Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/981839-9dfa-42d3-acb1-6218828ed896/1/CiINqbbilYVbYn_qYQ4cthZGiUs.mft
File: CiINqbbilYVbYn_qYQ4cthZGiUs.mft (raw, json)
Hash identifier: hCfcbzqy18y/CyK4Es433/5jGJcedrA0T4vSjeLZDsk=
Subject key identifier: 20:18:51:0F:22:8D:5B:72:AB:4A:D0:19:1B:9D:81:9A:98:C0:D7:16
Authority key identifier: 0A:22:0D:A9:B6:E2:95:85:5B:62:7F:EA:61:0E:1C:B6:16:46:89:4B
Certificate issuer: /CN=0a220da9b6e295855b627fea610e1cb61646894b
Certificate serial: 019D37F78A33C708CFF0C1F0D7357B0EE680
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CiINqbbilYVbYn_qYQ4cthZGiUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/981839-9dfa-42d3-acb1-6218828ed896/1/CiINqbbilYVbYn_qYQ4cthZGiUs.mft
Manifest number: 140F
Signing time: Sun 29 Mar 2026 05:01:02 +0000
Manifest this update: Sun 29 Mar 2026 05:01:02 +0000
Manifest next update: Mon 30 Mar 2026 05:01:02 +0000
Files and hashes: 1: CiINqbbilYVbYn_qYQ4cthZGiUs.crl (hash: mi/wTJhyLNAKL2HKSmcQAxdZNV4Ezc3iDLQZp1exlPg=)
2: rXLqqCZ5hf5h4ak7-J87ANzm0Nk.roa (hash: mVE+xG0sJPMu7e4f75e+8AtJaA+JDEMEjzG8yFMRLQ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/981839-9dfa-42d3-acb1-6218828ed896/1/CiINqbbilYVbYn_qYQ4cthZGiUs.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/981839-9dfa-42d3-acb1-6218828ed896/1/CiINqbbilYVbYn_qYQ4cthZGiUs.mft
rsync://rpki.ripe.net/repository/DEFAULT/CiINqbbilYVbYn_qYQ4cthZGiUs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:8a:33:c7:08:cf:f0:c1:f0:d7:35:7b:0e:e6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a220da9b6e295855b627fea610e1cb61646894b
Validity
Not Before: Mar 29 05:01:02 2026 GMT
Not After : Mar 30 05:01:02 2026 GMT
Subject: CN=2018510f228d5b72ab4ad0191b9d819a98c0d716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:3e:e7:e9:d2:67:f7:f2:05:84:22:a8:6b:1c:
e7:8d:e0:16:7b:86:28:46:69:16:a8:c8:b8:68:20:
ef:45:d3:d5:e0:76:75:00:d3:c4:fb:b0:4d:f6:83:
60:03:c8:18:9e:24:8c:54:34:f5:ef:ff:e3:40:43:
ac:f7:c4:00:7b:59:32:c5:95:48:22:db:68:96:71:
99:55:70:64:ae:5d:66:97:77:d8:c3:1f:49:1a:ea:
eb:59:35:24:03:77:92:ce:d9:2d:d5:32:d4:1a:3a:
e2:92:d0:f0:e0:98:06:dc:d3:aa:ba:4d:be:8e:13:
27:ab:6f:69:99:f2:57:ad:b1:b9:a6:cb:2a:15:57:
db:31:e9:77:3b:d2:76:72:ce:7c:16:6f:2b:41:16:
73:1c:77:f5:53:df:d7:4d:ca:8d:47:fc:c7:48:f9:
65:ef:88:75:45:78:21:b7:7c:ea:d9:96:aa:61:27:
aa:46:bf:64:a8:aa:a5:b2:08:34:55:02:6f:7b:9a:
27:ee:bf:25:14:25:56:6a:13:8b:88:97:b6:dd:ef:
02:14:71:b0:53:a0:4c:b5:e8:ef:5b:bb:2b:81:9e:
c2:ee:4d:46:75:e7:52:1d:e7:fe:48:bf:cb:11:21:
bc:0c:26:2b:a1:7a:6c:7b:9d:a3:b9:03:a3:e6:93:
52:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:18:51:0F:22:8D:5B:72:AB:4A:D0:19:1B:9D:81:9A:98:C0:D7:16
X509v3 Authority Key Identifier:
keyid:0A:22:0D:A9:B6:E2:95:85:5B:62:7F:EA:61:0E:1C:B6:16:46:89:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CiINqbbilYVbYn_qYQ4cthZGiUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/981839-9dfa-42d3-acb1-6218828ed896/1/CiINqbbilYVbYn_qYQ4cthZGiUs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/981839-9dfa-42d3-acb1-6218828ed896/1/CiINqbbilYVbYn_qYQ4cthZGiUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:16:54:9f:94:93:d8:2c:92:af:03:63:c1:e8:b8:c0:82:67:
96:93:96:20:08:89:64:e9:c8:28:da:91:ff:8e:3f:c2:95:44:
5c:b0:14:40:61:00:36:87:da:e9:a9:5b:d0:ba:93:5c:5f:b2:
06:87:e9:c5:75:e7:45:03:40:33:1d:90:cb:06:22:77:e1:57:
d2:de:1e:7b:20:85:9f:10:70:50:5f:73:17:7a:09:38:5d:52:
4b:a6:21:31:c9:94:59:6f:2b:49:8f:59:9f:27:d5:a0:03:d7:
fa:2c:89:e5:c4:02:e8:44:13:f6:38:98:57:24:d9:1a:c1:e4:
07:38:33:ef:5c:a5:cf:99:dc:68:cf:c3:a4:aa:79:df:ae:a8:
d4:4b:d0:1e:02:b9:41:e1:4e:32:f8:93:57:04:79:5d:fd:d7:
d9:84:ef:2a:5c:7a:5c:73:9c:f1:56:0d:f8:b5:d5:39:ec:14:
62:fa:7b:69:c8:a9:00:df:08:14:39:41:6e:85:c3:d7:8e:98:
ce:bd:6b:5b:88:71:43:cf:08:56:97:d8:ee:aa:b6:a2:96:df:
6c:d5:02:c0:6f:80:c1:d3:fb:3a:46:cc:19:13:09:2c:30:fe:
cb:7e:ef:5a:57:16:44:f4:1d:cd:19:fe:f3:33:29:bb:22:55:
8c:0b:e5:dc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0394ozxwjP8MHw1zV7DuaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMjIwZGE5YjZlMjk1ODU1YjYyN2ZlYTYxMGUxY2I2MTY0
Njg5NGIwHhcNMjYwMzI5MDUwMTAyWhcNMjYwMzMwMDUwMTAyWjAzMTEwLwYDVQQD
EygyMDE4NTEwZjIyOGQ1YjcyYWI0YWQwMTkxYjlkODE5YTk4YzBkNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2z7n6dJn9/IFhCKoaxznjeAWe4Yo
RmkWqMi4aCDvRdPV4HZ1ANPE+7BN9oNgA8gYniSMVDT17//jQEOs98QAe1kyxZVI
IttolnGZVXBkrl1ml3fYwx9JGurrWTUkA3eSztkt1TLUGjriktDw4JgG3NOquk2+
jhMnq29pmfJXrbG5pssqFVfbMel3O9J2cs58Fm8rQRZzHHf1U9/XTcqNR/zHSPll
74h1RXght3zq2ZaqYSeqRr9kqKqlsgg0VQJve5on7r8lFCVWahOLiJe23e8CFHGw
U6BMtejvW7srgZ7C7k1GdedSHef+SL/LESG8DCYroXpse52juQOj5pNSfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAYUQ8ijVtyq0rQGRudgZqYwNcWMB8GA1UdIwQY
MBaAFAoiDam24pWFW2J/6mEOHLYWRolLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2lJTnFiYmlsWVZiWW5fcVlRNGN0aFpHaVVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85ODE4MzktOWRmYS00MmQzLWFjYjEt
NjIxODgyOGVkODk2LzEvQ2lJTnFiYmlsWVZiWW5fcVlRNGN0aFpHaVVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85ODE4MzktOWRmYS00MmQzLWFjYjEtNjIxODgyOGVkODk2
LzEvQ2lJTnFiYmlsWVZiWW5fcVlRNGN0aFpHaVVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAphZUn5ST
2CySrwNjwei4wIJnlpOWIAiJZOnIKNqR/44/wpVEXLAUQGEANofa6alb0LqTXF+y
BofpxXXnRQNAMx2QywYid+FX0t4eeyCFnxBwUF9zF3oJOF1SS6YhMcmUWW8rSY9Z
nyfVoAPX+iyJ5cQC6EQT9jiYVyTZGsHkBzgz71ylz5ncaM/DpKp5366o1EvQHgK5
QeFOMviTVwR5Xf3X2YTvKlx6XHOc8VYN+LXVOewUYvp7acipAN8IFDlBboXD146Y
zr1rW4hxQ88IVpfY7qq2opbfbNUCwG+AwdP7OkbMGRMJLDD+y37vWlcWRPQdzRn+
8zMpuyJVjAvl3A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:13 2026 by rpki-client