Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.mft
File: cPaM3tOePsVM7iIzJS7zk3upgo0.mft (raw, json)
Hash identifier: GDbGLw7CfLrDbWudxWBvKAgFfopor1mGN4ssgWIV47Q=
Subject key identifier: FB:88:41:79:10:44:C9:DC:FE:AA:01:6D:86:4A:6B:9E:10:8B:9C:5B
Authority key identifier: 70:F6:8C:DE:D3:9E:3E:C5:4C:EE:22:33:25:2E:F3:93:7B:A9:82:8D
Certificate issuer: /CN=70f68cded39e3ec54cee2233252ef3937ba9828d
Certificate serial: 019CAAC5FDA0DFBB69948DAB671CA20C0749
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cPaM3tOePsVM7iIzJS7zk3upgo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.mft
Manifest number: 0AC0
Signing time: Sun 01 Mar 2026 19:00:27 +0000
Manifest this update: Sun 01 Mar 2026 19:00:27 +0000
Manifest next update: Mon 02 Mar 2026 19:00:27 +0000
Files and hashes: 1: AaBEOZ3ZZUPRMOYr0HR7shqRlxU.roa (hash: oniToucQYdIHu6lqhV89eqCsufsXROkFzPNah6lqOE4=)
2: BLrQemDWjWx48NYMm5EU7FEE2fs.roa (hash: 3uO6NEJSsXjHXxW7DrT2w1ELWOo2S4puGWGymObsq9I=)
3: cCJJNwn_gJuAQtsmGPX_UDP9tnY.roa (hash: rNInpx5nNSrUT999uu8Pr9WEUgG03eUXK2AlHeyvWXE=)
4: cPaM3tOePsVM7iIzJS7zk3upgo0.crl (hash: q4WaKssbgY3Fk6P6XEZHsDZ8sEPTZniFhVrrzeFi+w8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cPaM3tOePsVM7iIzJS7zk3upgo0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c5:fd:a0:df:bb:69:94:8d:ab:67:1c:a2:0c:07:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70f68cded39e3ec54cee2233252ef3937ba9828d
Validity
Not Before: Mar 1 19:00:27 2026 GMT
Not After : Mar 2 19:00:27 2026 GMT
Subject: CN=fb8841791044c9dcfeaa016d864a6b9e108b9c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:34:22:58:4b:10:7c:1f:7e:65:62:a7:50:5b:
0f:87:62:98:66:27:8d:67:a2:77:3f:5a:43:f8:85:
06:cb:f2:c7:f9:ca:24:85:8e:a5:a1:1b:21:b0:e2:
81:a5:22:e1:88:81:a2:79:b2:5d:54:6e:22:01:52:
25:01:7a:ce:67:ee:ad:fd:e6:ba:74:7c:6c:0e:b1:
02:4c:91:be:bf:28:59:f4:24:52:c6:55:d4:5a:b5:
c1:19:c0:a9:51:e0:25:d1:02:7d:c9:50:77:6b:9a:
e3:c7:3c:c1:97:49:66:a0:42:e3:11:d3:91:bc:67:
4c:da:75:68:49:79:8b:52:a4:de:89:45:19:db:45:
8c:57:85:89:02:65:e5:8f:ac:40:ca:a1:10:d4:b6:
1a:4f:41:3b:30:c4:2d:84:87:9c:69:19:91:3a:28:
05:e9:01:10:0f:f4:7d:75:be:21:f3:07:53:6b:22:
60:e5:21:56:c2:99:31:09:8e:fa:16:93:70:1e:c7:
90:17:57:fb:f9:53:54:08:48:fd:14:83:86:ea:81:
33:cf:8d:a2:fc:c3:3f:4e:0c:86:e3:bb:33:ba:80:
61:90:b3:5c:58:06:87:47:c1:29:1e:5d:90:60:8d:
4c:c5:68:65:85:f3:c0:22:8c:70:8d:2f:9c:8a:2e:
7e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:88:41:79:10:44:C9:DC:FE:AA:01:6D:86:4A:6B:9E:10:8B:9C:5B
X509v3 Authority Key Identifier:
keyid:70:F6:8C:DE:D3:9E:3E:C5:4C:EE:22:33:25:2E:F3:93:7B:A9:82:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cPaM3tOePsVM7iIzJS7zk3upgo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/f0cc41-b3e7-46ff-a976-29df4e2611f1/1/cPaM3tOePsVM7iIzJS7zk3upgo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:31:a2:18:44:2b:1b:95:98:46:a1:17:7a:f5:fa:3a:b7:7f:
d4:40:85:76:81:bf:00:4c:df:c9:53:20:9d:f3:0a:78:dd:02:
3a:7c:8a:e2:60:0c:9a:91:da:a6:79:16:76:ec:c1:4d:6d:4b:
85:c5:64:59:2b:5c:61:d4:0e:53:35:82:d3:50:2e:b0:3d:56:
25:0d:e4:fe:ad:1a:27:72:28:5c:84:6b:7b:ab:9e:01:14:bc:
5e:f0:e8:e6:ac:55:63:ca:33:03:9e:d9:a8:9c:eb:b1:62:74:
8c:7c:e5:0c:38:80:cc:1a:e6:c0:56:7a:9e:51:2f:37:53:fa:
8f:50:d6:5b:11:bb:5c:b2:b5:90:41:72:35:aa:c1:0e:ad:9d:
01:95:47:65:b4:a2:d0:d4:fe:68:68:f9:45:4d:e8:41:e8:07:
9d:0e:70:24:75:38:6a:ea:22:8a:8c:47:3c:0b:b9:ca:a7:3d:
34:69:3d:55:fd:b7:5e:cf:c0:23:f8:b2:4e:0f:a2:4d:7e:f0:
97:15:f1:1f:bb:ba:e4:1e:8f:f9:ac:9c:73:d3:d9:77:0e:fa:
3c:73:af:cd:18:88:11:22:9e:12:a6:d1:c2:62:cf:3b:52:ef:
a5:4e:84:45:2c:e5:27:fa:74:dc:ba:f9:6c:eb:0d:7e:9b:d6:
9a:04:d0:b4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxf2g37tplI2rZxyiDAdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZjY4Y2RlZDM5ZTNlYzU0Y2VlMjIzMzI1MmVmMzkzN2Jh
OTgyOGQwHhcNMjYwMzAxMTkwMDI3WhcNMjYwMzAyMTkwMDI3WjAzMTEwLwYDVQQD
EyhmYjg4NDE3OTEwNDRjOWRjZmVhYTAxNmQ4NjRhNmI5ZTEwOGI5YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1TQiWEsQfB9+ZWKnUFsPh2KYZieN
Z6J3P1pD+IUGy/LH+cokhY6loRshsOKBpSLhiIGiebJdVG4iAVIlAXrOZ+6t/ea6
dHxsDrECTJG+vyhZ9CRSxlXUWrXBGcCpUeAl0QJ9yVB3a5rjxzzBl0lmoELjEdOR
vGdM2nVoSXmLUqTeiUUZ20WMV4WJAmXlj6xAyqEQ1LYaT0E7MMQthIecaRmROigF
6QEQD/R9db4h8wdTayJg5SFWwpkxCY76FpNwHseQF1f7+VNUCEj9FIOG6oEzz42i
/MM/TgyG47szuoBhkLNcWAaHR8EpHl2QYI1MxWhlhfPAIoxwjS+cii5+JQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuIQXkQRMnc/qoBbYZKa54Qi5xbMB8GA1UdIwQY
MBaAFHD2jN7Tnj7FTO4iMyUu85N7qYKNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1BhTTN0T2VQc1ZNN2lJekpTN3prM3VwZ28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9mMGNjNDEtYjNlNy00NmZmLWE5NzYt
MjlkZjRlMjYxMWYxLzEvY1BhTTN0T2VQc1ZNN2lJekpTN3prM3VwZ28wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9mMGNjNDEtYjNlNy00NmZmLWE5NzYtMjlkZjRlMjYxMWYx
LzEvY1BhTTN0T2VQc1ZNN2lJekpTN3prM3VwZ28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACDGiGEQr
G5WYRqEXevX6Ord/1ECFdoG/AEzfyVMgnfMKeN0COnyK4mAMmpHapnkWduzBTW1L
hcVkWStcYdQOUzWC01AusD1WJQ3k/q0aJ3IoXIRre6ueARS8XvDo5qxVY8ozA57Z
qJzrsWJ0jHzlDDiAzBrmwFZ6nlEvN1P6j1DWWxG7XLK1kEFyNarBDq2dAZVHZbSi
0NT+aGj5RU3oQegHnQ5wJHU4auoiioxHPAu5yqc9NGk9Vf23Xs/AI/iyTg+iTX7w
lxXxH7u65B6P+aycc9PZdw76PHOvzRiIESKeEqbRwmLPO1LvpU6ERSzlJ/p03Lr5
bOsNfpvWmgTQtA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:37:04 2026 by rpki-client