Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
File: CLFH055Du3X596_0XnvyuDUw-HQ.mft (raw, json)
Hash identifier: k5yukOb4Uv0T3CiRVeGtSne4Y+qp8+Y94B1gGNIf/fo=
Subject key identifier: A4:EC:83:E2:7E:CE:EC:B8:CC:11:B6:23:11:C9:B7:07:37:02:84:CF
Authority key identifier: 08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74
Certificate issuer: /CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874
Certificate serial: 019CAD902EC247D98A9E1D9650B323612F0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
Manifest number: 05AD
Signing time: Mon 02 Mar 2026 08:00:33 +0000
Manifest this update: Mon 02 Mar 2026 08:00:33 +0000
Manifest next update: Tue 03 Mar 2026 08:00:33 +0000
Files and hashes: 1: CLFH055Du3X596_0XnvyuDUw-HQ.crl (hash: pkjxjV70s0PHFWId2+zc1pMYdztJf2MAzsbTK108a4Q=)
2: xhzE5qx5c_vKPAy0deGs6eofNZ0.roa (hash: jXZvydAfDIyrWuRlwsg2DPksah0YrS3WxzlZdKuIQXI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:2e:c2:47:d9:8a:9e:1d:96:50:b3:23:61:2f:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08b147d39e43bb75f9f7aff45e7bf2b83530f874
Validity
Not Before: Mar 2 08:00:33 2026 GMT
Not After : Mar 3 08:00:33 2026 GMT
Subject: CN=a4ec83e27eceecb8cc11b62311c9b707370284cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:04:f4:b7:92:bd:a6:12:dc:1a:76:8c:55:5e:
7c:80:3f:c7:40:31:e9:28:09:dd:ec:0c:04:eb:16:
28:9b:77:3a:32:cc:9f:df:26:00:a9:31:05:b3:3c:
05:59:af:a9:8d:8d:a7:e1:58:89:c1:81:ed:4f:78:
26:81:b5:aa:a7:cb:ed:d7:be:8f:f2:01:83:fc:38:
70:e8:9a:46:25:27:a6:3e:be:7c:93:b0:e9:6b:31:
02:cf:6c:e8:37:8a:db:a4:d4:6e:93:4d:a1:de:da:
d9:4d:9e:a7:46:b5:c9:90:1d:b3:32:6f:1f:21:37:
36:97:6a:d3:57:56:64:49:ad:d7:f7:17:34:21:a9:
54:5d:e7:77:82:0b:1b:57:56:25:da:5a:e4:91:1c:
92:c3:f4:c5:7b:82:4e:05:7e:32:36:39:4a:10:bc:
6f:25:fa:b7:7b:43:84:8a:ac:4c:ad:a4:c1:b6:2e:
ee:ad:49:74:6c:7f:7c:b6:8b:16:7a:6f:ad:ed:11:
74:ea:29:12:62:52:84:24:64:ff:b6:c9:c8:2b:21:
84:90:17:b6:a0:51:b0:4a:4b:e8:dc:fd:ab:f5:a9:
65:c8:a1:10:a5:c1:a4:0b:d5:2d:ad:8e:e5:4d:c6:
a3:0d:c8:68:12:72:f9:01:a9:db:3d:34:a6:dd:4e:
98:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:EC:83:E2:7E:CE:EC:B8:CC:11:B6:23:11:C9:B7:07:37:02:84:CF
X509v3 Authority Key Identifier:
keyid:08:B1:47:D3:9E:43:BB:75:F9:F7:AF:F4:5E:7B:F2:B8:35:30:F8:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CLFH055Du3X596_0XnvyuDUw-HQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6ac73a-6b5f-4232-9b8c-305e33ef8b29/1/CLFH055Du3X596_0XnvyuDUw-HQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:26:3a:e4:f7:53:f0:f3:6b:f6:f1:e1:e1:d9:8a:41:af:c0:
eb:a9:06:48:e1:49:57:6a:22:70:3a:39:b6:70:82:5c:8d:85:
2b:de:f5:d1:06:98:1a:41:b3:07:d3:c7:87:58:94:ed:21:a7:
bf:0a:91:bd:1e:9e:1a:fb:a4:7b:ba:ad:ae:a3:35:b6:9b:1b:
9b:61:e8:36:14:a6:b3:58:27:d2:ec:1b:ba:6f:52:03:d7:79:
8b:40:7b:da:0e:1e:d6:df:9f:b7:ef:0a:8d:1a:fa:e6:c2:46:
71:ee:42:5d:6b:b0:52:9f:d5:ac:4c:0f:53:cf:87:0a:ad:d7:
43:34:7c:ba:f4:aa:54:a7:2a:a8:af:40:99:9b:f7:3b:2a:e4:
99:81:89:d7:3b:55:a6:fd:7c:bf:d6:71:bb:37:93:cd:2b:8d:
30:45:18:c8:56:ca:e7:c6:1d:de:d4:64:7d:64:5c:a3:12:53:
54:3d:d2:56:82:07:05:7c:5b:2e:4b:1c:5a:82:af:99:9d:1a:
f2:8c:0f:36:5f:81:ba:b5:27:f4:34:db:b1:43:42:c6:24:62:
28:07:e7:f9:88:67:0b:ce:8a:36:f5:08:9e:18:48:8c:a9:6a:
cd:5d:f9:74:63:71:8a:d9:c0:45:53:72:eb:a0:42:4e:eb:69:
a6:9c:01:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkC7CR9mKnh2WULMjYS8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YjE0N2QzOWU0M2JiNzVmOWY3YWZmNDVlN2JmMmI4MzUz
MGY4NzQwHhcNMjYwMzAyMDgwMDMzWhcNMjYwMzAzMDgwMDMzWjAzMTEwLwYDVQQD
EyhhNGVjODNlMjdlY2VlY2I4Y2MxMWI2MjMxMWM5YjcwNzM3MDI4NGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9gT0t5K9phLcGnaMVV58gD/HQDHp
KAnd7AwE6xYom3c6Msyf3yYAqTEFszwFWa+pjY2n4ViJwYHtT3gmgbWqp8vt176P
8gGD/Dhw6JpGJSemPr58k7DpazECz2zoN4rbpNRuk02h3trZTZ6nRrXJkB2zMm8f
ITc2l2rTV1ZkSa3X9xc0IalUXed3ggsbV1Yl2lrkkRySw/TFe4JOBX4yNjlKELxv
Jfq3e0OEiqxMraTBti7urUl0bH98tosWem+t7RF06ikSYlKEJGT/tsnIKyGEkBe2
oFGwSkvo3P2r9allyKEQpcGkC9UtrY7lTcajDchoEnL5AanbPTSm3U6YXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKTsg+J+zuy4zBG2IxHJtwc3AoTPMB8GA1UdIwQY
MBaAFAixR9OeQ7t1+fev9F578rg1MPh0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMt
MzA1ZTMzZWY4YjI5LzEvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82YWM3M2EtNmI1Zi00MjMyLTliOGMtMzA1ZTMzZWY4YjI5
LzEvQ0xGSDA1NUR1M1g1OTZfMFhudnl1RFV3LUhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXCY65PdT
8PNr9vHh4dmKQa/A66kGSOFJV2oicDo5tnCCXI2FK9710QaYGkGzB9PHh1iU7SGn
vwqRvR6eGvuke7qtrqM1tpsbm2HoNhSms1gn0uwbum9SA9d5i0B72g4e1t+ft+8K
jRr65sJGce5CXWuwUp/VrEwPU8+HCq3XQzR8uvSqVKcqqK9AmZv3OyrkmYGJ1ztV
pv18v9ZxuzeTzSuNMEUYyFbK58Yd3tRkfWRcoxJTVD3SVoIHBXxbLkscWoKvmZ0a
8owPNl+BurUn9DTbsUNCxiRiKAfn+YhnC86KNvUInhhIjKlqzV35dGNxitnARVNy
66BCTutpppwBVQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:38:49 2026 by rpki-client