Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
File: CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json)
Hash identifier: IkgnY2dvFNV5NIAkUFAucOWrJUEZ8h5l5SWPdSNFzVQ=
Subject key identifier: 04:2B:38:3C:18:3B:44:5A:DC:D5:76:80:3C:BE:16:21:CE:44:B2:71
Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
Certificate issuer: /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Certificate serial: 019DCE99995944A48C89D0C03F2FE28EC5B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
Manifest number: 048A
Signing time: Mon 27 Apr 2026 11:01:05 +0000
Manifest this update: Mon 27 Apr 2026 11:01:05 +0000
Manifest next update: Tue 28 Apr 2026 11:01:05 +0000
Files and hashes: 1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: 2UYGkth7R3YQGDaV9/m3gX1VARlDk30UDTS7M2V92fs=)
2: rk1bcafZ-NbbUdZCLT9lMRUYm-I.roa (hash: 5haE3uSWqoSmkVp2C59/CSPiEElkrF1oivdNjZDrJeE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 11:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:99:99:59:44:a4:8c:89:d0:c0:3f:2f:e2:8e:c5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Validity
Not Before: Apr 27 11:01:05 2026 GMT
Not After : Apr 28 11:01:05 2026 GMT
Subject: CN=042b383c183b445adcd576803cbe1621ce44b271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:23:0d:8b:0e:b7:fe:40:d5:a5:c2:8f:e0:4e:
ce:2d:20:d1:f8:a2:dc:10:f7:a1:c6:54:e2:a2:f6:
f0:d2:97:82:37:fe:4d:05:8d:fb:2f:80:f2:01:c1:
a4:00:a7:e0:ca:29:89:43:49:f1:5e:d1:32:00:bd:
b7:91:00:3e:b2:5c:45:55:d7:7f:d8:7a:f3:84:76:
5e:77:b3:1f:7a:31:12:b5:29:93:cc:1b:a8:6a:04:
87:3f:8a:67:01:ce:ac:3b:65:f6:5b:a0:6e:b8:c8:
19:4e:10:f1:43:66:9f:cb:d1:8e:7c:57:47:f9:c3:
4e:d1:31:b1:d9:03:44:db:a7:bd:7b:17:90:32:3a:
db:2b:e2:22:6f:cd:f9:f9:4b:3b:c9:c5:f9:f3:aa:
a2:f9:ea:0b:8c:d4:66:ff:77:89:72:a4:55:b4:d3:
5c:db:cd:50:3c:db:4d:c2:96:d6:52:93:e7:39:88:
3b:35:db:bb:41:a0:b3:09:19:84:23:9c:04:74:5c:
8c:d2:73:25:d2:6f:1d:78:80:3e:6d:e2:fb:0f:c7:
f2:f9:f6:69:92:2f:48:ae:bd:ce:5f:e3:8e:8e:91:
ed:05:c8:c3:97:2f:1a:29:66:6c:26:a3:87:89:2d:
da:0a:a9:27:88:da:54:19:4c:57:94:a7:b8:b2:e9:
97:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2B:38:3C:18:3B:44:5A:DC:D5:76:80:3C:BE:16:21:CE:44:B2:71
X509v3 Authority Key Identifier:
keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:d3:ee:f9:1a:a8:f5:ca:d8:6a:84:f6:d0:38:76:05:1d:ce:
13:90:09:e9:a0:3f:b2:69:15:23:9b:9e:ce:ee:8a:e5:5d:b3:
8f:06:9d:df:c5:2c:ee:17:a6:42:c8:33:f6:e5:64:31:85:cd:
91:21:32:59:02:35:97:2f:0a:90:7a:36:3b:7b:6a:9e:71:25:
48:31:6c:08:f4:75:4f:ec:c5:3e:4c:1f:c2:12:8c:10:cb:d7:
66:01:0f:ef:c7:6e:d7:e8:48:ce:57:07:92:c2:a8:9e:96:6c:
4b:bf:2b:60:c1:81:f8:b1:56:5d:aa:c7:53:22:f1:48:d6:0d:
7f:c3:f1:20:95:de:61:c1:8a:ad:31:f2:d2:33:e7:55:47:2c:
5d:dc:30:1a:ca:74:bc:66:e6:0a:34:8d:8c:f6:ed:47:63:2f:
cf:21:d7:eb:d3:10:a2:8a:dc:01:37:2a:0b:c5:60:65:c7:6c:
09:ee:f9:52:9e:7a:3e:36:43:12:9b:2b:4d:51:70:90:91:56:
68:ee:9e:97:6e:da:e2:31:07:19:b7:d4:d7:e4:91:d1:d6:a7:
b6:3f:05:9f:45:4a:c1:b8:4c:68:eb:91:37:5d:aa:3c:8d:6e:
89:c9:45:ea:79:09:07:13:d3:cb:52:ab:86:e8:7b:76:2f:1c:
5c:6b:f4:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OmZlZRKSMidDAPy/ijsWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk
ZGI4MWQwHhcNMjYwNDI3MTEwMTA1WhcNMjYwNDI4MTEwMTA1WjAzMTEwLwYDVQQD
EygwNDJiMzgzYzE4M2I0NDVhZGNkNTc2ODAzY2JlMTYyMWNlNDRiMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziMNiw63/kDVpcKP4E7OLSDR+KLc
EPehxlTiovbw0peCN/5NBY37L4DyAcGkAKfgyimJQ0nxXtEyAL23kQA+slxFVdd/
2HrzhHZed7MfejEStSmTzBuoagSHP4pnAc6sO2X2W6BuuMgZThDxQ2afy9GOfFdH
+cNO0TGx2QNE26e9exeQMjrbK+Iib835+Us7ycX586qi+eoLjNRm/3eJcqRVtNNc
281QPNtNwpbWUpPnOYg7Ndu7QaCzCRmEI5wEdFyM0nMl0m8deIA+beL7D8fy+fZp
ki9Irr3OX+OOjpHtBcjDly8aKWZsJqOHiS3aCqkniNpUGUxXlKe4sumXewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQrODwYO0Ra3NV2gDy+FiHORLJxMB8GA1UdIwQY
MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt
MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl
LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkNPu+Rqo
9crYaoT20Dh2BR3OE5AJ6aA/smkVI5uezu6K5V2zjwad38Us7hemQsgz9uVkMYXN
kSEyWQI1ly8KkHo2O3tqnnElSDFsCPR1T+zFPkwfwhKMEMvXZgEP78du1+hIzlcH
ksKonpZsS78rYMGB+LFWXarHUyLxSNYNf8PxIJXeYcGKrTHy0jPnVUcsXdwwGsp0
vGbmCjSNjPbtR2MvzyHX69MQoorcATcqC8VgZcdsCe75Up56PjZDEpsrTVFwkJFW
aO6el27a4jEHGbfU1+SR0dantj8Fn0VKwbhMaOuRN12qPI1uiclF6nkJBxPTy1Kr
huh7di8cXGv0rQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:13:28 2026 by rpki-client