Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
File: cnS17iqgd4rxMENYIlrGflUXCog.mft (raw, json)
Hash identifier: juATOIHB2t+5MD2bltrY76Cc8GGn0kkphThKaerVXmc=
Subject key identifier: 9D:58:D8:8E:49:AE:82:90:DD:0A:B4:E5:FB:F5:7E:BC:54:5E:7A:45
Authority key identifier: 72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
Certificate issuer: /CN=7274b5ee2aa0778af1304358225ac67e55170a88
Certificate serial: 019DA30A7F2B0DC870B82A394B2E525EF897
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
Manifest number: 0BF2
Signing time: Sun 19 Apr 2026 00:01:07 +0000
Manifest this update: Sun 19 Apr 2026 00:01:07 +0000
Manifest next update: Mon 20 Apr 2026 00:01:07 +0000
Files and hashes: 1: HBecOjtWbDhPtARPUUTLEgbUp6g.roa (hash: ZUGOFV89K06s4uTeXxt/3j8cGsfgNWnfAk2/FK+XmzA=)
2: cnS17iqgd4rxMENYIlrGflUXCog.crl (hash: szxrvJUnbVQLlwtBSjcYDU8OhGb8xfA3HPXzTzaRBsY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a3:0a:7f:2b:0d:c8:70:b8:2a:39:4b:2e:52:5e:f8:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7274b5ee2aa0778af1304358225ac67e55170a88
Validity
Not Before: Apr 19 00:01:07 2026 GMT
Not After : Apr 20 00:01:07 2026 GMT
Subject: CN=9d58d88e49ae8290dd0ab4e5fbf57ebc545e7a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b7:3b:dc:ac:e0:83:75:25:18:83:5f:b0:f6:
3b:ea:9f:1b:68:4e:c8:40:ee:53:3e:51:47:59:32:
75:da:47:d5:2f:7d:a0:fd:c5:de:64:f8:bd:78:5d:
36:33:65:5e:52:58:87:be:de:46:89:b7:ab:79:b0:
ef:1f:96:27:c3:f9:cf:39:b0:3b:6e:9e:44:05:41:
a2:d5:96:d4:fe:53:d2:89:86:ec:6e:c8:50:1e:8f:
8d:e0:b5:06:27:c2:5f:42:92:7a:b1:38:9e:85:88:
8f:49:4c:a6:14:3f:80:9e:4a:e0:0f:4a:dd:48:15:
26:73:c4:5d:3e:c2:83:09:29:e9:7f:f2:35:e8:5e:
50:40:ee:d5:22:10:49:f5:c3:4b:aa:24:8c:88:8a:
85:14:29:e3:b8:fa:17:80:b6:5c:25:06:d1:ab:27:
01:fa:c7:a6:b8:0a:7e:da:fd:91:a4:34:bb:bf:90:
f4:22:0d:92:1f:2f:17:51:5c:a0:17:b6:17:e8:84:
be:ea:2f:2f:c5:ac:2f:56:44:5d:7e:21:b3:0a:96:
62:82:87:cd:27:3d:e8:da:b3:cc:eb:88:9f:aa:51:
a2:d7:e8:9f:f9:54:3b:15:3d:f1:9e:49:49:d1:cb:
a3:53:50:ed:92:21:a0:a7:a6:e1:2a:14:16:3a:52:
f1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:58:D8:8E:49:AE:82:90:DD:0A:B4:E5:FB:F5:7E:BC:54:5E:7A:45
X509v3 Authority Key Identifier:
keyid:72:74:B5:EE:2A:A0:77:8A:F1:30:43:58:22:5A:C6:7E:55:17:0A:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cnS17iqgd4rxMENYIlrGflUXCog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8106c6-96e3-4856-8e53-69ebed17814a/1/cnS17iqgd4rxMENYIlrGflUXCog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:a7:e3:56:5c:b3:15:be:b7:09:24:c0:de:e3:9e:f0:31:e7:
40:78:79:7b:6f:65:92:41:9f:05:e1:04:d9:32:8a:d6:58:dc:
8b:1f:91:08:4b:62:0e:98:46:78:49:85:c6:53:d4:cd:2a:a9:
c5:e1:2d:4c:cb:f6:30:60:d6:8b:d5:07:d1:ef:ec:01:89:65:
76:85:ba:12:66:61:86:23:ef:2e:04:01:4c:ea:fd:15:b9:30:
98:5b:c2:65:ef:91:70:8f:90:bd:a1:e2:36:c9:70:32:f8:39:
ca:7a:eb:63:56:7e:62:ab:d8:75:45:2e:9b:c3:c7:9e:69:fb:
20:b5:2b:52:1b:c9:ba:a9:54:e1:63:51:90:e1:dd:fb:49:8b:
33:81:08:69:11:41:34:5d:f6:d5:62:e7:a9:f3:d9:1c:30:27:
83:34:9b:36:2a:de:21:39:99:88:28:17:e6:ff:a1:ad:e4:e0:
ef:cf:86:bc:ee:f9:97:58:e4:ac:cd:3f:92:e9:77:c7:1a:32:
11:89:7f:57:f7:8b:7b:a5:77:40:9b:19:0d:42:21:26:f1:55:
b7:4f:73:72:55:53:22:f6:02:16:bf:4f:cf:5d:09:74:5e:b0:
72:01:28:95:f5:37:31:62:b7:84:4e:c6:b9:1b:db:1c:e3:ec:
04:c6:e4:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2jCn8rDchwuCo5Sy5SXviXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNzRiNWVlMmFhMDc3OGFmMTMwNDM1ODIyNWFjNjdlNTUx
NzBhODgwHhcNMjYwNDE5MDAwMTA3WhcNMjYwNDIwMDAwMTA3WjAzMTEwLwYDVQQD
Eyg5ZDU4ZDg4ZTQ5YWU4MjkwZGQwYWI0ZTVmYmY1N2ViYzU0NWU3YTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbc73Kzgg3UlGINfsPY76p8baE7I
QO5TPlFHWTJ12kfVL32g/cXeZPi9eF02M2VeUliHvt5GiberebDvH5Ynw/nPObA7
bp5EBUGi1ZbU/lPSiYbsbshQHo+N4LUGJ8JfQpJ6sTiehYiPSUymFD+AnkrgD0rd
SBUmc8RdPsKDCSnpf/I16F5QQO7VIhBJ9cNLqiSMiIqFFCnjuPoXgLZcJQbRqycB
+semuAp+2v2RpDS7v5D0Ig2SHy8XUVygF7YX6IS+6i8vxawvVkRdfiGzCpZigofN
Jz3o2rPM64ifqlGi1+if+VQ7FT3xnklJ0cujU1DtkiGgp6bhKhQWOlLxqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ1Y2I5JroKQ3Qq05fv1frxUXnpFMB8GA1UdIwQY
MBaAFHJ0te4qoHeK8TBDWCJaxn5VFwqIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMt
NjllYmVkMTc4MTRhLzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi84MTA2YzYtOTZlMy00ODU2LThlNTMtNjllYmVkMTc4MTRh
LzEvY25TMTdpcWdkNHJ4TUVOWUlsckdmbFVYQ29nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxKfjVlyz
Fb63CSTA3uOe8DHnQHh5e29lkkGfBeEE2TKK1ljcix+RCEtiDphGeEmFxlPUzSqp
xeEtTMv2MGDWi9UH0e/sAYlldoW6EmZhhiPvLgQBTOr9FbkwmFvCZe+RcI+QvaHi
NslwMvg5ynrrY1Z+YqvYdUUum8PHnmn7ILUrUhvJuqlU4WNRkOHd+0mLM4EIaRFB
NF321WLnqfPZHDAngzSbNireITmZiCgX5v+hreTg78+GvO75l1jkrM0/kul3xxoy
EYl/V/eLe6V3QJsZDUIhJvFVt09zclVTIvYCFr9Pz10JdF6wcgEolfU3MWK3hE7G
uRvbHOPsBMbkuA==
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:18:51 2026 by rpki-client