Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: AG8SM5wWNCSk8faOWXyAZN7TMXURsuDCxG4lNYZ68RE=
Subject key identifier: 5F:B7:BE:23:17:18:A3:A8:8A:17:90:D7:A2:DE:77:4C:07:FE:71:7E
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 019D26CCEEB27B484065918FDC6DABBC5C27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 1887
Signing time: Wed 25 Mar 2026 21:00:57 +0000
Manifest this update: Wed 25 Mar 2026 21:00:57 +0000
Manifest next update: Thu 26 Mar 2026 21:00:57 +0000
Files and hashes: 1: 24AsigLbaKArrRhQpNvzkLuNdsw.roa (hash: Y6cso1vmOQRNAQC+IgTQnFt9A6yD7HrC8YdvTQc2P8Y=)
2: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: HPrfETuFBcMNEAxytN3pJQuI0NAREeyRIqk2zfTE7gU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cc:ee:b2:7b:48:40:65:91:8f:dc:6d:ab:bc:5c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Mar 25 21:00:57 2026 GMT
Not After : Mar 26 21:00:57 2026 GMT
Subject: CN=5fb7be231718a3a88a1790d7a2de774c07fe717e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d3:26:10:77:9e:fb:e1:28:d4:b0:d7:f2:c4:
31:2c:f0:e2:a2:bd:e1:d8:37:cf:30:b1:df:af:7c:
e7:a9:80:dd:00:53:1d:20:05:a5:36:98:6f:86:aa:
6e:47:2e:3d:0b:3c:86:6a:63:13:0a:a5:fd:f8:7b:
f8:d2:2e:7f:46:25:d3:aa:8c:43:d4:c1:31:05:dc:
d6:2a:27:ac:d1:32:1a:7f:46:74:de:43:cd:de:31:
ff:da:5f:67:a4:85:c1:10:ba:85:5b:57:d5:a6:97:
f4:5d:68:2f:c7:48:76:96:17:3f:ba:b2:c8:66:81:
00:7a:06:35:aa:41:3b:2b:29:cd:ee:91:e6:6c:ba:
3b:2a:53:f1:20:91:5d:57:27:46:b6:58:52:e2:d8:
43:e7:a3:55:30:37:17:0a:0c:0a:39:e8:b0:99:17:
98:88:c9:ff:8f:bc:b7:d5:7d:a4:e4:9b:ef:f5:5b:
1b:ef:d8:78:92:1c:a9:48:19:5c:67:0a:03:f8:c8:
b1:9d:bc:c2:bd:3c:48:27:01:48:55:c4:e7:46:a2:
3f:29:3b:24:be:b9:79:67:1e:40:37:60:0e:4a:7f:
72:76:3e:cc:c1:cb:46:d7:f6:8b:2d:62:36:a7:89:
9c:f8:b6:ac:53:94:19:03:8e:77:4f:9e:ca:b8:2d:
fb:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B7:BE:23:17:18:A3:A8:8A:17:90:D7:A2:DE:77:4C:07:FE:71:7E
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:92:99:0e:25:f6:e4:aa:f5:78:84:d9:a8:a1:33:4a:90:64:
7b:a3:7a:ca:30:1b:58:ba:63:e1:b3:08:6b:ba:6e:c2:36:04:
2b:f9:e4:3f:06:c1:1c:c0:3c:c4:e9:85:53:58:fb:49:18:93:
f4:10:f0:ab:ff:48:6b:d0:be:d5:b8:92:41:45:15:ea:87:b9:
47:2c:e7:a9:26:b1:ba:77:80:1a:82:b8:cc:d5:f5:a0:b9:e1:
74:08:9f:05:52:b1:13:22:66:d5:69:3a:72:73:58:e6:f9:d8:
de:3b:68:87:cd:1b:cd:83:14:9b:b2:5b:ca:9f:95:3e:48:5c:
17:89:ea:75:17:aa:87:c4:87:27:d4:fb:4f:1c:15:72:75:52:
3f:51:dd:ef:88:99:69:f9:24:16:01:76:70:65:fb:6a:2f:94:
61:ed:3d:ed:7b:af:c8:99:c4:72:17:44:78:9d:dc:47:56:6e:
d0:6f:2b:f6:3b:05:41:aa:06:76:8c:2c:b5:23:53:1e:e5:87:
4f:6f:41:8d:5c:ac:3c:f9:84:11:3c:7b:2c:af:c0:5b:d0:76:
1b:96:59:c9:80:93:f9:18:76:d3:6f:8b:7c:fd:07:80:05:d1:
60:75:96:3d:6d:08:49:b5:06:d9:bc:3a:ab:37:1f:06:35:20:
9c:3e:3a:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzO6ye0hAZZGP3G2rvFwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjYwMzI1MjEwMDU3WhcNMjYwMzI2MjEwMDU3WjAzMTEwLwYDVQQD
Eyg1ZmI3YmUyMzE3MThhM2E4OGExNzkwZDdhMmRlNzc0YzA3ZmU3MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNMmEHee++Eo1LDX8sQxLPDior3h
2DfPMLHfr3znqYDdAFMdIAWlNphvhqpuRy49CzyGamMTCqX9+Hv40i5/RiXTqoxD
1MExBdzWKies0TIaf0Z03kPN3jH/2l9npIXBELqFW1fVppf0XWgvx0h2lhc/urLI
ZoEAegY1qkE7KynN7pHmbLo7KlPxIJFdVydGtlhS4thD56NVMDcXCgwKOeiwmReY
iMn/j7y31X2k5Jvv9Vsb79h4khypSBlcZwoD+MixnbzCvTxIJwFIVcTnRqI/KTsk
vrl5Zx5AN2AOSn9ydj7MwctG1/aLLWI2p4mc+LasU5QZA453T57KuC37awIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF+3viMXGKOoiheQ16Led0wH/nF+MB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIZKZDiX2
5Kr1eITZqKEzSpBke6N6yjAbWLpj4bMIa7puwjYEK/nkPwbBHMA8xOmFU1j7SRiT
9BDwq/9Ia9C+1biSQUUV6oe5RyznqSaxuneAGoK4zNX1oLnhdAifBVKxEyJm1Wk6
cnNY5vnY3jtoh80bzYMUm7Jbyp+VPkhcF4nqdReqh8SHJ9T7TxwVcnVSP1Hd74iZ
afkkFgF2cGX7ai+UYe097XuvyJnEchdEeJ3cR1Zu0G8r9jsFQaoGdowstSNTHuWH
T29BjVysPPmEETx7LK/AW9B2G5ZZyYCT+Rh202+LfP0HgAXRYHWWPW0ISbUG2bw6
qzcfBjUgnD46PA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:06 2026 by rpki-client