Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft
File: CVAiiQS52-tHkqaXcn42qv2E0uk.mft (raw, json)
Hash identifier: ClcUjnkTe6thADYwtRJhvMutboIW4OTB3qfeJoJaBzs=
Subject key identifier: FC:09:3B:38:51:D8:91:7B:D4:1E:F9:70:4E:B1:3D:CB:8F:F1:24:39
Authority key identifier: 09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
Certificate issuer: /CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Certificate serial: 019D25833D5342C848EEF3E1C0E9819CC8D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft
Manifest number: 0F99
Signing time: Wed 25 Mar 2026 15:00:50 +0000
Manifest this update: Wed 25 Mar 2026 15:00:50 +0000
Manifest next update: Thu 26 Mar 2026 15:00:50 +0000
Files and hashes: 1: 0bE4aaGgdiJFJ50d4SWw_RJ5yog.roa (hash: pfh5kzcii4MpQVjtzuuE7xEsH7nvPkPrk2Vo7JxfSO8=)
2: CVAiiQS52-tHkqaXcn42qv2E0uk.crl (hash: LQCD3MFufoEnBqfI1n+b5Bn/fhvqtiS2LQrOvM4NjuE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:83:3d:53:42:c8:48:ee:f3:e1:c0:e9:81:9c:c8:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0950228904b9dbeb4792a697727e36aafd84d2e9
Validity
Not Before: Mar 25 15:00:50 2026 GMT
Not After : Mar 26 15:00:50 2026 GMT
Subject: CN=fc093b3851d8917bd41ef9704eb13dcb8ff12439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:2c:2b:e9:ce:b3:c3:4e:16:f8:f7:9a:7c:
15:cf:da:70:8f:9e:76:72:b9:36:a6:f6:60:2a:9a:
92:1c:fc:dd:68:91:01:98:90:6c:3f:26:a9:94:bf:
3e:4c:85:a3:57:2e:62:72:a5:27:79:ad:93:8d:64:
bf:bf:73:fe:45:9f:06:27:05:0c:8a:d4:bf:1a:a4:
07:3d:83:b3:59:91:f6:6f:f3:6d:e0:a5:aa:6c:37:
36:5d:d6:d9:21:b3:28:68:7b:31:ae:f8:2a:46:87:
b6:01:67:14:43:23:0c:03:ad:58:47:b6:1c:a4:60:
d9:c0:19:24:fd:e8:81:cd:bf:0d:e3:63:d9:b3:fc:
0f:5c:e9:fe:c8:6d:c4:c9:5b:db:af:35:84:3c:b4:
fd:2a:b2:a3:29:0c:15:b4:80:13:f7:73:7d:63:20:
6d:3e:99:89:23:0b:96:95:16:fd:2a:66:f9:da:73:
85:1f:a0:8f:7b:da:a7:24:07:36:62:50:5a:04:9e:
9e:49:a5:74:ec:20:c4:71:f2:eb:fe:24:53:76:14:
ae:89:28:9e:8d:46:18:96:0b:c8:b9:58:ca:8e:77:
9a:8a:95:b3:a9:a9:81:01:8e:0a:0d:a3:42:b3:52:
be:8e:49:15:00:9f:3b:33:ae:f8:4c:d0:2e:90:73:
1a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:09:3B:38:51:D8:91:7B:D4:1E:F9:70:4E:B1:3D:CB:8F:F1:24:39
X509v3 Authority Key Identifier:
keyid:09:50:22:89:04:B9:DB:EB:47:92:A6:97:72:7E:36:AA:FD:84:D2:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CVAiiQS52-tHkqaXcn42qv2E0uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/64d910-945c-42e8-bb44-62821c2c299f/1/CVAiiQS52-tHkqaXcn42qv2E0uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:f8:d3:15:f4:43:c2:4e:2a:7e:e6:46:dd:a4:d9:f9:82:19:
54:6b:1c:01:8e:08:9b:79:45:59:e8:2e:79:b6:3e:11:fa:58:
9a:d3:d8:e4:ce:29:40:e3:47:0d:1b:7b:8b:24:69:33:af:47:
6b:b4:78:81:34:b2:bf:4b:8a:f0:a3:e8:be:a6:33:52:15:2a:
4f:8f:65:b7:d2:e8:b0:89:67:27:67:02:fe:9b:fd:5a:38:05:
f6:41:7c:ef:e3:d3:4b:a7:c9:15:ce:2c:7b:fe:73:b7:bb:11:
48:a8:ee:e1:0b:93:32:8c:43:0e:f9:0a:38:84:c4:6e:18:b4:
fe:1a:44:05:5f:bb:c1:e9:52:47:dd:97:1c:ba:47:d1:1f:2d:
20:a3:a8:98:ca:f9:01:04:25:47:5b:46:3e:11:b7:11:4d:b0:
3c:7c:6e:c2:67:30:56:11:0a:21:8d:f6:a6:e1:34:f0:e2:e9:
a0:96:1b:9a:df:b2:22:81:54:86:52:a6:3d:34:f3:f0:e8:83:
30:81:80:b7:49:2b:f4:a6:37:d1:54:3d:eb:de:3d:11:66:05:
af:96:bf:ba:1a:12:78:08:cf:14:58:b9:eb:66:80:5a:39:2b:
a3:0b:5a:b6:ad:48:1b:94:de:3c:ba:b5:09:9a:39:d3:e5:a1:
66:d6:ff:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lgz1TQshI7vPhwOmBnMjTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NTAyMjg5MDRiOWRiZWI0NzkyYTY5NzcyN2UzNmFhZmQ4
NGQyZTkwHhcNMjYwMzI1MTUwMDUwWhcNMjYwMzI2MTUwMDUwWjAzMTEwLwYDVQQD
EyhmYzA5M2IzODUxZDg5MTdiZDQxZWY5NzA0ZWIxM2RjYjhmZjEyNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv8sK+nOs8NOFvj3mnwVz9pwj552
crk2pvZgKpqSHPzdaJEBmJBsPyaplL8+TIWjVy5icqUnea2TjWS/v3P+RZ8GJwUM
itS/GqQHPYOzWZH2b/Nt4KWqbDc2XdbZIbMoaHsxrvgqRoe2AWcUQyMMA61YR7Yc
pGDZwBkk/eiBzb8N42PZs/wPXOn+yG3EyVvbrzWEPLT9KrKjKQwVtIAT93N9YyBt
PpmJIwuWlRb9Kmb52nOFH6CPe9qnJAc2YlBaBJ6eSaV07CDEcfLr/iRTdhSuiSie
jUYYlgvIuVjKjneaipWzqamBAY4KDaNCs1K+jkkVAJ87M674TNAukHMa3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPwJOzhR2JF71B75cE6xPcuP8SQ5MB8GA1UdIwQY
MBaAFAlQIokEudvrR5Kml3J+Nqr9hNLpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQt
NjI4MjFjMmMyOTlmLzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82NGQ5MTAtOTQ1Yy00MmU4LWJiNDQtNjI4MjFjMmMyOTlm
LzEvQ1ZBaWlRUzUyLXRIa3FhWGNuNDJxdjJFMHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArvjTFfRD
wk4qfuZG3aTZ+YIZVGscAY4Im3lFWeguebY+EfpYmtPY5M4pQONHDRt7iyRpM69H
a7R4gTSyv0uK8KPovqYzUhUqT49lt9LosIlnJ2cC/pv9WjgF9kF87+PTS6fJFc4s
e/5zt7sRSKju4QuTMoxDDvkKOITEbhi0/hpEBV+7welSR92XHLpH0R8tIKOomMr5
AQQlR1tGPhG3EU2wPHxuwmcwVhEKIY32puE08OLpoJYbmt+yIoFUhlKmPTTz8OiD
MIGAt0kr9KY30VQ96949EWYFr5a/uhoSeAjPFFi562aAWjkrowtatq1IG5TePLq1
CZo50+WhZtb/Lg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:29:51 2026 by rpki-client