34:d4:94:
a7:3f:08:f7:de:b9:dd:ea:6c:16:f7:01:ea:05:fa:
66:ed:65:71:5a:b7:56:34:83:23:ec:5a:b7:ce:20:
b6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:A3:40:16:15:42:BA:7D:26:27:67:9A:DC:53:EF:9F:1F:09:BE:06
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:f4:ec:2c:9a:53:e2:30:47:f1:52:39:08:5f:f9:1c:a2:f2:
64:d0:6b:56:71:cf:31:f0:ad:6c:3b:4f:f4:f2:7d:5e:20:d6:
60:96:6f:71:8f:9b:91:db:da:ac:b4:ef:b6:6d:f0:a9:2b:a2:
cc:be:09:97:0c:4f:8f:63:b4:bd:c4:55:f2:14:ba:9e:8b:9d:
05:68:3c:92:56:bb:48:6c:63:9b:ac:17:75:ec:56:fc:3b:b9:
b9:08:5b:89:70:0d:9a:56:3e:5e:3a:54:d2:1e:e6:fc:c4:04:
c5:6f:7a:54:2a:de:af:a3:39:3a:bc:c4:40:18:bf:eb:09:03:
f6:d7:76:c9:68:c6:85:ee:20:08:eb:48:bc:b6:5a:08:f8:0f:
e9:a6:4a:08:ef:9e:13:27:7f:39:46:1d:c0:c1:48:15:2a:83:
35:d2:d0:ca:45:06:1e:3c:66:c7:5e:48:0a:60:68:23:13:b7:
2b:26:10:fa:d6:82:65:88:9e:e5:43:fb:a8:2b:58:ef:34:c0:
c0:56:57:89:8c:d4:32:1f:cf:10:6b:4a:73:e8:62:f2:ca:a4:
60:2d:6c:de:a6:d8:2f:ad:19:e6:9e:2a:d4:7a:b8:d1:b3:5d:
f8:9a:28:dc:19:96:15:1e:0a:41:2a:f0:33:ac:77:0d:01:43:
6e:52:3f:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg2Q80X47QWPiTzqpee6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjYwMzI1MTUwMTAxWhcNMjYwMzI2MTUwMTAxWjAzMTEwLwYDVQQD
EyhiZmEzNDAxNjE1NDJiYTdkMjYyNzY3OWFkYzUzZWY5ZjFmMDliZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZVzhtXvoZrmcU6dmoXoPkt7tOvq
R4A0pBCr73b/sW3vE2GRT6sp4Kvrceq+eRRrbCxvht8SM3YAJF9uartN6tI5zxQS
k6roh2J0dZFNMzebDd1KrYqYCue/Cx/nFo5MZp9/0WJ5NeDOqWxRelBIVxr7MHot
uZ+r8eYpwZKrxqg6VM3I1X6/iSk1FyKUcxBLm15hTZovwZRQ9JwrRk/nXgvEEESK
eqJloa4QAiF7emYNrd353fKyK/oPifwkAw2ptfv/cr+EoZuHOCZN0Ze3zP8JnGtW
vFUfgbpruh401JSnPwj33rnd6mwW9wHqBfpm7WVxWrdWNIMj7Fq3ziC2qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL+jQBYVQrp9JidnmtxT758fCb4GMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALPTsLJpT
4jBH8VI5CF/5HKLyZNBrVnHPMfCtbDtP9PJ9XiDWYJZvcY+bkdvarLTvtm3wqSui
zL4JlwxPj2O0vcRV8hS6noudBWg8kla7SGxjm6wXdexW/Du5uQhbiXANmlY+XjpU
0h7m/MQExW96VCrer6M5OrzEQBi/6wkD9td2yWjGhe4gCOtIvLZaCPgP6aZKCO+e
Eyd/OUYdwMFIFSqDNdLQykUGHjxmx15ICmBoIxO3KyYQ+taCZYie5UP7qCtY7zTA
wFZXiYzUMh/PEGtKc+hi8sqkYC1s3qbYL60Z5p4q1Hq40bNd+Joo3BmWFR4KQSrw
M6x3DQFDblI/UA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:14:52 2026 by rpki-client