Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
File: stCgxoogOf8MpRQCQRUnHIoEZgg.mft (raw, json)
Hash identifier: CFNDKeJ1HfB8Mq+XTP/7ZgnOKlqXhgzVVqcGdTddLd0=
Subject key identifier: CA:FE:E1:CA:8F:B5:2C:3B:AB:C1:C9:2F:84:08:D2:9C:EC:C4:13:81
Authority key identifier: B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08
Certificate issuer: /CN=b2d0a0c68a2039ff0ca514024115271c8a046608
Certificate serial: 019D37C0ED9F2F70964D17E3E5626BBFA844
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
Manifest number: 181E
Signing time: Sun 29 Mar 2026 04:01:23 +0000
Manifest this update: Sun 29 Mar 2026 04:01:23 +0000
Manifest next update: Mon 30 Mar 2026 04:01:23 +0000
Files and hashes: 1: 4eGQ-UBGNs_4XAP1phxy5eDsOEU.roa (hash: NGm7oj0oNNHffCOXmAY3fJHH7vgq8EjhCAsgIYkz9sk=)
2: stCgxoogOf8MpRQCQRUnHIoEZgg.crl (hash: MO6g5MQex4lzNQp07FKWsKXu/Y+AA3q3hseqDitP0r4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:ed:9f:2f:70:96:4d:17:e3:e5:62:6b:bf:a8:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2d0a0c68a2039ff0ca514024115271c8a046608
Validity
Not Before: Mar 29 04:01:23 2026 GMT
Not After : Mar 30 04:01:23 2026 GMT
Subject: CN=cafee1ca8fb52c3babc1c92f8408d29cecc41381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:78:89:be:39:93:7d:c1:70:21:11:aa:a2:
d2:29:6c:9f:21:62:fa:b3:29:9d:ab:f6:fa:84:c9:
d8:fe:d0:15:74:1b:c8:3c:3a:8e:ba:d3:e8:5d:10:
f9:73:e0:17:a1:47:49:a6:61:b4:6a:38:e0:ef:e8:
18:6d:3c:35:02:3c:62:5d:41:4e:58:f7:77:15:44:
b1:fb:44:9d:17:62:eb:66:25:cb:c4:55:1c:33:6d:
b5:0a:c7:40:89:ff:9b:cd:a7:82:40:1d:d4:c9:26:
b5:0d:4c:0e:66:b1:09:c1:46:65:16:d3:ef:37:1f:
5d:e2:52:bf:c9:a5:7e:a3:7b:9f:c3:73:b0:97:69:
4a:a4:31:85:19:25:ef:3b:f3:90:c8:d3:e8:f0:1d:
ee:51:53:ea:2c:ed:56:e7:7b:8e:af:88:a8:18:e0:
ef:6e:37:a6:65:f6:4d:be:24:7f:57:29:19:be:e2:
e6:eb:88:aa:51:0c:67:c2:f7:09:37:c5:6a:c0:93:
79:23:fc:aa:4d:61:19:6b:e3:c0:52:ca:d9:4f:8d:
d8:d8:94:b9:7d:a2:b1:7b:60:1e:ff:7d:c0:e1:dc:
e1:23:0c:ec:49:7a:5a:db:d7:6e:cb:81:47:ca:1f:
8f:d6:80:14:ba:dc:57:98:de:f0:e7:2e:88:e9:94:
f3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:FE:E1:CA:8F:B5:2C:3B:AB:C1:C9:2F:84:08:D2:9C:EC:C4:13:81
X509v3 Authority Key Identifier:
keyid:B2:D0:A0:C6:8A:20:39:FF:0C:A5:14:02:41:15:27:1C:8A:04:66:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/stCgxoogOf8MpRQCQRUnHIoEZgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b3d0d7-e10a-486f-885d-41ab7c872fea/1/stCgxoogOf8MpRQCQRUnHIoEZgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:6b:73:cc:09:19:ef:1e:04:81:34:6e:93:ea:5e:06:42:29:
6e:aa:41:e6:51:6b:ee:6f:5f:df:6f:ef:58:95:59:43:cf:90:
dc:df:3a:63:ea:88:a8:b7:45:13:62:9a:b8:a2:75:a8:eb:36:
4b:7c:e8:33:0e:93:ee:5b:eb:16:60:21:ff:4d:e4:76:02:ef:
f7:97:8c:be:a5:eb:3f:16:7f:e2:4e:32:5b:56:a2:94:56:d4:
f1:80:69:45:f5:54:f5:b4:d0:4f:13:99:cc:34:4d:ed:e4:15:
a6:61:74:b2:00:3a:20:2e:7e:9d:bc:e7:e2:41:a4:53:00:1a:
dc:d4:76:97:63:a5:d6:a6:0c:f7:08:4a:8f:b7:2f:f6:b6:67:
2d:98:fa:84:60:9f:8c:56:54:2a:41:52:0e:11:e7:2a:bc:49:
75:5f:ff:bb:11:02:88:d3:70:19:ae:33:ee:a4:bf:84:b5:a3:
4a:bd:72:37:3f:9f:95:3c:69:8c:3b:0f:45:f7:47:9a:41:ee:
b5:ce:06:62:57:a6:15:58:e2:fd:11:09:da:53:6c:5f:e9:5c:
38:25:1c:ec:39:1c:d6:e8:f4:55:51:cf:be:1d:91:25:67:dd:
0e:de:2d:4d:25:5d:b5:ca:98:98:9c:8c:e6:5e:47:1d:3d:3e:
29:f6:05:a2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wO2fL3CWTRfj5WJrv6hEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZDBhMGM2OGEyMDM5ZmYwY2E1MTQwMjQxMTUyNzFjOGEw
NDY2MDgwHhcNMjYwMzI5MDQwMTIzWhcNMjYwMzMwMDQwMTIzWjAzMTEwLwYDVQQD
EyhjYWZlZTFjYThmYjUyYzNiYWJjMWM5MmY4NDA4ZDI5Y2VjYzQxMzgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaB4ib45k33BcCERqqLSKWyfIWL6
symdq/b6hMnY/tAVdBvIPDqOutPoXRD5c+AXoUdJpmG0ajjg7+gYbTw1AjxiXUFO
WPd3FUSx+0SdF2LrZiXLxFUcM221CsdAif+bzaeCQB3UySa1DUwOZrEJwUZlFtPv
Nx9d4lK/yaV+o3ufw3Owl2lKpDGFGSXvO/OQyNPo8B3uUVPqLO1W53uOr4ioGODv
bjemZfZNviR/VykZvuLm64iqUQxnwvcJN8VqwJN5I/yqTWEZa+PAUsrZT43Y2JS5
faKxe2Ae/33A4dzhIwzsSXpa29duy4FHyh+P1oAUutxXmN7w5y6I6ZTzTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMr+4cqPtSw7q8HJL4QI0pzsxBOBMB8GA1UdIwQY
MBaAFLLQoMaKIDn/DKUUAkEVJxyKBGYIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQt
NDFhYjdjODcyZmVhLzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9iM2QwZDctZTEwYS00ODZmLTg4NWQtNDFhYjdjODcyZmVh
LzEvc3RDZ3hvb2dPZjhNcFJRQ1FSVW5ISW9FWmdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWmtzzAkZ
7x4EgTRuk+peBkIpbqpB5lFr7m9f32/vWJVZQ8+Q3N86Y+qIqLdFE2KauKJ1qOs2
S3zoMw6T7lvrFmAh/03kdgLv95eMvqXrPxZ/4k4yW1ailFbU8YBpRfVU9bTQTxOZ
zDRN7eQVpmF0sgA6IC5+nbzn4kGkUwAa3NR2l2Ol1qYM9whKj7cv9rZnLZj6hGCf
jFZUKkFSDhHnKrxJdV//uxECiNNwGa4z7qS/hLWjSr1yNz+flTxpjDsPRfdHmkHu
tc4GYlemFVji/REJ2lNsX+lcOCUc7Dkc1uj0VVHPvh2RJWfdDt4tTSVdtcqYmJyM
5l5HHT0+KfYFog==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:27 2026 by rpki-client