Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
File: CUSqrH8uuymBwkdj6z1gRe-9bwY.mft (raw, json)
Hash identifier: f5erMHjDlAoJV54UVI8mHNG5EVxdY7/7o5+edimZu6s=
Subject key identifier: 7F:64:B7:6E:03:66:29:F4:79:35:1E:3E:02:18:99:E2:98:22:37:1F
Authority key identifier: 09:44:AA:AC:7F:2E:BB:29:81:C2:47:63:EB:3D:60:45:EF:BD:6F:06
Certificate issuer: /CN=0944aaac7f2ebb2981c24763eb3d6045efbd6f06
Certificate serial: 019D3940A153202909EFEBCC916477D15E13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
Manifest number: 0ECF
Signing time: Sun 29 Mar 2026 11:00:30 +0000
Manifest this update: Sun 29 Mar 2026 11:00:30 +0000
Manifest next update: Mon 30 Mar 2026 11:00:30 +0000
Files and hashes: 1: CUSqrH8uuymBwkdj6z1gRe-9bwY.crl (hash: wd6CroixfZzR9sgNPAbjqTk7tkiYrijB3If250lHEjg=)
2: zjvZq0qDo9Cqy2lJeksXnY5wlWg.roa (hash: R3vvsBnC8yjc/6l+ae3jOrD+eH9Ah/ka0B3qOkEBjzc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:a1:53:20:29:09:ef:eb:cc:91:64:77:d1:5e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0944aaac7f2ebb2981c24763eb3d6045efbd6f06
Validity
Not Before: Mar 29 11:00:30 2026 GMT
Not After : Mar 30 11:00:30 2026 GMT
Subject: CN=7f64b76e036629f479351e3e021899e29822371f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6b:f2:32:d1:e5:8d:99:7e:91:96:19:ad:13:
2a:68:f9:f2:69:56:b0:b9:dc:c8:5d:07:c4:7d:ea:
c9:54:fe:09:de:76:ca:02:21:a3:95:8d:cb:57:e2:
b9:d2:47:62:f0:f2:b8:e5:b2:75:f4:88:41:c5:91:
31:ba:64:2f:12:79:81:cf:9b:a5:c5:d2:31:1e:a5:
41:0b:5a:e9:08:b9:9f:63:f9:ef:79:0c:eb:bc:c7:
06:e6:74:ea:50:50:85:46:da:37:11:20:08:84:ea:
b9:f6:56:1c:f0:49:f8:bc:3d:f2:91:87:f5:c9:54:
40:8b:a8:ba:99:e3:74:d7:2f:17:00:15:b8:43:88:
6c:af:26:90:2c:b0:be:1a:84:26:57:f5:da:11:d2:
7e:28:ac:b3:94:3d:70:b4:96:0a:da:83:a0:af:5a:
c3:34:18:1d:65:e4:02:eb:15:a3:59:a9:1d:39:55:
85:ae:9a:df:80:73:50:f9:8b:b4:c8:f3:09:67:d5:
67:f9:f2:9d:97:cb:06:95:46:f4:e0:7d:f2:ac:cb:
9e:ee:2e:e7:9b:3f:2a:24:4e:80:fc:b4:f4:62:51:
55:4a:99:94:0c:97:cd:15:52:db:22:e8:e9:d7:7e:
46:82:ac:aa:1e:f1:63:68:04:8f:a4:a8:7a:1d:b3:
ef:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:64:B7:6E:03:66:29:F4:79:35:1E:3E:02:18:99:E2:98:22:37:1F
X509v3 Authority Key Identifier:
keyid:09:44:AA:AC:7F:2E:BB:29:81:C2:47:63:EB:3D:60:45:EF:BD:6F:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CUSqrH8uuymBwkdj6z1gRe-9bwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/434849-89da-43ae-b2be-66cd01961e46/1/CUSqrH8uuymBwkdj6z1gRe-9bwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:b0:13:ac:af:0d:50:56:1b:62:fe:e3:11:5d:1b:a0:83:a1:
64:2b:56:fc:48:5c:f9:48:3a:81:de:bd:e8:03:a7:e0:51:0c:
a9:4a:1b:2f:6f:41:87:93:30:45:f5:13:41:ee:0e:9d:95:f0:
47:79:1d:8b:a8:7a:5d:a4:5c:97:a3:3e:25:ef:1e:ff:2f:9b:
48:7e:3c:74:cc:bf:97:84:4f:01:39:5d:ee:ed:07:cb:07:22:
f2:4e:ca:f8:43:0a:48:8b:9a:46:58:69:60:8f:65:f5:f8:01:
77:63:12:11:91:5f:4f:f6:cf:ee:18:02:dd:ad:32:0a:66:c1:
ab:4c:7d:5b:3c:66:80:b3:d6:3d:e2:38:2f:ad:7f:af:84:94:
28:12:19:a4:f2:c0:04:65:9c:64:a9:8e:05:f8:6e:5d:9d:b2:
73:29:33:5e:78:25:11:f5:a8:ae:e3:c4:6d:8d:ee:e6:f1:f0:
98:b3:b6:60:6b:c3:a6:c8:83:41:2d:47:2a:be:ac:7e:07:18:
c9:93:55:96:b0:8b:dc:2b:02:41:bf:fd:b8:13:5c:c8:cc:35:
3c:e8:29:37:71:9d:e3:35:cc:8e:3a:cc:e8:d3:b4:43:09:a2:
bb:52:3e:dd:41:cb:ca:1e:0d:73:ae:cc:d2:0c:f6:f7:72:4f:
10:c8:69:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QKFTICkJ7+vMkWR30V4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NDRhYWFjN2YyZWJiMjk4MWMyNDc2M2ViM2Q2MDQ1ZWZi
ZDZmMDYwHhcNMjYwMzI5MTEwMDMwWhcNMjYwMzMwMTEwMDMwWjAzMTEwLwYDVQQD
Eyg3ZjY0Yjc2ZTAzNjYyOWY0NzkzNTFlM2UwMjE4OTllMjk4MjIzNzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12vyMtHljZl+kZYZrRMqaPnyaVaw
udzIXQfEferJVP4J3nbKAiGjlY3LV+K50kdi8PK45bJ19IhBxZExumQvEnmBz5ul
xdIxHqVBC1rpCLmfY/nveQzrvMcG5nTqUFCFRto3ESAIhOq59lYc8En4vD3ykYf1
yVRAi6i6meN01y8XABW4Q4hsryaQLLC+GoQmV/XaEdJ+KKyzlD1wtJYK2oOgr1rD
NBgdZeQC6xWjWakdOVWFrprfgHNQ+Yu0yPMJZ9Vn+fKdl8sGlUb04H3yrMue7i7n
mz8qJE6A/LT0YlFVSpmUDJfNFVLbIujp135GgqyqHvFjaASPpKh6HbPvjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH9kt24DZin0eTUePgIYmeKYIjcfMB8GA1UdIwQY
MBaAFAlEqqx/LrspgcJHY+s9YEXvvW8GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS80MzQ4NDktODlkYS00M2FlLWIyYmUt
NjZjZDAxOTYxZTQ2LzEvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS80MzQ4NDktODlkYS00M2FlLWIyYmUtNjZjZDAxOTYxZTQ2
LzEvQ1VTcXJIOHV1eW1Cd2tkajZ6MWdSZS05YndZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAarATrK8N
UFYbYv7jEV0boIOhZCtW/Ehc+Ug6gd696AOn4FEMqUobL29Bh5MwRfUTQe4OnZXw
R3kdi6h6XaRcl6M+Je8e/y+bSH48dMy/l4RPATld7u0Hywci8k7K+EMKSIuaRlhp
YI9l9fgBd2MSEZFfT/bP7hgC3a0yCmbBq0x9WzxmgLPWPeI4L61/r4SUKBIZpPLA
BGWcZKmOBfhuXZ2ycykzXnglEfWoruPEbY3u5vHwmLO2YGvDpsiDQS1HKr6sfgcY
yZNVlrCL3CsCQb/9uBNcyMw1POgpN3Gd4zXMjjrM6NO0Qwmiu1I+3UHLyh4Nc67M
0gz293JPEMhpUw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:11:33 2026 by rpki-client