Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
File: CWnLIVY-Ju22r7INHZLok6jduB0.mft (raw, json)
Hash identifier: 7T82dVDjZZNzzDRJstD07tLfxpszOKjLyedi2uwxNp8=
Subject key identifier: 95:22:B0:41:92:B1:A1:B5:E3:59:3B:78:9F:F0:CB:A6:C0:01:09:43
Authority key identifier: 09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
Certificate issuer: /CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Certificate serial: 019D9C62E9E5859B271CD0A6844EA5D3885B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
Manifest number: 0470
Signing time: Fri 17 Apr 2026 17:00:21 +0000
Manifest this update: Fri 17 Apr 2026 17:00:21 +0000
Manifest next update: Sat 18 Apr 2026 17:00:21 +0000
Files and hashes: 1: CWnLIVY-Ju22r7INHZLok6jduB0.crl (hash: HyFQgaUsrSNIibWmY2xUxJ5N8gkCSG9CVpSYhruj24w=)
2: rk1bcafZ-NbbUdZCLT9lMRUYm-I.roa (hash: 5haE3uSWqoSmkVp2C59/CSPiEElkrF1oivdNjZDrJeE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9c:62:e9:e5:85:9b:27:1c:d0:a6:84:4e:a5:d3:88:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0969cb21563e26edb6afb20d1d92e893a8ddb81d
Validity
Not Before: Apr 17 17:00:21 2026 GMT
Not After : Apr 18 17:00:21 2026 GMT
Subject: CN=9522b04192b1a1b5e3593b789ff0cba6c0010943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:16:6d:4a:c2:89:65:be:c9:02:35:29:2a:ed:
ed:ba:98:5e:03:c6:67:51:28:0b:cd:06:f2:44:67:
eb:71:35:80:53:da:e1:09:34:71:2d:05:6f:81:68:
37:5e:43:ab:ec:98:13:8b:39:50:15:f5:bb:6c:eb:
33:d5:1c:ae:e3:1c:81:6f:75:5f:13:93:33:b1:ad:
a0:b6:a9:e8:bc:5a:b4:6f:51:8d:17:9d:5d:d6:8a:
90:76:00:82:72:77:6f:d7:6b:7b:bb:63:ea:5c:4c:
c5:32:c6:11:73:72:3b:34:42:32:ac:f8:63:a2:e2:
52:76:53:af:4f:9b:9c:c7:c6:d8:ed:10:e0:4e:3a:
07:ba:ea:8d:49:8d:87:85:e1:ac:3b:c1:76:e5:8c:
5b:74:7d:ea:d8:1a:46:89:60:3c:29:79:31:83:d2:
ab:d8:4d:1c:1b:d7:c8:fb:31:ef:81:60:da:65:7d:
b8:34:8c:14:28:25:2d:1f:13:7a:e2:f5:1b:26:3c:
1f:67:40:28:59:04:53:6e:43:ca:94:a9:2f:f8:3b:
5d:22:3b:45:fe:74:a0:fb:16:04:84:bd:25:87:78:
7a:0d:c6:14:79:e1:d0:dc:26:a0:cf:e1:5b:a1:0f:
c2:41:fb:77:6a:26:9c:ff:67:4e:10:39:19:ae:7f:
45:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:22:B0:41:92:B1:A1:B5:E3:59:3B:78:9F:F0:CB:A6:C0:01:09:43
X509v3 Authority Key Identifier:
keyid:09:69:CB:21:56:3E:26:ED:B6:AF:B2:0D:1D:92:E8:93:A8:DD:B8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWnLIVY-Ju22r7INHZLok6jduB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7fe823-6ed7-4786-97b4-3600d02a6f0e/1/CWnLIVY-Ju22r7INHZLok6jduB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:1c:7f:9a:c8:9d:0b:4d:8a:13:01:e3:cc:5a:9d:2d:68:ae:
f2:cf:0e:47:d9:8f:a9:62:dd:f9:96:25:bc:92:d5:ea:f3:98:
1d:70:8f:be:4b:83:b0:b5:ce:5e:14:7c:bd:35:68:15:1e:70:
05:36:34:31:ac:20:cb:66:fa:72:50:fe:bc:ef:13:35:82:61:
38:bd:58:4f:04:61:36:0c:e5:57:62:21:90:4b:9c:12:30:7c:
f3:ee:0d:4f:d0:61:8a:cd:be:60:c0:70:78:2a:61:f0:43:ff:
8c:1d:03:a6:9c:d8:af:cb:92:d4:29:ab:64:d0:6d:8a:1a:ad:
a6:85:6f:0e:8a:c4:a3:bb:cd:86:75:ba:4f:b9:de:53:25:1e:
5b:5d:60:8f:fe:70:39:16:f2:50:55:25:57:14:c6:1a:ab:17:
78:44:d8:b5:73:8e:8e:21:c1:ae:c1:0e:fa:27:6b:ec:89:11:
f1:01:41:9b:72:ed:c5:f0:eb:8f:f0:1a:e1:12:6f:40:36:43:
9c:e9:62:3d:67:50:3a:de:af:e3:58:d2:1c:16:19:b3:f1:fd:
6c:1a:2d:2b:72:d5:73:7a:b9:1d:f3:91:4f:71:a3:8b:a7:d4:
25:b6:ab:18:ce:84:6e:a5:1b:3c:fa:52:7a:3f:ee:4a:95:9b:
30:bd:3d:3e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2cYunlhZsnHNCmhE6l04hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5NjljYjIxNTYzZTI2ZWRiNmFmYjIwZDFkOTJlODkzYThk
ZGI4MWQwHhcNMjYwNDE3MTcwMDIxWhcNMjYwNDE4MTcwMDIxWjAzMTEwLwYDVQQD
Eyg5NTIyYjA0MTkyYjFhMWI1ZTM1OTNiNzg5ZmYwY2JhNmMwMDEwOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RZtSsKJZb7JAjUpKu3tupheA8Zn
USgLzQbyRGfrcTWAU9rhCTRxLQVvgWg3XkOr7JgTizlQFfW7bOsz1Ryu4xyBb3Vf
E5Mzsa2gtqnovFq0b1GNF51d1oqQdgCCcndv12t7u2PqXEzFMsYRc3I7NEIyrPhj
ouJSdlOvT5ucx8bY7RDgTjoHuuqNSY2HheGsO8F25YxbdH3q2BpGiWA8KXkxg9Kr
2E0cG9fI+zHvgWDaZX24NIwUKCUtHxN64vUbJjwfZ0AoWQRTbkPKlKkv+DtdIjtF
/nSg+xYEhL0lh3h6DcYUeeHQ3Cagz+FboQ/CQft3aiac/2dOEDkZrn9FJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJUisEGSsaG141k7eJ/wy6bAAQlDMB8GA1UdIwQY
MBaAFAlpyyFWPibttq+yDR2S6JOo3bgdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQt
MzYwMGQwMmE2ZjBlLzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZmU4MjMtNmVkNy00Nzg2LTk3YjQtMzYwMGQwMmE2ZjBl
LzEvQ1duTElWWS1KdTIycjdJTkhaTG9rNmpkdUIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiRx/msid
C02KEwHjzFqdLWiu8s8OR9mPqWLd+ZYlvJLV6vOYHXCPvkuDsLXOXhR8vTVoFR5w
BTY0Mawgy2b6clD+vO8TNYJhOL1YTwRhNgzlV2IhkEucEjB88+4NT9Bhis2+YMBw
eCph8EP/jB0DppzYr8uS1CmrZNBtihqtpoVvDorEo7vNhnW6T7neUyUeW11gj/5w
ORbyUFUlVxTGGqsXeETYtXOOjiHBrsEO+idr7IkR8QFBm3LtxfDrj/Aa4RJvQDZD
nOliPWdQOt6v41jSHBYZs/H9bBotK3LVc3q5HfORT3Gji6fUJbarGM6EbqUbPPpS
ej/uSpWbML09Pg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 20:47:25 2026 by rpki-client