Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
File: kOszbVYE1HuugXI4sNu0l3HiRyk.mft (raw, json)
Hash identifier: 5ImZWLC17vEI5D6JYnMEqziChY16HFLjKqUzqDRTemw=
Subject key identifier: CF:C8:4D:88:C4:D5:7E:D7:59:F5:BE:4C:73:54:C4:17:90:CD:2E:0E
Authority key identifier: 90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29
Certificate issuer: /CN=90eb336d5604d47bae817238b0dbb49771e24729
Certificate serial: 019CAE359A23BC38539BB88C7F9184CCC535
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
Manifest number: 1848
Signing time: Mon 02 Mar 2026 11:01:14 +0000
Manifest this update: Mon 02 Mar 2026 11:01:14 +0000
Manifest next update: Tue 03 Mar 2026 11:01:14 +0000
Files and hashes: 1: kOszbVYE1HuugXI4sNu0l3HiRyk.crl (hash: m9orXvs5iVMqvyU0h5b4F86C3Xmlydc9d2BKvhKqtzc=)
2: mKOuhDb0lNg_dJ83TTrmFYMNIeA.roa (hash: Om4b1zrUyorfRjmzpKplEidWPKteQvqXZcg+Z0i4g3Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:9a:23:bc:38:53:9b:b8:8c:7f:91:84:cc:c5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90eb336d5604d47bae817238b0dbb49771e24729
Validity
Not Before: Mar 2 11:01:14 2026 GMT
Not After : Mar 3 11:01:14 2026 GMT
Subject: CN=cfc84d88c4d57ed759f5be4c7354c41790cd2e0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:96:82:b0:02:de:86:30:f6:e5:3f:fb:3d:
b4:55:f1:21:c5:01:e9:6f:0c:fc:6c:c6:29:44:4e:
03:58:00:5a:af:ac:cc:98:e5:b6:6d:73:3d:ba:bf:
70:e0:69:d5:8a:a5:08:48:3f:d4:83:de:f8:99:b8:
40:9f:ef:f2:63:14:2f:a0:ac:f1:5b:80:22:46:b1:
7e:2a:dd:ee:0b:09:8f:03:31:14:46:58:99:c2:c6:
22:27:93:fb:91:f7:cd:b1:49:1d:0e:b3:10:69:4f:
e3:62:ba:4a:84:e4:99:fc:c4:51:6c:b0:28:69:cd:
fb:b5:55:3e:2b:26:f0:d9:97:e0:23:05:a8:c5:53:
93:23:36:70:a1:8f:d7:f7:98:d6:96:0e:e3:04:f6:
10:8a:34:28:07:a6:f4:cc:9d:30:33:7e:76:2a:b1:
2e:95:f7:32:d2:25:3d:4a:a3:a2:0d:74:cf:6b:87:
15:d3:75:4d:21:83:c0:f6:04:9b:07:e1:ee:b1:60:
10:11:8f:6c:e6:b1:16:0b:62:06:91:4e:59:c5:38:
02:84:8d:5b:31:b8:19:9d:ca:ad:9a:a0:c8:a0:44:
9e:c5:68:9a:c4:52:6b:b5:d6:6c:ad:71:a9:74:67:
d9:48:af:40:1d:fd:82:96:3d:f2:e7:64:f6:79:4e:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C8:4D:88:C4:D5:7E:D7:59:F5:BE:4C:73:54:C4:17:90:CD:2E:0E
X509v3 Authority Key Identifier:
keyid:90:EB:33:6D:56:04:D4:7B:AE:81:72:38:B0:DB:B4:97:71:E2:47:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kOszbVYE1HuugXI4sNu0l3HiRyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/1e7d2e-1a62-4421-b71b-b119274ad654/1/kOszbVYE1HuugXI4sNu0l3HiRyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:11:e8:db:e9:3e:43:c6:fa:31:ec:45:2b:58:47:a5:6a:94:
69:73:6e:45:d5:2a:ec:86:e3:a9:6f:f2:d8:d2:d0:6f:06:ee:
00:1d:50:71:27:13:71:e6:1b:93:a6:02:80:e7:bc:28:79:6b:
09:e4:6d:82:bd:47:f0:a1:96:76:f4:c8:1d:b3:25:de:e6:74:
0d:7d:5c:07:1b:f1:d8:06:b8:4f:5e:01:84:e6:4b:56:b0:ef:
39:60:40:3f:7d:c3:a0:14:6f:1c:a9:c2:79:58:99:c6:cc:ed:
f9:40:4d:58:3a:ea:d9:15:a0:27:a0:04:5c:63:22:de:00:fb:
ef:c7:fd:86:e0:5a:ee:38:7b:ed:2a:51:6e:8f:9e:b9:e8:e1:
95:cf:72:ab:06:da:0c:91:3d:c4:9b:88:1f:bb:73:17:27:db:
15:29:b8:5d:cd:89:ad:16:57:ba:89:73:7c:5f:2b:4a:1f:34:
d6:3c:ac:bc:6a:8d:dc:18:6e:d7:2b:5f:82:49:1f:8f:80:2b:
ea:1d:26:23:bb:0b:88:aa:b9:b8:84:89:84:a2:14:ce:5c:63:
da:89:a9:71:fb:2a:51:77:4c:8b:39:c9:dd:30:a4:d6:94:f8:
60:de:7c:4b:a4:90:a0:d3:31:f2:a0:60:af:44:2e:f2:36:bf:
65:c0:e9:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNZojvDhTm7iMf5GEzMU1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZWIzMzZkNTYwNGQ0N2JhZTgxNzIzOGIwZGJiNDk3NzFl
MjQ3MjkwHhcNMjYwMzAyMTEwMTE0WhcNMjYwMzAzMTEwMTE0WjAzMTEwLwYDVQQD
EyhjZmM4NGQ4OGM0ZDU3ZWQ3NTlmNWJlNGM3MzU0YzQxNzkwY2QyZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/mWgrAC3oYw9uU/+z20VfEhxQHp
bwz8bMYpRE4DWABar6zMmOW2bXM9ur9w4GnViqUISD/Ug974mbhAn+/yYxQvoKzx
W4AiRrF+Kt3uCwmPAzEURliZwsYiJ5P7kffNsUkdDrMQaU/jYrpKhOSZ/MRRbLAo
ac37tVU+Kybw2ZfgIwWoxVOTIzZwoY/X95jWlg7jBPYQijQoB6b0zJ0wM352KrEu
lfcy0iU9SqOiDXTPa4cV03VNIYPA9gSbB+HusWAQEY9s5rEWC2IGkU5ZxTgChI1b
MbgZncqtmqDIoESexWiaxFJrtdZsrXGpdGfZSK9AHf2Clj3y52T2eU4MjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM/ITYjE1X7XWfW+THNUxBeQzS4OMB8GA1UdIwQY
MBaAFJDrM21WBNR7roFyOLDbtJdx4kcpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWIt
YjExOTI3NGFkNjU0LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xZTdkMmUtMWE2Mi00NDIxLWI3MWItYjExOTI3NGFkNjU0
LzEva09zemJWWUUxSHV1Z1hJNHNOdTBsM0hpUnlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAihHo2+k+
Q8b6MexFK1hHpWqUaXNuRdUq7IbjqW/y2NLQbwbuAB1QcScTceYbk6YCgOe8KHlr
CeRtgr1H8KGWdvTIHbMl3uZ0DX1cBxvx2Aa4T14BhOZLVrDvOWBAP33DoBRvHKnC
eViZxszt+UBNWDrq2RWgJ6AEXGMi3gD778f9huBa7jh77SpRbo+euejhlc9yqwba
DJE9xJuIH7tzFyfbFSm4Xc2JrRZXuolzfF8rSh801jysvGqN3Bhu1ytfgkkfj4Ar
6h0mI7sLiKq5uISJhKIUzlxj2ompcfsqUXdMiznJ3TCk1pT4YN58S6SQoNMx8qBg
r0Qu8ja/ZcDpwA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:38:49 2026 by rpki-client