Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: bODqOjzvEHUFWsAq2w0/hcyFcnAZqHQKWKuURc01fuU=
Subject key identifier: 0A:2F:04:F4:3A:1E:4D:E2:F8:02:AA:9A:AC:A6:D3:22:39:7C:E1:23
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 019F190D3FA35A5053E7B6F624CE77ABAA14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 1989
Signing time: Tue 30 Jun 2026 15:02:06 +0000
Manifest this update: Tue 30 Jun 2026 15:02:06 +0000
Manifest next update: Wed 01 Jul 2026 15:02:06 +0000
Files and hashes: 1: 24AsigLbaKArrRhQpNvzkLuNdsw.roa (hash: Y6cso1vmOQRNAQC+IgTQnFt9A6yD7HrC8YdvTQc2P8Y=)
2: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: 08fQRfKvRVhnSiIaaeMUU/E2IX2QmoWPVvE89XofweY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:19:0d:3f:a3:5a:50:53:e7:b6:f6:24:ce:77:ab:aa:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Jun 30 15:02:06 2026 GMT
Not After : Jul 1 15:02:06 2026 GMT
Subject: CN=0a2f04f43a1e4de2f802aa9aaca6d322397ce123
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:4b:8e:ab:01:1e:fd:35:e9:45:0b:5f:6e:7d:
bb:46:75:d5:d3:37:52:41:c7:f7:3f:14:38:2e:b1:
5f:78:5f:a4:de:50:2e:d3:11:26:38:c5:cb:3d:ae:
aa:b6:74:85:4a:18:c3:1c:37:78:8e:3b:32:a0:00:
fd:5b:cf:5f:0f:af:07:ab:f3:d0:0e:f2:e2:0b:20:
83:ed:d4:8f:03:9e:06:3f:fb:3a:d0:ab:29:85:fd:
f2:3c:1a:f4:cd:97:2a:62:52:cb:a7:ba:91:38:eb:
ba:7a:fe:97:93:0c:29:e3:3a:e8:0a:40:d5:74:bd:
09:6a:a0:d9:17:d7:dd:c5:4e:b1:6b:74:32:d7:97:
b0:3c:41:19:a2:58:4f:00:13:3c:70:c4:ca:9e:41:
64:72:ac:9f:ce:d8:97:27:9f:b0:58:8b:72:ff:31:
c3:cc:b0:79:a3:37:76:a2:81:a9:4e:a7:9c:3d:83:
9d:a2:42:d2:12:56:c7:5a:4a:be:6f:90:b8:f3:e8:
4e:5b:64:d8:18:ea:5e:4e:44:45:77:c2:93:4b:b7:
ca:40:08:d1:f6:5f:ac:3c:4e:29:b1:2e:60:12:69:
77:83:84:1d:63:c0:42:c8:91:8e:4a:25:9b:65:16:
e5:c3:61:8e:88:ca:6b:a1:77:a8:71:8f:8f:0a:45:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:2F:04:F4:3A:1E:4D:E2:F8:02:AA:9A:AC:A6:D3:22:39:7C:E1:23
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:7a:4d:4e:18:83:4f:d1:80:17:a6:3b:80:58:48:99:1b:17:
21:91:72:72:29:ad:bf:d1:60:cc:4c:36:fb:66:58:54:0b:5d:
94:43:35:cf:1b:05:d0:75:3e:37:27:5d:ab:01:94:30:ca:a8:
4f:3f:4f:cb:75:a5:ec:fe:93:f8:d6:a3:cd:b7:64:90:03:91:
9a:ed:2f:f2:2d:90:f4:62:07:4e:e3:1e:b2:78:d0:0f:b4:28:
52:01:7e:16:f7:6e:ef:70:80:46:16:82:e8:35:c0:75:4e:1b:
bb:83:c7:a9:1d:45:73:b8:b4:1d:e7:0b:b7:fb:bf:26:b9:68:
80:36:80:bd:6e:23:74:e6:c3:a7:ec:1c:34:1f:8c:bc:cf:b6:
5c:b6:a7:19:54:da:72:96:bf:29:d1:ef:f4:2e:fe:f7:74:13:
6c:07:5a:df:55:ee:36:98:0b:01:4b:b5:8c:f2:8f:65:59:28:
7b:fd:a6:d4:d9:d0:81:7b:35:6c:a3:12:1a:2e:06:6b:12:a5:
e7:61:ce:62:d7:c4:69:89:54:60:48:b3:3e:32:2c:47:2e:4d:
6e:2c:95:83:1c:84:30:11:b4:62:fe:6b:bb:9e:aa:18:19:13:
58:21:0c:32:f9:6d:81:7e:1b:fb:e2:47:52:07:5f:12:40:f8:
b2:73:60:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZDT+jWlBT57b2JM53q6oUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjYwNjMwMTUwMjA2WhcNMjYwNzAxMTUwMjA2WjAzMTEwLwYDVQQD
EygwYTJmMDRmNDNhMWU0ZGUyZjgwMmFhOWFhY2E2ZDMyMjM5N2NlMTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8kuOqwEe/TXpRQtfbn27RnXV0zdS
Qcf3PxQ4LrFfeF+k3lAu0xEmOMXLPa6qtnSFShjDHDd4jjsyoAD9W89fD68Hq/PQ
DvLiCyCD7dSPA54GP/s60Ksphf3yPBr0zZcqYlLLp7qROOu6ev6Xkwwp4zroCkDV
dL0JaqDZF9fdxU6xa3Qy15ewPEEZolhPABM8cMTKnkFkcqyfztiXJ5+wWIty/zHD
zLB5ozd2ooGpTqecPYOdokLSElbHWkq+b5C48+hOW2TYGOpeTkRFd8KTS7fKQAjR
9l+sPE4psS5gEml3g4QdY8BCyJGOSiWbZRblw2GOiMproXeocY+PCkVtfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAovBPQ6Hk3i+AKqmqym0yI5fOEjMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEXpNThiD
T9GAF6Y7gFhImRsXIZFycimtv9FgzEw2+2ZYVAtdlEM1zxsF0HU+NyddqwGUMMqo
Tz9Py3Wl7P6T+NajzbdkkAORmu0v8i2Q9GIHTuMesnjQD7QoUgF+Fvdu73CARhaC
6DXAdU4bu4PHqR1Fc7i0HecLt/u/JrlogDaAvW4jdObDp+wcNB+MvM+2XLanGVTa
cpa/KdHv9C7+93QTbAda31XuNpgLAUu1jPKPZVkoe/2m1NnQgXs1bKMSGi4GaxKl
52HOYtfEaYlUYEizPjIsRy5NbiyVgxyEMBG0Yv5ru56qGBkTWCEMMvltgX4b++JH
UgdfEkD4snNg+Q==
-----END CERTIFICATE-----
Generated at Tue Jun 30 18:24:54 2026 by rpki-client