Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
File: CpfAyBiGg3PEAUcVBTra9hrx2h0.mft (raw, json)
Hash identifier: JfqyhrGld6+iLytUz5tOS0QPjEIH6OeGRfwydUuBJA4=
Subject key identifier: 4B:66:74:98:24:32:20:B0:2D:08:BC:BA:13:61:6D:F9:87:B4:15:65
Authority key identifier: 0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
Certificate issuer: /CN=0a97c0c818868373c4014715053adaf61af1da1d
Certificate serial: 019D382E20AC5CEA14675E51520BB97D9C3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
Manifest number: 1890
Signing time: Sun 29 Mar 2026 06:00:40 +0000
Manifest this update: Sun 29 Mar 2026 06:00:40 +0000
Manifest next update: Mon 30 Mar 2026 06:00:40 +0000
Files and hashes: 1: 24AsigLbaKArrRhQpNvzkLuNdsw.roa (hash: Y6cso1vmOQRNAQC+IgTQnFt9A6yD7HrC8YdvTQc2P8Y=)
2: CpfAyBiGg3PEAUcVBTra9hrx2h0.crl (hash: w+y7vG8a5MvSxbM5xuOPGfcipJopQq5Epk9IelHdmEY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:20:ac:5c:ea:14:67:5e:51:52:0b:b9:7d:9c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a97c0c818868373c4014715053adaf61af1da1d
Validity
Not Before: Mar 29 06:00:40 2026 GMT
Not After : Mar 30 06:00:40 2026 GMT
Subject: CN=4b667498243220b02d08bcba13616df987b41565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:15:6b:6f:3a:4d:70:08:05:38:35:a5:2a:d1:
21:bf:14:5f:75:a3:d0:90:16:e4:52:12:41:12:5f:
d5:6c:9f:ee:f8:54:c4:fb:b5:8f:50:34:83:7d:4a:
ec:22:4e:a4:bd:47:33:f9:0d:a4:ca:ca:13:e1:ed:
56:b8:75:58:44:1e:8c:ee:65:c8:9b:72:75:4c:53:
8c:42:29:52:81:e7:e2:0b:1f:02:28:3e:f1:59:a9:
38:39:a2:b4:25:17:e6:b7:a4:fd:c5:4f:e7:59:8f:
f1:e2:41:0a:8a:cd:19:39:1e:5b:26:7a:a9:c5:21:
24:d5:cf:4d:10:2f:00:0a:fe:63:a5:ee:67:fa:51:
43:f1:11:f4:9a:2e:53:42:a7:43:02:fa:ea:70:8a:
e5:37:0e:f9:d3:72:f0:81:b4:19:c4:27:06:b3:08:
b6:f7:6b:56:46:fe:55:98:7b:c1:7e:97:2a:9f:06:
1d:4b:ce:c2:a4:18:5b:cf:56:96:d6:0c:fe:fe:58:
1a:53:f4:b3:a0:f3:3e:7b:70:d9:df:90:22:6b:27:
e3:f9:65:33:9b:52:69:68:de:46:16:79:87:04:90:
03:1e:0c:41:80:e0:59:1c:4b:71:77:44:b3:92:2b:
0b:bf:28:bb:87:c8:92:04:0e:e5:ba:b4:4c:a4:2a:
b0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:66:74:98:24:32:20:B0:2D:08:BC:BA:13:61:6D:F9:87:B4:15:65
X509v3 Authority Key Identifier:
keyid:0A:97:C0:C8:18:86:83:73:C4:01:47:15:05:3A:DA:F6:1A:F1:DA:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CpfAyBiGg3PEAUcVBTra9hrx2h0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a9399b-f867-4802-8c67-dbf2b3769445/1/CpfAyBiGg3PEAUcVBTra9hrx2h0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:51:87:a1:b6:19:79:92:9d:a6:90:7e:db:4b:8e:ab:2f:ea:
12:46:34:03:b6:d6:1a:c8:3b:bc:f8:4f:09:b1:e3:34:5a:55:
88:a1:64:e9:37:6e:98:51:6e:76:61:58:fa:8b:39:f4:0d:7c:
40:59:97:18:df:2b:56:63:b2:d4:6b:0c:c1:9d:05:d7:bd:f0:
c9:cd:24:4f:67:ff:b1:77:bf:60:2d:d2:6a:d4:0b:ee:8e:6c:
ce:b0:88:e1:54:e9:15:06:33:42:32:4d:7e:68:4e:0e:36:e0:
67:f4:b8:2c:5f:5b:c0:09:91:40:ca:25:b8:8e:10:2a:a3:d6:
8f:3f:72:94:78:a9:12:a7:0f:63:94:95:a1:c1:3f:6c:eb:a6:
1a:56:0c:4a:b2:31:a3:7a:18:a8:85:3e:e6:e8:12:29:61:00:
17:25:45:15:1a:68:32:92:57:3f:18:06:57:68:bf:e5:78:6d:
ea:13:74:46:7b:66:a8:fe:f5:f0:53:d4:95:6a:7e:71:d5:b2:
d0:f5:cc:79:84:fb:ed:97:e3:63:88:f2:8f:84:8e:95:cd:0f:
30:c7:d3:80:05:c2:86:97:dd:f6:2f:e6:d7:4e:53:77:de:34:
26:6b:a1:19:eb:f8:6c:d4:cc:c5:fa:3c:77:44:fb:30:28:83:
74:34:a7:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LiCsXOoUZ15RUgu5fZw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhOTdjMGM4MTg4NjgzNzNjNDAxNDcxNTA1M2FkYWY2MWFm
MWRhMWQwHhcNMjYwMzI5MDYwMDQwWhcNMjYwMzMwMDYwMDQwWjAzMTEwLwYDVQQD
Eyg0YjY2NzQ5ODI0MzIyMGIwMmQwOGJjYmExMzYxNmRmOTg3YjQxNTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhVrbzpNcAgFODWlKtEhvxRfdaPQ
kBbkUhJBEl/VbJ/u+FTE+7WPUDSDfUrsIk6kvUcz+Q2kysoT4e1WuHVYRB6M7mXI
m3J1TFOMQilSgefiCx8CKD7xWak4OaK0JRfmt6T9xU/nWY/x4kEKis0ZOR5bJnqp
xSEk1c9NEC8ACv5jpe5n+lFD8RH0mi5TQqdDAvrqcIrlNw7503LwgbQZxCcGswi2
92tWRv5VmHvBfpcqnwYdS87CpBhbz1aW1gz+/lgaU/SzoPM+e3DZ35Aiayfj+WUz
m1JpaN5GFnmHBJADHgxBgOBZHEtxd0SzkisLvyi7h8iSBA7lurRMpCqwywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEtmdJgkMiCwLQi8uhNhbfmHtBVlMB8GA1UdIwQY
MBaAFAqXwMgYhoNzxAFHFQU62vYa8dodMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjct
ZGJmMmIzNzY5NDQ1LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hOTM5OWItZjg2Ny00ODAyLThjNjctZGJmMmIzNzY5NDQ1
LzEvQ3BmQXlCaUdnM1BFQVVjVkJUcmE5aHJ4MmgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaVGHobYZ
eZKdppB+20uOqy/qEkY0A7bWGsg7vPhPCbHjNFpViKFk6TdumFFudmFY+os59A18
QFmXGN8rVmOy1GsMwZ0F173wyc0kT2f/sXe/YC3SatQL7o5szrCI4VTpFQYzQjJN
fmhODjbgZ/S4LF9bwAmRQMoluI4QKqPWjz9ylHipEqcPY5SVocE/bOumGlYMSrIx
o3oYqIU+5ugSKWEAFyVFFRpoMpJXPxgGV2i/5Xht6hN0RntmqP718FPUlWp+cdWy
0PXMeYT77ZfjY4jyj4SOlc0PMMfTgAXChpfd9i/m105Td940JmuhGev4bNTMxfo8
d0T7MCiDdDSnkQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:42 2026 by rpki-client