Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
File: CEIhaO2oQjBU2C6wGMOD4tvor98.mft (raw, json)
Hash identifier: E0ubQEZPdf1qD4eWMDTUFgu5rUDCCZUQOFwQP8QqD34=
Subject key identifier: B0:4C:1C:46:2F:F9:19:D5:40:10:B5:27:AB:F4:E2:4D:D4:1D:36:3F
Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf
Certificate serial: 019D39AEBF201098DDB18A6BFC65C79D5503
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
Manifest number: 15BA
Signing time: Sun 29 Mar 2026 13:00:46 +0000
Manifest this update: Sun 29 Mar 2026 13:00:46 +0000
Manifest next update: Mon 30 Mar 2026 13:00:46 +0000
Files and hashes: 1: CEIhaO2oQjBU2C6wGMOD4tvor98.crl (hash: 1AXMkiWEJ/g/q6T9vaWBOY9SLYC5+kHa4xHpTsPQ/YM=)
2: cFauzwqXomgkVBlhCEWJrgK_IBo.roa (hash: 3eFRfx8k6ux2BDXfQobN4cZglfrrJQFQAkF7k25/Hiw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:ae:bf:20:10:98:dd:b1:8a:6b:fc:65:c7:9d:55:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf
Validity
Not Before: Mar 29 13:00:46 2026 GMT
Not After : Mar 30 13:00:46 2026 GMT
Subject: CN=b04c1c462ff919d54010b527abf4e24dd41d363f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:84:d6:3d:c6:96:a9:f7:2f:6e:3a:1a:ab:bb:
9c:1f:b1:ea:16:0b:20:e1:01:82:2e:cb:83:f2:9d:
a2:c4:2c:89:bd:60:ad:65:b6:1e:1d:0e:7a:82:aa:
62:71:3f:98:55:9b:6b:6f:de:eb:29:59:e8:7e:06:
a3:78:8a:9d:75:ef:3b:63:fc:fb:a2:9c:a7:82:0f:
3a:92:f2:2b:2c:4c:07:58:0c:bc:cb:02:da:63:3b:
d1:7c:80:00:bb:24:16:a8:46:41:cc:41:f4:70:42:
1f:3c:dd:cd:cc:a8:2c:d5:47:ba:29:1c:8f:fb:55:
2d:d9:b1:53:fc:19:54:1e:82:c7:c3:cb:91:15:42:
f9:94:03:7c:19:5d:5f:f7:a9:c6:60:df:1b:36:1a:
ff:52:27:ea:7c:1f:91:6b:83:58:57:56:62:33:28:
a0:d1:c4:97:51:67:4b:e8:62:97:0b:7b:f4:38:f5:
e9:d2:86:e9:09:37:e3:c3:e0:93:c4:2f:97:db:c5:
28:2c:fa:1d:c9:a7:26:d6:d7:a2:21:7e:4d:21:45:
ff:a1:f8:94:c9:c6:a4:d4:58:bc:0d:66:50:5f:26:
11:22:2e:6e:0e:1c:68:f7:f1:82:e2:8f:0e:dc:88:
ba:e9:3a:f3:cb:f1:c2:73:39:a5:a4:48:05:da:90:
df:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:4C:1C:46:2F:F9:19:D5:40:10:B5:27:AB:F4:E2:4D:D4:1D:36:3F
X509v3 Authority Key Identifier:
keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:8f:fd:35:50:d4:c9:58:51:7d:8b:30:6e:d1:ef:8c:ee:63:
ed:89:47:f1:6a:5d:81:b9:90:be:c5:cd:b4:eb:80:88:d9:35:
66:00:94:d6:c5:0d:5e:87:18:9a:0c:1a:75:30:b6:df:e2:27:
69:5d:80:bc:1e:a4:68:33:93:12:ff:5d:34:a8:9c:1c:5d:1a:
62:0f:07:31:d2:7f:09:e1:09:c3:c3:35:66:f9:d9:fb:4d:b7:
59:56:04:3d:e4:fc:28:29:2e:6d:d9:5e:dd:d3:de:8d:3c:28:
4b:40:80:84:93:53:4d:d6:3a:2b:38:74:7e:fa:03:ab:1b:a7:
38:d0:01:0b:88:7b:e7:f2:cb:fe:fd:21:28:a5:74:06:ab:93:
42:5b:42:c8:17:66:31:e3:f6:64:83:60:f9:4a:11:b0:5c:f6:
ca:a9:83:b0:a2:b8:18:6e:7a:8a:21:11:49:ca:90:a6:b5:ae:
4e:c1:75:cd:d8:64:06:cb:6b:88:55:3a:88:31:6c:b5:1b:fd:
a8:c5:0c:cf:89:d9:03:2d:fd:20:5b:0f:44:eb:90:2a:5f:66:
d4:f9:bd:5d:89:89:f1:74:f1:8f:cf:3e:43:55:8e:d4:d7:19:
ce:11:ea:09:fc:3e:63:c0:9e:36:cf:6e:ba:47:0f:30:58:6d:
2b:57:b1:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rr8gEJjdsYpr/GXHnVUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl
OGFmZGYwHhcNMjYwMzI5MTMwMDQ2WhcNMjYwMzMwMTMwMDQ2WjAzMTEwLwYDVQQD
EyhiMDRjMWM0NjJmZjkxOWQ1NDAxMGI1MjdhYmY0ZTI0ZGQ0MWQzNjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9oTWPcaWqfcvbjoaq7ucH7HqFgsg
4QGCLsuD8p2ixCyJvWCtZbYeHQ56gqpicT+YVZtrb97rKVnofgajeIqdde87Y/z7
opyngg86kvIrLEwHWAy8ywLaYzvRfIAAuyQWqEZBzEH0cEIfPN3NzKgs1Ue6KRyP
+1Ut2bFT/BlUHoLHw8uRFUL5lAN8GV1f96nGYN8bNhr/UifqfB+Ra4NYV1ZiMyig
0cSXUWdL6GKXC3v0OPXp0obpCTfjw+CTxC+X28UoLPodyacm1teiIX5NIUX/ofiU
ycak1Fi8DWZQXyYRIi5uDhxo9/GC4o8O3Ii66Trzy/HCczmlpEgF2pDfkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLBMHEYv+RnVQBC1J6v04k3UHTY/MB8GA1UdIwQY
MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt
NmUxOWY2NzlhNjIzLzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz
LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmo/9NVDU
yVhRfYswbtHvjO5j7YlH8WpdgbmQvsXNtOuAiNk1ZgCU1sUNXocYmgwadTC23+In
aV2AvB6kaDOTEv9dNKicHF0aYg8HMdJ/CeEJw8M1ZvnZ+023WVYEPeT8KCkubdle
3dPejTwoS0CAhJNTTdY6Kzh0fvoDqxunONABC4h75/LL/v0hKKV0BquTQltCyBdm
MeP2ZINg+UoRsFz2yqmDsKK4GG56iiERScqQprWuTsF1zdhkBstriFU6iDFstRv9
qMUMz4nZAy39IFsPROuQKl9m1Pm9XYmJ8XTxj88+Q1WO1NcZzhHqCfw+Y8CeNs9u
ukcPMFhtK1exMg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:43:59 2026 by rpki-client