Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
File: CQggTXz1vEqrOP-jnaOmge0he9Q.mft (raw, json)
Hash identifier: u//MbJbStjbgH9wML1u3koZtLAMzv3jVqeFVM2IvyiU=
Subject key identifier: B5:84:DC:31:F4:2F:45:D6:5A:17:AF:48:48:20:A5:F5:2F:40:3A:84
Authority key identifier: 09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
Certificate issuer: /CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Certificate serial: 019D2B4F0D2567B9463E98427F9F1117B439
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
Manifest number: 1888
Signing time: Thu 26 Mar 2026 18:01:34 +0000
Manifest this update: Thu 26 Mar 2026 18:01:34 +0000
Manifest next update: Fri 27 Mar 2026 18:01:34 +0000
Files and hashes: 1: CQggTXz1vEqrOP-jnaOmge0he9Q.crl (hash: f+FV+BYxesQBdI2+rdc0zjqtQ8HsKQfATgruTe50+iU=)
2: l99T-FK5yYY4px9pdlKhIlbZPRc.roa (hash: p/Hh7r12y6v1GNP3LrB2mSwj7gic+vMWivhi5TkoB/I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4f:0d:25:67:b9:46:3e:98:42:7f:9f:11:17:b4:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0908204d7cf5bc4aab38ffa39da3a681ed217bd4
Validity
Not Before: Mar 26 18:01:34 2026 GMT
Not After : Mar 27 18:01:34 2026 GMT
Subject: CN=b584dc31f42f45d65a17af484820a5f52f403a84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a4:d3:13:19:fb:77:e2:f2:eb:37:50:2e:cc:
e4:f5:56:d9:a3:03:f6:05:7f:61:4c:c2:09:9c:9f:
69:18:f4:12:26:79:d7:50:5a:25:5c:0e:33:d0:9b:
db:4f:f9:98:1a:52:2f:db:72:03:c9:6c:60:ab:cb:
b1:62:88:5a:86:8b:d0:bb:ea:d7:b6:83:03:e7:70:
f6:28:aa:6c:9b:8e:a7:98:7c:9e:db:39:50:d0:2c:
d2:80:ab:88:e6:f5:92:1d:38:8f:2a:e3:7d:55:40:
1b:3d:9f:73:0b:f7:31:dc:70:b7:f0:2e:46:9f:b1:
2c:ca:3d:b3:01:41:cb:a0:0e:75:31:84:21:46:51:
9b:9f:7b:7f:98:93:58:2d:64:d9:ec:a1:17:48:45:
a3:0e:aa:df:52:f1:db:4d:b5:fa:7d:78:73:36:95:
f7:c5:79:1e:cd:c7:bc:16:c0:76:34:d4:f0:3f:6b:
71:12:b5:14:e9:a7:b2:03:52:ba:45:bf:06:28:c0:
93:cb:1b:29:11:67:2d:f7:78:2a:80:3b:a1:b8:3f:
a9:54:9d:77:73:d8:8e:ca:cf:f1:06:74:0f:92:31:
e6:23:e9:53:01:3e:45:e7:a6:61:1e:07:3f:0f:80:
ba:17:98:9a:7d:07:b8:87:29:81:93:23:29:27:01:
2d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:84:DC:31:F4:2F:45:D6:5A:17:AF:48:48:20:A5:F5:2F:40:3A:84
X509v3 Authority Key Identifier:
keyid:09:08:20:4D:7C:F5:BC:4A:AB:38:FF:A3:9D:A3:A6:81:ED:21:7B:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQggTXz1vEqrOP-jnaOmge0he9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/db9e58-ee42-4a10-8222-8823f111df07/1/CQggTXz1vEqrOP-jnaOmge0he9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
aa:7c:d1:82:28:5b:f8:fe:4b:62:a9:16:10:87:96:89:14:88:
27:d4:48:cf:d7:08:65:97:ae:59:e4:e2:9e:7a:8e:33:15:a7:
73:7d:70:21:82:45:2f:8e:9d:da:7c:b3:e3:75:6c:d9:bb:f3:
5e:d0:8b:ae:3c:d9:81:58:c8:76:a4:ea:9a:81:c9:4f:8e:37:
ee:08:d0:70:9b:f6:b5:19:d1:4e:bb:c3:88:54:4a:b6:5e:92:
d2:f2:cf:3a:44:7c:31:55:d1:0e:52:51:a0:a5:42:8c:c2:36:
b2:4a:6e:0f:76:95:e8:0a:eb:1b:1b:8b:f6:bd:dd:09:b5:13:
e1:67:54:01:a6:39:ab:a5:98:4d:bb:05:a6:ef:30:bc:e9:15:
b4:26:83:31:53:8f:20:cb:59:62:c7:07:46:ed:29:ab:92:85:
bf:48:bd:6f:cc:71:f8:54:38:f5:36:81:ed:84:64:0d:97:89:
d7:9e:b2:28:67:0d:a0:30:02:a7:d3:2a:33:d5:fe:b3:5a:2d:
20:1f:be:b5:a2:77:43:19:1e:8b:21:bf:bb:b3:6d:8d:af:41:
75:84:f1:15:87:71:2c:65:03:4c:2f:75:d5:42:3c:2a:75:f7:
53:4b:8a:4a:5d:1b:43:a7:a9:cf:a6:50:77:e4:32:00:90:e7:
d5:ce:83:11
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTw0lZ7lGPphCf58RF7Q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MDgyMDRkN2NmNWJjNGFhYjM4ZmZhMzlkYTNhNjgxZWQy
MTdiZDQwHhcNMjYwMzI2MTgwMTM0WhcNMjYwMzI3MTgwMTM0WjAzMTEwLwYDVQQD
EyhiNTg0ZGMzMWY0MmY0NWQ2NWExN2FmNDg0ODIwYTVmNTJmNDAzYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKTTExn7d+Ly6zdQLszk9VbZowP2
BX9hTMIJnJ9pGPQSJnnXUFolXA4z0JvbT/mYGlIv23IDyWxgq8uxYohahovQu+rX
toMD53D2KKpsm46nmHye2zlQ0CzSgKuI5vWSHTiPKuN9VUAbPZ9zC/cx3HC38C5G
n7Esyj2zAUHLoA51MYQhRlGbn3t/mJNYLWTZ7KEXSEWjDqrfUvHbTbX6fXhzNpX3
xXkezce8FsB2NNTwP2txErUU6aeyA1K6Rb8GKMCTyxspEWct93gqgDuhuD+pVJ13
c9iOys/xBnQPkjHmI+lTAT5F56ZhHgc/D4C6F5iafQe4hymBkyMpJwEt1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLWE3DH0L0XWWhevSEggpfUvQDqEMB8GA1UdIwQY
MBaAFAkIIE189bxKqzj/o52jpoHtIXvUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjIt
ODgyM2YxMTFkZjA3LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kYjllNTgtZWU0Mi00YTEwLTgyMjItODgyM2YxMTFkZjA3
LzEvQ1FnZ1RYejF2RXFyT1Atam5hT21nZTBoZTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqnzRgihb
+P5LYqkWEIeWiRSIJ9RIz9cIZZeuWeTinnqOMxWnc31wIYJFL46d2nyz43Vs2bvz
XtCLrjzZgVjIdqTqmoHJT4437gjQcJv2tRnRTrvDiFRKtl6S0vLPOkR8MVXRDlJR
oKVCjMI2skpuD3aV6ArrGxuL9r3dCbUT4WdUAaY5q6WYTbsFpu8wvOkVtCaDMVOP
IMtZYscHRu0pq5KFv0i9b8xx+FQ49TaB7YRkDZeJ156yKGcNoDACp9MqM9X+s1ot
IB++taJ3QxkeiyG/u7Ntja9BdYTxFYdxLGUDTC911UI8KnX3U0uKSl0bQ6epz6ZQ
d+QyAJDn1c6DEQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:04:14 2026 by rpki-client