Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
File: CQggTXz1vEqrOP-jnaOmge0he9Q.mft (raw, json)
Hash identifier: n0KYWmNRw9h6JuRM8/Parrh7wfhLb28VHn5qCh0jfJY=
Subject key identifier: 1B:1E:33:F9:31:3F:B6:21:D1:37:4D:69:64:C6:E4:8F:D6:6D:47:42
Authority key identifier: 09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
Certificate issuer: /CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Certificate serial: 019E2091742701128702D003F660066979C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
Manifest number: 1907
Signing time: Wed 13 May 2026 09:01:03 +0000
Manifest this update: Wed 13 May 2026 09:01:03 +0000
Manifest next update: Thu 14 May 2026 09:01:03 +0000
Files and hashes: 1: CQggTXz1vEqrOP-jnaOmge0he9Q.crl (hash: u2MkiQuoZbjSUS6MDNMeglI+HwZ8ADmUYMgOwLzkWP4=)
2: l99T-FK5yYY4px9pdlKhIlbZPRc.roa (hash: p/Hh7r12y6v1GNP3LrB2mSwj7gic+vMWivhi5TkoB/I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:91:74:27:01:12:87:02:d0:03:f6:60:06:69:79:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Validity
Not Before: May 13 09:01:03 2026 GMT
Not After : May 14 09:01:03 2026 GMT
Subject: CN=1b1e33f9313fb621d1374d6964c6e48fd66d4742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b9:8d:a0:25:f3:4b:eb:c3:fd:0a:87:71:92:
58:9b:87:ee:1a:28:46:30:99:b1:ed:e2:dd:8a:4d:
fe:26:4b:b0:8b:8a:bd:c7:68:6b:e1:f6:b3:1b:16:
77:40:bf:a3:ca:e9:91:20:5b:11:a0:60:ac:c5:5e:
4a:a2:7f:61:c1:a9:e2:b9:5e:49:70:96:45:87:ab:
b6:83:83:07:a7:1d:7c:3e:ff:d3:67:47:e0:83:ba:
85:8c:63:81:c2:b3:cf:d4:60:ff:3b:51:51:f9:68:
d1:c7:47:4e:e5:06:db:ed:55:44:3d:c4:cd:4f:9c:
40:3c:e3:0a:28:31:82:6f:f1:31:16:b5:a7:5f:22:
83:cf:c4:e4:88:91:5c:17:95:43:07:23:ad:65:b7:
c3:bb:aa:ca:bd:9f:e1:13:2b:27:fb:e5:c0:15:8f:
c1:00:bb:2e:5a:8b:bb:a2:aa:3c:e2:b0:2c:67:87:
19:a6:b3:04:13:be:0d:fe:ff:a4:a8:4d:08:19:b3:
a3:b0:46:0b:d9:ec:08:17:7e:3a:a4:6b:d7:dd:e6:
40:f8:d8:0e:ce:22:f9:72:47:7f:02:90:8d:3f:1d:
f6:b7:65:db:a3:79:7d:e9:b5:42:e9:40:75:da:d8:
46:41:2e:b5:e6:75:31:a8:07:7c:1e:c3:a6:b9:98:
41:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1E:33:F9:31:3F:B6:21:D1:37:4D:69:64:C6:E4:8F:D6:6D:47:42
X509v3 Authority Key Identifier:
keyid:09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:6b:1f:4b:d8:c6:5b:15:ae:99:04:49:4a:67:5e:26:3a:d9:
3f:9e:a4:59:eb:1d:21:85:41:30:5d:cb:83:62:d2:c6:ae:c7:
c8:c2:9a:fc:cf:8b:74:ce:65:a9:c1:97:17:9e:f3:20:6c:86:
9f:fb:c5:bc:df:4f:51:26:aa:85:77:85:31:06:b4:68:87:ff:
3b:d9:52:dc:28:33:c6:9a:32:6f:4f:a8:f6:2c:c6:1a:6f:18:
5e:b6:4d:2c:61:d7:a1:d5:73:29:dd:40:35:ec:04:0c:db:c5:
8c:03:cb:c1:4b:92:eb:c0:e8:26:25:3b:d3:c8:44:25:01:5d:
ed:9e:cb:06:6f:f8:b5:d6:68:7b:b9:d5:d9:c8:42:84:dd:ad:
1a:a4:cc:20:c2:a8:eb:1d:ca:b4:16:c2:11:29:88:7f:7f:3a:
3b:87:08:70:4c:12:c9:f4:05:aa:7a:de:39:8a:e8:8d:1a:51:
c9:6b:04:b6:a7:ad:c2:3d:25:14:c9:08:c3:f3:64:19:dc:45:
4c:f5:5c:26:26:d0:8c:a2:5c:aa:4c:9f:c8:7a:1a:61:7b:96:
ee:3c:74:3c:70:e5:96:41:75:b6:df:a8:b6:00:66:22:6a:be:
a9:7f:f3:3d:84:b8:1f:fc:f9:ba:23:12:74:40:29:4f:88:ca:
f2:75:9b:e1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4gkXQnARKHAtAD9mAGaXnHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDgyMDRkN2NmNWJjNGFhYjM4ZmZhMzlkYTNhNjgxZWQy
MTdiZDQwHhcNMjYwNTEzMDkwMTAzWhcNMjYwNTE0MDkwMTAzWjAzMTEwLwYDVQQD
EygxYjFlMzNmOTMxM2ZiNjIxZDEzNzRkNjk2NGM2ZTQ4ZmQ2NmQ0NzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrmNoCXzS+vD/QqHcZJYm4fuGihG
MJmx7eLdik3+Jkuwi4q9x2hr4fazGxZ3QL+jyumRIFsRoGCsxV5Kon9hwaniuV5J
cJZFh6u2g4MHpx18Pv/TZ0fgg7qFjGOBwrPP1GD/O1FR+WjRx0dO5Qbb7VVEPcTN
T5xAPOMKKDGCb/ExFrWnXyKDz8TkiJFcF5VDByOtZbfDu6rKvZ/hEysn++XAFY/B
ALsuWou7oqo84rAsZ4cZprMEE74N/v+kqE0IGbOjsEYL2ewIF346pGvX3eZA+NgO
ziL5ckd/ApCNPx32t2Xbo3l96bVC6UB12thGQS615nUxqAd8HsOmuZhB5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBseM/kxP7Yh0TdNaWTG5I/WbUdCMB8GA1UdIwQY
MBaAFAkIIE189bxKqzj/o52jpoHtIXvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjIt
ODgyM2YxMTFkZjA3LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjItODgyM2YxMTFkZjA3
LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGsfS9jG
WxWumQRJSmdeJjrZP56kWesdIYVBMF3Lg2LSxq7HyMKa/M+LdM5lqcGXF57zIGyG
n/vFvN9PUSaqhXeFMQa0aIf/O9lS3Cgzxpoyb0+o9izGGm8YXrZNLGHXodVzKd1A
NewEDNvFjAPLwUuS68DoJiU708hEJQFd7Z7LBm/4tdZoe7nV2chChN2tGqTMIMKo
6x3KtBbCESmIf386O4cIcEwSyfQFqnreOYrojRpRyWsEtqetwj0lFMkIw/NkGdxF
TPVcJibQjKJcqkyfyHoaYXuW7jx0PHDllkF1tt+otgBmImq+qX/zPYS4H/z5uiMS
dEApT4jK8nWb4Q==
-----END CERTIFICATE-----
Generated at Wed May 13 13:35:10 2026 by rpki-client