Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: z+NaDIARPGULniUguPcVrXb7ER3fqzzpl0cGwYbpVQQ=
Subject key identifier: FD:39:6B:E3:F8:2C:13:5A:83:FF:EE:1C:2B:5C:E4:FF:6F:63:94:4C
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 019D389C06228F291CEC48CE1DB7F61F4897
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 1895
Signing time: Sun 29 Mar 2026 08:00:42 +0000
Manifest this update: Sun 29 Mar 2026 08:00:42 +0000
Manifest next update: Mon 30 Mar 2026 08:00:42 +0000
Files and hashes: 1: cAt58g0xkrFHt9-N3ZykhWH0ReM.roa (hash: zJIgtJYw+ptpKpZht1FAofTALod8Sw1aXf2YLrLjs1s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: uiukkSK4vQGQzbn7nXp68ZJ9YIdlnF7vgKQtLxUSQRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9c:06:22:8f:29:1c:ec:48:ce:1d:b7:f6:1f:48:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Mar 29 08:00:42 2026 GMT
Not After : Mar 30 08:00:42 2026 GMT
Subject: CN=fd396be3f82c135a83ffee1c2b5ce4ff6f63944c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:59:70:82:f6:8c:19:9d:e0:60:70:69:ea:de:
9f:f3:31:0f:d6:82:20:19:08:1f:5f:85:d3:f4:1a:
6d:92:d6:c2:c5:af:32:67:91:67:50:04:f0:d3:08:
32:72:af:f0:93:e9:5d:38:23:c6:dd:28:cc:73:56:
5a:c2:e7:1c:a4:e8:5a:ca:f6:f5:a3:a0:ff:67:a5:
b6:e0:7b:55:8e:7e:78:1d:0a:b2:eb:fd:3e:19:f9:
ab:22:35:88:1e:3a:80:0d:8b:66:75:d0:17:59:5a:
c4:9c:1d:c3:f0:14:6a:84:c8:d6:40:61:3c:02:cf:
e3:79:ae:e8:3f:25:6a:b0:b9:90:63:af:ed:41:a0:
48:de:9e:3f:06:05:0d:5b:9e:10:3c:b9:94:e6:73:
44:ae:6d:c1:9a:1d:3b:9c:cf:99:64:56:52:00:65:
ea:98:fc:ff:37:a0:97:f0:a1:24:67:c1:d9:8d:f5:
d4:3d:82:80:ad:fd:44:c7:e5:fb:fe:7d:b8:44:0e:
6d:58:ef:61:74:02:be:ce:58:b7:46:8d:79:29:1f:
ac:88:bd:99:c6:55:00:c2:64:84:12:96:86:8d:ab:
5b:d0:46:07:6e:ee:24:1e:58:f9:f3:36:62:68:c4:
2e:98:9b:3b:75:fd:57:d5:fa:de:cf:55:21:1c:c2:
7b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:39:6B:E3:F8:2C:13:5A:83:FF:EE:1C:2B:5C:E4:FF:6F:63:94:4C
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:d2:83:49:0b:89:7f:11:f4:96:d5:b9:4f:b8:8c:d3:bd:49:
f6:a8:ff:fe:0e:bf:cb:58:46:ac:5f:9f:63:23:05:48:51:2c:
77:2f:af:d0:0f:8e:e3:da:0b:56:10:fb:29:d3:77:15:f0:d8:
b0:cc:df:72:19:16:0a:64:f0:37:f3:1f:97:8b:47:ca:3e:f1:
41:8d:36:3c:f2:43:e4:05:10:ed:4c:ce:d5:80:95:45:12:36:
a2:21:5c:2c:29:8f:43:a8:76:a2:1a:c5:ec:b1:85:95:dd:35:
bf:e3:5d:a7:22:e2:c6:99:33:f5:ac:4d:04:da:ac:d3:3d:c2:
93:0d:a9:26:74:ef:c5:38:1e:e9:fb:ac:4c:0a:bf:08:db:32:
47:f2:32:ef:2a:58:b1:92:fe:9b:ac:f4:71:83:3c:36:0e:a2:
69:78:89:bd:f0:c5:b0:f9:86:2b:ab:e7:ff:02:63:6e:3c:29:
e5:ed:c0:77:69:24:ed:13:0b:5b:94:49:84:6b:40:9c:41:37:
48:16:08:fc:83:4c:72:77:24:93:30:cb:9c:39:1d:98:22:3a:
2f:0b:6b:4b:75:46:44:2d:f9:5d:ac:b5:e6:f1:4e:34:8c:99:
de:cc:f6:44:d8:e3:0d:3a:5a:72:5a:32:28:df:81:1f:89:60:
31:50:6a:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04nAYijykc7EjOHbf2H0iXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjYwMzI5MDgwMDQyWhcNMjYwMzMwMDgwMDQyWjAzMTEwLwYDVQQD
EyhmZDM5NmJlM2Y4MmMxMzVhODNmZmVlMWMyYjVjZTRmZjZmNjM5NDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4FlwgvaMGZ3gYHBp6t6f8zEP1oIg
GQgfX4XT9BptktbCxa8yZ5FnUATw0wgycq/wk+ldOCPG3SjMc1ZawuccpOhayvb1
o6D/Z6W24HtVjn54HQqy6/0+GfmrIjWIHjqADYtmddAXWVrEnB3D8BRqhMjWQGE8
As/jea7oPyVqsLmQY6/tQaBI3p4/BgUNW54QPLmU5nNErm3Bmh07nM+ZZFZSAGXq
mPz/N6CX8KEkZ8HZjfXUPYKArf1Ex+X7/n24RA5tWO9hdAK+zli3Ro15KR+siL2Z
xlUAwmSEEpaGjatb0EYHbu4kHlj58zZiaMQumJs7df1X1frez1UhHMJ7DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP05a+P4LBNag//uHCtc5P9vY5RMMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg9KDSQuJ
fxH0ltW5T7iM071J9qj//g6/y1hGrF+fYyMFSFEsdy+v0A+O49oLVhD7KdN3FfDY
sMzfchkWCmTwN/Mfl4tHyj7xQY02PPJD5AUQ7UzO1YCVRRI2oiFcLCmPQ6h2ohrF
7LGFld01v+NdpyLixpkz9axNBNqs0z3Ckw2pJnTvxTge6fusTAq/CNsyR/Iy7ypY
sZL+m6z0cYM8Ng6iaXiJvfDFsPmGK6vn/wJjbjwp5e3Ad2kk7RMLW5RJhGtAnEE3
SBYI/INMcnckkzDLnDkdmCI6LwtrS3VGRC35Xay15vFONIyZ3sz2RNjjDTpacloy
KN+BH4lgMVBqGQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 17:48:51 2026 by rpki-client