Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
File: CWbgXRUnUN-q3l-veRutOR3G0tQ.mft (raw, json)
Hash identifier: rsjZpRstK6Qw75j8bexndTt6gayaRl2VXgedisnUG44=
Subject key identifier: 97:2F:02:A0:71:AF:0C:B5:82:6F:87:97:F7:0A:54:13:13:D5:DE:04
Authority key identifier: 09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
Certificate issuer: /CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Certificate serial: 019CAA219469E70EF9A3EB3884DED1E40854
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
Manifest number: 1087
Signing time: Sun 01 Mar 2026 16:00:53 +0000
Manifest this update: Sun 01 Mar 2026 16:00:53 +0000
Manifest next update: Mon 02 Mar 2026 16:00:53 +0000
Files and hashes: 1: CWbgXRUnUN-q3l-veRutOR3G0tQ.crl (hash: 7CXqiQvSDcugTUxJJuvZbon4JWTuLcWHHLKymqKOIeo=)
2: VvLHzr3zCOAlK7-AXr_k4lfnOVQ.roa (hash: K7rgIOGpP+zDsf8T3qgiqdA3/otSoFPMZHtAoCJ/7Q4=)
3: fLM3lMDOIHwMeEuupYXPThUldrU.roa (hash: LE/OpJSbb472I3p+Lhs1DmaGG8pkRz+JrIDCohhLEEA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:94:69:e7:0e:f9:a3:eb:38:84:de:d1:e4:08:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0966e05d152750dfaade5faf791bad391dc6d2d4
Validity
Not Before: Mar 1 16:00:53 2026 GMT
Not After : Mar 2 16:00:53 2026 GMT
Subject: CN=972f02a071af0cb5826f8797f70a541313d5de04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:21:e0:53:fe:97:97:d0:a1:de:26:6f:48:27:
02:79:0e:02:70:54:50:09:bc:ee:b2:37:06:a1:2e:
84:ee:6a:b5:52:04:d4:94:bb:8f:5f:a2:76:67:c2:
4c:9c:a8:93:3f:63:e1:84:fc:d1:27:be:e9:3f:b2:
4d:f3:c7:63:0a:8b:99:0e:e5:94:a4:af:77:e7:fb:
8e:d5:b1:89:f9:fe:44:3e:df:00:4b:e1:79:80:78:
61:0f:c2:03:2e:66:a6:18:be:9d:c1:b8:c3:43:0d:
40:e7:ff:1f:71:28:12:07:d2:61:5c:13:a0:4a:36:
5f:48:d4:d3:84:b3:e4:eb:8b:1c:90:dd:6f:49:67:
76:fd:3c:41:fe:43:d8:74:46:de:e1:2e:e0:57:c7:
1a:cd:8d:f9:22:f1:d1:d7:22:3d:cd:6e:98:52:a0:
aa:ad:69:52:08:05:ae:73:38:f0:b8:ac:32:82:8b:
b9:5c:26:ce:10:61:80:f2:09:f6:f0:20:84:ff:1c:
f5:5b:43:66:fb:61:3f:4c:8f:87:dd:0c:01:b3:73:
f9:9b:33:ef:e3:52:16:9e:71:43:6f:66:f7:ac:9b:
e6:69:dd:80:96:a9:3c:7c:72:8e:04:11:00:79:8a:
d0:bf:37:2d:18:40:62:c3:03:ae:e3:b4:55:ce:9c:
bc:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2F:02:A0:71:AF:0C:B5:82:6F:87:97:F7:0A:54:13:13:D5:DE:04
X509v3 Authority Key Identifier:
keyid:09:66:E0:5D:15:27:50:DF:AA:DE:5F:AF:79:1B:AD:39:1D:C6:D2:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWbgXRUnUN-q3l-veRutOR3G0tQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/4e1bc8-f810-4182-a6e3-721bb4fc8c16/1/CWbgXRUnUN-q3l-veRutOR3G0tQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:10:23:9a:77:0f:73:1a:a4:fe:cd:a5:d3:68:42:57:1e:8a:
8e:2d:a2:cd:9a:23:1e:7b:29:cd:83:32:53:47:2d:1d:05:29:
92:4e:2c:a9:64:6d:25:99:02:f0:4e:04:50:60:dd:50:d2:4a:
2f:2f:94:fa:9d:9d:8c:2f:88:c5:f5:2d:1c:7d:17:a5:81:f1:
be:11:04:89:6e:be:d8:f9:70:0a:e5:9c:44:f2:e3:41:41:b1:
f9:ba:11:c6:30:ff:b0:a2:83:ff:bf:9d:bb:ad:bb:c9:95:7d:
ca:51:dc:87:6e:97:f1:cd:56:e8:24:bf:98:77:68:61:78:72:
d8:f4:2c:33:61:c0:5d:a3:b9:5d:77:d8:41:d2:97:7f:f5:39:
0f:18:8c:93:48:57:ce:7d:52:2f:8d:c6:e8:7f:b3:89:12:31:
93:ee:fc:e3:f1:13:e8:22:88:bf:b9:81:7b:4d:01:bc:09:37:
96:0a:c8:02:56:f5:02:db:5a:cb:e3:e1:97:0d:05:5b:ca:4f:
e2:25:aa:ae:96:6c:4b:1f:d3:f6:12:1f:7b:60:39:a8:82:c9:
75:cb:52:e6:cd:e4:b8:16:06:b3:46:83:90:4c:fd:14:16:65:
0b:ac:e1:58:60:e1:26:b9:ed:57:ea:92:7c:a3:18:4a:75:1b:
d0:50:6a:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqIZRp5w75o+s4hN7R5AhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjZlMDVkMTUyNzUwZGZhYWRlNWZhZjc5MWJhZDM5MWRj
NmQyZDQwHhcNMjYwMzAxMTYwMDUzWhcNMjYwMzAyMTYwMDUzWjAzMTEwLwYDVQQD
Eyg5NzJmMDJhMDcxYWYwY2I1ODI2Zjg3OTdmNzBhNTQxMzEzZDVkZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSHgU/6Xl9Ch3iZvSCcCeQ4CcFRQ
CbzusjcGoS6E7mq1UgTUlLuPX6J2Z8JMnKiTP2PhhPzRJ77pP7JN88djCouZDuWU
pK935/uO1bGJ+f5EPt8AS+F5gHhhD8IDLmamGL6dwbjDQw1A5/8fcSgSB9JhXBOg
SjZfSNTThLPk64sckN1vSWd2/TxB/kPYdEbe4S7gV8cazY35IvHR1yI9zW6YUqCq
rWlSCAWuczjwuKwygou5XCbOEGGA8gn28CCE/xz1W0Nm+2E/TI+H3QwBs3P5mzPv
41IWnnFDb2b3rJvmad2Alqk8fHKOBBEAeYrQvzctGEBiwwOu47RVzpy8IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJcvAqBxrwy1gm+Hl/cKVBMT1d4EMB8GA1UdIwQY
MBaAFAlm4F0VJ1Dfqt5fr3kbrTkdxtLUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMt
NzIxYmI0ZmM4YzE2LzEvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC80ZTFiYzgtZjgxMC00MTgyLWE2ZTMtNzIxYmI0ZmM4YzE2
LzEvQ1diZ1hSVW5VTi1xM2wtdmVSdXRPUjNHMHRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANRAjmncP
cxqk/s2l02hCVx6Kji2izZojHnspzYMyU0ctHQUpkk4sqWRtJZkC8E4EUGDdUNJK
Ly+U+p2djC+IxfUtHH0XpYHxvhEEiW6+2PlwCuWcRPLjQUGx+boRxjD/sKKD/7+d
u627yZV9ylHch26X8c1W6CS/mHdoYXhy2PQsM2HAXaO5XXfYQdKXf/U5DxiMk0hX
zn1SL43G6H+ziRIxk+784/ET6CKIv7mBe00BvAk3lgrIAlb1Attay+Phlw0FW8pP
4iWqrpZsSx/T9hIfe2A5qILJdctS5s3kuBYGs0aDkEz9FBZlC6zhWGDhJrntV+qS
fKMYSnUb0FBqVg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:47:38 2026 by rpki-client