Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
File: CEIhaO2oQjBU2C6wGMOD4tvor98.mft (raw, json)
Hash identifier: fDTwB/3eTLAQrmGxusY3dKC7+zJ6ADFasMHaLI1iciw=
Subject key identifier: 9E:1F:AA:83:3D:FF:2A:98:EE:7C:C5:CD:2C:AF:59:DA:27:1B:64:EB
Authority key identifier: 08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
Certificate issuer: /CN=08422168eda8423054d82eb018c383e2dbe8afdf
Certificate serial: 019F189E5424DD8C97B63E7D49F0B1B4BB11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
Manifest number: 16B2
Signing time: Tue 30 Jun 2026 13:00:57 +0000
Manifest this update: Tue 30 Jun 2026 13:00:57 +0000
Manifest next update: Wed 01 Jul 2026 13:00:57 +0000
Files and hashes: 1: CEIhaO2oQjBU2C6wGMOD4tvor98.crl (hash: UBtUq99ETwU9YiTu92CtU+Fb2O+XK2gFRme62MH8w5I=)
2: cFauzwqXomgkVBlhCEWJrgK_IBo.roa (hash: 3eFRfx8k6ux2BDXfQobN4cZglfrrJQFQAkF7k25/Hiw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 13:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:9e:54:24:dd:8c:97:b6:3e:7d:49:f0:b1:b4:bb:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08422168eda8423054d82eb018c383e2dbe8afdf
Validity
Not Before: Jun 30 13:00:57 2026 GMT
Not After : Jul 1 13:00:57 2026 GMT
Subject: CN=9e1faa833dff2a98ee7cc5cd2caf59da271b64eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2a:91:f2:de:cf:be:0d:42:56:26:5f:7b:06:
c6:3e:5a:64:28:f3:91:4f:16:dc:f3:e8:60:85:ca:
2f:20:1c:d3:b9:16:fc:79:8c:c5:a1:40:64:b2:82:
10:0c:b4:35:03:e1:4e:25:15:8a:80:b3:4f:83:6b:
63:7d:52:40:1b:77:3b:3e:f0:5d:4b:d9:1e:7c:34:
ae:88:5f:5d:47:e3:67:7e:24:76:ff:f7:01:bc:be:
10:2e:ae:31:41:6d:0d:9c:81:d9:8d:ca:b7:1b:d4:
d4:5d:20:33:6e:9b:59:3e:cd:e4:ab:67:aa:d6:47:
8f:b6:bf:30:58:92:4b:da:41:e8:24:ab:60:02:6d:
69:96:f1:9d:3a:f6:67:ff:d4:02:1f:aa:05:06:b7:
ae:de:79:08:08:b3:47:99:48:24:5f:13:53:e1:43:
fd:0f:6e:55:4b:1c:a5:73:97:ff:21:df:8f:4b:7b:
69:e7:71:80:e3:78:02:c0:6e:82:a2:95:b5:7e:d6:
81:5f:28:88:d7:98:80:2e:aa:3a:cb:84:dd:6f:4e:
e7:52:1a:48:f5:6a:db:5b:66:07:69:1c:53:87:ec:
eb:4f:5e:c1:80:b4:09:0b:59:ee:8d:e2:0e:89:44:
53:fe:56:95:31:0d:76:a8:af:a7:e6:5b:1b:0b:be:
3d:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1F:AA:83:3D:FF:2A:98:EE:7C:C5:CD:2C:AF:59:DA:27:1B:64:EB
X509v3 Authority Key Identifier:
keyid:08:42:21:68:ED:A8:42:30:54:D8:2E:B0:18:C3:83:E2:DB:E8:AF:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEIhaO2oQjBU2C6wGMOD4tvor98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/960a2b-337d-4d02-ba81-6e19f679a623/1/CEIhaO2oQjBU2C6wGMOD4tvor98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:98:dd:ed:47:eb:75:9c:37:08:11:5d:be:d8:88:fa:16:01:
64:89:cd:00:cc:c1:da:f4:8d:97:d5:92:be:e2:40:a8:42:a6:
48:d6:27:c0:43:de:10:bf:59:1c:72:1d:d2:ce:f4:5e:c4:93:
55:a8:a3:70:ca:ce:3b:b7:9e:dc:34:cc:01:ea:b3:d6:57:70:
e4:94:85:e8:1c:6d:06:d5:de:01:27:c3:c5:4c:6f:3f:59:98:
4f:2b:cb:5c:43:cd:f8:91:db:ee:0c:ee:d7:29:82:1c:a6:3a:
c0:04:68:20:ae:30:39:5b:01:ca:24:80:93:4a:8a:7d:81:0a:
d8:6d:a1:7a:ac:d3:10:7e:62:c7:f8:9b:a2:ec:85:a7:7f:93:
0e:f4:bb:1f:12:61:61:62:ab:1a:77:74:05:2d:e5:10:f5:d0:
7c:a5:7a:2f:6b:0d:a8:c6:13:f9:33:e0:3d:0d:98:ea:c5:9c:
56:9b:f0:c3:d7:04:5b:d8:43:58:43:ae:23:42:fc:fc:36:20:
df:ba:c6:d4:1d:2a:a5:3f:95:b0:8e:dc:81:58:6e:4a:96:a8:
76:5f:72:6b:c1:d9:0f:91:d4:7c:ee:d7:1f:75:d6:53:f5:32:
92:ab:54:c9:01:30:b2:f3:0c:37:00:22:fb:b7:38:16:42:0b:
63:3b:9a:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8YnlQk3YyXtj59SfCxtLsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDIyMTY4ZWRhODQyMzA1NGQ4MmViMDE4YzM4M2UyZGJl
OGFmZGYwHhcNMjYwNjMwMTMwMDU3WhcNMjYwNzAxMTMwMDU3WjAzMTEwLwYDVQQD
Eyg5ZTFmYWE4MzNkZmYyYTk4ZWU3Y2M1Y2QyY2FmNTlkYTI3MWI2NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyqR8t7Pvg1CViZfewbGPlpkKPOR
Txbc8+hghcovIBzTuRb8eYzFoUBksoIQDLQ1A+FOJRWKgLNPg2tjfVJAG3c7PvBd
S9kefDSuiF9dR+NnfiR2//cBvL4QLq4xQW0NnIHZjcq3G9TUXSAzbptZPs3kq2eq
1kePtr8wWJJL2kHoJKtgAm1plvGdOvZn/9QCH6oFBreu3nkICLNHmUgkXxNT4UP9
D25VSxylc5f/Id+PS3tp53GA43gCwG6CopW1ftaBXyiI15iALqo6y4Tdb07nUhpI
9WrbW2YHaRxTh+zrT17BgLQJC1nujeIOiURT/laVMQ12qK+n5lsbC7494wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ4fqoM9/yqY7nzFzSyvWdonG2TrMB8GA1UdIwQY
MBaAFAhCIWjtqEIwVNgusBjDg+Lb6K/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEt
NmUxOWY2NzlhNjIzLzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS85NjBhMmItMzM3ZC00ZDAyLWJhODEtNmUxOWY2NzlhNjIz
LzEvQ0VJaGFPMm9RakJVMkM2d0dNT0Q0dHZvcjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU5jd7Ufr
dZw3CBFdvtiI+hYBZInNAMzB2vSNl9WSvuJAqEKmSNYnwEPeEL9ZHHId0s70XsST
VaijcMrOO7ee3DTMAeqz1ldw5JSF6BxtBtXeASfDxUxvP1mYTyvLXEPN+JHb7gzu
1ymCHKY6wARoIK4wOVsByiSAk0qKfYEK2G2heqzTEH5ix/ibouyFp3+TDvS7HxJh
YWKrGnd0BS3lEPXQfKV6L2sNqMYT+TPgPQ2Y6sWcVpvww9cEW9hDWEOuI0L8/DYg
37rG1B0qpT+VsI7cgVhuSpaodl9ya8HZD5HUfO7XH3XWU/UykqtUyQEwsvMMNwAi
+7c4FkILYzuahQ==
-----END CERTIFICATE-----
Generated at Tue Jun 30 18:10:07 2026 by rpki-client