Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.mft
File: cF5128zl_N2R2KmeWhssmVuBJ3U.mft (raw, json)
Hash identifier: dqI1SduHHQi3nfuWn7fQFrhQAt8oi9hWKH/crhZu6K8=
Subject key identifier: 51:C3:DC:9B:67:76:F0:C5:0D:26:BA:6A:48:C6:54:99:E5:96:F4:48
Authority key identifier: 70:5E:75:DB:CC:E5:FC:DD:91:D8:A9:9E:5A:1B:2C:99:5B:81:27:75
Certificate issuer: /CN=705e75dbcce5fcdd91d8a99e5a1b2c995b812775
Certificate serial: 019D37F6FB000A11B627F3B86A53465A0C0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.mft
Manifest number: 1895
Signing time: Sun 29 Mar 2026 05:00:26 +0000
Manifest this update: Sun 29 Mar 2026 05:00:26 +0000
Manifest next update: Mon 30 Mar 2026 05:00:26 +0000
Files and hashes: 1: OtqwT00KNG8ocLQ5lsbZa477HJU.roa (hash: 3OLEihhSTZHcEQMRGGKnC6MAqTjm7MFUfykjVMW1buE=)
2: cF5128zl_N2R2KmeWhssmVuBJ3U.crl (hash: k75BJkQG2m1KIa92FrZKuxr1OpD0i4OD5QIzyMd0cuI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f6:fb:00:0a:11:b6:27:f3:b8:6a:53:46:5a:0c:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=705e75dbcce5fcdd91d8a99e5a1b2c995b812775
Validity
Not Before: Mar 29 05:00:26 2026 GMT
Not After : Mar 30 05:00:26 2026 GMT
Subject: CN=51c3dc9b6776f0c50d26ba6a48c65499e596f448
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8a:9e:80:aa:d6:65:26:e1:e9:6e:76:5b:62:
58:d8:b2:c2:e7:2b:40:2f:4e:8f:8a:50:2c:7a:d5:
28:32:16:0b:64:74:4e:32:e6:17:6b:da:6b:f9:80:
26:7f:ad:1c:7d:5d:1e:d1:9b:a3:e9:8a:01:cf:da:
da:84:85:74:ed:47:69:e7:80:86:25:c8:95:a4:aa:
98:7b:71:be:e4:fc:cd:b6:b8:76:8c:f8:fd:8a:a1:
6e:52:df:25:89:36:8e:9c:9f:2d:89:bd:49:fd:df:
cb:be:d2:b4:3f:da:91:3b:b3:3b:56:d7:e2:46:ab:
a0:8b:bd:95:a9:65:86:13:4f:86:bf:6c:d8:2d:21:
78:99:1b:f1:59:0e:52:0c:0d:a5:da:37:48:40:9a:
99:99:e4:86:c6:61:7d:17:bd:5f:48:06:73:95:66:
df:fd:f9:98:9e:a2:22:a1:25:03:e9:18:ba:24:b6:
23:15:e3:ef:13:b4:47:df:0d:c6:d9:86:04:d5:58:
93:f1:db:51:f9:a5:17:23:6c:0e:52:99:de:3b:1c:
a9:c1:8e:97:c7:95:a8:a5:42:21:75:8e:fc:04:cf:
11:e7:47:18:95:ca:46:73:07:c7:77:7d:e6:c6:2c:
21:3d:61:45:c5:a8:b0:a3:83:b2:f7:9d:a3:10:cf:
67:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C3:DC:9B:67:76:F0:C5:0D:26:BA:6A:48:C6:54:99:E5:96:F4:48
X509v3 Authority Key Identifier:
keyid:70:5E:75:DB:CC:E5:FC:DD:91:D8:A9:9E:5A:1B:2C:99:5B:81:27:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cF5128zl_N2R2KmeWhssmVuBJ3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/c1f448-8808-4a2f-bffa-f8b48baccd9b/1/cF5128zl_N2R2KmeWhssmVuBJ3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:c7:dc:18:eb:00:a9:af:c8:8f:bf:08:d9:c9:bc:75:b0:2c:
2d:2d:ea:9b:b7:9d:b7:41:25:1a:a7:9c:7a:07:40:64:d6:9b:
6c:27:be:9a:d5:3e:c3:dd:b9:7c:00:32:b0:76:cc:13:21:b2:
71:62:98:89:9c:a9:cb:23:1b:de:cf:85:af:23:95:9c:c2:74:
38:e5:57:b5:c9:3b:8d:de:a6:aa:cc:02:94:ac:91:5f:0b:ed:
98:2c:eb:b5:37:24:d9:db:51:5c:d6:ed:dc:d5:98:8e:50:a3:
d1:40:a5:77:9c:74:be:b1:50:97:86:5d:83:d9:ac:62:27:e5:
7f:ff:88:de:7f:56:15:ac:a4:d2:15:81:6b:d0:a2:ea:83:d1:
04:6a:35:01:1c:8d:d5:92:83:7c:43:8a:65:35:e7:8d:8c:ea:
8f:22:cd:ca:6e:df:21:45:0f:17:77:bb:49:d0:85:40:20:82:
d6:0a:56:7e:8f:ca:01:2d:fc:17:09:1b:c5:ea:9d:2b:b3:4d:
4b:28:5a:21:9b:36:d0:bf:ac:3c:fc:2f:2d:6d:b2:12:01:3f:
d4:c7:7a:0b:70:17:38:ec:9d:7b:51:d1:c0:f5:cb:a1:ee:c3:
05:75:70:b8:5b:8f:08:38:ca:61:ee:d2:1d:c9:b6:2e:a0:d9:
ae:c8:45:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039vsAChG2J/O4alNGWgwNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNWU3NWRiY2NlNWZjZGQ5MWQ4YTk5ZTVhMWIyYzk5NWI4
MTI3NzUwHhcNMjYwMzI5MDUwMDI2WhcNMjYwMzMwMDUwMDI2WjAzMTEwLwYDVQQD
Eyg1MWMzZGM5YjY3NzZmMGM1MGQyNmJhNmE0OGM2NTQ5OWU1OTZmNDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoqegKrWZSbh6W52W2JY2LLC5ytA
L06PilAsetUoMhYLZHROMuYXa9pr+YAmf60cfV0e0Zuj6YoBz9rahIV07Udp54CG
JciVpKqYe3G+5PzNtrh2jPj9iqFuUt8liTaOnJ8tib1J/d/LvtK0P9qRO7M7Vtfi
Rqugi72VqWWGE0+Gv2zYLSF4mRvxWQ5SDA2l2jdIQJqZmeSGxmF9F71fSAZzlWbf
/fmYnqIioSUD6Ri6JLYjFePvE7RH3w3G2YYE1ViT8dtR+aUXI2wOUpneOxypwY6X
x5WopUIhdY78BM8R50cYlcpGcwfHd33mxiwhPWFFxaiwo4Oy952jEM9nFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFHD3JtndvDFDSa6akjGVJnllvRIMB8GA1UdIwQY
MBaAFHBeddvM5fzdkdipnlobLJlbgSd1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9jMWY0NDgtODgwOC00YTJmLWJmZmEt
ZjhiNDhiYWNjZDliLzEvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC9jMWY0NDgtODgwOC00YTJmLWJmZmEtZjhiNDhiYWNjZDli
LzEvY0Y1MTI4emxfTjJSMkttZVdoc3NtVnVCSjNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALsfcGOsA
qa/Ij78I2cm8dbAsLS3qm7edt0ElGqecegdAZNabbCe+mtU+w925fAAysHbMEyGy
cWKYiZypyyMb3s+FryOVnMJ0OOVXtck7jd6mqswClKyRXwvtmCzrtTck2dtRXNbt
3NWYjlCj0UCld5x0vrFQl4Zdg9msYiflf/+I3n9WFayk0hWBa9Ci6oPRBGo1ARyN
1ZKDfEOKZTXnjYzqjyLNym7fIUUPF3e7SdCFQCCC1gpWfo/KAS38FwkbxeqdK7NN
SyhaIZs20L+sPPwvLW2yEgE/1Md6C3AXOOyde1HRwPXLoe7DBXVwuFuPCDjKYe7S
Hcm2LqDZrshFDw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:51:02 2026 by rpki-client