Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/421440-f82d-4fa7-a049-f32ba486339a/1/CPyf1Et5SoQuKacYi0qMbkcuHVA.mft
File: CPyf1Et5SoQuKacYi0qMbkcuHVA.mft (raw, json)
Hash identifier: MSlZLlmiSqawNLJUIXYWwEZu8hdqf1SihYTtL9ED/pE=
Subject key identifier: D6:E7:B9:03:CB:FF:72:1F:B3:AB:BD:31:20:C7:50:05:1E:63:86:DD
Authority key identifier: 08:FC:9F:D4:4B:79:4A:84:2E:29:A7:18:8B:4A:8C:6E:47:2E:1D:50
Certificate issuer: /CN=08fc9fd44b794a842e29a7188b4a8c6e472e1d50
Certificate serial: 019D322C4AC1453A202E98A21FEB7CEEBEB1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyf1Et5SoQuKacYi0qMbkcuHVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/421440-f82d-4fa7-a049-f32ba486339a/1/CPyf1Et5SoQuKacYi0qMbkcuHVA.mft
Manifest number: AE
Signing time: Sat 28 Mar 2026 02:00:56 +0000
Manifest this update: Sat 28 Mar 2026 02:00:56 +0000
Manifest next update: Sun 29 Mar 2026 02:00:56 +0000
Files and hashes: 1: 2Cp0m0oboXHVnEkkibc7MZ0iVno.roa (hash: 0rfuIAzK1SMPi5hQRwB+Vwr/Z1zW0RzBLtrMrDa24eI=)
2: CPyf1Et5SoQuKacYi0qMbkcuHVA.crl (hash: r5camlD42eV5Z7wP5frOAgmGWsqeGJjAyiTVwV9Avic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/421440-f82d-4fa7-a049-f32ba486339a/1/CPyf1Et5SoQuKacYi0qMbkcuHVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/421440-f82d-4fa7-a049-f32ba486339a/1/CPyf1Et5SoQuKacYi0qMbkcuHVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CPyf1Et5SoQuKacYi0qMbkcuHVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:2c:4a:c1:45:3a:20:2e:98:a2:1f:eb:7c:ee:be:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fc9fd44b794a842e29a7188b4a8c6e472e1d50
Validity
Not Before: Mar 28 02:00:56 2026 GMT
Not After : Mar 29 02:00:56 2026 GMT
Subject: CN=d6e7b903cbff721fb3abbd3120c750051e6386dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:68:2d:55:90:19:e6:9b:65:e4:98:af:9e:f3:
4b:f2:33:b2:85:7c:db:e0:79:46:b8:a4:bf:47:a0:
33:62:4f:74:4d:af:56:60:44:09:cc:0b:e3:f8:66:
63:2e:45:b8:e8:c1:76:8a:3a:30:ef:82:1f:e5:5b:
59:9c:d5:71:37:3f:4c:63:38:1c:57:1a:93:2f:ba:
85:af:96:02:44:0a:79:bd:40:f0:aa:34:da:43:ca:
7b:2b:9c:af:d5:5a:fa:b2:27:04:a7:1d:55:52:1a:
47:cc:ea:8c:f3:bc:63:90:68:44:70:b6:dd:1a:05:
85:82:72:66:28:3f:ce:ff:a1:9f:a6:53:40:0d:9e:
15:3d:44:3a:5d:36:ed:e7:60:97:69:25:60:f6:3f:
55:b3:0f:71:81:ca:a5:29:08:d3:3b:2c:91:7a:60:
d2:4a:8d:4c:c2:07:6d:50:50:e7:e8:dc:d3:3e:be:
00:c4:2f:9d:8a:e2:ee:8b:25:79:d9:61:e5:19:c1:
de:0c:aa:e4:77:5f:69:cd:db:59:fd:6f:58:9b:bc:
40:a5:35:57:72:c3:8d:58:e7:0d:3f:79:86:c6:aa:
8f:fc:d2:e9:7d:a0:29:b0:3e:f5:12:fe:35:e7:89:
19:4f:b3:5a:75:ed:02:f8:23:9f:93:9f:ef:09:3e:
4f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E7:B9:03:CB:FF:72:1F:B3:AB:BD:31:20:C7:50:05:1E:63:86:DD
X509v3 Authority Key Identifier:
keyid:08:FC:9F:D4:4B:79:4A:84:2E:29:A7:18:8B:4A:8C:6E:47:2E:1D:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyf1Et5SoQuKacYi0qMbkcuHVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/421440-f82d-4fa7-a049-f32ba486339a/1/CPyf1Et5SoQuKacYi0qMbkcuHVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/421440-f82d-4fa7-a049-f32ba486339a/1/CPyf1Et5SoQuKacYi0qMbkcuHVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:77:19:ff:fb:27:d9:5d:5a:63:81:76:4c:05:96:9c:2d:93:
11:b9:9f:e6:ff:4a:f3:c8:6b:42:7b:47:08:8f:f6:ae:31:41:
63:5b:44:22:be:9b:ae:9a:aa:1a:84:40:e1:4a:0f:17:75:28:
df:0e:1f:43:80:06:cf:bc:a3:87:5c:61:29:c9:b4:06:51:32:
4b:e5:1d:a1:c0:14:41:22:20:aa:1b:48:0f:9b:4b:5b:30:ab:
44:ba:54:49:80:20:3e:d6:f8:31:72:fe:4e:68:2e:2c:fa:91:
5c:6e:e2:d9:7a:29:26:cb:27:65:eb:54:9a:84:f7:a1:40:08:
9d:70:d6:c2:4b:d8:5f:1d:20:93:68:b5:0f:8e:70:c2:14:48:
30:08:cc:d4:bb:be:23:1f:64:0f:84:9a:f6:06:c6:12:5f:6e:
ec:9b:3f:56:bd:bf:07:72:e5:1f:bf:b0:57:05:65:f2:0f:38:
59:3c:90:e9:54:25:96:a1:7e:11:19:42:aa:59:fd:1b:af:10:
de:cf:5d:43:85:8f:f5:1c:4e:ac:7d:0d:96:4f:3d:c1:90:5f:
20:22:1a:eb:70:73:a5:4e:d3:e0:3d:d5:f8:8f:e5:6c:3b:37:
84:1f:03:f4:6c:39:84:1e:39:6f:dc:69:ce:53:42:7f:03:5a:
d7:78:e4:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yLErBRTogLpiiH+t87r6xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZmM5ZmQ0NGI3OTRhODQyZTI5YTcxODhiNGE4YzZlNDcy
ZTFkNTAwHhcNMjYwMzI4MDIwMDU2WhcNMjYwMzI5MDIwMDU2WjAzMTEwLwYDVQQD
EyhkNmU3YjkwM2NiZmY3MjFmYjNhYmJkMzEyMGM3NTAwNTFlNjM4NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2gtVZAZ5ptl5JivnvNL8jOyhXzb
4HlGuKS/R6AzYk90Ta9WYEQJzAvj+GZjLkW46MF2ijow74If5VtZnNVxNz9MYzgc
VxqTL7qFr5YCRAp5vUDwqjTaQ8p7K5yv1Vr6sicEpx1VUhpHzOqM87xjkGhEcLbd
GgWFgnJmKD/O/6GfplNADZ4VPUQ6XTbt52CXaSVg9j9Vsw9xgcqlKQjTOyyRemDS
So1MwgdtUFDn6NzTPr4AxC+diuLuiyV52WHlGcHeDKrkd19pzdtZ/W9Ym7xApTVX
csONWOcNP3mGxqqP/NLpfaApsD71Ev4154kZT7Nade0C+COfk5/vCT5PYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNbnuQPL/3Ifs6u9MSDHUAUeY4bdMB8GA1UdIwQY
MBaAFAj8n9RLeUqELimnGItKjG5HLh1QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1B5ZjFFdDVTb1F1S2FjWWkwcU1ia2N1SFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80MjE0NDAtZjgyZC00ZmE3LWEwNDkt
ZjMyYmE0ODYzMzlhLzEvQ1B5ZjFFdDVTb1F1S2FjWWkwcU1ia2N1SFZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80MjE0NDAtZjgyZC00ZmE3LWEwNDktZjMyYmE0ODYzMzlh
LzEvQ1B5ZjFFdDVTb1F1S2FjWWkwcU1ia2N1SFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYHcZ//sn
2V1aY4F2TAWWnC2TEbmf5v9K88hrQntHCI/2rjFBY1tEIr6brpqqGoRA4UoPF3Uo
3w4fQ4AGz7yjh1xhKcm0BlEyS+UdocAUQSIgqhtID5tLWzCrRLpUSYAgPtb4MXL+
TmguLPqRXG7i2XopJssnZetUmoT3oUAInXDWwkvYXx0gk2i1D45wwhRIMAjM1Lu+
Ix9kD4Sa9gbGEl9u7Js/Vr2/B3LlH7+wVwVl8g84WTyQ6VQllqF+ERlCqln9G68Q
3s9dQ4WP9RxOrH0Nlk89wZBfICIa63BzpU7T4D3V+I/lbDs3hB8D9Gw5hB45b9xp
zlNCfwNa13jkAA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:38:33 2026 by rpki-client