Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
File: cvpBoKemgQK1OrMXQtthJC91kIw.mft (raw, json)
Hash identifier: LbQuOypJhCfulMmOFUKMfTAwb1g0+klmU7P/4MHQE5c=
Subject key identifier: 9C:9F:DF:9E:B8:82:4A:5D:60:63:C1:A6:34:60:85:02:91:6B:08:10
Authority key identifier: 72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
Certificate issuer: /CN=72fa41a0a7a68102b53ab31742db61242f75908c
Certificate serial: 019CABD93BBB121E75DCBEAC7BBF211D7E12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
Manifest number: 1691
Signing time: Mon 02 Mar 2026 00:01:06 +0000
Manifest this update: Mon 02 Mar 2026 00:01:06 +0000
Manifest next update: Tue 03 Mar 2026 00:01:06 +0000
Files and hashes: 1: Afbz_CgFHMzfcYyB-LhD-CN5fJo.roa (hash: UVJ+Ac4Bp4WWuF6LeTd+T8dhUJ7FlhzP+dm7sJQtR5c=)
2: cvpBoKemgQK1OrMXQtthJC91kIw.crl (hash: 2faXCacuDN4E38mGmaj2lMrvQYXPghyOqVBlSm4PLE4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:d9:3b:bb:12:1e:75:dc:be:ac:7b:bf:21:1d:7e:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72fa41a0a7a68102b53ab31742db61242f75908c
Validity
Not Before: Mar 2 00:01:06 2026 GMT
Not After : Mar 3 00:01:06 2026 GMT
Subject: CN=9c9fdf9eb8824a5d6063c1a634608502916b0810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:5d:34:6f:bd:24:c5:be:b8:b1:57:44:34:50:
5c:41:e5:05:1a:14:e4:7b:54:00:67:87:63:8a:a4:
33:b1:a8:30:49:a3:75:cd:13:38:51:bb:73:79:0f:
5e:36:19:56:fd:b2:31:c6:aa:76:d6:c8:be:13:20:
13:f4:e0:9b:52:04:48:f1:c1:ee:2e:01:e2:65:69:
f2:aa:42:58:50:2b:71:db:ea:90:b4:8b:ff:84:09:
c7:24:f9:56:53:d3:ce:8f:8e:7e:f6:7a:04:c5:94:
51:7b:e2:37:af:c4:0d:72:a7:c8:9d:56:6c:d6:4c:
a2:c2:8d:8d:33:ea:93:8d:df:14:2f:40:ff:1d:b1:
25:29:b5:11:5e:d4:5d:63:c8:b7:4f:fd:e8:d3:f3:
ea:04:9f:95:c2:e3:65:f0:66:b6:4f:bd:a2:33:76:
bd:ba:43:9d:a3:7f:27:09:16:0d:66:e9:f3:a5:68:
8a:c7:62:d1:a5:d9:2a:72:33:f1:ea:b5:3d:f1:7a:
14:13:1a:0c:e6:70:81:b1:d7:33:a8:ae:d7:cd:d8:
0e:3e:23:da:da:5a:ee:ae:bd:f7:b4:d7:5a:63:77:
77:21:87:1b:3f:8d:32:42:7a:59:eb:2c:bb:60:75:
85:64:83:79:74:d7:72:07:9c:d0:ae:5e:c2:9f:52:
eb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:9F:DF:9E:B8:82:4A:5D:60:63:C1:A6:34:60:85:02:91:6B:08:10
X509v3 Authority Key Identifier:
keyid:72:FA:41:A0:A7:A6:81:02:B5:3A:B3:17:42:DB:61:24:2F:75:90:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cvpBoKemgQK1OrMXQtthJC91kIw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a90db1-d2f3-48d1-918c-fcebdc0dfc3f/1/cvpBoKemgQK1OrMXQtthJC91kIw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:6f:ba:43:c1:ba:3a:0b:fc:e8:7d:e4:34:78:b9:f2:36:ef:
92:4b:ea:14:b6:0f:92:48:31:4b:5c:39:60:f8:dc:b6:6b:27:
2d:43:ff:2b:d3:c5:84:68:01:cd:41:de:86:ef:89:93:c9:8e:
7a:cb:7b:26:28:54:6b:86:7c:be:e9:f8:40:3d:d2:a0:45:fc:
4a:47:ef:0e:4b:9e:5a:57:3a:e9:73:3c:38:90:3f:44:88:01:
56:9b:52:48:51:af:47:8f:1f:86:1e:95:9e:1d:8b:21:47:45:
be:ce:d3:d1:83:0c:80:e3:66:f6:d3:c1:df:e9:84:86:ca:46:
ab:9c:ca:fc:30:80:25:90:83:9d:17:7b:7c:14:8b:9e:39:be:
9e:96:41:63:49:67:2a:ba:c9:67:8e:1d:19:9e:f6:d4:82:98:
53:13:11:ce:05:9e:48:a8:40:bf:c1:9f:4d:cc:bc:c1:d2:5f:
c4:f0:db:c5:c8:4d:13:b2:f6:73:e6:07:a8:f2:8c:8c:8a:78:
e4:92:b0:68:f6:c5:e8:d8:83:18:1f:fa:ef:d3:fb:66:ad:1b:
2c:f7:d9:39:c2:ee:37:97:9a:0c:3c:75:7f:56:14:e3:30:91:
67:d7:54:2d:8b:da:0d:6d:33:2b:8b:a2:2c:2e:a3:7a:59:ab:
4d:6a:24:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyr2Tu7Eh513L6se78hHX4SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZmE0MWEwYTdhNjgxMDJiNTNhYjMxNzQyZGI2MTI0MmY3
NTkwOGMwHhcNMjYwMzAyMDAwMTA2WhcNMjYwMzAzMDAwMTA2WjAzMTEwLwYDVQQD
Eyg5YzlmZGY5ZWI4ODI0YTVkNjA2M2MxYTYzNDYwODUwMjkxNmIwODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2V00b70kxb64sVdENFBcQeUFGhTk
e1QAZ4djiqQzsagwSaN1zRM4UbtzeQ9eNhlW/bIxxqp21si+EyAT9OCbUgRI8cHu
LgHiZWnyqkJYUCtx2+qQtIv/hAnHJPlWU9POj45+9noExZRRe+I3r8QNcqfInVZs
1kyiwo2NM+qTjd8UL0D/HbElKbURXtRdY8i3T/3o0/PqBJ+VwuNl8Ga2T72iM3a9
ukOdo38nCRYNZunzpWiKx2LRpdkqcjPx6rU98XoUExoM5nCBsdczqK7XzdgOPiPa
2lrurr33tNdaY3d3IYcbP40yQnpZ6yy7YHWFZIN5dNdyB5zQrl7Cn1LrcwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyf3564gkpdYGPBpjRghQKRawgQMB8GA1UdIwQY
MBaAFHL6QaCnpoECtTqzF0LbYSQvdZCMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMt
ZmNlYmRjMGRmYzNmLzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hOTBkYjEtZDJmMy00OGQxLTkxOGMtZmNlYmRjMGRmYzNm
LzEvY3ZwQm9LZW1nUUsxT3JNWFF0dGhKQzkxa0l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiG+6Q8G6
Ogv86H3kNHi58jbvkkvqFLYPkkgxS1w5YPjctmsnLUP/K9PFhGgBzUHehu+Jk8mO
est7JihUa4Z8vun4QD3SoEX8SkfvDkueWlc66XM8OJA/RIgBVptSSFGvR48fhh6V
nh2LIUdFvs7T0YMMgONm9tPB3+mEhspGq5zK/DCAJZCDnRd7fBSLnjm+npZBY0ln
KrrJZ44dGZ721IKYUxMRzgWeSKhAv8GfTcy8wdJfxPDbxchNE7L2c+YHqPKMjIp4
5JKwaPbF6NiDGB/679P7Zq0bLPfZOcLuN5eaDDx1f1YU4zCRZ9dULYvaDW0zK4ui
LC6jelmrTWokZA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:30:11 2026 by rpki-client