Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft
File: cNvqB1PfCD5XgrufOAtdeZy3igY.mft (raw, json)
Hash identifier: frSIKffIr2fG7t9UGJNZdYhJ2kU+FH968JZ0615N/C8=
Subject key identifier: 5B:4A:E5:8D:1B:AE:86:C9:50:CF:18:36:A5:3C:B6:06:BE:47:5B:7C
Authority key identifier: 70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06
Certificate issuer: /CN=70dbea0753df083e5782bb9f380b5d799cb78a06
Certificate serial: 019CA9EAE4407DA209031FBA082D19D50E4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft
Manifest number: 17D9
Signing time: Sun 01 Mar 2026 15:01:09 +0000
Manifest this update: Sun 01 Mar 2026 15:01:09 +0000
Manifest next update: Mon 02 Mar 2026 15:01:09 +0000
Files and hashes: 1: YeLaacDEqyOHodEKhBUtu92hvRw.roa (hash: Ji1cHzcmwBaizYoDGG5KY1yTxLM1jIXJ3gtR7NQt17s=)
2: cNvqB1PfCD5XgrufOAtdeZy3igY.crl (hash: IbFRKxQfsEkfW3mCoohmGmK8PEFjziYyIHW6qyzztjA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:ea:e4:40:7d:a2:09:03:1f:ba:08:2d:19:d5:0e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70dbea0753df083e5782bb9f380b5d799cb78a06
Validity
Not Before: Mar 1 15:01:09 2026 GMT
Not After : Mar 2 15:01:09 2026 GMT
Subject: CN=5b4ae58d1bae86c950cf1836a53cb606be475b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:0e:12:2c:20:56:30:d2:79:87:7c:d8:5e:3b:
1d:3d:42:d5:db:26:e7:87:c5:cf:8c:55:b5:31:9d:
30:ca:27:9c:56:af:3a:de:10:aa:63:06:2a:8b:b0:
73:bc:7f:4b:29:10:a5:3c:4e:04:f9:2f:1e:ec:0e:
63:4d:8a:77:87:25:e3:af:d3:1d:7c:bc:64:65:b5:
3f:6f:3a:95:33:d9:f8:05:99:75:bc:b6:74:75:34:
14:4f:05:db:17:1c:97:8d:db:82:c1:e9:c4:36:59:
00:9b:a2:5d:bf:a2:e2:91:57:d7:05:09:66:6f:f2:
ab:35:e6:af:9c:2b:fe:8a:c2:17:7e:da:d3:9d:e2:
fe:57:97:6b:84:40:67:bb:f6:ed:8b:26:69:2a:e2:
ce:61:ac:78:57:da:d6:2b:bc:5c:b7:03:19:62:b0:
b1:f3:83:8c:1f:18:71:80:f1:81:81:d2:b0:f4:73:
90:48:fa:0b:21:1c:74:8e:a6:70:9a:87:85:95:5c:
4c:54:4e:e3:6e:72:31:40:f3:ba:98:c4:49:1f:9e:
a5:df:6d:a8:33:40:46:c1:3a:bd:1d:6c:54:c7:6f:
b9:33:8a:6f:64:d7:bc:e9:95:48:b1:71:0e:ba:22:
71:58:fa:53:49:a2:3f:1f:18:07:60:ac:7e:5e:cc:
f8:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:4A:E5:8D:1B:AE:86:C9:50:CF:18:36:A5:3C:B6:06:BE:47:5B:7C
X509v3 Authority Key Identifier:
keyid:70:DB:EA:07:53:DF:08:3E:57:82:BB:9F:38:0B:5D:79:9C:B7:8A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cNvqB1PfCD5XgrufOAtdeZy3igY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/deec2e-0cd6-4113-b2b9-2a0cf13173d8/1/cNvqB1PfCD5XgrufOAtdeZy3igY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:a0:65:ae:a0:d7:e8:b2:75:ef:0d:13:30:40:d9:d3:6b:2e:
eb:a1:74:b5:cf:3c:bb:25:74:ca:a8:7b:e8:57:6f:64:8a:a4:
31:f5:d7:e3:17:d7:e4:65:e6:1e:fb:06:02:f9:a3:b3:9e:bb:
ad:cb:a1:3d:e7:e2:9d:a2:1f:c2:a2:43:e3:99:f6:94:a3:8c:
92:0e:2f:e0:d9:8e:2d:68:7e:31:6e:8a:61:0d:a5:62:42:ec:
60:c2:6a:19:ac:8e:09:22:74:3c:fb:59:11:ec:66:ea:5d:48:
31:e6:af:81:4f:88:b3:a9:85:89:de:2e:c6:01:5e:2d:92:c6:
d0:9a:e0:20:c3:1d:d1:9f:f8:a9:56:70:63:19:d5:67:07:76:
b9:92:96:08:db:85:8b:3a:4d:60:77:8f:91:95:d5:56:88:cc:
da:21:a3:01:1b:c8:3a:59:e2:38:44:10:55:10:99:6a:72:7f:
b3:00:46:4b:18:98:e1:d7:5e:60:2f:73:20:5b:54:91:4b:75:
79:90:42:37:93:81:18:c6:54:33:f3:cf:47:a0:54:e2:e1:95:
93:eb:11:09:a8:b2:47:3f:73:48:ca:6b:36:a3:17:57:3c:54:
41:3f:24:53:cf:c2:e5:33:17:fb:22:59:50:09:40:97:27:5f:
81:17:f4:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyp6uRAfaIJAx+6CC0Z1Q5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZGJlYTA3NTNkZjA4M2U1NzgyYmI5ZjM4MGI1ZDc5OWNi
NzhhMDYwHhcNMjYwMzAxMTUwMTA5WhcNMjYwMzAyMTUwMTA5WjAzMTEwLwYDVQQD
Eyg1YjRhZTU4ZDFiYWU4NmM5NTBjZjE4MzZhNTNjYjYwNmJlNDc1YjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3w4SLCBWMNJ5h3zYXjsdPULV2ybn
h8XPjFW1MZ0wyiecVq863hCqYwYqi7BzvH9LKRClPE4E+S8e7A5jTYp3hyXjr9Md
fLxkZbU/bzqVM9n4BZl1vLZ0dTQUTwXbFxyXjduCwenENlkAm6Jdv6LikVfXBQlm
b/KrNeavnCv+isIXftrTneL+V5drhEBnu/btiyZpKuLOYax4V9rWK7xctwMZYrCx
84OMHxhxgPGBgdKw9HOQSPoLIRx0jqZwmoeFlVxMVE7jbnIxQPO6mMRJH56l322o
M0BGwTq9HWxUx2+5M4pvZNe86ZVIsXEOuiJxWPpTSaI/HxgHYKx+Xsz4zQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFtK5Y0brobJUM8YNqU8tga+R1t8MB8GA1UdIwQY
MBaAFHDb6gdT3wg+V4K7nzgLXXmct4oGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjkt
MmEwY2YxMzE3M2Q4LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9kZWVjMmUtMGNkNi00MTEzLWIyYjktMmEwY2YxMzE3M2Q4
LzEvY052cUIxUGZDRDVYZ3J1Zk9BdGRlWnkzaWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgqBlrqDX
6LJ17w0TMEDZ02su66F0tc88uyV0yqh76FdvZIqkMfXX4xfX5GXmHvsGAvmjs567
rcuhPefinaIfwqJD45n2lKOMkg4v4NmOLWh+MW6KYQ2lYkLsYMJqGayOCSJ0PPtZ
Eexm6l1IMeavgU+Is6mFid4uxgFeLZLG0JrgIMMd0Z/4qVZwYxnVZwd2uZKWCNuF
izpNYHePkZXVVojM2iGjARvIOlniOEQQVRCZanJ/swBGSxiY4ddeYC9zIFtUkUt1
eZBCN5OBGMZUM/PPR6BU4uGVk+sRCaiyRz9zSMprNqMXVzxUQT8kU8/C5TMX+yJZ
UAlAlydfgRf0rg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:41:20 2026 by rpki-client