Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
File: cnS17iqgd4rxMENYIlrGflUXCog.mft (raw, json)
Hash identifier: Ak0xJe0ot0ajOoPpXneqIShlEVx3Wn3NAwda5xVhu8I=
Subject key identifier: 36:BA:7B:AE:3D:AC:C3:07:3D:0F:6E:FD:8B:A1:6F:65:21:7B:B5:FC
Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88
Certificate serial: 019D38D3B32A091A1AA066106E8FBCC8B6AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
Manifest number: 0BBB
Signing time: Sun 29 Mar 2026 09:01:31 +0000
Manifest this update: Sun 29 Mar 2026 09:01:31 +0000
Manifest next update: Mon 30 Mar 2026 09:01:31 +0000
Files and hashes: 1: HBecOjtWbDhPtARPUUTLEgbUp6g.roa (hash: ZUGOFV89K06s4uTeXxt/3j8cGsfgNWnfAk2/FK+XmzA=)
2: cnS17iqgd4rxMENYIlrGflUXCog.crl (hash: 5roadn3vKzU+zC3FkRU0ZvOAfoXmcE5ZKOgH0tVWP9M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b3:2a:09:1a:1a:a0:66:10:6e:8f:bc:c8:b6:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88
Validity
Not Before: Mar 29 09:01:31 2026 GMT
Not After : Mar 30 09:01:31 2026 GMT
Subject: CN=36ba7bae3dacc3073d0f6efd8ba16f65217bb5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9a:07:71:c1:f4:9b:53:13:d3:3d:08:c0:bb:
09:fd:64:ff:f5:9e:3c:3f:3c:fa:7a:d7:ba:b1:d3:
b3:b0:6a:b8:67:c6:0f:83:e1:3e:d7:59:ee:56:cd:
0f:52:58:5f:51:85:b0:17:c1:ca:7f:10:b0:74:3c:
21:fb:ad:2a:b0:de:cd:92:59:af:e0:b7:d0:89:14:
2c:b3:9f:69:58:31:34:f3:0c:86:a0:02:2a:e8:2a:
25:eb:fe:3d:fc:8b:b4:cf:43:11:eb:3b:49:70:ca:
af:74:1b:ba:c4:e8:ef:d7:c7:3d:f8:42:0a:de:34:
46:00:40:23:4f:b4:72:d3:85:50:72:f8:dd:92:21:
f9:47:64:c0:0c:f9:8a:99:68:45:14:f2:31:3a:59:
7b:e9:aa:99:af:b1:92:90:96:de:08:de:9b:55:f5:
09:cc:12:4a:56:af:b2:08:7c:c5:0d:0b:b4:fd:63:
64:a9:f6:d4:4a:06:8e:c4:3a:ce:33:c9:3a:a3:8a:
27:a7:8c:c0:4c:63:d7:5b:b3:d0:77:31:49:e9:75:
ca:1f:63:ce:7c:2d:21:7e:85:41:31:c8:6e:b6:c5:
c2:b8:61:36:0d:e7:23:99:7c:b1:c3:f7:03:d9:52:
16:3d:54:92:29:d4:ba:b6:44:4b:d0:ab:39:76:d3:
56:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:BA:7B:AE:3D:AC:C3:07:3D:0F:6E:FD:8B:A1:6F:65:21:7B:B5:FC
X509v3 Authority Key Identifier:
keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:cb:b8:06:96:35:e8:26:bf:65:3f:88:fe:e9:a7:a4:d4:70:
14:81:eb:a9:ed:9d:74:e6:67:e4:d1:04:c1:7e:ee:8e:16:93:
c9:5c:20:da:ec:89:8a:98:7e:73:1a:55:17:f3:89:69:27:c4:
c3:80:f7:88:86:20:11:1b:c4:d4:ab:d4:de:f1:1f:7d:3a:ab:
01:a5:9e:d3:30:7f:4c:bf:da:34:52:c7:f0:6c:f3:65:fe:49:
09:81:2d:eb:22:7a:f2:04:7e:c5:41:a0:89:07:17:06:c3:1d:
ab:6c:56:ea:6c:50:94:ac:1a:7a:79:08:2e:45:2b:c3:e1:0d:
ec:fb:41:23:54:37:e7:de:d0:55:42:44:64:96:aa:10:48:7e:
85:7a:94:41:9a:47:ee:9d:1b:33:3c:2b:44:d5:f0:2f:ff:bb:
85:14:45:42:68:e9:0d:c4:1a:7b:79:b2:03:f9:5e:64:fa:17:
9c:ba:8e:af:21:27:17:7f:27:08:c5:06:1a:c5:b3:ae:4d:af:
e3:dc:2b:e9:60:92:4a:a0:6e:0d:ca:89:64:b4:f3:a8:34:92:
8a:ce:74:8b:cf:90:ed:3e:4a:80:ce:2f:90:8a:78:d5:a6:fc:
9c:ca:3e:d9:52:54:29:71:8d:02:09:ba:2f:5d:f2:15:2c:73:
6f:69:8b:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407MqCRoaoGYQbo+8yLavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx
NzBhODgwHhcNMjYwMzI5MDkwMTMxWhcNMjYwMzMwMDkwMTMxWjAzMTEwLwYDVQQD
EygzNmJhN2JhZTNkYWNjMzA3M2QwZjZlZmQ4YmExNmY2NTIxN2JiNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpoHccH0m1MT0z0IwLsJ/WT/9Z48
Pzz6ete6sdOzsGq4Z8YPg+E+11nuVs0PUlhfUYWwF8HKfxCwdDwh+60qsN7Nklmv
4LfQiRQss59pWDE08wyGoAIq6Col6/49/Iu0z0MR6ztJcMqvdBu6xOjv18c9+EIK
3jRGAEAjT7Ry04VQcvjdkiH5R2TADPmKmWhFFPIxOll76aqZr7GSkJbeCN6bVfUJ
zBJKVq+yCHzFDQu0/WNkqfbUSgaOxDrOM8k6o4onp4zATGPXW7PQdzFJ6XXKH2PO
fC0hfoVBMchutsXCuGE2DecjmXyxw/cD2VIWPVSSKdS6tkRL0Ks5dtNWWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDa6e649rMMHPQ9u/Yuhb2Uhe7X8MB8GA1UdIwQY
MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt
NjllYmVkMTc4MTRhLzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh
LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu8u4BpY1
6Ca/ZT+I/umnpNRwFIHrqe2ddOZn5NEEwX7ujhaTyVwg2uyJiph+cxpVF/OJaSfE
w4D3iIYgERvE1KvU3vEffTqrAaWe0zB/TL/aNFLH8GzzZf5JCYEt6yJ68gR+xUGg
iQcXBsMdq2xW6mxQlKwaenkILkUrw+EN7PtBI1Q3597QVUJEZJaqEEh+hXqUQZpH
7p0bMzwrRNXwL/+7hRRFQmjpDcQae3myA/leZPoXnLqOryEnF38nCMUGGsWzrk2v
49wr6WCSSqBuDcqJZLTzqDSSis50i8+Q7T5KgM4vkIp41ab8nMo+2VJUKXGNAgm6
L13yFSxzb2mL7Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:46:32 2026 by rpki-client