Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: ixf/+ZpB2SDFK1genz6aBuJ/wYxWZYVXXtUAinATfmc=
Subject key identifier: 6B:89:82:6F:7F:7D:18:52:2E:93:5C:D2:0A:FA:A6:ED:76:5C:EF:C9
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 019D273A99DBFEA14A12B2544E9437F1BACD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 188C
Signing time: Wed 25 Mar 2026 23:00:45 +0000
Manifest this update: Wed 25 Mar 2026 23:00:45 +0000
Manifest next update: Thu 26 Mar 2026 23:00:45 +0000
Files and hashes: 1: cAt58g0xkrFHt9-N3ZykhWH0ReM.roa (hash: zJIgtJYw+ptpKpZht1FAofTALod8Sw1aXf2YLrLjs1s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: 6DW03zlJjW5SVJUfVoTGgE1OFCFf8pxne0d9CfaNzxc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:3a:99:db:fe:a1:4a:12:b2:54:4e:94:37:f1:ba:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Mar 25 23:00:45 2026 GMT
Not After : Mar 26 23:00:45 2026 GMT
Subject: CN=6b89826f7f7d18522e935cd20afaa6ed765cefc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1b:bb:9f:e2:18:10:bf:8a:a1:64:6b:93:08:
85:08:ed:f1:8a:89:76:44:14:95:05:34:d6:33:19:
16:a0:d1:09:88:e1:30:55:15:4a:df:9f:fb:20:8e:
ed:f1:df:2b:8a:ac:06:41:f3:4d:29:45:f2:6b:81:
6c:1a:8b:97:8c:e8:06:64:46:d7:e7:e5:67:51:08:
32:f0:f6:2a:e8:a0:9b:2e:ee:44:e3:40:42:4f:82:
e3:16:9a:ef:37:2b:6b:de:ff:cc:91:cd:e6:f1:e7:
ef:71:aa:a4:53:4c:f1:30:8f:54:6c:04:5b:23:59:
08:1a:bf:bd:11:60:57:f1:de:4d:93:3f:e5:c0:78:
20:66:1c:c6:22:37:30:78:77:b7:5b:c2:97:ca:50:
6f:14:7e:7a:8a:09:f7:42:ba:c8:84:4b:1d:94:22:
eb:0b:23:82:23:98:87:15:2e:dd:23:fb:a1:57:fd:
25:37:ee:89:65:12:d3:64:36:00:68:c8:b6:3e:21:
55:59:e9:e0:e1:3b:16:7a:e5:ca:cd:35:47:63:ff:
79:bb:e6:9c:8f:30:26:78:60:a6:f0:fa:08:b1:13:
61:da:26:da:e2:76:a1:6d:47:97:80:be:4a:1f:a6:
a1:24:87:c6:36:c9:c2:6e:bc:b6:19:52:f6:80:17:
93:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:89:82:6F:7F:7D:18:52:2E:93:5C:D2:0A:FA:A6:ED:76:5C:EF:C9
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:d8:bf:2a:bf:1e:e0:92:21:7b:01:56:17:2a:fa:b0:e9:f4:
8f:84:19:6e:27:9b:5c:e9:e7:70:e2:ca:ae:3b:11:60:3b:be:
4a:d8:3e:24:d5:bf:00:0d:57:2d:55:ae:48:b6:42:15:8f:70:
72:ad:ec:26:df:f1:7b:69:87:58:51:cf:52:66:6a:9b:e1:2e:
ad:25:7d:fd:86:64:e2:00:14:91:6a:09:64:ee:70:61:36:1a:
34:c2:e5:62:aa:db:29:4b:bf:a5:46:73:e6:b7:20:ef:40:bb:
67:67:12:8e:4a:6d:a1:a0:81:20:92:d7:2c:0a:44:cf:2c:eb:
f1:51:d1:e3:fa:3b:a8:f8:5e:35:ce:52:13:72:a7:5a:f2:51:
4a:9c:c7:4a:82:f0:9b:b4:ef:6e:14:4e:f9:de:00:0a:4d:b8:
8e:e7:65:40:7d:39:c2:ce:74:ad:a5:bf:37:51:a3:3b:25:ea:
78:3e:33:7f:eb:5e:cd:38:ff:8a:d7:7d:b8:d4:8e:4a:ca:18:
14:aa:3e:48:b3:bc:22:9e:20:59:79:b9:92:cc:19:da:65:8a:
8f:ed:a6:e3:4e:e0:6a:b3:b9:32:56:f0:94:2b:66:68:f4:b2:
79:aa:22:6f:9c:64:d3:ff:94:7a:61:3d:85:3e:76:af:a6:96:
7f:b1:0a:27
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nOpnb/qFKErJUTpQ38brNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjYwMzI1MjMwMDQ1WhcNMjYwMzI2MjMwMDQ1WjAzMTEwLwYDVQQD
Eyg2Yjg5ODI2ZjdmN2QxODUyMmU5MzVjZDIwYWZhYTZlZDc2NWNlZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhu7n+IYEL+KoWRrkwiFCO3xiol2
RBSVBTTWMxkWoNEJiOEwVRVK35/7II7t8d8riqwGQfNNKUXya4FsGouXjOgGZEbX
5+VnUQgy8PYq6KCbLu5E40BCT4LjFprvNytr3v/Mkc3m8efvcaqkU0zxMI9UbARb
I1kIGr+9EWBX8d5Nkz/lwHggZhzGIjcweHe3W8KXylBvFH56ign3QrrIhEsdlCLr
CyOCI5iHFS7dI/uhV/0lN+6JZRLTZDYAaMi2PiFVWeng4TsWeuXKzTVHY/95u+ac
jzAmeGCm8PoIsRNh2iba4nahbUeXgL5KH6ahJIfGNsnCbry2GVL2gBeTGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGuJgm9/fRhSLpNc0gr6pu12XO/JMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXdi/Kr8e
4JIhewFWFyr6sOn0j4QZbiebXOnncOLKrjsRYDu+Stg+JNW/AA1XLVWuSLZCFY9w
cq3sJt/xe2mHWFHPUmZqm+EurSV9/YZk4gAUkWoJZO5wYTYaNMLlYqrbKUu/pUZz
5rcg70C7Z2cSjkptoaCBIJLXLApEzyzr8VHR4/o7qPheNc5SE3KnWvJRSpzHSoLw
m7TvbhRO+d4ACk24judlQH05ws50raW/N1GjOyXqeD4zf+tezTj/itd9uNSOSsoY
FKo+SLO8Ip4gWXm5kswZ2mWKj+2m407garO5MlbwlCtmaPSyeaoib5xk0/+UemE9
hT52r6aWf7EKJw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:50:43 2026 by rpki-client