Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
File: cimwOc-KrxQdbm1hbnwWkInLyzI.mft (raw, json)
Hash identifier: PVMIt6ir42GtFigtf0I7N4ItHhJhhatgXR1BBwvRd84=
Subject key identifier: CD:D1:BD:22:16:C6:EE:1C:FC:B4:13:8D:02:F3:0D:AB:EE:D3:7F:47
Authority key identifier: 72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
Certificate issuer: /CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Certificate serial: 019D292929C85CDD2CE6C7213FA38D1FC4CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
Manifest number: 0FC4
Signing time: Thu 26 Mar 2026 08:00:56 +0000
Manifest this update: Thu 26 Mar 2026 08:00:56 +0000
Manifest next update: Fri 27 Mar 2026 08:00:56 +0000
Files and hashes: 1: 8wUaPB0WMMIH-HfrLZ9Xj7JHPSU.roa (hash: tbvw4SX+xk2sDQk81uJa12/9t00Q5IvpxQLluuXTLCc=)
2: cimwOc-KrxQdbm1hbnwWkInLyzI.crl (hash: 0z7/Xq3JAsrvxFtB0m1GfxZzvY5Bt3fiPJBcytQuYEc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:29:c8:5c:dd:2c:e6:c7:21:3f:a3:8d:1f:c4:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7229b039cf8aaf141d6e6d616e7c169089cbcb32
Validity
Not Before: Mar 26 08:00:56 2026 GMT
Not After : Mar 27 08:00:56 2026 GMT
Subject: CN=cdd1bd2216c6ee1cfcb4138d02f30dabeed37f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3d:83:00:e0:ca:15:09:be:18:d7:fb:67:65:
50:80:70:e4:8d:9d:a2:66:fc:29:e0:24:11:1b:f0:
07:78:66:6b:0e:1c:66:9d:54:35:a1:9c:0a:81:3f:
2c:66:6c:e4:61:13:95:70:9c:c1:ca:36:d8:f0:08:
25:e8:9f:22:f4:5a:98:73:1e:8e:5f:2c:28:43:ae:
b3:6b:3d:0a:f0:12:b9:79:5c:69:12:82:88:22:c4:
27:d3:52:40:ff:93:15:a3:47:6c:90:16:3d:27:91:
d6:3b:3a:ec:0c:f9:70:a0:36:81:6f:87:8d:f8:34:
c0:4d:90:01:14:f4:74:a5:22:21:38:fc:d1:0b:f2:
dd:61:2f:72:ef:dc:0c:4f:03:ac:0c:62:a8:4f:71:
d7:b4:a9:8b:7a:8b:84:3c:65:df:19:60:8c:71:15:
2f:02:2c:c5:d4:5b:19:f4:6d:dd:1d:1a:8a:0d:64:
c2:d5:7b:52:91:36:60:26:30:fc:35:2e:d9:dc:dc:
f5:da:8b:e3:a4:cf:f8:5a:93:23:45:f3:f2:ea:35:
95:f4:f9:1a:59:50:52:08:52:20:db:2c:49:b5:8c:
19:79:fe:d1:a9:19:f6:8e:59:3d:53:b6:62:6f:8b:
42:4a:c4:aa:81:9d:c4:88:f7:81:f5:69:9f:b0:5d:
eb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D1:BD:22:16:C6:EE:1C:FC:B4:13:8D:02:F3:0D:AB:EE:D3:7F:47
X509v3 Authority Key Identifier:
keyid:72:29:B0:39:CF:8A:AF:14:1D:6E:6D:61:6E:7C:16:90:89:CB:CB:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cimwOc-KrxQdbm1hbnwWkInLyzI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c40875-061a-42df-9c6d-87a6845f66f9/1/cimwOc-KrxQdbm1hbnwWkInLyzI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:ad:ff:53:25:8a:ef:ee:7d:02:2f:d7:0d:de:d3:bb:b2:7c:
8a:52:d3:b3:cc:e1:35:e7:c3:5c:a0:be:01:e6:b2:64:ab:32:
e0:38:d0:72:ea:b8:18:1c:1d:e0:34:13:31:d2:6b:77:79:81:
db:df:e7:f1:b4:55:f3:ba:30:14:e2:59:67:90:1c:84:c4:8c:
fb:59:8f:38:29:3e:17:ab:85:e1:05:05:59:fe:b6:a7:0e:af:
f2:bc:88:aa:26:61:47:85:8e:9f:71:4f:7a:85:1d:24:41:3b:
ec:18:2b:5c:71:18:5e:7c:f5:98:80:0d:c1:c8:82:cc:6b:52:
17:6f:71:63:2e:64:b4:48:1e:7d:ee:4e:f2:b9:70:e1:25:82:
c3:2b:e8:74:11:a6:40:a2:df:de:34:6c:4b:bf:ae:c5:1b:1b:
a2:94:7e:37:58:ac:5e:4a:07:0d:d1:04:42:22:28:6c:7c:53:
18:b3:af:ba:65:b8:70:94:1e:1b:a2:5b:d9:e6:19:82:78:8c:
32:c8:86:02:e7:f5:de:fa:22:50:c9:e2:fb:8c:2b:11:f9:b5:
41:4a:4a:af:0f:04:a4:af:e2:1d:d9:0b:77:4c:9a:80:22:8c:
5b:55:db:da:65:28:99:6a:20:a3:20:99:90:95:1c:f2:82:43:
e4:47:35:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKSnIXN0s5schP6ONH8TLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMjliMDM5Y2Y4YWFmMTQxZDZlNmQ2MTZlN2MxNjkwODlj
YmNiMzIwHhcNMjYwMzI2MDgwMDU2WhcNMjYwMzI3MDgwMDU2WjAzMTEwLwYDVQQD
EyhjZGQxYmQyMjE2YzZlZTFjZmNiNDEzOGQwMmYzMGRhYmVlZDM3ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwT2DAODKFQm+GNf7Z2VQgHDkjZ2i
Zvwp4CQRG/AHeGZrDhxmnVQ1oZwKgT8sZmzkYROVcJzByjbY8Agl6J8i9FqYcx6O
XywoQ66zaz0K8BK5eVxpEoKIIsQn01JA/5MVo0dskBY9J5HWOzrsDPlwoDaBb4eN
+DTATZABFPR0pSIhOPzRC/LdYS9y79wMTwOsDGKoT3HXtKmLeouEPGXfGWCMcRUv
AizF1FsZ9G3dHRqKDWTC1XtSkTZgJjD8NS7Z3Nz12ovjpM/4WpMjRfPy6jWV9Pka
WVBSCFIg2yxJtYwZef7RqRn2jlk9U7Zib4tCSsSqgZ3EiPeB9WmfsF3rqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3RvSIWxu4c/LQTjQLzDavu039HMB8GA1UdIwQY
MBaAFHIpsDnPiq8UHW5tYW58FpCJy8syMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQt
ODdhNjg0NWY2NmY5LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDA4NzUtMDYxYS00MmRmLTljNmQtODdhNjg0NWY2NmY5
LzEvY2ltd09jLUtyeFFkYm0xaGJud1drSW5MeXpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXK3/UyWK
7+59Ai/XDd7Tu7J8ilLTs8zhNefDXKC+AeayZKsy4DjQcuq4GBwd4DQTMdJrd3mB
29/n8bRV87owFOJZZ5AchMSM+1mPOCk+F6uF4QUFWf62pw6v8ryIqiZhR4WOn3FP
eoUdJEE77BgrXHEYXnz1mIANwciCzGtSF29xYy5ktEgefe5O8rlw4SWCwyvodBGm
QKLf3jRsS7+uxRsbopR+N1isXkoHDdEEQiIobHxTGLOvumW4cJQeG6Jb2eYZgniM
MsiGAuf13voiUMni+4wrEfm1QUpKrw8EpK/iHdkLd0yagCKMW1Xb2mUomWogoyCZ
kJUc8oJD5Ec1ig==
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:00:19 2026 by rpki-client