Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
File: c4DHWfVY-ca-iN0iakOdmcnqzww.mft (raw, json)
Hash identifier: +IXy6isCsY43XiLvASIuWmnfvMIWtHtlhBY0y8AIwWg=
Subject key identifier: 8A:13:D5:9D:54:EA:78:0F:4E:4A:CC:42:38:05:3B:3A:2D:BD:5C:48
Authority key identifier: 73:80:C7:59:F5:58:F9:C6:BE:88:DD:22:6A:43:9D:99:C9:EA:CF:0C
Certificate issuer: /CN=7380c759f558f9c6be88dd226a439d99c9eacf0c
Certificate serial: 019D386604347CC0E75FE67E625B09BCE9CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c4DHWfVY-ca-iN0iakOdmcnqzww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
Manifest number: 0FC1
Signing time: Sun 29 Mar 2026 07:01:43 +0000
Manifest this update: Sun 29 Mar 2026 07:01:43 +0000
Manifest next update: Mon 30 Mar 2026 07:01:43 +0000
Files and hashes: 1: SyzDr7afLaGB0eh8BGltmqw92Ho.roa (hash: 050EI4bgC2uJSD8MPwN8yNb/BaQ/4SeM3IGk1KBixYk=)
2: c4DHWfVY-ca-iN0iakOdmcnqzww.crl (hash: Tpq5DG+qrThQqDsiWgsIszvIMM4ZDxeqfO27ZWQ0+04=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
rsync://rpki.ripe.net/repository/DEFAULT/c4DHWfVY-ca-iN0iakOdmcnqzww.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:04:34:7c:c0:e7:5f:e6:7e:62:5b:09:bc:e9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7380c759f558f9c6be88dd226a439d99c9eacf0c
Validity
Not Before: Mar 29 07:01:43 2026 GMT
Not After : Mar 30 07:01:43 2026 GMT
Subject: CN=8a13d59d54ea780f4e4acc4238053b3a2dbd5c48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:35:59:df:94:c1:48:43:f7:5e:32:e2:ff:
7c:df:30:98:4c:0c:3a:39:55:73:5d:84:45:84:7b:
73:0b:ab:73:74:ff:82:94:0e:46:1f:a9:7d:4e:cb:
68:ca:25:44:e6:7d:f8:10:c7:20:0e:4d:8b:bb:1b:
6b:0f:e1:5b:d3:81:e7:c9:3a:6c:8c:cf:d5:fd:24:
99:4e:4f:d9:55:ec:61:b6:57:fa:54:cf:e4:a2:df:
28:48:fd:dd:de:28:4c:68:b2:e7:c5:07:41:98:d8:
ee:2e:c7:a3:82:6f:61:65:6b:56:2a:93:c7:9e:51:
a0:98:35:af:f2:00:f6:0b:e0:3e:28:ed:09:36:30:
60:9b:a9:ee:e3:fd:04:db:36:00:b2:4a:d0:1e:cd:
e6:01:77:c2:44:26:d2:f2:af:d8:e4:c3:02:70:cf:
69:45:52:b6:08:90:fb:cb:00:0c:4b:13:b7:20:5d:
df:3d:cc:66:96:48:4a:d6:c0:40:31:d7:53:85:64:
e5:f1:34:da:08:1f:e9:70:70:23:e6:be:98:d8:72:
87:50:f4:da:87:a1:ba:74:a7:cc:11:26:4f:fe:25:
c8:31:8b:a7:86:b6:54:ad:14:d0:65:9a:16:cf:5b:
ae:2d:61:67:64:b3:da:9e:f7:f8:15:97:d3:2f:6e:
6a:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:13:D5:9D:54:EA:78:0F:4E:4A:CC:42:38:05:3B:3A:2D:BD:5C:48
X509v3 Authority Key Identifier:
keyid:73:80:C7:59:F5:58:F9:C6:BE:88:DD:22:6A:43:9D:99:C9:EA:CF:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4DHWfVY-ca-iN0iakOdmcnqzww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b80000-0609-488f-a34a-2ca626cfed45/1/c4DHWfVY-ca-iN0iakOdmcnqzww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:20:b5:ba:05:c1:f8:8a:7e:2a:55:4d:ac:7a:82:08:23:a8:
df:6f:de:9f:8c:28:85:b8:b3:4f:21:32:62:bb:15:ff:5d:1a:
72:eb:0d:6b:46:58:5b:14:e8:bf:2b:ff:1e:f1:a4:99:cf:32:
ba:1a:70:77:ec:d1:2e:26:cb:6a:a0:a2:6c:5a:35:79:2e:29:
13:ba:e5:08:b3:67:b2:74:95:b8:17:1a:ed:3f:57:02:1b:5e:
02:ca:c1:1a:46:59:d6:63:ae:38:ef:39:7e:87:77:50:2d:7d:
16:e6:81:e3:30:64:7f:27:ab:70:71:22:fd:90:e0:85:80:82:
03:4e:ba:51:6b:34:d0:1f:60:01:48:fa:16:75:43:ee:65:cd:
0b:3a:1c:54:49:c3:02:b9:4d:db:27:7c:11:d0:f8:df:62:9d:
cd:fb:b0:68:b6:dd:b5:de:a8:97:10:1d:5e:00:e4:3a:c0:42:
3d:2d:90:29:a4:f6:20:bd:da:f0:7f:cf:af:f2:50:c9:b2:69:
f6:c5:d4:94:7b:a0:65:6f:1d:28:ce:bc:1c:17:c1:6b:7b:fc:
62:e1:15:ce:ed:aa:2b:46:cc:1d:da:cd:a4:51:0c:4a:2f:6e:
a8:cb:71:ab:2e:27:b5:30:da:af:cb:22:fe:2e:9e:e0:43:69:
e6:da:be:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZgQ0fMDnX+Z+YlsJvOnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczODBjNzU5ZjU1OGY5YzZiZTg4ZGQyMjZhNDM5ZDk5Yzll
YWNmMGMwHhcNMjYwMzI5MDcwMTQzWhcNMjYwMzMwMDcwMTQzWjAzMTEwLwYDVQQD
Eyg4YTEzZDU5ZDU0ZWE3ODBmNGU0YWNjNDIzODA1M2IzYTJkYmQ1YzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9E1Wd+UwUhD914y4v983zCYTAw6
OVVzXYRFhHtzC6tzdP+ClA5GH6l9TstoyiVE5n34EMcgDk2LuxtrD+Fb04HnyTps
jM/V/SSZTk/ZVexhtlf6VM/kot8oSP3d3ihMaLLnxQdBmNjuLsejgm9hZWtWKpPH
nlGgmDWv8gD2C+A+KO0JNjBgm6nu4/0E2zYAskrQHs3mAXfCRCbS8q/Y5MMCcM9p
RVK2CJD7ywAMSxO3IF3fPcxmlkhK1sBAMddThWTl8TTaCB/pcHAj5r6Y2HKHUPTa
h6G6dKfMESZP/iXIMYunhrZUrRTQZZoWz1uuLWFnZLPanvf4FZfTL25qTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIoT1Z1U6ngPTkrMQjgFOzotvVxIMB8GA1UdIwQY
MBaAFHOAx1n1WPnGvojdImpDnZnJ6s8MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzRESFdmVlktY2EtaU4waWFrT2RtY25xend3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9iODAwMDAtMDYwOS00ODhmLWEzNGEt
MmNhNjI2Y2ZlZDQ1LzEvYzRESFdmVlktY2EtaU4waWFrT2RtY25xend3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9iODAwMDAtMDYwOS00ODhmLWEzNGEtMmNhNjI2Y2ZlZDQ1
LzEvYzRESFdmVlktY2EtaU4waWFrT2RtY25xend3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuyC1ugXB
+Ip+KlVNrHqCCCOo32/en4wohbizTyEyYrsV/10acusNa0ZYWxTovyv/HvGkmc8y
uhpwd+zRLibLaqCibFo1eS4pE7rlCLNnsnSVuBca7T9XAhteAsrBGkZZ1mOuOO85
fod3UC19FuaB4zBkfyercHEi/ZDghYCCA066UWs00B9gAUj6FnVD7mXNCzocVEnD
ArlN2yd8EdD432KdzfuwaLbdtd6olxAdXgDkOsBCPS2QKaT2IL3a8H/Pr/JQybJp
9sXUlHugZW8dKM68HBfBa3v8YuEVzu2qK0bMHdrNpFEMSi9uqMtxqy4ntTDar8si
/i6e4ENp5tq+gA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:55:36 2026 by rpki-client