Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
File: CnAgLDEt0sem_8MXqobk4gaSSaY.mft (raw, json)
Hash identifier: CTGtGTtx+ailovI+71l4WE87+sHjnN/EF7ZjKKd+Y34=
Subject key identifier: 82:AF:6B:C4:9D:DE:98:32:8E:96:97:24:54:DC:F1:F6:E4:17:C5:A2
Authority key identifier: 0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6
Certificate issuer: /CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6
Certificate serial: 019D38D2D91B21C0D79B88D9BE68EC17CBE7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
Manifest number: 0BBD
Signing time: Sun 29 Mar 2026 09:00:35 +0000
Manifest this update: Sun 29 Mar 2026 09:00:35 +0000
Manifest next update: Mon 30 Mar 2026 09:00:35 +0000
Files and hashes: 1: CnAgLDEt0sem_8MXqobk4gaSSaY.crl (hash: gSJa60JhfBlqnVLPAapmvb0o3njcsvdbaDYC0fK18gk=)
2: fzKhZS7tgEqUrdZvJWQiBhGYXjs.roa (hash: oNIwrLOUrwNgDI/YRh0BOg1IxHhuOn9PuGYKfadJj30=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:d9:1b:21:c0:d7:9b:88:d9:be:68:ec:17:cb:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a70202c312dd2c7a6ffc317aa86e4e2069249a6
Validity
Not Before: Mar 29 09:00:35 2026 GMT
Not After : Mar 30 09:00:35 2026 GMT
Subject: CN=82af6bc49dde98328e96972454dcf1f6e417c5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e1:db:b0:0e:b2:8a:d7:66:56:86:10:4c:02:
65:3a:c2:d5:29:44:6a:9d:b9:16:f6:ea:b9:60:16:
af:52:3c:76:5d:85:25:48:52:33:0b:92:2a:d3:18:
61:ae:30:30:23:78:4b:68:35:9d:e0:79:05:7f:a8:
b2:f9:1f:47:2a:e5:dc:5a:db:d3:a9:1d:e2:6d:7e:
12:63:95:f6:a6:ad:b3:7b:59:88:95:2b:0a:0a:55:
12:39:c0:40:df:b0:60:cd:87:92:cc:59:ef:66:72:
5f:7e:c8:54:04:1f:8e:e6:70:be:f5:71:56:c8:70:
4f:c7:4e:f7:40:c9:d1:9f:78:ca:b9:d7:98:14:54:
0d:b3:99:b9:5d:c4:58:7d:ba:4d:85:4e:9e:94:f3:
2d:85:e9:87:98:03:88:ae:88:7a:b3:9e:2e:76:78:
a1:bc:19:2a:b5:55:9f:ce:fc:7e:07:81:77:1c:0b:
6a:d2:a8:ba:97:58:e7:18:a3:9c:db:ef:69:aa:0c:
73:44:69:86:a7:49:e1:c1:78:64:7d:bc:6c:02:54:
dd:b4:98:74:c0:1b:a7:98:90:4b:74:2e:4d:ce:22:
e0:94:21:f3:4d:7f:be:93:c1:3c:92:1b:64:2d:21:
cc:9a:ac:f3:b4:a7:9b:ba:82:bb:4f:c9:f7:60:73:
76:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:AF:6B:C4:9D:DE:98:32:8E:96:97:24:54:DC:F1:F6:E4:17:C5:A2
X509v3 Authority Key Identifier:
keyid:0A:70:20:2C:31:2D:D2:C7:A6:FF:C3:17:AA:86:E4:E2:06:92:49:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnAgLDEt0sem_8MXqobk4gaSSaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/8ff697-57fc-40ff-8a53-68c849277d73/1/CnAgLDEt0sem_8MXqobk4gaSSaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:b0:49:a5:07:3e:f6:b3:6f:f2:f7:ed:24:4c:19:1f:55:49:
7f:f2:53:7b:2f:0d:e6:94:4e:0d:5f:f3:16:a8:8e:26:c5:a5:
62:b1:a1:8c:a4:5b:dc:ce:d6:84:de:0e:21:f0:bc:1d:c9:68:
b8:75:2f:a2:02:3e:50:d7:cb:bb:fe:ec:bb:75:cc:7f:2f:fe:
c1:73:af:42:f2:c6:99:6a:91:45:17:c5:7f:75:73:dd:28:37:
c3:b8:4b:6e:ce:3b:84:93:45:ff:53:29:d2:a1:e6:17:1b:cb:
d4:00:78:d3:72:90:29:a0:c5:ee:7c:98:cf:75:71:72:03:d4:
fa:3a:88:74:75:56:ba:44:91:8f:e3:59:28:72:a4:ae:8f:99:
7a:e3:39:f5:cb:e2:5b:2b:57:f4:ee:2c:b4:d4:91:b6:a7:07:
d1:f6:9e:15:22:da:bb:0c:28:ad:83:30:82:be:68:eb:0d:12:
4f:ec:89:fa:6b:97:07:cb:04:57:f4:6b:c4:70:7b:46:57:33:
9a:0d:c3:a1:e9:77:49:92:ca:13:90:9f:62:54:59:12:d1:94:
c0:38:16:b9:1c:8e:d9:51:26:83:0c:27:26:20:02:3b:ae:ed:
27:82:e7:bc:0d:19:69:9a:03:25:fb:0c:a0:6a:62:c2:e3:5d:
87:8c:d3:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tkbIcDXm4jZvmjsF8vnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzAyMDJjMzEyZGQyYzdhNmZmYzMxN2FhODZlNGUyMDY5
MjQ5YTYwHhcNMjYwMzI5MDkwMDM1WhcNMjYwMzMwMDkwMDM1WjAzMTEwLwYDVQQD
Eyg4MmFmNmJjNDlkZGU5ODMyOGU5Njk3MjQ1NGRjZjFmNmU0MTdjNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreHbsA6yitdmVoYQTAJlOsLVKURq
nbkW9uq5YBavUjx2XYUlSFIzC5Iq0xhhrjAwI3hLaDWd4HkFf6iy+R9HKuXcWtvT
qR3ibX4SY5X2pq2ze1mIlSsKClUSOcBA37BgzYeSzFnvZnJffshUBB+O5nC+9XFW
yHBPx073QMnRn3jKudeYFFQNs5m5XcRYfbpNhU6elPMthemHmAOIroh6s54udnih
vBkqtVWfzvx+B4F3HAtq0qi6l1jnGKOc2+9pqgxzRGmGp0nhwXhkfbxsAlTdtJh0
wBunmJBLdC5NziLglCHzTX++k8E8khtkLSHMmqzztKebuoK7T8n3YHN2dwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIKva8Sd3pgyjpaXJFTc8fbkF8WiMB8GA1UdIwQY
MBaAFApwICwxLdLHpv/DF6qG5OIGkkmmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMt
NjhjODQ5Mjc3ZDczLzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS84ZmY2OTctNTdmYy00MGZmLThhNTMtNjhjODQ5Mjc3ZDcz
LzEvQ25BZ0xERXQwc2VtXzhNWHFvYms0Z2FTU2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOrBJpQc+
9rNv8vftJEwZH1VJf/JTey8N5pRODV/zFqiOJsWlYrGhjKRb3M7WhN4OIfC8Hclo
uHUvogI+UNfLu/7su3XMfy/+wXOvQvLGmWqRRRfFf3Vz3Sg3w7hLbs47hJNF/1Mp
0qHmFxvL1AB403KQKaDF7nyYz3VxcgPU+jqIdHVWukSRj+NZKHKkro+ZeuM59cvi
WytX9O4stNSRtqcH0faeFSLauwworYMwgr5o6w0ST+yJ+muXB8sEV/RrxHB7Rlcz
mg3Doel3SZLKE5CfYlRZEtGUwDgWuRyO2VEmgwwnJiACO67tJ4LnvA0ZaZoDJfsM
oGpiwuNdh4zTUg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:30:56 2026 by rpki-client