Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
File: CRiOI1NxcPsuRX8xLVRflL2d1-4.mft (raw, json)
Hash identifier: Lay3caD9e+OaminJeXECGfWOmfX+uolsbdcqCFbeLN0=
Subject key identifier: 83:98:B8:90:A5:40:A7:73:2E:4F:26:E3:43:B9:88:79:CE:32:07:F8
Authority key identifier: 09:18:8E:23:53:71:70:FB:2E:45:7F:31:2D:54:5F:94:BD:9D:D7:EE
Certificate issuer: /CN=09188e23537170fb2e457f312d545f94bd9dd7ee
Certificate serial: 019D382E2677D3F166C9169D292810A26917
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CRiOI1NxcPsuRX8xLVRflL2d1-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
Manifest number: 01BD
Signing time: Sun 29 Mar 2026 06:00:41 +0000
Manifest this update: Sun 29 Mar 2026 06:00:41 +0000
Manifest next update: Mon 30 Mar 2026 06:00:41 +0000
Files and hashes: 1: CRiOI1NxcPsuRX8xLVRflL2d1-4.crl (hash: EJBb20tV5AF9RB5ZHEiB2z/1tW6aeQeNn+298opqoZg=)
2: xbWf_g-s7HjkxL7IiKbMz-iaHG4.roa (hash: SFaniO5YvRE/Q1MmXdLYQfC7ZkWwnx783aQKjO9iPwk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CRiOI1NxcPsuRX8xLVRflL2d1-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:26:77:d3:f1:66:c9:16:9d:29:28:10:a2:69:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09188e23537170fb2e457f312d545f94bd9dd7ee
Validity
Not Before: Mar 29 06:00:41 2026 GMT
Not After : Mar 30 06:00:41 2026 GMT
Subject: CN=8398b890a540a7732e4f26e343b98879ce3207f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4e:2d:54:12:31:17:59:16:fe:3d:99:50:ea:
e6:64:3d:5e:79:64:45:37:ed:7b:3b:40:56:9b:d7:
0f:47:0a:94:ad:28:55:34:c5:07:f2:ed:0b:63:0d:
46:b9:45:00:76:d6:63:35:1d:a7:06:c3:e7:b4:f2:
d4:79:20:ed:35:c1:67:fb:27:e1:df:7a:4b:17:1f:
a6:96:e9:e8:76:97:a7:2a:c5:42:b3:57:31:7b:76:
e5:73:60:83:98:d5:78:be:95:18:43:78:b3:9c:57:
db:1d:6d:57:16:d7:93:d7:3c:3b:2b:bb:f5:2a:f4:
2c:68:85:d8:3f:ed:0c:c5:68:7b:fd:41:1f:2b:f2:
22:5d:7a:22:55:c5:53:7a:d1:d9:b1:1e:43:11:a2:
58:94:6b:6a:7e:d9:89:77:5e:7b:a5:26:57:1c:11:
93:d9:70:cc:81:b7:3a:77:97:fe:dd:f9:eb:5a:24:
ef:c9:f8:3e:bb:e6:1f:0f:d5:cc:f5:5a:62:a0:d8:
7b:e4:9c:2d:13:0a:72:3f:f5:b9:c2:fb:dd:c2:1e:
67:ec:c7:cc:5b:1c:b5:fc:22:e4:81:41:95:12:6c:
69:ca:74:b2:2c:5c:2c:80:1d:ac:f0:a9:8e:22:43:
84:62:a4:64:66:8a:bc:b4:27:ae:42:9b:7d:a9:3a:
4c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:98:B8:90:A5:40:A7:73:2E:4F:26:E3:43:B9:88:79:CE:32:07:F8
X509v3 Authority Key Identifier:
keyid:09:18:8E:23:53:71:70:FB:2E:45:7F:31:2D:54:5F:94:BD:9D:D7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CRiOI1NxcPsuRX8xLVRflL2d1-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/33970f-fa9a-4d11-9766-a844aab0511c/1/CRiOI1NxcPsuRX8xLVRflL2d1-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:09:af:88:26:f7:e7:f7:4b:3c:83:9e:bb:ea:e3:41:35:09:
06:8e:a4:a6:2f:42:9c:29:a0:e1:93:fa:de:c3:62:e5:dc:de:
77:a0:ef:23:19:57:3b:bf:6f:6f:47:7d:aa:d4:fb:cf:d5:a2:
4e:61:2a:d2:25:01:da:87:7b:3b:ce:00:e7:6e:d7:38:3d:7f:
83:6a:01:fa:c7:62:ca:24:a4:b1:c4:41:8c:30:ad:15:23:c6:
bd:40:bf:d1:92:4d:f0:57:29:d2:4d:94:cc:8e:a0:82:00:ec:
7a:f1:36:2e:84:a5:a9:0a:93:a6:e5:05:01:6d:e9:47:66:f1:
ea:9a:c6:7b:77:e3:99:cc:cd:f1:3d:89:6a:66:b6:87:8a:73:
fc:89:11:99:45:13:6b:c7:03:f1:61:dd:67:71:b5:c6:fa:f8:
c2:30:4d:b1:40:47:5e:52:db:44:29:8f:ca:37:0c:b4:bc:05:
61:88:f5:fe:45:bb:a1:2c:0c:31:65:3d:e8:63:76:f8:35:64:
08:58:c2:51:d2:33:d6:da:84:ac:5f:e4:6f:93:e9:01:f4:fd:
63:da:92:75:4d:c0:62:ee:a9:c0:05:8b:eb:9d:ac:6a:35:33:
cf:d5:bb:68:05:1c:ad:26:97:34:0b:11:34:d9:d3:92:84:c1:
96:b4:a6:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LiZ30/FmyRadKSgQomkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MTg4ZTIzNTM3MTcwZmIyZTQ1N2YzMTJkNTQ1Zjk0YmQ5
ZGQ3ZWUwHhcNMjYwMzI5MDYwMDQxWhcNMjYwMzMwMDYwMDQxWjAzMTEwLwYDVQQD
Eyg4Mzk4Yjg5MGE1NDBhNzczMmU0ZjI2ZTM0M2I5ODg3OWNlMzIwN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU4tVBIxF1kW/j2ZUOrmZD1eeWRF
N+17O0BWm9cPRwqUrShVNMUH8u0LYw1GuUUAdtZjNR2nBsPntPLUeSDtNcFn+yfh
33pLFx+mlunodpenKsVCs1cxe3blc2CDmNV4vpUYQ3iznFfbHW1XFteT1zw7K7v1
KvQsaIXYP+0MxWh7/UEfK/IiXXoiVcVTetHZsR5DEaJYlGtqftmJd157pSZXHBGT
2XDMgbc6d5f+3fnrWiTvyfg+u+YfD9XM9VpioNh75JwtEwpyP/W5wvvdwh5n7MfM
Wxy1/CLkgUGVEmxpynSyLFwsgB2s8KmOIkOEYqRkZoq8tCeuQpt9qTpMbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIOYuJClQKdzLk8m40O5iHnOMgf4MB8GA1UdIwQY
MBaAFAkYjiNTcXD7LkV/MS1UX5S9ndfuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1JpT0kxTnhjUHN1Ulg4eExWUmZsTDJkMS00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8zMzk3MGYtZmE5YS00ZDExLTk3NjYt
YTg0NGFhYjA1MTFjLzEvQ1JpT0kxTnhjUHN1Ulg4eExWUmZsTDJkMS00Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8zMzk3MGYtZmE5YS00ZDExLTk3NjYtYTg0NGFhYjA1MTFj
LzEvQ1JpT0kxTnhjUHN1Ulg4eExWUmZsTDJkMS00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOgmviCb3
5/dLPIOeu+rjQTUJBo6kpi9CnCmg4ZP63sNi5dzed6DvIxlXO79vb0d9qtT7z9Wi
TmEq0iUB2od7O84A527XOD1/g2oB+sdiyiSkscRBjDCtFSPGvUC/0ZJN8Fcp0k2U
zI6gggDsevE2LoSlqQqTpuUFAW3pR2bx6prGe3fjmczN8T2Jama2h4pz/IkRmUUT
a8cD8WHdZ3G1xvr4wjBNsUBHXlLbRCmPyjcMtLwFYYj1/kW7oSwMMWU96GN2+DVk
CFjCUdIz1tqErF/kb5PpAfT9Y9qSdU3AYu6pwAWL652sajUzz9W7aAUcrSaXNAsR
NNnTkoTBlrSmuw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:33:18 2026 by rpki-client