Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json)
Hash identifier: MISuhmMB6iMBwRdoe2nCvQ3mzSPSgGW5ks5aVJHLUDs=
Subject key identifier: 2A:8B:6B:1C:59:2E:97:F1:06:86:B4:3D:86:56:0D:69:25:BD:EE:10
Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416
Certificate serial: 019D284D6C8FD228073FC556DEA3329B79D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
Manifest number: 0B03
Signing time: Thu 26 Mar 2026 04:00:55 +0000
Manifest this update: Thu 26 Mar 2026 04:00:55 +0000
Manifest next update: Fri 27 Mar 2026 04:00:55 +0000
Files and hashes: 1: Le8K7qSkEZ1_FmI_JNvcQwDT3kM.roa (hash: YPGYe40UQA7fHzeXPlUUiQ7ZZraM1bL1CPz1T+qTDdY=)
2: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: fG3emOsR9paFS4uFOt7mr6CuYXEGThS2nljnGRKPbqQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:4d:6c:8f:d2:28:07:3f:c5:56:de:a3:32:9b:79:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7319007a28ade0781d312d8d49472db367670416
Validity
Not Before: Mar 26 04:00:55 2026 GMT
Not After : Mar 27 04:00:55 2026 GMT
Subject: CN=2a8b6b1c592e97f10686b43d86560d6925bdee10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:50:df:22:ac:d9:bb:88:67:57:46:b5:e9:
1c:1f:72:62:3f:22:09:c1:5f:01:6e:14:44:7c:6d:
3f:ff:07:74:98:16:d4:5f:67:22:5c:e8:47:6a:57:
82:f3:33:8b:08:56:31:47:57:10:c9:75:a9:00:38:
f7:f7:2b:b0:ef:f4:1b:af:4a:ca:43:fa:00:5e:c2:
14:cc:48:19:ad:ad:d8:20:25:07:a2:f3:da:5e:20:
c4:e1:fa:a9:3e:34:68:ca:71:ec:cc:f8:1d:4c:71:
b5:84:ce:e6:8e:4e:b4:2b:e6:00:a5:e4:af:d6:6a:
9a:b3:fc:e3:79:71:c4:75:2e:21:69:4d:47:39:96:
a8:da:8f:05:72:20:51:9b:3b:36:e5:ea:cc:b8:be:
10:37:0d:5d:d3:42:6a:d5:aa:eb:b5:78:c6:ee:f8:
8c:c9:48:18:23:fd:ca:3b:aa:1d:a1:32:56:03:19:
79:aa:de:66:01:ee:71:ac:ac:b6:63:75:71:a0:3e:
57:45:0d:aa:bc:2e:64:b6:2c:3e:71:8a:20:89:3e:
a6:d6:9e:9f:1a:64:61:5e:ef:b4:50:93:78:64:4f:
73:74:b2:ed:cd:5c:d4:8c:80:3d:c6:92:36:a2:68:
a1:1a:3c:53:a4:81:d5:7b:aa:4e:30:bb:4a:ea:54:
30:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8B:6B:1C:59:2E:97:F1:06:86:B4:3D:86:56:0D:69:25:BD:EE:10
X509v3 Authority Key Identifier:
keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:e5:b4:2c:0e:a6:ff:5a:25:e9:ee:ba:6f:ec:1a:e6:b0:02:
fe:5a:d7:73:10:60:cb:cf:aa:e5:69:b0:83:c6:0d:ef:6a:0f:
11:97:61:55:bc:0b:75:28:c4:cb:fa:b6:94:80:46:e5:6d:cc:
00:4c:39:7b:4c:75:2b:65:51:a6:4d:86:46:c7:e7:1e:0d:b3:
32:bb:9f:be:30:a5:5f:dc:23:b0:1e:0b:8c:e6:91:b7:2f:ae:
74:cd:5d:6b:3b:dd:af:92:45:60:c2:92:a7:d4:2d:7f:c8:66:
e7:17:c8:a3:0e:4e:85:7f:75:1a:f9:a4:d2:55:d9:1d:ab:7e:
79:24:fc:c1:88:e1:ae:8e:25:00:06:59:91:35:ac:6c:9d:4e:
3f:69:07:46:b8:a5:d7:fb:83:2c:77:4a:9d:5d:14:3b:6a:cd:
4a:de:92:38:a0:19:54:f1:8d:c8:6b:61:a8:3f:ea:0c:75:7b:
71:44:0b:49:b8:8b:ce:81:12:2e:be:81:9d:1b:b2:36:85:b4:
02:e8:67:1e:17:e9:75:0d:00:8b:4c:64:d5:9e:c2:a5:14:39:
80:a1:33:05:4b:90:82:f7:5d:af:d2:c4:c8:58:cc:b3:42:8c:
64:d3:b1:e7:90:bf:36:c9:88:2e:0e:dd:b3:ba:31:77:f9:f3:
75:20:a8:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0oTWyP0igHP8VW3qMym3nVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2
NzA0MTYwHhcNMjYwMzI2MDQwMDU1WhcNMjYwMzI3MDQwMDU1WjAzMTEwLwYDVQQD
EygyYThiNmIxYzU5MmU5N2YxMDY4NmI0M2Q4NjU2MGQ2OTI1YmRlZTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYZQ3yKs2buIZ1dGtekcH3JiPyIJ
wV8BbhREfG0//wd0mBbUX2ciXOhHaleC8zOLCFYxR1cQyXWpADj39yuw7/Qbr0rK
Q/oAXsIUzEgZra3YICUHovPaXiDE4fqpPjRoynHszPgdTHG1hM7mjk60K+YApeSv
1mqas/zjeXHEdS4haU1HOZao2o8FciBRmzs25erMuL4QNw1d00Jq1arrtXjG7viM
yUgYI/3KO6odoTJWAxl5qt5mAe5xrKy2Y3VxoD5XRQ2qvC5ktiw+cYogiT6m1p6f
GmRhXu+0UJN4ZE9zdLLtzVzUjIA9xpI2omihGjxTpIHVe6pOMLtK6lQwCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCqLaxxZLpfxBoa0PYZWDWklve4QMB8GA1UdIwQY
MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt
OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0
LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuW0LA6m
/1ol6e66b+wa5rAC/lrXcxBgy8+q5Wmwg8YN72oPEZdhVbwLdSjEy/q2lIBG5W3M
AEw5e0x1K2VRpk2GRsfnHg2zMrufvjClX9wjsB4LjOaRty+udM1dazvdr5JFYMKS
p9Qtf8hm5xfIow5OhX91Gvmk0lXZHat+eST8wYjhro4lAAZZkTWsbJ1OP2kHRril
1/uDLHdKnV0UO2rNSt6SOKAZVPGNyGthqD/qDHV7cUQLSbiLzoESLr6BnRuyNoW0
AuhnHhfpdQ0Ai0xk1Z7CpRQ5gKEzBUuQgvddr9LEyFjMs0KMZNOx55C/NsmILg7d
s7oxd/nzdSCopg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:30:46 2026 by rpki-client