Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
File: cpnOZKDxYk17stKWnlwRrbqlSFw.mft (raw, json)
Hash identifier: Ht+xRtFijoVeRDR8zGYds3OLPoog9hc2HfpDgUfH4+o=
Subject key identifier: 2A:BD:93:DF:CE:B9:74:02:E2:87:4C:9C:C6:0F:30:18:97:97:1D:0C
Authority key identifier: 72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
Certificate issuer: /CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Certificate serial: 019D397783A7F7C92C765AFB4A8D42208396
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
Manifest number: 0CB8
Signing time: Sun 29 Mar 2026 12:00:26 +0000
Manifest this update: Sun 29 Mar 2026 12:00:26 +0000
Manifest next update: Mon 30 Mar 2026 12:00:26 +0000
Files and hashes: 1: K2NfFx3TkrXQP8nQwasIAH5qXuk.roa (hash: eOpjTh0ebYyTZWv6iqBeMtDuPL0eSZ5JWmYsy8J7I/A=)
2: cpnOZKDxYk17stKWnlwRrbqlSFw.crl (hash: JVDvo1cMVHRUjMqFLNHicPfLGGilkjFQipl00xA/KiQ=)
3: dazL3iKbsjKxy4HddRH3nz-7Dnw.roa (hash: qq3zl4qFIOovDjZr1RPB2doiGCNi2c1snUt8x3cExWg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:83:a7:f7:c9:2c:76:5a:fb:4a:8d:42:20:83:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7299ce64a0f1624d7bb2d2969e5c11adbaa5485c
Validity
Not Before: Mar 29 12:00:26 2026 GMT
Not After : Mar 30 12:00:26 2026 GMT
Subject: CN=2abd93dfceb97402e2874c9cc60f301897971d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:82:1b:b1:4f:62:47:f0:43:bd:fb:b3:0d:67:
34:5b:7c:ac:6f:ff:77:74:17:c9:3c:c1:3c:30:8f:
ad:a8:42:2a:73:89:3b:62:57:d6:de:cb:87:28:8e:
12:a2:bf:64:23:bb:2e:66:66:66:c6:23:30:12:87:
62:52:01:8d:2b:ee:b3:fd:0f:bd:d9:49:1f:99:f6:
68:04:77:70:f6:14:b0:88:77:52:7e:dd:76:52:8f:
2f:dc:1f:ec:19:13:4c:e9:bc:f4:fa:4e:4a:c4:2f:
48:01:9a:b3:e0:9a:b0:bd:18:e9:94:c6:cb:a7:46:
78:d0:38:3b:55:d5:c3:61:94:19:f9:ed:d3:f5:89:
70:e8:80:b0:4c:06:96:5b:bf:e9:90:0b:c6:a2:09:
ed:15:28:3f:26:95:29:bd:3f:99:5b:e5:71:26:d7:
17:ba:70:7c:5c:51:00:b9:0d:73:fb:a2:08:7a:dc:
e3:39:74:a2:26:7c:63:a4:13:62:00:3b:3a:58:62:
d0:33:cf:37:04:49:81:f4:59:96:79:21:d0:81:7e:
bd:29:46:1f:fb:e1:32:3f:eb:8c:b3:c6:82:55:df:
6e:5e:38:a1:9a:fa:6d:85:dc:fd:49:7a:ce:8a:6c:
75:e6:7d:9a:d6:f5:ee:8e:b8:b1:ca:29:8b:3f:53:
47:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BD:93:DF:CE:B9:74:02:E2:87:4C:9C:C6:0F:30:18:97:97:1D:0C
X509v3 Authority Key Identifier:
keyid:72:99:CE:64:A0:F1:62:4D:7B:B2:D2:96:9E:5C:11:AD:BA:A5:48:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpnOZKDxYk17stKWnlwRrbqlSFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/c20fba-5b67-438c-ab00-c7eb34e2dca6/1/cpnOZKDxYk17stKWnlwRrbqlSFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a8:ac:52:1f:71:7a:1f:f0:a6:54:d9:13:c7:bb:a2:00:87:18:
47:9c:cc:97:f6:3b:d0:95:b2:ce:f3:74:af:fa:6f:d4:f4:a8:
ff:5e:6d:70:90:6f:bf:30:5f:64:91:10:c7:63:de:ad:e8:97:
73:b5:5e:01:bf:69:72:60:c1:f4:93:81:29:69:b8:0f:97:c0:
b7:78:a4:85:d5:1b:a6:d3:9f:e6:77:b1:32:4b:01:02:3c:0e:
99:f5:cd:2f:9e:80:79:17:ed:ad:c6:25:a0:29:6c:29:a0:f0:
59:97:7c:8f:82:3c:0d:62:5a:35:d4:51:f4:c4:c1:ef:91:c9:
fe:e7:cc:1e:cf:e2:64:d9:c6:0c:86:04:93:c0:65:f4:02:a9:
c2:6a:b1:2f:21:b9:98:bd:9a:26:8a:97:47:25:aa:15:92:b1:
b2:5f:37:dc:05:9a:e2:39:28:1d:95:20:96:34:85:ff:35:ed:
45:d0:62:2a:36:d7:c8:3c:97:b2:53:ca:83:47:20:df:d6:cf:
5e:39:d8:9f:71:76:45:12:c1:d1:d8:8e:88:48:34:0f:e3:89:
03:63:87:9e:25:a9:7c:68:17:a7:2b:d6:70:f9:ae:70:43:3d:
97:c1:67:52:39:8b:f4:6c:70:12:84:47:96:51:92:80:48:aa:
78:c2:48:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d4On98ksdlr7So1CIIOWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyOTljZTY0YTBmMTYyNGQ3YmIyZDI5NjllNWMxMWFkYmFh
NTQ4NWMwHhcNMjYwMzI5MTIwMDI2WhcNMjYwMzMwMTIwMDI2WjAzMTEwLwYDVQQD
EygyYWJkOTNkZmNlYjk3NDAyZTI4NzRjOWNjNjBmMzAxODk3OTcxZDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIIbsU9iR/BDvfuzDWc0W3ysb/93
dBfJPME8MI+tqEIqc4k7YlfW3suHKI4Sor9kI7suZmZmxiMwEodiUgGNK+6z/Q+9
2UkfmfZoBHdw9hSwiHdSft12Uo8v3B/sGRNM6bz0+k5KxC9IAZqz4JqwvRjplMbL
p0Z40Dg7VdXDYZQZ+e3T9Ylw6ICwTAaWW7/pkAvGogntFSg/JpUpvT+ZW+VxJtcX
unB8XFEAuQ1z+6IIetzjOXSiJnxjpBNiADs6WGLQM883BEmB9FmWeSHQgX69KUYf
++EyP+uMs8aCVd9uXjihmvpthdz9SXrOimx15n2a1vXujrixyimLP1NHrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCq9k9/OuXQC4odMnMYPMBiXlx0MMB8GA1UdIwQY
MBaAFHKZzmSg8WJNe7LSlp5cEa26pUhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAt
YzdlYjM0ZTJkY2E2LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9jMjBmYmEtNWI2Ny00MzhjLWFiMDAtYzdlYjM0ZTJkY2E2
LzEvY3BuT1pLRHhZazE3c3RLV25sd1JyYnFsU0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqKxSH3F6
H/CmVNkTx7uiAIcYR5zMl/Y70JWyzvN0r/pv1PSo/15tcJBvvzBfZJEQx2PereiX
c7VeAb9pcmDB9JOBKWm4D5fAt3ikhdUbptOf5nexMksBAjwOmfXNL56AeRftrcYl
oClsKaDwWZd8j4I8DWJaNdRR9MTB75HJ/ufMHs/iZNnGDIYEk8Bl9AKpwmqxLyG5
mL2aJoqXRyWqFZKxsl833AWa4jkoHZUgljSF/zXtRdBiKjbXyDyXslPKg0cg39bP
XjnYn3F2RRLB0diOiEg0D+OJA2OHniWpfGgXpyvWcPmucEM9l8FnUjmL9GxwEoRH
llGSgEiqeMJIXQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:02:34 2026 by rpki-client