Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
File: cxkAeiit4HgdMS2NSUcts2dnBBY.mft (raw, json)
Hash identifier: QEMwqdLLPmgHW8L9TG70gHRGlLIwKij610mY6F6mqj8=
Subject key identifier: 77:A6:56:4B:FC:CA:4D:71:F6:5D:F0:07:3D:17:4F:FB:99:37:62:EE
Authority key identifier: 73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
Certificate issuer: /CN=7319007a28ade0781d312d8d49472db367670416
Certificate serial: 019CAAC6D78AD37B97E1C51CC28007F22420
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
Manifest number: 0AC2
Signing time: Sun 01 Mar 2026 19:01:23 +0000
Manifest this update: Sun 01 Mar 2026 19:01:23 +0000
Manifest next update: Mon 02 Mar 2026 19:01:23 +0000
Files and hashes: 1: Le8K7qSkEZ1_FmI_JNvcQwDT3kM.roa (hash: YPGYe40UQA7fHzeXPlUUiQ7ZZraM1bL1CPz1T+qTDdY=)
2: cxkAeiit4HgdMS2NSUcts2dnBBY.crl (hash: Fq26MjxWT38UAWU03UiTYl8pNrP6Go6B7E9f6B4MGmE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 19:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:d7:8a:d3:7b:97:e1:c5:1c:c2:80:07:f2:24:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7319007a28ade0781d312d8d49472db367670416
Validity
Not Before: Mar 1 19:01:23 2026 GMT
Not After : Mar 2 19:01:23 2026 GMT
Subject: CN=77a6564bfcca4d71f65df0073d174ffb993762ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d9:4a:f6:39:15:70:50:b8:96:9a:b4:85:52:
1f:d8:5b:ff:8e:50:22:20:24:8c:ee:7b:62:7b:9c:
3b:22:1a:e3:8e:a8:1d:09:4f:2e:54:4e:0c:cb:43:
92:d1:53:a3:ef:d6:3f:21:30:2d:0a:bb:1c:5b:c5:
a0:d0:28:5e:96:b3:e9:15:de:16:0c:1f:70:0e:86:
99:4b:31:7a:c3:c6:f2:3c:58:fe:80:f8:e6:a5:9b:
f3:b4:1a:16:fc:f8:1f:0f:ad:8a:eb:80:7e:83:e2:
0d:aa:d0:ea:b4:c6:60:c9:e9:47:96:f9:f8:dc:c0:
6b:03:c8:4c:6e:3b:09:84:bc:b8:82:36:bc:c6:73:
e1:68:ce:a9:30:f5:25:72:95:28:e5:4a:5d:67:38:
fc:c6:93:b5:c3:b3:23:c0:76:e0:bc:a8:c6:94:55:
0d:ae:bc:fe:a4:d0:3b:c3:d7:eb:8f:af:3b:49:a5:
5e:40:62:0b:3e:6c:64:cf:6a:3b:b3:fa:93:83:2f:
12:37:06:ab:c6:2a:fd:8a:09:6a:e3:f8:7e:43:24:
19:3d:7f:36:fc:2f:c0:3d:b1:7f:d2:04:64:0d:d9:
2f:8c:ef:c5:6a:b2:3f:22:f7:9a:a9:dd:58:4d:1d:
4e:05:f2:bc:be:73:71:ec:41:34:be:10:bb:cf:d0:
73:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:A6:56:4B:FC:CA:4D:71:F6:5D:F0:07:3D:17:4F:FB:99:37:62:EE
X509v3 Authority Key Identifier:
keyid:73:19:00:7A:28:AD:E0:78:1D:31:2D:8D:49:47:2D:B3:67:67:04:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxkAeiit4HgdMS2NSUcts2dnBBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/f8c7e2-3282-4ebb-8508-9f9494966c54/1/cxkAeiit4HgdMS2NSUcts2dnBBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:72:26:04:10:b8:23:b3:23:da:94:e4:43:b3:fc:61:fc:25:
ae:08:a6:16:bb:f5:5b:4d:9c:87:e8:0a:9d:16:ae:4d:ee:98:
c6:e8:3f:b9:81:5f:9f:17:4c:04:c4:02:7d:00:58:1e:ea:93:
5b:41:2d:17:d4:9a:3d:f0:75:5e:0f:a0:b6:54:bd:ae:94:1d:
cb:08:ca:36:1b:3d:bc:fa:4b:e0:d6:50:0a:2a:b9:b7:87:aa:
5e:4e:65:ab:17:42:ad:76:c8:1e:3e:2f:f2:cf:4b:c4:50:ac:
e0:66:b3:35:46:e1:5e:3b:f6:9d:d4:0f:7c:b6:43:ca:0c:97:
44:11:44:d9:a7:5a:c6:c3:6d:ec:08:83:a7:68:c5:45:d3:45:
4a:bc:bd:4a:85:d7:84:94:25:d8:bb:45:77:5f:57:46:96:cd:
cb:10:a1:e2:7f:1c:8a:18:b8:09:14:bc:1d:6a:b3:51:4b:35:
f2:09:8c:f2:b0:39:11:2f:62:51:0e:75:1e:02:8d:b5:cd:5a:
b0:71:1a:8b:bd:d5:7b:14:5d:cd:3c:b9:77:ca:5e:9a:26:d3:
d8:28:e1:68:d0:ce:e1:e1:8d:d8:0a:75:5e:3b:45:0b:2a:26:
6c:92:b6:f7:2e:67:78:28:b3:99:29:ed:ad:f0:2b:75:03:49:
81:33:e4:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxteK03uX4cUcwoAH8iQgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMTkwMDdhMjhhZGUwNzgxZDMxMmQ4ZDQ5NDcyZGIzNjc2
NzA0MTYwHhcNMjYwMzAxMTkwMTIzWhcNMjYwMzAyMTkwMTIzWjAzMTEwLwYDVQQD
Eyg3N2E2NTY0YmZjY2E0ZDcxZjY1ZGYwMDczZDE3NGZmYjk5Mzc2MmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tlK9jkVcFC4lpq0hVIf2Fv/jlAi
ICSM7ntie5w7IhrjjqgdCU8uVE4My0OS0VOj79Y/ITAtCrscW8Wg0ChelrPpFd4W
DB9wDoaZSzF6w8byPFj+gPjmpZvztBoW/PgfD62K64B+g+INqtDqtMZgyelHlvn4
3MBrA8hMbjsJhLy4gja8xnPhaM6pMPUlcpUo5UpdZzj8xpO1w7MjwHbgvKjGlFUN
rrz+pNA7w9frj687SaVeQGILPmxkz2o7s/qTgy8SNwarxir9iglq4/h+QyQZPX82
/C/APbF/0gRkDdkvjO/FarI/Iveaqd1YTR1OBfK8vnNx7EE0vhC7z9BzJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHemVkv8yk1x9l3wBz0XT/uZN2LuMB8GA1UdIwQY
MBaAFHMZAHooreB4HTEtjUlHLbNnZwQWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgt
OWY5NDk0OTY2YzU0LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9mOGM3ZTItMzI4Mi00ZWJiLTg1MDgtOWY5NDk0OTY2YzU0
LzEvY3hrQWVpaXQ0SGdkTVMyTlNVY3RzMmRuQkJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQHImBBC4
I7Mj2pTkQ7P8YfwlrgimFrv1W02ch+gKnRauTe6Yxug/uYFfnxdMBMQCfQBYHuqT
W0EtF9SaPfB1Xg+gtlS9rpQdywjKNhs9vPpL4NZQCiq5t4eqXk5lqxdCrXbIHj4v
8s9LxFCs4GazNUbhXjv2ndQPfLZDygyXRBFE2adaxsNt7AiDp2jFRdNFSry9SoXX
hJQl2LtFd19XRpbNyxCh4n8cihi4CRS8HWqzUUs18gmM8rA5ES9iUQ51HgKNtc1a
sHEai73VexRdzTy5d8pemibT2CjhaNDO4eGN2Ap1XjtFCyombJK29y5neCizmSnt
rfArdQNJgTPk+w==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:16:18 2026 by rpki-client