Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json)
Hash identifier: IhXXppO+Mh3SwXSldv5eEJaqkiAo3b3Yq4SdDMv0SoE=
Subject key identifier: 38:BE:22:CE:8A:B0:FD:D3:F1:B2:8A:09:30:87:62:84:5D:84:87:9D
Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416
Certificate serial: 019D9A3EDD99BC89AB8D0F38F103075561B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
Manifest number: 0B3E
Signing time: Fri 17 Apr 2026 07:01:44 +0000
Manifest this update: Fri 17 Apr 2026 07:01:44 +0000
Manifest next update: Sat 18 Apr 2026 07:01:44 +0000
Files and hashes: 1: Le8K7qSkEZ1_FmI_JNvcQwDT3kM.roa (hash: YPGYe40UQA7fHzeXPlUUiQ7ZZraM1bL1CPz1T+qTDdY=)
2: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: jRoL8RuUTLzUw54eqKr/1jdkhRGFJSCnX1xxbhWvZJw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:3e:dd:99:bc:89:ab:8d:0f:38:f1:03:07:55:61:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7319007a28ade0781d312d8d49472db367670416
Validity
Not Before: Apr 17 07:01:44 2026 GMT
Not After : Apr 18 07:01:44 2026 GMT
Subject: CN=38be22ce8ab0fdd3f1b28a09308762845d84879d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e4:c3:90:69:2f:1b:09:2e:92:cc:a7:50:1e:
0a:b9:e6:c1:a0:d3:51:5c:12:71:58:40:60:0c:3a:
4b:d6:7e:81:f3:42:a3:94:0a:d8:e5:86:67:f1:17:
21:95:f9:8a:b5:28:f9:ad:e9:03:40:61:3d:bd:c2:
db:e3:22:d2:65:21:ee:bd:9d:d2:c0:80:05:fd:71:
14:3d:0a:81:25:0d:ee:c1:bc:40:a3:4a:99:87:4d:
a7:86:b1:47:b5:7e:4e:42:fc:c1:fe:f5:7a:9a:45:
a6:d1:16:63:c5:80:dd:26:4b:06:eb:7e:33:0a:b4:
98:b4:b8:51:db:57:5f:3d:f2:66:91:26:3c:33:c6:
51:5f:ed:21:2a:54:8f:55:1a:30:54:db:19:17:8d:
1a:42:e1:ac:9b:d2:88:45:c7:f4:88:6a:c3:42:bd:
88:eb:25:f4:20:d9:99:a1:a9:a7:bd:37:39:4c:2e:
14:ac:0c:9f:6b:73:80:39:06:9a:7d:4a:61:89:5d:
9b:cd:1f:dc:a4:66:1c:d2:e6:be:ac:36:38:88:48:
0f:93:88:04:cf:55:71:0b:09:2d:1c:2e:7e:9b:35:
f2:2b:62:66:4d:0d:95:4b:3d:c9:6b:31:41:3a:a4:
7e:ae:38:07:51:8c:cd:12:79:b8:02:b2:d9:dc:b3:
7d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BE:22:CE:8A:B0:FD:D3:F1:B2:8A:09:30:87:62:84:5D:84:87:9D
X509v3 Authority Key Identifier:
keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:90:59:8d:ba:67:37:ca:11:61:d9:95:20:bf:91:35:8a:41:
8a:07:a9:ec:10:0f:3b:48:34:0c:e4:6c:2a:8c:a2:2c:88:c9:
7a:96:ef:25:60:f2:9b:dc:38:43:a4:11:f9:e0:d4:a4:25:47:
78:ae:a8:3a:fe:8c:ac:cd:3e:c5:25:90:6f:00:d9:a6:a6:d9:
fa:96:da:d8:d9:e8:41:8b:12:af:28:af:09:27:d3:a8:7b:34:
c0:8c:15:c6:b5:ee:41:dd:72:eb:4a:46:1a:11:73:d7:5a:8d:
3e:44:42:a7:a1:e1:a2:f5:33:6c:3c:78:0f:d1:e5:05:47:cf:
8c:5f:26:7b:00:a7:67:11:91:ee:77:cf:11:b3:2c:cf:fc:79:
9a:8c:d9:b8:f5:0d:4c:49:a9:b9:4f:27:c9:2f:0e:99:1e:1e:
8f:a9:6a:94:00:36:90:13:eb:39:b5:c1:fd:4e:49:d8:97:b0:
8a:0f:25:9d:4a:f6:96:be:52:4e:99:96:73:1f:cc:a6:15:33:
01:d3:f0:f9:b8:35:36:90:ad:09:14:2e:7c:03:a5:d3:f3:e1:
e5:2c:f5:47:21:56:7a:96:fb:b7:c1:05:74:22:b2:0f:69:e2:
6d:85:f9:cb:ba:16:aa:6c:11:a2:19:b4:c7:5a:b7:48:f7:f5:
f1:2b:1d:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aPt2ZvImrjQ848QMHVWGwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2
NzA0MTYwHhcNMjYwNDE3MDcwMTQ0WhcNMjYwNDE4MDcwMTQ0WjAzMTEwLwYDVQQD
EygzOGJlMjJjZThhYjBmZGQzZjFiMjhhMDkzMDg3NjI4NDVkODQ4NzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeTDkGkvGwkuksynUB4KuebBoNNR
XBJxWEBgDDpL1n6B80KjlArY5YZn8RchlfmKtSj5rekDQGE9vcLb4yLSZSHuvZ3S
wIAF/XEUPQqBJQ3uwbxAo0qZh02nhrFHtX5OQvzB/vV6mkWm0RZjxYDdJksG634z
CrSYtLhR21dfPfJmkSY8M8ZRX+0hKlSPVRowVNsZF40aQuGsm9KIRcf0iGrDQr2I
6yX0INmZoamnvTc5TC4UrAyfa3OAOQaafUphiV2bzR/cpGYc0ua+rDY4iEgPk4gE
z1VxCwktHC5+mzXyK2JmTQ2VSz3JazFBOqR+rjgHUYzNEnm4ArLZ3LN9DQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDi+Is6KsP3T8bKKCTCHYoRdhIedMB8GA1UdIwQY
MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt
OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0
LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5BZjbpn
N8oRYdmVIL+RNYpBigep7BAPO0g0DORsKoyiLIjJepbvJWDym9w4Q6QR+eDUpCVH
eK6oOv6MrM0+xSWQbwDZpqbZ+pba2NnoQYsSryivCSfTqHs0wIwVxrXuQd1y60pG
GhFz11qNPkRCp6HhovUzbDx4D9HlBUfPjF8mewCnZxGR7nfPEbMsz/x5mozZuPUN
TEmpuU8nyS8OmR4ej6lqlAA2kBPrObXB/U5J2Jewig8lnUr2lr5STpmWcx/MphUz
AdPw+bg1NpCtCRQufAOl0/Ph5Sz1RyFWepb7t8EFdCKyD2nibYX5y7oWqmwRohm0
x1q3SPf18SsdcA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 11:03:12 2026 by rpki-client