Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
File: CgIUob8dOv0t1msjqZcxBrXTFso.mft (raw, json)
Hash identifier: Bvm93XF26czZzFriSJQm6sSDmvQM8RF/SKynjhD0IXA=
Subject key identifier: D2:3D:B6:F3:13:D3:8A:A0:54:8C:B0:33:56:72:1C:79:05:43:12:27
Authority key identifier: 0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
Certificate issuer: /CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Certificate serial: 019DA89E89AF4F7D949E6BE964398AFC6CF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
Manifest number: 13AB
Signing time: Mon 20 Apr 2026 02:00:55 +0000
Manifest this update: Mon 20 Apr 2026 02:00:55 +0000
Manifest next update: Tue 21 Apr 2026 02:00:55 +0000
Files and hashes: 1: CgIUob8dOv0t1msjqZcxBrXTFso.crl (hash: lNBM8H+sdgwZMKtHTTdfBNGuO8VwkBdRXzOgGSgdrJs=)
2: Kr82PzCvD4Fk7jNwoZ0-iCZtxTE.roa (hash: XM1J6jO/D+cqiYMXDlDXyv/SlFsPZ20nk+XVsCUihVk=)
3: cENwAzhw60-ikgeBP0Wk-X-TPRQ.roa (hash: WKFy5CgMQiAy0y2WtEt+U7yH6EI/ABaKojXrx+8izJQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a8:9e:89:af:4f:7d:94:9e:6b:e9:64:39:8a:fc:6c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a0214a1bf1d3afd2dd66b23a9973106b5d316ca
Validity
Not Before: Apr 20 02:00:55 2026 GMT
Not After : Apr 21 02:00:55 2026 GMT
Subject: CN=d23db6f313d38aa0548cb03356721c7905431227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ca:43:0b:e8:08:7d:2c:07:ee:26:9f:5c:60:
be:f1:25:29:eb:48:b5:8b:b2:bb:76:27:2b:ae:6b:
92:25:5d:42:f2:2d:51:f5:15:bb:57:5e:6f:5a:0e:
48:1e:ac:74:39:41:54:4a:4b:06:b5:cc:14:b5:ac:
fc:57:3f:a9:ce:27:05:88:4e:ac:18:90:e3:cf:be:
e2:39:d4:33:17:57:26:3b:fc:66:79:05:74:af:67:
e1:e8:97:e5:c8:af:7a:3e:1b:30:23:b8:2e:33:bf:
53:d1:41:23:08:15:8d:2d:27:eb:2f:4b:c6:59:90:
cd:1c:06:52:ec:c1:4a:41:c4:9f:96:36:2e:fb:9a:
66:4c:4e:27:09:16:d4:de:48:66:67:e6:cf:6e:42:
a8:ac:da:38:ac:dc:47:70:35:8c:10:f0:bd:81:78:
40:98:b2:8a:da:f7:61:b4:86:e5:66:b3:a1:b2:e9:
64:43:31:ac:83:cd:56:a6:58:25:79:f3:bd:73:ea:
6f:ba:f4:f0:97:d5:e2:3f:a3:1e:fb:46:1f:f1:ba:
7d:f4:3f:c1:d4:50:55:24:1d:73:68:8e:f3:d8:11:
32:d2:f6:54:db:ff:2b:9b:a4:c3:78:20:f4:a5:3e:
8f:5d:65:e9:00:06:43:c9:b6:cf:a7:b7:56:ee:cb:
ad:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:3D:B6:F3:13:D3:8A:A0:54:8C:B0:33:56:72:1C:79:05:43:12:27
X509v3 Authority Key Identifier:
keyid:0A:02:14:A1:BF:1D:3A:FD:2D:D6:6B:23:A9:97:31:06:B5:D3:16:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CgIUob8dOv0t1msjqZcxBrXTFso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/04ecc0-663c-460e-920d-332ee5425c7a/1/CgIUob8dOv0t1msjqZcxBrXTFso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:62:c8:37:70:6f:41:2c:30:60:5b:27:2c:78:e9:02:65:c6:
0f:e0:5e:4c:d9:6e:e1:11:af:4e:30:e1:94:8c:1e:fa:a0:82:
ee:b7:05:3b:40:66:34:6c:52:34:6b:ca:ee:75:47:ab:86:bb:
0e:b1:3c:21:ee:96:cc:f1:15:27:1a:ee:f6:ca:e9:c9:74:63:
7f:b2:5a:f1:98:e3:55:ec:fb:d9:73:92:38:48:c9:48:97:72:
ef:c0:8b:58:6e:21:df:43:f7:af:7c:bd:79:89:9b:10:29:8c:
7d:64:5f:f7:c7:65:74:b2:88:44:fb:fe:5d:00:a5:15:4b:cc:
00:a2:96:e9:82:b7:57:75:72:00:8d:9c:94:e0:72:5c:3c:28:
12:14:77:83:42:68:4c:ce:9a:1f:fb:34:51:50:d1:61:69:65:
26:3c:d0:fd:ed:0c:13:4f:0c:c7:8e:b0:96:ed:a1:04:ee:7d:
89:5c:f5:46:4d:71:f9:42:17:40:6b:5e:a3:4f:2f:91:44:11:
74:43:8c:94:fe:7f:9d:53:db:01:35:dd:56:a9:88:ae:13:93:
d4:1d:a8:2a:94:e2:00:af:1c:75:d9:34:de:74:0c:61:7a:2e:
85:1b:28:a5:1b:7d:a3:58:a5:57:d3:ed:4d:ba:ea:96:39:f4:
f4:71:46:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2onomvT32UnmvpZDmK/GzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMDIxNGExYmYxZDNhZmQyZGQ2NmIyM2E5OTczMTA2YjVk
MzE2Y2EwHhcNMjYwNDIwMDIwMDU1WhcNMjYwNDIxMDIwMDU1WjAzMTEwLwYDVQQD
EyhkMjNkYjZmMzEzZDM4YWEwNTQ4Y2IwMzM1NjcyMWM3OTA1NDMxMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMpDC+gIfSwH7iafXGC+8SUp60i1
i7K7dicrrmuSJV1C8i1R9RW7V15vWg5IHqx0OUFUSksGtcwUtaz8Vz+pzicFiE6s
GJDjz77iOdQzF1cmO/xmeQV0r2fh6JflyK96PhswI7guM79T0UEjCBWNLSfrL0vG
WZDNHAZS7MFKQcSfljYu+5pmTE4nCRbU3khmZ+bPbkKorNo4rNxHcDWMEPC9gXhA
mLKK2vdhtIblZrOhsulkQzGsg81WplglefO9c+pvuvTwl9XiP6Me+0Yf8bp99D/B
1FBVJB1zaI7z2BEy0vZU2/8rm6TDeCD0pT6PXWXpAAZDybbPp7dW7sutcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNI9tvMT04qgVIywM1ZyHHkFQxInMB8GA1UdIwQY
MBaAFAoCFKG/HTr9LdZrI6mXMQa10xbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQt
MzMyZWU1NDI1YzdhLzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wNGVjYzAtNjYzYy00NjBlLTkyMGQtMzMyZWU1NDI1Yzdh
LzEvQ2dJVW9iOGRPdjB0MW1zanFaY3hCclhURnNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2LIN3Bv
QSwwYFsnLHjpAmXGD+BeTNlu4RGvTjDhlIwe+qCC7rcFO0BmNGxSNGvK7nVHq4a7
DrE8Ie6WzPEVJxru9srpyXRjf7Ja8ZjjVez72XOSOEjJSJdy78CLWG4h30P3r3y9
eYmbECmMfWRf98dldLKIRPv+XQClFUvMAKKW6YK3V3VyAI2clOByXDwoEhR3g0Jo
TM6aH/s0UVDRYWllJjzQ/e0ME08Mx46wlu2hBO59iVz1Rk1x+UIXQGteo08vkUQR
dEOMlP5/nVPbATXdVqmIrhOT1B2oKpTiAK8cddk03nQMYXouhRsopRt9o1ilV9Pt
Tbrqljn09HFGxQ==
-----END CERTIFICATE-----
Generated at Mon Apr 20 04:51:27 2026 by rpki-client