Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft
File: CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft (raw, json)
Hash identifier: uPxEs6468JgS49JwlnzWzrrtfViIz3WIx7BQsZBedQI=
Subject key identifier: 1F:F5:41:F5:62:1B:E8:FB:44:62:C1:60:B2:C1:B0:0B:61:98:94:D7
Authority key identifier: 09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5
Certificate issuer: /CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5
Certificate serial: 019D386557479476F818F90024DE170FD945
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft
Manifest number: 13C0
Signing time: Sun 29 Mar 2026 07:00:58 +0000
Manifest this update: Sun 29 Mar 2026 07:00:58 +0000
Manifest next update: Mon 30 Mar 2026 07:00:58 +0000
Files and hashes: 1: 0I00I8J66neTXe4iZZcrlFXaZ8U.roa (hash: coA5RtPDBJN+kY2dT0FgtVFZYsCgYcbOym4tHbbuY/Y=)
2: CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl (hash: z3LzFP263XHATMsNDmzel6yu+UQ9gqyO+8yj6ipQ/e8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:57:47:94:76:f8:18:f9:00:24:de:17:0f:d9:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093509e7ec68fe2d943407d5dd126a0f596f2ab5
Validity
Not Before: Mar 29 07:00:58 2026 GMT
Not After : Mar 30 07:00:58 2026 GMT
Subject: CN=1ff541f5621be8fb4462c160b2c1b00b619894d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:62:e0:3a:49:d3:44:c0:7b:39:9d:93:b2:a9:
ca:ec:9d:1f:c3:11:e5:54:e9:63:b3:b8:0c:0b:7c:
98:41:73:71:1d:18:86:05:6e:f1:32:35:a9:e0:e9:
1f:b1:20:ee:cc:6b:7e:4c:69:53:8c:a0:de:59:6c:
97:a9:3b:9a:2a:74:cd:27:98:2e:45:9e:68:8a:df:
09:d0:d4:9d:d9:9d:bd:3d:cb:c3:a5:25:39:5d:5c:
e4:d5:19:32:da:52:7e:13:cb:4f:86:dd:f1:de:f8:
17:26:d8:2f:05:c2:b1:f3:fc:c3:75:f3:8d:e0:85:
ea:21:89:19:38:64:ec:27:de:3a:ce:45:c7:fd:32:
f4:b8:cb:18:f0:b9:85:9a:d0:21:05:f4:a9:b6:db:
a0:dc:f7:d7:e8:f1:6b:4a:12:da:50:7b:0c:17:58:
e2:2a:a5:49:c5:d0:e3:99:46:f5:6c:6e:06:f7:88:
16:c8:c4:e2:43:06:16:3a:4f:4d:d6:b0:f1:c3:97:
db:ee:aa:90:76:3c:50:4f:55:0e:9f:52:ab:13:27:
74:07:67:61:d2:1a:6b:34:e5:22:c8:d0:c9:5c:f7:
df:ac:c4:72:3a:d2:bb:5f:e0:3a:1c:62:f2:16:97:
b3:b4:9a:b2:53:cc:f7:a8:28:9a:f3:48:0c:8e:03:
cb:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:F5:41:F5:62:1B:E8:FB:44:62:C1:60:B2:C1:B0:0B:61:98:94:D7
X509v3 Authority Key Identifier:
keyid:09:35:09:E7:EC:68:FE:2D:94:34:07:D5:DD:12:6A:0F:59:6F:2A:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/dfb94c-fdf4-4972-9ad8-7d697337137b/1/CTUJ5-xo_i2UNAfV3RJqD1lvKrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:1a:91:e8:b6:d0:ed:95:21:26:79:61:71:98:6c:de:39:e7:
9b:eb:0b:9f:cd:d7:6f:59:6e:55:ab:1e:03:c9:a8:7f:02:e5:
f0:76:81:16:9f:68:e3:13:b6:61:c8:ef:3e:cd:32:c6:23:e8:
54:c2:ac:70:0e:5f:5c:be:0c:8b:17:61:9a:0e:ac:7d:40:9b:
82:1a:0d:b2:68:60:3d:ca:59:85:16:65:67:54:5b:7f:37:2a:
22:9d:9d:89:47:d9:ba:e8:55:5e:d2:bb:55:47:cb:75:fa:57:
84:66:46:15:13:ff:7b:50:70:36:92:51:50:8b:18:20:34:bc:
ff:77:c4:7e:73:d0:54:45:cb:c0:62:6b:b3:8a:58:3d:25:d4:
5a:35:93:c4:ee:b9:27:5d:b3:f8:ec:c6:30:f3:62:35:8d:0a:
ca:b0:9e:79:9a:7d:4b:23:89:f5:2a:67:56:11:6b:72:f7:11:
8a:8b:be:d0:36:3d:b2:58:91:5e:fd:32:70:82:af:4f:4c:be:
47:60:a6:d4:f4:84:2e:66:be:ee:15:25:2e:39:30:1f:2f:96:
bf:23:fa:9e:91:d9:01:ad:51:45:d6:64:ad:91:25:71:a2:87:
8e:d5:a6:06:73:85:0d:22:fd:00:3d:f1:78:71:ca:52:7b:79:
39:2e:b3:72
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZVdHlHb4GPkAJN4XD9lFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzUwOWU3ZWM2OGZlMmQ5NDM0MDdkNWRkMTI2YTBmNTk2
ZjJhYjUwHhcNMjYwMzI5MDcwMDU4WhcNMjYwMzMwMDcwMDU4WjAzMTEwLwYDVQQD
EygxZmY1NDFmNTYyMWJlOGZiNDQ2MmMxNjBiMmMxYjAwYjYxOTg5NGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWLgOknTRMB7OZ2TsqnK7J0fwxHl
VOljs7gMC3yYQXNxHRiGBW7xMjWp4OkfsSDuzGt+TGlTjKDeWWyXqTuaKnTNJ5gu
RZ5oit8J0NSd2Z29PcvDpSU5XVzk1Rky2lJ+E8tPht3x3vgXJtgvBcKx8/zDdfON
4IXqIYkZOGTsJ946zkXH/TL0uMsY8LmFmtAhBfSpttug3PfX6PFrShLaUHsMF1ji
KqVJxdDjmUb1bG4G94gWyMTiQwYWOk9N1rDxw5fb7qqQdjxQT1UOn1KrEyd0B2dh
0hprNOUiyNDJXPffrMRyOtK7X+A6HGLyFpeztJqyU8z3qCia80gMjgPLmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB/1QfViG+j7RGLBYLLBsAthmJTXMB8GA1UdIwQY
MBaAFAk1CefsaP4tlDQH1d0Sag9Zbyq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgt
N2Q2OTczMzcxMzdiLzEvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9kZmI5NGMtZmRmNC00OTcyLTlhZDgtN2Q2OTczMzcxMzdi
LzEvQ1RVSjUteG9faTJVTkFmVjNSSnFEMWx2S3JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATBqR6LbQ
7ZUhJnlhcZhs3jnnm+sLn83Xb1luVaseA8mofwLl8HaBFp9o4xO2YcjvPs0yxiPo
VMKscA5fXL4Mixdhmg6sfUCbghoNsmhgPcpZhRZlZ1RbfzcqIp2diUfZuuhVXtK7
VUfLdfpXhGZGFRP/e1BwNpJRUIsYIDS8/3fEfnPQVEXLwGJrs4pYPSXUWjWTxO65
J12z+OzGMPNiNY0KyrCeeZp9SyOJ9SpnVhFrcvcRiou+0DY9sliRXv0ycIKvT0y+
R2Cm1PSELma+7hUlLjkwHy+WvyP6npHZAa1RRdZkrZElcaKHjtWmBnOFDSL9AD3x
eHHKUnt5OS6zcg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:59:19 2026 by rpki-client