Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
File: CYdvfc8Myud0IWBGOzjhw181bRI.mft (raw, json)
Hash identifier: uKy4CTTFLb9E5GPh+yDICa1/KBxhRXvliLpXpyH2YQY=
Subject key identifier: 2C:1C:16:2C:E7:1E:6B:01:24:0B:B8:15:6C:B1:B9:95:DB:3D:8E:76
Authority key identifier: 09:87:6F:7D:CF:0C:CA:E7:74:21:60:46:3B:38:E1:C3:5F:35:6D:12
Certificate issuer: /CN=09876f7dcf0ccae7742160463b38e1c35f356d12
Certificate serial: 019D38D2AE529AEE7178964AFB43B4359B7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYdvfc8Myud0IWBGOzjhw181bRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
Manifest number: 1103
Signing time: Sun 29 Mar 2026 09:00:24 +0000
Manifest this update: Sun 29 Mar 2026 09:00:24 +0000
Manifest next update: Mon 30 Mar 2026 09:00:24 +0000
Files and hashes: 1: CYdvfc8Myud0IWBGOzjhw181bRI.crl (hash: rjA+kadT5M3hBq4qdtDL9Ek1khsdY6f3vjHm85GLVpg=)
2: VfT1jovZQbB_GOxrewqAg31IJD4.roa (hash: rEaYnnOYpTkHENGl1d6pSu6EPvs3HHaHkQH4luV+aMI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CYdvfc8Myud0IWBGOzjhw181bRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:ae:52:9a:ee:71:78:96:4a:fb:43:b4:35:9b:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09876f7dcf0ccae7742160463b38e1c35f356d12
Validity
Not Before: Mar 29 09:00:24 2026 GMT
Not After : Mar 30 09:00:24 2026 GMT
Subject: CN=2c1c162ce71e6b01240bb8156cb1b995db3d8e76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b0:00:0c:c9:57:83:87:11:6d:66:3e:be:b7:
78:e7:86:e1:d1:0f:be:3d:78:12:e8:b6:58:d1:b3:
d2:e1:4b:47:be:1d:23:c6:f7:a2:60:72:49:79:a5:
72:06:43:c7:03:b2:7d:73:2b:33:ca:be:3e:e9:bd:
6c:ba:44:bb:8c:23:20:2e:3b:c8:5a:b9:38:11:27:
9f:46:69:d0:7d:41:2c:3c:bd:91:62:b3:c9:dc:e6:
e7:04:b7:55:4d:63:4e:ad:1d:b1:2b:95:a7:b4:ae:
51:44:70:db:4e:4a:9a:b7:89:a9:16:5b:3d:11:c9:
19:9e:62:89:bf:6f:bd:df:86:50:de:87:de:55:d7:
b0:02:4a:fa:ed:3d:7f:09:a8:66:42:2c:e0:ea:0a:
06:1c:c0:55:78:49:f4:b4:92:a0:e3:e0:4d:9a:bc:
eb:f1:21:42:e5:c1:7b:8d:b3:b6:25:97:83:b3:b1:
25:e4:27:e3:61:32:f7:d1:77:0f:bd:88:6f:80:a4:
84:f0:1c:83:ae:80:f4:aa:07:d6:b1:79:6c:de:92:
a9:82:99:5c:34:8e:52:f0:a8:e1:76:c3:dd:3e:4f:
c7:c0:36:51:f7:66:6d:7a:f2:33:74:b6:c5:59:6f:
af:39:d6:7a:41:3c:ec:35:92:24:91:5f:dd:04:38:
f8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:1C:16:2C:E7:1E:6B:01:24:0B:B8:15:6C:B1:B9:95:DB:3D:8E:76
X509v3 Authority Key Identifier:
keyid:09:87:6F:7D:CF:0C:CA:E7:74:21:60:46:3B:38:E1:C3:5F:35:6D:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYdvfc8Myud0IWBGOzjhw181bRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/a43766-91dd-4266-af60-920b320d2e21/1/CYdvfc8Myud0IWBGOzjhw181bRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:68:b1:bf:4d:d9:48:58:20:34:43:da:b8:b5:fa:6e:e0:b0:
5b:8e:ed:42:09:c7:a3:47:e7:dc:ef:7b:e9:6e:be:9f:f7:a3:
df:29:26:d6:61:7d:e1:26:34:84:27:83:e5:7c:62:15:35:88:
5b:6d:c3:ed:eb:75:cc:b3:27:08:67:7a:79:b4:bd:32:ae:94:
64:45:df:e7:9a:23:2a:86:f0:82:e5:62:fc:48:80:bd:77:1a:
db:a2:2c:b9:3a:e6:9d:b4:c9:3e:ad:e9:de:c8:ac:82:39:e7:
15:1f:cd:e4:c0:9d:e8:55:77:24:9a:ee:e0:e6:66:e7:58:39:
f0:dd:ab:8e:2d:6a:1a:2a:90:8c:28:19:53:c9:9c:1c:9c:6d:
db:33:52:f3:92:f7:75:56:f5:cc:54:ec:c9:c5:0b:a7:4c:21:
c6:76:46:37:57:8f:7b:a5:ca:5a:f7:fb:8d:50:8c:05:70:1c:
9e:ae:79:7a:6f:73:89:f4:b6:ca:29:2e:d8:14:da:f4:06:5d:
d4:d2:99:07:67:84:a6:3a:71:ca:49:37:34:e1:b4:32:c9:ec:
32:69:a9:bf:02:2d:be:01:fb:e6:05:ea:1d:e5:9e:98:a0:41:
f1:1f:d0:ef:9d:a0:79:a6:33:1b:b5:f7:e3:92:91:e4:23:7b:
77:18:e0:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040q5Smu5xeJZK+0O0NZt9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ODc2ZjdkY2YwY2NhZTc3NDIxNjA0NjNiMzhlMWMzNWYz
NTZkMTIwHhcNMjYwMzI5MDkwMDI0WhcNMjYwMzMwMDkwMDI0WjAzMTEwLwYDVQQD
EygyYzFjMTYyY2U3MWU2YjAxMjQwYmI4MTU2Y2IxYjk5NWRiM2Q4ZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7AADMlXg4cRbWY+vrd454bh0Q++
PXgS6LZY0bPS4UtHvh0jxveiYHJJeaVyBkPHA7J9cyszyr4+6b1sukS7jCMgLjvI
Wrk4ESefRmnQfUEsPL2RYrPJ3ObnBLdVTWNOrR2xK5WntK5RRHDbTkqat4mpFls9
EckZnmKJv2+934ZQ3ofeVdewAkr67T1/CahmQizg6goGHMBVeEn0tJKg4+BNmrzr
8SFC5cF7jbO2JZeDs7El5CfjYTL30XcPvYhvgKSE8ByDroD0qgfWsXls3pKpgplc
NI5S8KjhdsPdPk/HwDZR92ZtevIzdLbFWW+vOdZ6QTzsNZIkkV/dBDj4yQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwcFiznHmsBJAu4FWyxuZXbPY52MB8GA1UdIwQY
MBaAFAmHb33PDMrndCFgRjs44cNfNW0SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lkdmZjOE15dWQwSVdCR096amh3MTgxYlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9hNDM3NjYtOTFkZC00MjY2LWFmNjAt
OTIwYjMyMGQyZTIxLzEvQ1lkdmZjOE15dWQwSVdCR096amh3MTgxYlJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9hNDM3NjYtOTFkZC00MjY2LWFmNjAtOTIwYjMyMGQyZTIx
LzEvQ1lkdmZjOE15dWQwSVdCR096amh3MTgxYlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJmixv03Z
SFggNEPauLX6buCwW47tQgnHo0fn3O976W6+n/ej3ykm1mF94SY0hCeD5XxiFTWI
W23D7et1zLMnCGd6ebS9Mq6UZEXf55ojKobwguVi/EiAvXca26IsuTrmnbTJPq3p
3sisgjnnFR/N5MCd6FV3JJru4OZm51g58N2rji1qGiqQjCgZU8mcHJxt2zNS85L3
dVb1zFTsycULp0whxnZGN1ePe6XKWvf7jVCMBXAcnq55em9zifS2yiku2BTa9AZd
1NKZB2eEpjpxykk3NOG0MsnsMmmpvwItvgH75gXqHeWemKBB8R/Q752geaYzG7X3
45KR5CN7dxjgUA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:37:45 2026 by rpki-client