Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
File: CNXrapaGTfosUbLiVsUYCrkiKc0.mft (raw, json)
Hash identifier: 66qn4j2KSeynSJZb16ZLHIzVl9LKwklLqw1o8TCyQp0=
Subject key identifier: A9:8B:0B:1C:72:EA:CF:41:DB:B6:21:91:0B:E8:84:6B:D7:FC:52:27
Authority key identifier: 08:D5:EB:6A:96:86:4D:FA:2C:51:B2:E2:56:C5:18:0A:B9:22:29:CD
Certificate issuer: /CN=08d5eb6a96864dfa2c51b2e256c5180ab92229cd
Certificate serial: 019DCDF55F9FD1962C753CE271BD4092DD8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
Manifest number: 05D2
Signing time: Mon 27 Apr 2026 08:01:43 +0000
Manifest this update: Mon 27 Apr 2026 08:01:43 +0000
Manifest next update: Tue 28 Apr 2026 08:01:43 +0000
Files and hashes: 1: CNXrapaGTfosUbLiVsUYCrkiKc0.crl (hash: Ox2NTTJnc2rdSsXFu2joBBFjGGjmobU/lXcc5xkkLSc=)
2: tbvYOvb5SVTVJR3EbU70Kzk3qVo.roa (hash: 4N/4Cs97VSolZG2uH4kNH6VCwjqzoA3qCO8vzH4tvd0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cd:f5:5f:9f:d1:96:2c:75:3c:e2:71:bd:40:92:dd:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08d5eb6a96864dfa2c51b2e256c5180ab92229cd
Validity
Not Before: Apr 27 08:01:43 2026 GMT
Not After : Apr 28 08:01:43 2026 GMT
Subject: CN=a98b0b1c72eacf41dbb621910be8846bd7fc5227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:74:4b:4b:21:52:b1:89:f6:70:24:75:17:10:
b8:5d:58:ba:f0:b0:7e:07:13:58:53:6f:42:4f:45:
77:42:ac:80:b0:7a:80:f7:63:f9:f6:81:55:35:95:
fa:80:bb:e6:0e:fb:18:e2:6e:95:30:ae:56:97:7a:
73:24:a3:30:07:df:2e:50:0f:6f:e4:40:05:14:24:
80:7a:f6:e6:f9:ab:af:f6:15:77:1b:e5:1c:60:82:
76:0a:80:31:ef:92:ec:6d:53:ed:33:23:57:d8:1a:
bf:ed:24:d2:0c:b6:5a:c8:e8:45:11:be:24:78:d5:
a2:58:6f:78:f6:11:68:50:98:26:c7:e5:b4:1a:fe:
54:b6:a8:54:a0:51:f2:da:e4:5b:21:f0:37:8e:e2:
18:85:d4:a4:c7:78:c4:43:25:9d:c3:b2:f3:9d:9b:
01:f9:1e:27:6e:79:e7:f5:32:53:2d:4c:0a:0f:ee:
96:31:ae:42:77:b9:aa:5d:40:7f:e7:21:da:f2:07:
40:e9:82:18:f9:23:22:08:7b:2f:4a:f2:90:a9:b8:
4e:7f:cb:b1:6b:8f:eb:cd:14:34:e9:e5:14:22:54:
dc:8f:1d:b1:e7:49:b0:8b:d6:4e:ec:0b:04:e4:dd:
f3:97:49:f5:4f:e6:46:91:39:87:40:c8:4f:01:5f:
f4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:8B:0B:1C:72:EA:CF:41:DB:B6:21:91:0B:E8:84:6B:D7:FC:52:27
X509v3 Authority Key Identifier:
keyid:08:D5:EB:6A:96:86:4D:FA:2C:51:B2:E2:56:C5:18:0A:B9:22:29:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CNXrapaGTfosUbLiVsUYCrkiKc0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/4a58bc-2403-4144-bb5e-bb6829360cee/1/CNXrapaGTfosUbLiVsUYCrkiKc0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:53:87:30:6e:97:94:5c:d1:20:2a:23:ba:16:17:b6:4c:b0:
06:5d:d0:6b:0b:c3:82:1e:38:88:2c:8d:b0:e6:37:02:5c:37:
c4:78:db:43:b0:1e:00:8a:49:50:f2:0d:25:d2:87:16:0b:1b:
5e:87:fc:16:49:8d:df:ce:fc:76:6f:ba:78:2f:c0:af:2b:29:
c6:a6:bf:f6:74:09:a3:9e:77:3a:48:5d:77:65:6e:48:e6:d1:
8c:b7:7f:18:f5:f6:c9:90:92:19:72:b7:36:dd:50:91:5f:8e:
d2:06:6f:d1:f4:a3:0a:b5:8f:ec:af:ee:28:f6:bb:25:3e:de:
3f:f4:99:c9:e0:00:7b:92:24:99:09:b8:a5:90:c1:a2:68:20:
6e:70:b9:46:27:6d:ba:68:db:12:50:7d:7f:b1:0a:40:f3:f7:
4c:79:57:41:01:72:2c:d3:1e:ca:6a:51:3d:f9:23:c1:ea:8f:
04:f6:1f:18:30:32:be:97:93:d7:7f:d7:ee:3a:2d:36:22:aa:
76:a0:2e:b0:a4:2b:d5:c9:55:63:ce:e5:d0:ad:67:a3:2c:41:
88:30:15:3c:3d:38:e5:f4:97:62:77:06:3c:8f:6c:19:0a:63:
31:59:2e:c2:bd:b6:44:fd:b8:25:0d:3d:ca:a8:e9:cb:78:09:
11:e2:e7:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3N9V+f0ZYsdTzicb1Akt2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4ZDVlYjZhOTY4NjRkZmEyYzUxYjJlMjU2YzUxODBhYjky
MjI5Y2QwHhcNMjYwNDI3MDgwMTQzWhcNMjYwNDI4MDgwMTQzWjAzMTEwLwYDVQQD
EyhhOThiMGIxYzcyZWFjZjQxZGJiNjIxOTEwYmU4ODQ2YmQ3ZmM1MjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3RLSyFSsYn2cCR1FxC4XVi68LB+
BxNYU29CT0V3QqyAsHqA92P59oFVNZX6gLvmDvsY4m6VMK5Wl3pzJKMwB98uUA9v
5EAFFCSAevbm+auv9hV3G+UcYIJ2CoAx75LsbVPtMyNX2Bq/7STSDLZayOhFEb4k
eNWiWG949hFoUJgmx+W0Gv5UtqhUoFHy2uRbIfA3juIYhdSkx3jEQyWdw7LznZsB
+R4nbnnn9TJTLUwKD+6WMa5Cd7mqXUB/5yHa8gdA6YIY+SMiCHsvSvKQqbhOf8ux
a4/rzRQ06eUUIlTcjx2x50mwi9ZO7AsE5N3zl0n1T+ZGkTmHQMhPAV/0YQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKmLCxxy6s9B27YhkQvohGvX/FInMB8GA1UdIwQY
MBaAFAjV62qWhk36LFGy4lbFGAq5IinNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi80YTU4YmMtMjQwMy00MTQ0LWJiNWUt
YmI2ODI5MzYwY2VlLzEvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi80YTU4YmMtMjQwMy00MTQ0LWJiNWUtYmI2ODI5MzYwY2Vl
LzEvQ05YcmFwYUdUZm9zVWJMaVZzVVlDcmtpS2MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1OHMG6X
lFzRICojuhYXtkywBl3QawvDgh44iCyNsOY3Alw3xHjbQ7AeAIpJUPINJdKHFgsb
Xof8FkmN3878dm+6eC/Aryspxqa/9nQJo553Okhdd2VuSObRjLd/GPX2yZCSGXK3
Nt1QkV+O0gZv0fSjCrWP7K/uKPa7JT7eP/SZyeAAe5IkmQm4pZDBomggbnC5Ridt
umjbElB9f7EKQPP3THlXQQFyLNMeympRPfkjweqPBPYfGDAyvpeT13/X7jotNiKq
dqAusKQr1clVY87l0K1noyxBiDAVPD045fSXYncGPI9sGQpjMVkuwr22RP24JQ09
yqjpy3gJEeLnnw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 15:48:39 2026 by rpki-client