Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
File: curcen7OR31fTXdyQ7YPK7u3VgM.mft (raw, json)
Hash identifier: MKhPCJSJF0RFizjzBx0s+Lf1uliG+vVMBTtryrImXoY=
Subject key identifier: 69:A0:53:AA:EE:D1:F2:F0:27:C7:26:F3:B8:4D:52:16:D5:9D:C0:AD
Authority key identifier: 72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
Certificate issuer: /CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Certificate serial: 019D3940AAC55BADA9AE04C30EFF4FC80287
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
Manifest number: 0AFA
Signing time: Sun 29 Mar 2026 11:00:32 +0000
Manifest this update: Sun 29 Mar 2026 11:00:32 +0000
Manifest next update: Mon 30 Mar 2026 11:00:32 +0000
Files and hashes: 1: G3RuhmzfG29w9YFS7oTygz6W0Vw.roa (hash: JX85b3D4X40BgCYerPxa2mnW3gNxZep/hukddR8oH8k=)
2: curcen7OR31fTXdyQ7YPK7u3VgM.crl (hash: Vo8IY7k4NLAYwBJPi1tPFzoSYZweytGGRgZL5FAEzFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:aa:c5:5b:ad:a9:ae:04:c3:0e:ff:4f:c8:02:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72eadc7a7ece477d5f4d777243b60f2bbbb75603
Validity
Not Before: Mar 29 11:00:32 2026 GMT
Not After : Mar 30 11:00:32 2026 GMT
Subject: CN=69a053aaeed1f2f027c726f3b84d5216d59dc0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fc:43:a2:a6:65:85:1e:9c:e4:5c:34:49:97:
02:08:2e:6e:a6:2c:58:0e:c4:07:4b:96:fa:b4:26:
5f:41:ff:9b:46:e1:6e:84:52:60:b8:aa:21:f0:ea:
f9:74:3e:be:24:e1:a4:fe:f0:14:ad:98:23:5a:62:
2a:fb:b0:7a:25:ae:08:3a:7e:b6:99:1b:80:50:de:
1a:db:5d:d9:49:b7:5d:99:ca:7d:c7:b3:1d:e3:94:
4c:2e:67:af:75:3f:00:84:be:ec:c8:ff:60:14:5a:
79:32:7e:45:29:ed:6b:94:40:29:f8:74:8b:47:37:
69:53:e6:33:0e:dd:be:d7:f2:60:fb:d9:56:22:36:
c4:11:1e:c5:4d:a7:c6:db:a0:4b:71:5c:df:2f:90:
4b:65:d9:95:f4:e8:4d:ce:ee:e1:c9:e3:ad:14:50:
d7:0e:f6:c6:9d:cd:e1:6e:4c:00:1e:c5:7e:2d:40:
8b:c5:58:04:0f:3d:b6:37:1f:1d:4d:30:b2:f8:46:
da:ad:8a:5e:57:dd:b3:62:6e:75:38:38:92:97:16:
43:db:c7:19:40:98:35:f4:08:da:c6:6c:d9:87:94:
d8:ab:8e:99:23:5f:25:e8:52:ba:80:b0:49:25:47:
8b:45:43:74:92:1b:d6:16:ea:1d:df:44:af:82:91:
65:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:A0:53:AA:EE:D1:F2:F0:27:C7:26:F3:B8:4D:52:16:D5:9D:C0:AD
X509v3 Authority Key Identifier:
keyid:72:EA:DC:7A:7E:CE:47:7D:5F:4D:77:72:43:B6:0F:2B:BB:B7:56:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/curcen7OR31fTXdyQ7YPK7u3VgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c09c64-0baf-4b07-8d29-473851709c58/1/curcen7OR31fTXdyQ7YPK7u3VgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:77:42:84:50:9e:52:e8:62:df:3a:1a:4c:e7:60:22:61:28:
16:93:21:49:e4:be:8b:13:99:b3:f7:a8:cd:9a:9a:55:6b:bf:
08:42:e3:5d:ee:5e:2a:9d:50:b4:3e:84:ea:c6:db:a5:b1:31:
d8:05:33:ec:7d:6e:c0:ec:29:63:e3:5b:06:c1:8a:5c:77:32:
7d:b0:62:f4:af:8d:09:92:4a:c1:ac:b3:41:d6:eb:06:f3:55:
00:13:a0:00:df:27:7a:35:31:d2:e2:8d:ac:66:18:e5:ee:cc:
c0:21:63:2a:66:98:4e:16:e5:b1:68:ee:0e:33:9b:3d:54:2e:
ca:3d:d0:3e:50:79:d5:1d:00:3a:31:3c:98:1c:37:a0:84:84:
b9:53:73:23:05:c6:8a:f0:8f:31:b0:2d:e2:df:d4:1a:1c:4d:
92:96:81:ac:7a:b2:a5:02:c4:f6:a1:cd:03:75:6d:f5:ee:8b:
9a:5e:fc:f9:b1:17:f9:98:db:b3:9a:19:cd:24:64:12:47:b0:
f5:4c:69:d0:94:d4:94:46:5f:92:85:a8:a5:f8:d0:ea:15:fc:
4c:a9:17:11:05:53:81:27:31:d7:c0:44:92:bf:15:c6:9d:c9:
5a:1d:35:82:dd:30:6a:23:26:50:2c:38:f6:d2:9c:8d:72:5b:
f2:77:38:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKrFW62prgTDDv9PyAKHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZWFkYzdhN2VjZTQ3N2Q1ZjRkNzc3MjQzYjYwZjJiYmJi
NzU2MDMwHhcNMjYwMzI5MTEwMDMyWhcNMjYwMzMwMTEwMDMyWjAzMTEwLwYDVQQD
Eyg2OWEwNTNhYWVlZDFmMmYwMjdjNzI2ZjNiODRkNTIxNmQ1OWRjMGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPxDoqZlhR6c5Fw0SZcCCC5upixY
DsQHS5b6tCZfQf+bRuFuhFJguKoh8Or5dD6+JOGk/vAUrZgjWmIq+7B6Ja4IOn62
mRuAUN4a213ZSbddmcp9x7Md45RMLmevdT8AhL7syP9gFFp5Mn5FKe1rlEAp+HSL
RzdpU+YzDt2+1/Jg+9lWIjbEER7FTafG26BLcVzfL5BLZdmV9OhNzu7hyeOtFFDX
DvbGnc3hbkwAHsV+LUCLxVgEDz22Nx8dTTCy+EbarYpeV92zYm51ODiSlxZD28cZ
QJg19AjaxmzZh5TYq46ZI18l6FK6gLBJJUeLRUN0khvWFuod30SvgpFldwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGmgU6ru0fLwJ8cm87hNUhbVncCtMB8GA1UdIwQY
MBaAFHLq3Hp+zkd9X013ckO2Dyu7t1YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjkt
NDczODUxNzA5YzU4LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMDljNjQtMGJhZi00YjA3LThkMjktNDczODUxNzA5YzU4
LzEvY3VyY2VuN09SMzFmVFhkeVE3WVBLN3UzVmdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO3dChFCe
Uuhi3zoaTOdgImEoFpMhSeS+ixOZs/eozZqaVWu/CELjXe5eKp1QtD6E6sbbpbEx
2AUz7H1uwOwpY+NbBsGKXHcyfbBi9K+NCZJKwayzQdbrBvNVABOgAN8nejUx0uKN
rGYY5e7MwCFjKmaYThblsWjuDjObPVQuyj3QPlB51R0AOjE8mBw3oISEuVNzIwXG
ivCPMbAt4t/UGhxNkpaBrHqypQLE9qHNA3Vt9e6Lml78+bEX+Zjbs5oZzSRkEkew
9Uxp0JTUlEZfkoWopfjQ6hX8TKkXEQVTgScx18BEkr8Vxp3JWh01gt0waiMmUCw4
9tKcjXJb8nc4ng==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:23:10 2026 by rpki-client