Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.mft
File: Cga2XLuXZnq9_5uGGiL50B0dRss.mft (raw, json)
Hash identifier: MZP3eC6TZx9GY0g+dcbKsFcZOCWu4zDAdu2i0vkDL8k=
Subject key identifier: 40:C3:E0:77:2F:07:7A:9D:91:B2:EA:9F:79:B1:A3:7E:BC:59:6A:7D
Authority key identifier: 0A:06:B6:5C:BB:97:66:7A:BD:FF:9B:86:1A:22:F9:D0:1D:1D:46:CB
Certificate issuer: /CN=0a06b65cbb97667abdff9b861a22f9d01d1d46cb
Certificate serial: 019D2961533A322795608687916BC9817ABF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 09:02:17 +0000
Manifest this update: Thu 26 Mar 2026 09:02:17 +0000
Manifest next update: Fri 27 Mar 2026 09:02:17 +0000
Files and hashes: 1: Cga2XLuXZnq9_5uGGiL50B0dRss.crl (hash: p2KaQ/mMwBLHDqVQRXBpO8st5vxKdrsg5mtnBg5ptBo=)
2: RpFgP93ClwNM-ocN6qvLfic7DMs.roa (hash: 5S/X3det1+F3wpDnXO5aEBYjQHz6Mc8fd6NBqHj9aKo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.mft
rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:61:53:3a:32:27:95:60:86:87:91:6b:c9:81:7a:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a06b65cbb97667abdff9b861a22f9d01d1d46cb
Validity
Not Before: Mar 26 09:02:17 2026 GMT
Not After : Mar 27 09:02:17 2026 GMT
Subject: CN=40c3e0772f077a9d91b2ea9f79b1a37ebc596a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:87:13:e5:b7:23:77:dc:14:90:38:74:76:36:
80:1a:69:20:c8:67:d7:22:87:4c:dc:21:51:e6:ec:
a5:bb:1e:2d:07:78:1a:7e:4c:38:6d:ff:a9:bf:ef:
9b:c1:4d:73:7c:31:bf:03:c9:3b:ff:5d:70:40:03:
f2:be:dd:11:ad:fe:a3:2e:60:f6:e2:64:28:50:e6:
c4:d2:b8:b2:f1:1b:01:95:43:ff:a8:62:53:c8:1f:
df:44:db:63:13:37:47:5b:cd:a6:c6:d6:3f:5c:eb:
f4:73:6e:f3:96:54:4e:b9:36:17:20:1d:7b:f9:fa:
20:8a:f9:e7:51:8d:45:fa:09:d9:b4:16:b5:c9:df:
34:49:01:33:34:69:d6:04:0c:1a:61:5f:0c:49:db:
83:7f:e0:28:75:67:96:7d:df:d7:9d:36:d5:e2:8d:
0b:b4:b1:13:a8:2b:6f:4c:3b:2c:ff:ad:5a:78:ac:
45:7b:f2:07:ff:85:17:e6:b9:8c:35:8d:d8:07:56:
5a:5e:b7:56:f7:99:20:e3:1c:e0:21:b4:6f:95:66:
c2:ec:99:48:10:72:50:3e:4f:6d:19:b9:ea:48:4c:
dd:40:1d:01:33:77:94:8d:55:c8:3a:38:ea:73:d2:
86:4f:4c:ed:5e:bb:d0:fa:10:8f:8a:08:c5:90:98:
a8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:C3:E0:77:2F:07:7A:9D:91:B2:EA:9F:79:B1:A3:7E:BC:59:6A:7D
X509v3 Authority Key Identifier:
keyid:0A:06:B6:5C:BB:97:66:7A:BD:FF:9B:86:1A:22:F9:D0:1D:1D:46:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cga2XLuXZnq9_5uGGiL50B0dRss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2e18f7-09c7-45b1-bcb7-9f6686e42800/1/Cga2XLuXZnq9_5uGGiL50B0dRss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
03:1f:8e:37:3a:1b:bd:bb:ff:eb:3f:08:9f:83:7f:9f:33:2b:
dc:3d:be:45:72:b6:2a:a9:e6:c2:1e:2c:d4:8a:ef:0b:8b:42:
c2:14:a3:1d:f8:d4:44:ed:9e:fd:fc:db:5a:56:88:e5:10:ed:
0f:1f:b8:a9:74:61:e8:9f:f2:7b:86:27:79:8c:2b:46:bd:a8:
a1:9e:c2:e7:3e:07:32:26:79:6b:61:5c:38:80:d2:87:80:cc:
3a:af:60:b5:f3:16:de:78:ca:2c:9b:cc:ff:59:b8:90:6f:36:
8a:a9:77:43:7e:60:25:eb:d6:26:d1:db:12:ca:a7:7a:57:a5:
a7:cf:e0:a3:57:cf:df:1a:30:8f:33:07:3b:0d:50:18:52:3f:
c1:43:d3:29:f9:e4:d9:63:90:1b:f0:32:e1:1f:cc:7f:be:09:
e6:b2:e3:84:e7:d9:24:71:a0:59:29:d2:f7:c4:77:67:63:82:
85:8d:8d:4e:e4:73:e5:77:6a:70:50:1f:59:4a:eb:a2:cc:65:
d0:ff:ae:be:fa:59:f3:3f:9c:c1:8f:80:8d:2e:45:cd:f2:47:
4e:9a:74:6c:67:96:2e:b7:3e:a9:04:dc:58:f9:12:43:78:71:
9b:d4:dc:90:a0:05:23:52:f8:fc:34:c6:53:d4:24:df:f4:55:
ee:41:36:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pYVM6MieVYIaHkWvJgXq/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDZiNjVjYmI5NzY2N2FiZGZmOWI4NjFhMjJmOWQwMWQx
ZDQ2Y2IwHhcNMjYwMzI2MDkwMjE3WhcNMjYwMzI3MDkwMjE3WjAzMTEwLwYDVQQD
Eyg0MGMzZTA3NzJmMDc3YTlkOTFiMmVhOWY3OWIxYTM3ZWJjNTk2YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIcT5bcjd9wUkDh0djaAGmkgyGfX
IodM3CFR5uylux4tB3gafkw4bf+pv++bwU1zfDG/A8k7/11wQAPyvt0Rrf6jLmD2
4mQoUObE0riy8RsBlUP/qGJTyB/fRNtjEzdHW82mxtY/XOv0c27zllROuTYXIB17
+fogivnnUY1F+gnZtBa1yd80SQEzNGnWBAwaYV8MSduDf+AodWeWfd/XnTbV4o0L
tLETqCtvTDss/61aeKxFe/IH/4UX5rmMNY3YB1ZaXrdW95kg4xzgIbRvlWbC7JlI
EHJQPk9tGbnqSEzdQB0BM3eUjVXIOjjqc9KGT0ztXrvQ+hCPigjFkJioNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEDD4HcvB3qdkbLqn3mxo368WWp9MB8GA1UdIwQY
MBaAFAoGtly7l2Z6vf+bhhoi+dAdHUbLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dhMlhMdVhabnE5XzV1R0dpTDUwQjBkUnNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yZTE4ZjctMDljNy00NWIxLWJjYjct
OWY2Njg2ZTQyODAwLzEvQ2dhMlhMdVhabnE5XzV1R0dpTDUwQjBkUnNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yZTE4ZjctMDljNy00NWIxLWJjYjctOWY2Njg2ZTQyODAw
LzEvQ2dhMlhMdVhabnE5XzV1R0dpTDUwQjBkUnNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAx+ONzob
vbv/6z8In4N/nzMr3D2+RXK2Kqnmwh4s1IrvC4tCwhSjHfjURO2e/fzbWlaI5RDt
Dx+4qXRh6J/ye4YneYwrRr2ooZ7C5z4HMiZ5a2FcOIDSh4DMOq9gtfMW3njKLJvM
/1m4kG82iql3Q35gJevWJtHbEsqnelelp8/go1fP3xowjzMHOw1QGFI/wUPTKfnk
2WOQG/Ay4R/Mf74J5rLjhOfZJHGgWSnS98R3Z2OChY2NTuRz5XdqcFAfWUrrosxl
0P+uvvpZ8z+cwY+AjS5FzfJHTpp0bGeWLrc+qQTcWPkSQ3hxm9TckKAFI1L4/DTG
U9Qk3/RV7kE2QQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:27:31 2026 by rpki-client