Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
File: cBKlLoiwGDLPDuN8zath3s59EsY.mft (raw, json)
Hash identifier: Moc5P3v/TzRCQqdd5L98rlXAZDbzopk1G5DbIh1ujyo=
Subject key identifier: BE:DD:F5:3A:4C:AF:50:72:E1:1F:B7:AD:A0:96:61:A9:A5:7F:18:87
Authority key identifier: 70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
Certificate issuer: /CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Certificate serial: 019D3789B7E2D43974C6219CD329D6C4296C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
Manifest number: 0D10
Signing time: Sun 29 Mar 2026 03:01:05 +0000
Manifest this update: Sun 29 Mar 2026 03:01:05 +0000
Manifest next update: Mon 30 Mar 2026 03:01:05 +0000
Files and hashes: 1: SNdVrzFoTGYFoAaQRYv8cJ6F2H0.roa (hash: MfCh5miyV4l1WaY/F5DKyibenGShF9S2TLmog0i5DGQ=)
2: cBKlLoiwGDLPDuN8zath3s59EsY.crl (hash: IruJt3mfqwVlj5fhnGCJvimXilXENa5+Px0Galgoj24=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:b7:e2:d4:39:74:c6:21:9c:d3:29:d6:c4:29:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Validity
Not Before: Mar 29 03:01:05 2026 GMT
Not After : Mar 30 03:01:05 2026 GMT
Subject: CN=beddf53a4caf5072e11fb7ada09661a9a57f1887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:de:52:f3:23:d2:e4:15:01:0e:45:5e:64:69:
50:e3:c6:72:27:91:4d:61:7d:84:5f:c1:c7:de:29:
63:4e:0c:38:ff:5b:0b:d0:49:db:f8:6c:fa:cf:40:
5c:73:fa:1a:2b:85:14:cc:f3:65:61:5d:65:a6:18:
60:f6:cc:d4:39:2e:e7:aa:ee:37:bd:9c:a3:af:43:
18:5c:12:1e:20:d2:e8:a6:30:0c:6f:06:e8:b0:57:
3d:8f:38:d2:b2:2e:9d:f8:8a:19:5e:f4:97:3b:09:
cf:9c:83:22:68:79:7d:9d:cc:1b:7c:49:79:bf:df:
24:3c:a2:98:c5:40:04:70:d5:02:32:9b:96:28:cd:
81:20:a6:83:87:77:2e:2d:ba:7f:a7:79:14:bb:c2:
8b:ad:12:73:f1:9a:08:93:82:74:b4:b9:47:44:46:
f1:c2:d0:b2:12:a7:a5:03:5b:d5:fc:60:24:81:1c:
64:d7:cd:38:72:eb:bb:a7:7e:7b:3f:6a:ed:f9:d4:
82:d5:7a:58:e4:d5:70:31:ee:21:c8:36:b5:9d:57:
fa:bc:5e:6e:1f:cb:d3:1e:2c:14:c9:9c:ca:01:c2:
48:7f:b5:04:97:90:d9:22:a6:0b:6f:aa:87:32:12:
a5:48:2c:52:6b:49:a8:c3:d7:23:42:5b:75:eb:e0:
80:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DD:F5:3A:4C:AF:50:72:E1:1F:B7:AD:A0:96:61:A9:A5:7F:18:87
X509v3 Authority Key Identifier:
keyid:70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:af:f7:84:bb:d9:d6:ac:e9:a7:6e:96:ce:7e:d3:5c:ca:1f:
26:28:2b:2a:3c:8e:71:c3:88:5e:12:02:ba:6f:dc:0e:fd:b1:
18:13:8d:60:42:2b:ef:1d:57:6a:ec:8a:a4:34:49:5b:cf:39:
5f:b7:64:88:1c:24:33:cb:ca:36:09:05:32:7f:41:03:0c:28:
36:70:f7:d8:53:b0:36:c7:1c:b3:10:b6:fd:d7:61:3e:ba:5a:
82:93:de:fc:ef:78:05:3e:25:1c:f7:46:93:1a:2d:d5:72:8c:
eb:4b:3c:78:81:a3:74:be:20:11:c3:03:f6:73:b8:6b:0b:a7:
7f:6d:6b:f4:e3:81:96:70:ac:b5:57:34:7d:ee:27:9a:e6:00:
63:64:59:92:a1:2b:97:41:ec:24:7d:f9:30:31:02:78:7a:70:
a5:d3:ca:ad:3e:7b:26:a2:92:46:2d:d5:fa:ce:fc:19:3e:88:
6b:7e:cd:62:76:8a:29:3d:71:30:31:4c:a6:aa:9b:10:c1:aa:
46:95:85:fe:08:2e:8c:d1:29:5c:82:a9:29:84:46:49:c9:78:
ca:5f:92:9d:d2:b3:5c:1c:95:25:2f:71:cc:91:84:7a:a6:f5:
1f:f9:b4:69:68:2f:9d:9f:75:c0:87:e5:1a:7e:2c:1c:2a:cf:
a3:c2:51:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03ibfi1Dl0xiGc0ynWxClsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTJhNTJlODhiMDE4MzJjZjBlZTM3Y2NkYWI2MWRlY2U3
ZDEyYzYwHhcNMjYwMzI5MDMwMTA1WhcNMjYwMzMwMDMwMTA1WjAzMTEwLwYDVQQD
EyhiZWRkZjUzYTRjYWY1MDcyZTExZmI3YWRhMDk2NjFhOWE1N2YxODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxt5S8yPS5BUBDkVeZGlQ48ZyJ5FN
YX2EX8HH3iljTgw4/1sL0Enb+Gz6z0Bcc/oaK4UUzPNlYV1lphhg9szUOS7nqu43
vZyjr0MYXBIeINLopjAMbwbosFc9jzjSsi6d+IoZXvSXOwnPnIMiaHl9ncwbfEl5
v98kPKKYxUAEcNUCMpuWKM2BIKaDh3cuLbp/p3kUu8KLrRJz8ZoIk4J0tLlHREbx
wtCyEqelA1vV/GAkgRxk1804cuu7p357P2rt+dSC1XpY5NVwMe4hyDa1nVf6vF5u
H8vTHiwUyZzKAcJIf7UEl5DZIqYLb6qHMhKlSCxSa0mow9cjQlt16+CAywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7d9TpMr1By4R+3raCWYamlfxiHMB8GA1UdIwQY
MBaAFHASpS6IsBgyzw7jfM2rYd7OfRLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgt
MzIwMWI4N2YxNDkwLzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgtMzIwMWI4N2YxNDkw
LzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEa/3hLvZ
1qzpp26Wzn7TXMofJigrKjyOccOIXhICum/cDv2xGBONYEIr7x1XauyKpDRJW885
X7dkiBwkM8vKNgkFMn9BAwwoNnD32FOwNsccsxC2/ddhPrpagpPe/O94BT4lHPdG
kxot1XKM60s8eIGjdL4gEcMD9nO4awunf21r9OOBlnCstVc0fe4nmuYAY2RZkqEr
l0HsJH35MDECeHpwpdPKrT57JqKSRi3V+s78GT6Ia37NYnaKKT1xMDFMpqqbEMGq
RpWF/ggujNEpXIKpKYRGScl4yl+SndKzXByVJS9xzJGEeqb1H/m0aWgvnZ91wIfl
Gn4sHCrPo8JRbg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:46 2026 by rpki-client