Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
File: CEGOlpDQ-3Eavzh04cUApidpPAo.mft (raw, json)
Hash identifier: DcnC3olnkxpNbraUySfAl28K/vtbkvGwvqEgqKEtuy8=
Subject key identifier: 65:4B:12:B1:4D:0F:2D:51:71:CD:A8:23:0A:4D:84:41:76:37:34:99
Authority key identifier: 08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
Certificate issuer: /CN=08418e9690d0fb711abf3874e1c500a627693c0a
Certificate serial: 019E29CBB6442C83ACAC307D855BA0F51771
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
Manifest number: 1223
Signing time: Fri 15 May 2026 04:01:16 +0000
Manifest this update: Fri 15 May 2026 04:01:16 +0000
Manifest next update: Sat 16 May 2026 04:01:16 +0000
Files and hashes: 1: CEGOlpDQ-3Eavzh04cUApidpPAo.crl (hash: ZnBv5rnW0yutzg13InRQFnT39BcY+yWVkC9Pq6UOwgw=)
2: bsglp_YaCzq1ZbW59TrfMCZMvqQ.roa (hash: XgQ95AvaHQg4VEsCdEh5u3f7R7yDQIeF4yBEzRXjfaY=)
3: x61bfZf0OubTZvT9w-4WsDstRxI.roa (hash: fReq0aNolFC2JKGR6X3Q7h0pZyzLILuXa5ALU/lSf40=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 May 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:29:cb:b6:44:2c:83:ac:ac:30:7d:85:5b:a0:f5:17:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08418e9690d0fb711abf3874e1c500a627693c0a
Validity
Not Before: May 15 04:01:16 2026 GMT
Not After : May 16 04:01:16 2026 GMT
Subject: CN=654b12b14d0f2d5171cda8230a4d844176373499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:38:43:77:d4:3f:72:d9:0d:55:cd:1e:11:e3:
f8:57:fd:e4:e2:34:a2:5d:fa:5b:6e:38:82:04:77:
cc:79:a9:dd:9e:cd:19:9b:e4:b8:fd:4d:db:09:c9:
6b:b1:6c:80:30:0a:06:59:fb:4d:4c:b3:35:54:98:
fc:83:06:3d:27:a6:1a:c3:c4:ac:66:c6:c4:7f:c6:
40:d2:4c:c6:bf:00:ef:d5:1c:c8:95:aa:67:33:2c:
69:ff:6c:af:18:0b:0a:5c:16:e1:1b:65:15:c9:16:
40:87:28:39:bd:21:46:6c:c5:c9:dc:d8:e5:21:12:
af:c7:e1:5b:67:21:f5:92:39:90:28:59:c1:0c:6b:
a7:72:7f:2c:2a:27:93:ff:c7:71:e7:99:3f:38:ad:
47:5c:7f:0e:30:0c:13:66:f7:16:09:cd:2c:b2:34:
e0:d5:9c:cd:48:04:80:a1:ad:ae:63:d2:dc:5f:81:
27:2f:e8:ad:ef:1b:dd:51:96:74:2d:fa:4c:30:e9:
cc:c0:a0:f7:90:a9:38:d4:14:29:50:25:42:c5:55:
1e:bf:99:d2:11:02:60:ac:dd:7e:21:0d:d5:d4:44:
29:36:af:b6:5f:9b:c5:3b:10:ed:06:6b:57:72:3b:
7d:32:62:d9:c5:b1:0d:70:c8:90:5b:a5:95:31:9d:
aa:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4B:12:B1:4D:0F:2D:51:71:CD:A8:23:0A:4D:84:41:76:37:34:99
X509v3 Authority Key Identifier:
keyid:08:41:8E:96:90:D0:FB:71:1A:BF:38:74:E1:C5:00:A6:27:69:3C:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEGOlpDQ-3Eavzh04cUApidpPAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/e97563-c7e5-4036-a796-22c0ca213380/1/CEGOlpDQ-3Eavzh04cUApidpPAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
55:d5:2f:21:0c:50:4a:12:e5:94:83:e6:46:4d:c6:c0:7e:29:
d9:7e:73:cb:db:66:39:ea:35:17:a6:52:5c:1e:92:7c:89:a2:
73:ca:fa:fb:0b:44:53:94:b3:55:26:a6:8f:1a:c5:21:a3:a6:
8b:fc:71:01:6a:b1:40:26:6d:0c:d7:f6:7c:ba:d9:e8:75:8c:
7d:d6:c3:d7:31:b4:cf:f4:7e:32:8c:35:fb:a5:e6:94:24:43:
87:0d:c3:dc:cd:cf:91:b7:97:77:30:78:f0:23:03:d9:90:22:
93:16:e6:2f:c3:9e:b7:ae:91:14:11:22:b0:60:6d:3b:7f:69:
48:be:92:a3:5d:2a:83:6a:6f:0e:b7:98:01:b7:2e:38:4e:fc:
fc:e9:8c:5d:9a:a8:8f:50:c3:4d:43:5e:54:74:99:81:5a:9d:
c2:d0:de:cf:7f:8e:9d:6b:21:14:ea:a7:22:5a:a5:ae:8c:2f:
84:4c:4e:db:71:b8:cb:17:ca:d9:37:35:83:dc:79:e1:79:97:
cc:7d:3e:28:86:47:50:ea:1e:48:8b:fd:3b:02:a1:57:72:c0:
b1:b1:79:62:75:04:37:30:f8:ec:a7:10:d5:8e:7d:70:61:04:
d8:14:82:f9:68:24:07:6a:c2:83:6c:7a:f9:b1:a3:7f:ce:5a:
55:c7:6d:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4py7ZELIOsrDB9hVug9RdxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDE4ZTk2OTBkMGZiNzExYWJmMzg3NGUxYzUwMGE2Mjc2
OTNjMGEwHhcNMjYwNTE1MDQwMTE2WhcNMjYwNTE2MDQwMTE2WjAzMTEwLwYDVQQD
Eyg2NTRiMTJiMTRkMGYyZDUxNzFjZGE4MjMwYTRkODQ0MTc2MzczNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjhDd9Q/ctkNVc0eEeP4V/3k4jSi
XfpbbjiCBHfMeandns0Zm+S4/U3bCclrsWyAMAoGWftNTLM1VJj8gwY9J6Yaw8Ss
ZsbEf8ZA0kzGvwDv1RzIlapnMyxp/2yvGAsKXBbhG2UVyRZAhyg5vSFGbMXJ3Njl
IRKvx+FbZyH1kjmQKFnBDGuncn8sKieT/8dx55k/OK1HXH8OMAwTZvcWCc0ssjTg
1ZzNSASAoa2uY9LcX4EnL+it7xvdUZZ0LfpMMOnMwKD3kKk41BQpUCVCxVUev5nS
EQJgrN1+IQ3V1EQpNq+2X5vFOxDtBmtXcjt9MmLZxbENcMiQW6WVMZ2qgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGVLErFNDy1Rcc2oIwpNhEF2NzSZMB8GA1UdIwQY
MBaAFAhBjpaQ0PtxGr84dOHFAKYnaTwKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYt
MjJjMGNhMjEzMzgwLzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9lOTc1NjMtYzdlNS00MDM2LWE3OTYtMjJjMGNhMjEzMzgw
LzEvQ0VHT2xwRFEtM0VhdnpoMDRjVUFwaWRwUEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVdUvIQxQ
ShLllIPmRk3GwH4p2X5zy9tmOeo1F6ZSXB6SfImic8r6+wtEU5SzVSamjxrFIaOm
i/xxAWqxQCZtDNf2fLrZ6HWMfdbD1zG0z/R+Mow1+6XmlCRDhw3D3M3PkbeXdzB4
8CMD2ZAikxbmL8Oet66RFBEisGBtO39pSL6So10qg2pvDreYAbcuOE78/OmMXZqo
j1DDTUNeVHSZgVqdwtDez3+OnWshFOqnIlqlrowvhExO23G4yxfK2Tc1g9x54XmX
zH0+KIZHUOoeSIv9OwKhV3LAsbF5YnUENzD47KcQ1Y59cGEE2BSC+WgkB2rCg2x6
+bGjf85aVcdt0w==
-----END CERTIFICATE-----
Generated at Fri May 15 11:56:02 2026 by rpki-client