Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
File: xIzPWOSy4trdSoSDPAZ87iuXRek.mft (raw, json)
Hash identifier: MGhanXD9mxVxjYyTATe/9q+ANTQodWlJBXWeALMJJ7o=
Subject key identifier: 03:09:47:0C:0C:EF:03:D0:CF:4D:E8:9A:30:D2:ED:5F:57:C8:CB:98
Authority key identifier: C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9
Certificate issuer: /CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
Certificate serial: 019D39AF146B062749CCB3759ECC528791A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
Manifest number: 0ABF
Signing time: Sun 29 Mar 2026 13:01:08 +0000
Manifest this update: Sun 29 Mar 2026 13:01:08 +0000
Manifest next update: Mon 30 Mar 2026 13:01:08 +0000
Files and hashes: 1: xIzPWOSy4trdSoSDPAZ87iuXRek.crl (hash: ifs60NeGLoQ/pSFGscKGi2Lx+lrAtgxmo4APx2abd/M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:af:14:6b:06:27:49:cc:b3:75:9e:cc:52:87:91:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c48ccf58e4b2e2dadd4a84833c067cee2b9745e9
Validity
Not Before: Mar 29 13:01:08 2026 GMT
Not After : Mar 30 13:01:08 2026 GMT
Subject: CN=0309470c0cef03d0cf4de89a30d2ed5f57c8cb98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:88:02:69:5f:31:8a:f7:d7:0b:13:ab:27:89:
e2:cd:10:9f:04:5f:cf:b8:d1:db:5b:81:69:a0:a1:
63:e0:c3:9a:db:47:ea:64:4f:a8:e8:ed:80:ca:f1:
2d:ba:a3:79:9e:f1:f1:61:b2:27:b6:0b:25:a4:74:
7b:ff:29:ef:92:34:12:9d:43:41:0e:d1:40:b9:dd:
13:df:e9:31:db:ee:87:45:b6:0a:f5:f5:e3:3c:2d:
71:7e:aa:d5:e3:91:74:52:b2:37:d9:aa:69:b1:06:
04:81:be:f4:23:a5:af:b2:66:10:6f:ca:2a:03:19:
b3:0b:38:91:22:2a:88:54:82:ce:36:31:88:29:eb:
19:c7:14:a7:40:00:bc:5c:f9:dc:03:a1:42:a0:4e:
6d:14:d8:19:75:08:15:9b:81:17:47:8b:17:b9:dd:
24:9b:46:0d:c2:49:34:75:cc:33:ca:6b:03:5f:08:
b5:6d:34:be:d1:7b:6d:2c:46:1c:52:43:1b:d1:6d:
44:80:c0:30:1a:72:3f:86:4d:34:03:73:72:46:1b:
ec:5d:f4:be:b6:6c:cc:01:78:ba:91:08:ab:d3:1b:
01:b8:f2:31:32:43:8e:bb:47:fa:af:c5:b4:ea:2a:
ad:ca:5f:eb:b0:93:25:f3:a4:cf:88:21:78:f8:bf:
b1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:09:47:0C:0C:EF:03:D0:CF:4D:E8:9A:30:D2:ED:5F:57:C8:CB:98
X509v3 Authority Key Identifier:
keyid:C4:8C:CF:58:E4:B2:E2:DA:DD:4A:84:83:3C:06:7C:EE:2B:97:45:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xIzPWOSy4trdSoSDPAZ87iuXRek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/cbe005-2689-4379-9a7e-a50e32de0823/1/xIzPWOSy4trdSoSDPAZ87iuXRek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:08:bc:93:58:e6:29:5f:62:d4:bf:18:25:5b:68:d9:d8:24:
56:f6:98:81:7a:eb:e2:13:d6:f0:6c:07:68:4d:2a:af:a3:50:
17:fa:82:f2:c0:85:21:f8:6c:bf:00:87:b7:e8:4d:1c:90:4b:
e3:3e:60:63:0f:10:54:b2:d1:0d:bb:58:78:d9:4e:4c:32:95:
b1:3b:95:4f:56:bb:f6:9e:e1:b0:68:61:27:94:24:b9:29:5b:
95:cc:ff:77:85:e4:69:65:18:f7:76:a7:9d:96:ca:c4:ed:fd:
eb:10:6b:7d:80:38:ca:b8:79:0c:dd:a6:e5:f5:8b:a7:9e:1d:
3c:e4:a5:20:be:9b:44:7e:2a:45:0e:de:b6:7d:81:bc:32:5e:
c6:81:9d:99:a9:93:c5:f8:36:93:8f:c3:93:d1:6f:e2:3c:cb:
ea:a4:99:66:af:e7:eb:fa:72:4c:0b:3e:31:92:f3:16:da:3c:
02:77:f1:8a:43:30:f5:4d:ef:4c:d4:1c:34:a3:69:46:cf:06:
b3:58:9e:07:b6:0f:0a:6d:60:0c:c9:53:54:13:f2:a0:7c:db:
2d:3a:09:51:4b:b6:09:f3:b4:cf:b5:92:1b:9d:04:97:70:aa:
99:b6:ca:86:c5:70:6d:22:7b:4e:d8:7d:e4:5f:a6:93:bc:0c:
10:5a:e7:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05rxRrBidJzLN1nsxSh5GhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0OGNjZjU4ZTRiMmUyZGFkZDRhODQ4MzNjMDY3Y2VlMmI5
NzQ1ZTkwHhcNMjYwMzI5MTMwMTA4WhcNMjYwMzMwMTMwMTA4WjAzMTEwLwYDVQQD
EygwMzA5NDcwYzBjZWYwM2QwY2Y0ZGU4OWEzMGQyZWQ1ZjU3YzhjYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ogCaV8xivfXCxOrJ4nizRCfBF/P
uNHbW4FpoKFj4MOa20fqZE+o6O2AyvEtuqN5nvHxYbIntgslpHR7/ynvkjQSnUNB
DtFAud0T3+kx2+6HRbYK9fXjPC1xfqrV45F0UrI32appsQYEgb70I6WvsmYQb8oq
AxmzCziRIiqIVILONjGIKesZxxSnQAC8XPncA6FCoE5tFNgZdQgVm4EXR4sXud0k
m0YNwkk0dcwzymsDXwi1bTS+0XttLEYcUkMb0W1EgMAwGnI/hk00A3NyRhvsXfS+
tmzMAXi6kQir0xsBuPIxMkOOu0f6r8W06iqtyl/rsJMl86TPiCF4+L+xqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAMJRwwM7wPQz03omjDS7V9XyMuYMB8GA1UdIwQY
MBaAFMSMz1jksuLa3UqEgzwGfO4rl0XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2Ut
YTUwZTMyZGUwODIzLzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9jYmUwMDUtMjY4OS00Mzc5LTlhN2UtYTUwZTMyZGUwODIz
LzEveEl6UFdPU3k0dHJkU29TRFBBWjg3aXVYUmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfAi8k1jm
KV9i1L8YJVto2dgkVvaYgXrr4hPW8GwHaE0qr6NQF/qC8sCFIfhsvwCHt+hNHJBL
4z5gYw8QVLLRDbtYeNlOTDKVsTuVT1a79p7hsGhhJ5QkuSlblcz/d4XkaWUY93an
nZbKxO396xBrfYA4yrh5DN2m5fWLp54dPOSlIL6bRH4qRQ7etn2BvDJexoGdmamT
xfg2k4/Dk9Fv4jzL6qSZZq/n6/pyTAs+MZLzFto8AnfxikMw9U3vTNQcNKNpRs8G
s1ieB7YPCm1gDMlTVBPyoHzbLToJUUu2CfO0z7WSG50El3CqmbbKhsVwbSJ7Tth9
5F+mk7wMEFrniw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:57 2026 by rpki-client