Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
File: CYdvfc8Myud0IWBGOzjhw181bRI.mft (raw, json)
Hash identifier: Cxy6uscYfAx44TYUi3cTKR0NA4Ez0UkLNn2u8UwiPCY=
Subject key identifier: B2:25:6D:B4:56:29:11:79:64:4C:EF:1C:60:F0:D7:8F:A4:03:9E:BF
Authority key identifier: 09:87:6F:7D:CF:0C:CA:E7:74:21:60:46:3B:38:E1:C3:5F:35:6D:12
Certificate issuer: /CN=09876f7dcf0ccae7742160463b38e1c35f356d12
Certificate serial: 019D2772D0391DCE0017CA68390C22C3AD11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYdvfc8Myud0IWBGOzjhw181bRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
Manifest number: 10FA
Signing time: Thu 26 Mar 2026 00:02:08 +0000
Manifest this update: Thu 26 Mar 2026 00:02:08 +0000
Manifest next update: Fri 27 Mar 2026 00:02:08 +0000
Files and hashes: 1: CYdvfc8Myud0IWBGOzjhw181bRI.crl (hash: R672R+YQ2FoHyt8QUv37I0hGBbTE6z9BiOUck4m+whw=)
2: VfT1jovZQbB_GOxrewqAg31IJD4.roa (hash: rEaYnnOYpTkHENGl1d6pSu6EPvs3HHaHkQH4luV+aMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYdvfc8Myud0IWBGOzjhw181bRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:d0:39:1d:ce:00:17:ca:68:39:0c:22:c3:ad:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09876f7dcf0ccae7742160463b38e1c35f356d12
Validity
Not Before: Mar 26 00:02:08 2026 GMT
Not After : Mar 27 00:02:08 2026 GMT
Subject: CN=b2256db456291179644cef1c60f0d78fa4039ebf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:47:f9:2b:52:dc:3e:32:40:8c:64:f3:ca:9e:
ef:0f:ec:34:eb:d6:a2:df:81:17:a0:90:b2:8d:66:
30:e0:05:f7:57:d5:06:a4:ed:2d:07:38:a8:9f:2b:
50:82:71:8f:66:8d:59:45:c6:9f:6c:7c:07:1c:91:
9f:62:60:b2:12:3e:fd:fd:c5:e5:63:bf:09:e7:d2:
5d:1a:ef:51:7e:78:7d:a9:b5:2b:d2:c3:f2:44:ed:
fe:6a:19:b6:96:cb:6d:49:5d:e8:af:2b:f1:d3:21:
ed:4c:81:b3:d3:af:c4:37:0f:53:ef:39:59:8e:d1:
fa:06:77:30:64:1c:ed:95:ab:72:52:ad:4f:9c:f7:
1c:d8:79:84:e2:9b:46:e1:3b:af:3c:69:b6:62:dd:
39:4b:65:f3:42:0e:0b:71:3e:11:0d:fb:48:e8:10:
fb:23:5f:20:b0:a6:5e:54:98:14:90:32:b3:cd:84:
21:2b:20:fc:85:de:c9:a8:6e:11:7e:fd:4f:9f:14:
a3:b2:af:d2:8d:e4:81:dc:9c:fb:b6:19:4d:78:8d:
b3:b8:36:f5:13:98:1d:fb:1c:1d:d8:3d:63:e3:c7:
b1:16:2f:d9:74:2c:9f:2f:cd:7e:5d:ac:59:07:42:
74:c0:a3:48:4e:dc:ca:57:00:05:ad:36:a4:db:d9:
18:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:25:6D:B4:56:29:11:79:64:4C:EF:1C:60:F0:D7:8F:A4:03:9E:BF
X509v3 Authority Key Identifier:
keyid:09:87:6F:7D:CF:0C:CA:E7:74:21:60:46:3B:38:E1:C3:5F:35:6D:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYdvfc8Myud0IWBGOzjhw181bRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:62:fd:13:bf:73:8d:96:46:71:a1:8e:fc:df:d3:e5:13:71:
d9:c8:8f:ff:4b:da:b8:8c:33:03:8c:e6:f8:25:fe:09:97:49:
6e:24:b6:cb:8f:b2:a1:8a:1a:b8:56:c3:6f:77:2c:fc:05:57:
62:1a:0f:e7:40:9b:7f:2a:33:c2:1e:c1:92:65:c9:87:e0:ce:
de:03:35:4b:c1:f0:58:a4:19:73:51:53:85:5e:25:7a:4e:85:
ed:c4:03:9e:60:f1:58:64:1c:19:22:cd:7a:fd:be:0f:ab:0c:
1c:91:09:0a:bb:d2:73:94:3e:43:d1:8b:02:92:2c:ac:aa:10:
a0:a1:c6:09:73:df:65:a6:ee:f8:f9:04:f2:e0:92:53:eb:03:
d9:9a:57:bd:ab:b4:8b:40:ac:8f:95:f7:ad:26:62:2e:54:59:
a3:8c:32:69:3d:da:dc:73:4c:a2:29:ec:93:65:bb:74:09:b6:
9d:cf:1b:44:d0:56:1b:e8:60:4d:33:1c:4e:f8:5d:26:de:35:
5f:4a:fe:6e:f7:df:ed:29:38:c3:5a:f3:ef:80:95:fc:d8:68:
83:de:2f:c9:1d:be:ef:3d:f3:d1:5c:61:8e:5f:cf:65:2c:b0:
fc:bc:f6:73:57:be:b6:53:c1:6a:a0:3a:7c:2f:5e:6f:0d:52:
b0:f1:c0:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nctA5Hc4AF8poOQwiw60RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODc2ZjdkY2YwY2NhZTc3NDIxNjA0NjNiMzhlMWMzNWYz
NTZkMTIwHhcNMjYwMzI2MDAwMjA4WhcNMjYwMzI3MDAwMjA4WjAzMTEwLwYDVQQD
EyhiMjI1NmRiNDU2MjkxMTc5NjQ0Y2VmMWM2MGYwZDc4ZmE0MDM5ZWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6kf5K1LcPjJAjGTzyp7vD+w069ai
34EXoJCyjWYw4AX3V9UGpO0tBzionytQgnGPZo1ZRcafbHwHHJGfYmCyEj79/cXl
Y78J59JdGu9Rfnh9qbUr0sPyRO3+ahm2lsttSV3oryvx0yHtTIGz06/ENw9T7zlZ
jtH6BncwZBztlatyUq1PnPcc2HmE4ptG4TuvPGm2Yt05S2XzQg4LcT4RDftI6BD7
I18gsKZeVJgUkDKzzYQhKyD8hd7JqG4Rfv1PnxSjsq/SjeSB3Jz7thlNeI2zuDb1
E5gd+xwd2D1j48exFi/ZdCyfL81+XaxZB0J0wKNITtzKVwAFrTak29kYCQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLIlbbRWKRF5ZEzvHGDw14+kA56/MB8GA1UdIwQY
MBaAFAmHb33PDMrndCFgRjs44cNfNW0SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lkdmZjOE15dWQwSVdCR096amh3MTgxYlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9hNDM3NjYtOTFkZC00MjY2LWFmNjAt
OTIwYjMyMGQyZTIxLzEvQ1lkdmZjOE15dWQwSVdCR096amh3MTgxYlJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9hNDM3NjYtOTFkZC00MjY2LWFmNjAtOTIwYjMyMGQyZTIx
LzEvQ1lkdmZjOE15dWQwSVdCR096amh3MTgxYlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH2L9E79z
jZZGcaGO/N/T5RNx2ciP/0vauIwzA4zm+CX+CZdJbiS2y4+yoYoauFbDb3cs/AVX
YhoP50Cbfyozwh7BkmXJh+DO3gM1S8HwWKQZc1FThV4lek6F7cQDnmDxWGQcGSLN
ev2+D6sMHJEJCrvSc5Q+Q9GLApIsrKoQoKHGCXPfZabu+PkE8uCSU+sD2ZpXvau0
i0Csj5X3rSZiLlRZo4wyaT3a3HNMoinsk2W7dAm2nc8bRNBWG+hgTTMcTvhdJt41
X0r+bvff7Sk4w1rz74CV/Nhog94vyR2+7z3z0Vxhjl/PZSyw/Lz2c1e+tlPBaqA6
fC9ebw1SsPHANA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:58:37 2026 by rpki-client