Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: QVt0taY4BlFtHKo35kmk49g3HV0f+NMe25RIPoLbePY=
Subject key identifier: 28:99:4E:F4:FF:D4:99:15:28:30:81:A2:47:D5:36:2D:16:13:2E:61
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 019D9B5156D546A886A66B708D0B3B2B818C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 170D
Signing time: Fri 17 Apr 2026 12:01:32 +0000
Manifest this update: Fri 17 Apr 2026 12:01:32 +0000
Manifest next update: Sat 18 Apr 2026 12:01:32 +0000
Files and hashes: 1: Afbz_CgFHMzfcYyB-LhD-CN5fJo.roa (hash: UVJ+Ac4Bp4WWuF6LeTd+T8dhUJ7FlhzP+dm7sJQtR5c=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: oHgx2qkMJWK/Wr/F67xDHN9dN0PCmQaUhsdu218fitw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:51:56:d5:46:a8:86:a6:6b:70:8d:0b:3b:2b:81:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Apr 17 12:01:32 2026 GMT
Not After : Apr 18 12:01:32 2026 GMT
Subject: CN=28994ef4ffd49915283081a247d5362d16132e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:55:3b:31:95:84:fc:cb:5e:69:eb:c3:ef:00:
55:7d:c6:3d:95:8e:37:14:6e:d5:cd:29:1a:6e:46:
e8:5a:25:5f:70:43:ac:a1:2b:5b:78:f3:fc:83:97:
91:29:fd:b8:17:3b:39:17:e3:66:c0:7e:e9:9d:6c:
fc:1c:94:2e:99:6f:46:7f:16:d3:79:89:d7:e0:eb:
be:59:a9:b4:69:6b:d0:98:e1:d0:01:78:e7:3c:cb:
b1:dc:75:d7:bb:40:ba:42:ba:a3:78:f7:fd:26:28:
38:01:b1:26:d8:2d:1d:35:7f:f7:74:3a:c2:3b:38:
3f:31:3e:e1:ac:e6:33:45:6e:e8:fb:12:89:63:e7:
30:87:23:21:ef:04:86:27:cf:0c:64:ea:5e:b0:88:
04:96:f6:d6:65:94:ca:cd:12:82:77:c7:c9:fd:ec:
f5:fa:55:8b:40:4d:b4:c5:52:68:81:56:85:83:d2:
78:71:79:47:6c:56:7c:72:3e:4d:93:46:a3:16:2c:
eb:a5:9c:37:82:6b:79:40:9d:b9:fa:0e:f9:04:9f:
a0:8f:ab:5b:be:de:16:da:e6:0a:e2:01:f6:0a:b5:
d4:c8:5c:26:f4:25:6e:3a:3d:dd:4e:df:20:d8:59:
6e:eb:5c:13:6e:1f:8a:41:9e:ef:d7:2a:f4:5a:1a:
22:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:99:4E:F4:FF:D4:99:15:28:30:81:A2:47:D5:36:2D:16:13:2E:61
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:f5:fd:36:c3:72:eb:a2:e2:2b:47:db:57:80:52:a9:7a:8b:
fe:d3:7c:b3:2d:ec:87:00:5a:d7:a5:37:61:be:46:22:30:95:
8b:a0:ed:0d:31:79:11:5c:4f:cb:58:38:5b:ae:9e:45:ad:dc:
99:48:79:59:38:31:78:fb:86:d5:10:bb:c4:1c:cb:e9:74:6c:
44:72:c7:90:6c:b4:ed:15:4f:6f:b3:16:5c:1a:70:54:b6:08:
b2:2a:42:15:04:99:9b:63:73:e6:de:03:7f:cf:ca:3e:c3:3f:
f8:0d:e6:36:81:e1:6a:2b:a4:80:f1:2a:fc:bd:f3:cc:02:a8:
51:aa:3e:bd:eb:66:ab:c5:d5:7a:63:ca:50:c5:02:e7:e8:8d:
79:d9:99:02:0f:49:6d:e7:e6:bc:40:4c:e4:f5:ed:9e:59:47:
63:1d:39:26:c8:f8:c2:df:25:7e:51:b0:45:a2:df:6d:13:7e:
29:40:d0:a8:f1:af:48:84:e3:d5:ac:98:ec:56:c9:61:ce:9c:
ae:37:4e:52:57:3b:48:10:8c:d2:48:97:38:17:3d:fb:0c:3e:
05:e5:55:54:ea:e1:d0:79:02:99:a9:72:ad:75:6b:26:e2:b9:
5b:55:ab:30:63:8a:41:b0:3b:30:b5:1f:34:55:75:6d:03:c6:
2b:b6:b4:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bUVbVRqiGpmtwjQs7K4GMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjYwNDE3MTIwMTMyWhcNMjYwNDE4MTIwMTMyWjAzMTEwLwYDVQQD
EygyODk5NGVmNGZmZDQ5OTE1MjgzMDgxYTI0N2Q1MzYyZDE2MTMyZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlU7MZWE/MteaevD7wBVfcY9lY43
FG7VzSkabkboWiVfcEOsoStbePP8g5eRKf24Fzs5F+NmwH7pnWz8HJQumW9GfxbT
eYnX4Ou+Wam0aWvQmOHQAXjnPMux3HXXu0C6QrqjePf9Jig4AbEm2C0dNX/3dDrC
Ozg/MT7hrOYzRW7o+xKJY+cwhyMh7wSGJ88MZOpesIgElvbWZZTKzRKCd8fJ/ez1
+lWLQE20xVJogVaFg9J4cXlHbFZ8cj5Nk0ajFizrpZw3gmt5QJ25+g75BJ+gj6tb
vt4W2uYK4gH2CrXUyFwm9CVuOj3dTt8g2Flu61wTbh+KQZ7v1yr0WhoipQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCiZTvT/1JkVKDCBokfVNi0WEy5hMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbfX9NsNy
66LiK0fbV4BSqXqL/tN8sy3shwBa16U3Yb5GIjCVi6DtDTF5EVxPy1g4W66eRa3c
mUh5WTgxePuG1RC7xBzL6XRsRHLHkGy07RVPb7MWXBpwVLYIsipCFQSZm2Nz5t4D
f8/KPsM/+A3mNoHhaiukgPEq/L3zzAKoUao+vetmq8XVemPKUMUC5+iNedmZAg9J
befmvEBM5PXtnllHYx05Jsj4wt8lflGwRaLfbRN+KUDQqPGvSITj1ayY7FbJYc6c
rjdOUlc7SBCM0kiXOBc9+ww+BeVVVOrh0HkCmalyrXVrJuK5W1WrMGOKQbA7MLUf
NFV1bQPGK7a0xg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:08:51 2026 by rpki-client