Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/56b818-9ee1-4a06-a8ec-851ea65cb98b/1/CBg0SlIKOZknm7gkfheeiEBuNXg.mft
File: CBg0SlIKOZknm7gkfheeiEBuNXg.mft (raw, json)
Hash identifier: aoSXT1Z5/DZfbj7gNj3Ibhc2EbN3dulUX+sEF5Piv7w=
Subject key identifier: 06:9D:17:0E:91:FA:0F:C9:B0:D0:78:3E:68:4B:FB:30:6B:4A:F0:BA
Authority key identifier: 08:18:34:4A:52:0A:39:99:27:9B:B8:24:7E:17:9E:88:40:6E:35:78
Certificate issuer: /CN=0818344a520a3999279bb8247e179e88406e3578
Certificate serial: 019D37F7647FB203FACB43DE5660D715759B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBg0SlIKOZknm7gkfheeiEBuNXg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/56b818-9ee1-4a06-a8ec-851ea65cb98b/1/CBg0SlIKOZknm7gkfheeiEBuNXg.mft
Manifest number: 0B5D
Signing time: Sun 29 Mar 2026 05:00:53 +0000
Manifest this update: Sun 29 Mar 2026 05:00:53 +0000
Manifest next update: Mon 30 Mar 2026 05:00:53 +0000
Files and hashes: 1: CBg0SlIKOZknm7gkfheeiEBuNXg.crl (hash: k/zAJ6UC83a+gxnEwUrpiHudqgewtJkJEICgskpt6JQ=)
2: jrESc5APENrqQkJhnFt6y_8ea-8.roa (hash: aS9GuOaG5e1hqXNc5Tek76eZwNGPGkUH9oPiGIbY26k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/56b818-9ee1-4a06-a8ec-851ea65cb98b/1/CBg0SlIKOZknm7gkfheeiEBuNXg.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/56b818-9ee1-4a06-a8ec-851ea65cb98b/1/CBg0SlIKOZknm7gkfheeiEBuNXg.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBg0SlIKOZknm7gkfheeiEBuNXg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:64:7f:b2:03:fa:cb:43:de:56:60:d7:15:75:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0818344a520a3999279bb8247e179e88406e3578
Validity
Not Before: Mar 29 05:00:53 2026 GMT
Not After : Mar 30 05:00:53 2026 GMT
Subject: CN=069d170e91fa0fc9b0d0783e684bfb306b4af0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:92:34:54:8f:ae:d0:d5:d1:f6:87:17:2f:
7b:c3:d0:1f:c0:bf:0e:11:29:a0:d4:a2:0c:c9:5c:
d3:47:f8:08:f5:00:95:76:d6:12:70:5a:d6:c4:78:
8f:8e:47:92:13:3d:e4:eb:24:b7:e8:63:be:b9:81:
9b:6d:15:79:b7:11:26:0e:9c:48:77:c0:70:b6:0d:
39:33:06:34:89:5e:90:b1:de:ba:c0:74:7b:eb:d3:
19:92:60:ff:a3:81:0b:db:86:ec:e3:f2:f1:da:22:
09:14:3e:da:bf:20:41:7b:8c:01:3c:92:20:76:df:
60:b7:2e:46:ad:2b:c1:a5:cc:f1:d8:05:cc:76:89:
e2:12:60:12:d1:5b:a9:ed:f6:7c:3d:db:da:a7:09:
08:58:6b:2c:41:3a:8e:78:8a:0a:24:73:e5:8e:d1:
b8:26:33:f4:95:95:75:0c:fd:54:a8:13:dc:3f:d1:
53:02:7e:8c:bc:0f:7c:82:00:4d:64:d2:28:cf:c3:
a5:0f:b9:7d:4f:a0:5a:17:38:17:d8:96:7b:78:9e:
59:8f:f9:61:74:47:94:6f:82:8c:94:67:0b:84:1c:
91:f7:db:31:50:28:5d:a4:a8:35:2c:33:e2:3d:40:
5b:77:31:e1:72:8b:c8:1f:97:dc:72:1b:53:44:19:
9a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9D:17:0E:91:FA:0F:C9:B0:D0:78:3E:68:4B:FB:30:6B:4A:F0:BA
X509v3 Authority Key Identifier:
keyid:08:18:34:4A:52:0A:39:99:27:9B:B8:24:7E:17:9E:88:40:6E:35:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBg0SlIKOZknm7gkfheeiEBuNXg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/56b818-9ee1-4a06-a8ec-851ea65cb98b/1/CBg0SlIKOZknm7gkfheeiEBuNXg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/56b818-9ee1-4a06-a8ec-851ea65cb98b/1/CBg0SlIKOZknm7gkfheeiEBuNXg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
59:46:17:47:28:c9:2f:4a:84:ff:11:c9:14:97:c7:94:57:48:
09:ee:77:70:51:96:a0:ed:97:4b:5f:e9:7f:5d:66:ab:6e:5f:
0a:14:92:64:19:ce:54:e2:52:c4:9f:9f:58:00:51:08:93:20:
b2:7e:c2:54:c4:0b:96:7c:1e:dd:fa:b6:0a:13:b6:cb:d1:02:
50:ee:54:bd:ef:ba:ec:27:7b:34:70:91:84:e5:58:6f:82:95:
25:c8:b6:e0:c9:b4:2a:e0:20:ad:12:59:9e:96:42:05:65:58:
cb:8e:e9:94:30:14:17:e1:08:a2:22:0b:c2:b9:52:ad:2d:6b:
04:5d:41:4b:da:c3:00:1c:c1:90:b7:32:28:be:d7:e2:ea:d8:
f4:a4:d4:01:0d:c6:87:f9:e4:0e:48:33:69:81:e2:bc:a7:cb:
23:82:b2:c6:84:ba:74:25:16:85:d1:9d:ef:44:90:a7:be:b9:
ec:ef:37:40:2a:c5:01:4a:6d:10:7b:9f:19:27:fb:ae:bd:4a:
a3:3f:5f:a2:32:53:21:6a:15:77:09:76:1b:77:f9:d8:2c:37:
73:ca:45:77:92:15:89:97:b2:d2:d0:3c:14:20:33:17:c4:c4:
23:98:99:57:7b:42:91:3f:e3:5f:7d:95:73:42:d3:d8:7b:b4:
9a:24:23:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0392R/sgP6y0PeVmDXFXWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MTgzNDRhNTIwYTM5OTkyNzliYjgyNDdlMTc5ZTg4NDA2
ZTM1NzgwHhcNMjYwMzI5MDUwMDUzWhcNMjYwMzMwMDUwMDUzWjAzMTEwLwYDVQQD
EygwNjlkMTcwZTkxZmEwZmM5YjBkMDc4M2U2ODRiZmIzMDZiNGFmMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozySNFSPrtDV0faHFy97w9AfwL8O
ESmg1KIMyVzTR/gI9QCVdtYScFrWxHiPjkeSEz3k6yS36GO+uYGbbRV5txEmDpxI
d8Bwtg05MwY0iV6Qsd66wHR769MZkmD/o4EL24bs4/Lx2iIJFD7avyBBe4wBPJIg
dt9gty5GrSvBpczx2AXMdoniEmAS0Vup7fZ8PdvapwkIWGssQTqOeIoKJHPljtG4
JjP0lZV1DP1UqBPcP9FTAn6MvA98ggBNZNIoz8OlD7l9T6BaFzgX2JZ7eJ5Zj/lh
dEeUb4KMlGcLhByR99sxUChdpKg1LDPiPUBbdzHhcovIH5fcchtTRBmamwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAadFw6R+g/JsNB4PmhL+zBrSvC6MB8GA1UdIwQY
MBaAFAgYNEpSCjmZJ5u4JH4XnohAbjV4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0JnMFNsSUtPWmtubTdna2ZoZWVpRUJ1TlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS81NmI4MTgtOWVlMS00YTA2LWE4ZWMt
ODUxZWE2NWNiOThiLzEvQ0JnMFNsSUtPWmtubTdna2ZoZWVpRUJ1TlhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS81NmI4MTgtOWVlMS00YTA2LWE4ZWMtODUxZWE2NWNiOThi
LzEvQ0JnMFNsSUtPWmtubTdna2ZoZWVpRUJ1TlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWUYXRyjJ
L0qE/xHJFJfHlFdICe53cFGWoO2XS1/pf11mq25fChSSZBnOVOJSxJ+fWABRCJMg
sn7CVMQLlnwe3fq2ChO2y9ECUO5Uve+67Cd7NHCRhOVYb4KVJci24Mm0KuAgrRJZ
npZCBWVYy47plDAUF+EIoiILwrlSrS1rBF1BS9rDABzBkLcyKL7X4urY9KTUAQ3G
h/nkDkgzaYHivKfLI4KyxoS6dCUWhdGd70SQp7657O83QCrFAUptEHufGSf7rr1K
oz9fojJTIWoVdwl2G3f52Cw3c8pFd5IViZey0tA8FCAzF8TEI5iZV3tCkT/jX32V
c0LT2Hu0miQjtw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:51 2026 by rpki-client