Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
File: cBKlLoiwGDLPDuN8zath3s59EsY.mft (raw, json)
Hash identifier: 7SfzNvBaHaqZ5Osv6EmNgdzJ2RK3qaDDQMJRi7VvYGo=
Subject key identifier: 35:68:E0:C1:FE:CA:E6:02:05:E9:27:96:DD:64:1F:92:AE:AF:CF:CE
Authority key identifier: 70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
Certificate issuer: /CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Certificate serial: 019CAA8FB24A6FC13EEDB6C61195794E0D0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
Manifest number: 0CC7
Signing time: Sun 01 Mar 2026 18:01:09 +0000
Manifest this update: Sun 01 Mar 2026 18:01:09 +0000
Manifest next update: Mon 02 Mar 2026 18:01:09 +0000
Files and hashes: 1: SNdVrzFoTGYFoAaQRYv8cJ6F2H0.roa (hash: MfCh5miyV4l1WaY/F5DKyibenGShF9S2TLmog0i5DGQ=)
2: cBKlLoiwGDLPDuN8zath3s59EsY.crl (hash: raXrVdgyQb20Va2L9mRXurFb3Nkq3f38JYYZg5uS1UI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:b2:4a:6f:c1:3e:ed:b6:c6:11:95:79:4e:0d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7012a52e88b01832cf0ee37ccdab61dece7d12c6
Validity
Not Before: Mar 1 18:01:09 2026 GMT
Not After : Mar 2 18:01:09 2026 GMT
Subject: CN=3568e0c1fecae60205e92796dd641f92aeafcfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:44:27:b1:f6:cb:db:a6:a6:a2:49:55:6f:58:
c9:ad:6a:5d:e1:b6:f9:f3:e1:a5:fb:f3:13:fe:1d:
89:55:50:a7:e8:f1:53:4b:87:7c:38:ff:04:76:6e:
03:8b:23:4e:24:f1:7f:18:fb:13:99:b4:d1:49:e0:
25:24:e7:a6:19:dc:97:80:80:97:0c:6b:d1:9b:9b:
d5:2a:4c:dc:73:91:4f:d0:53:e4:4c:53:39:de:1d:
b7:85:c5:7b:51:47:99:6e:e8:2d:db:03:87:00:6f:
9d:66:02:02:06:f9:52:32:92:10:da:13:3d:5e:65:
3b:26:2b:69:a8:8d:c6:8d:2d:a5:13:49:7c:f3:ea:
30:d0:93:39:46:97:57:b5:7f:43:cc:c4:5b:95:42:
5c:29:26:d3:ce:c4:35:07:51:04:c2:a8:e2:df:5d:
42:fa:ee:a1:08:ad:2f:ed:16:0e:aa:0f:9e:8f:58:
60:1a:4f:85:5e:ac:13:2c:1a:64:e0:fc:a3:02:9e:
77:95:f6:cd:72:02:95:a0:9d:5e:39:86:98:6f:2b:
b3:c3:ca:0d:5f:92:df:bd:b2:64:49:81:34:5d:1a:
da:54:36:7c:1c:d8:95:41:a9:89:fe:ea:68:df:22:
7f:c6:02:53:89:c4:16:2b:9c:67:29:29:64:af:c5:
d3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:68:E0:C1:FE:CA:E6:02:05:E9:27:96:DD:64:1F:92:AE:AF:CF:CE
X509v3 Authority Key Identifier:
keyid:70:12:A5:2E:88:B0:18:32:CF:0E:E3:7C:CD:AB:61:DE:CE:7D:12:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cBKlLoiwGDLPDuN8zath3s59EsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/0e545b-443f-4cfb-8c28-3201b87f1490/1/cBKlLoiwGDLPDuN8zath3s59EsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:fc:88:b2:fc:01:d9:10:37:87:63:81:01:b5:4f:b1:1c:a6:
94:0b:bf:33:da:88:ef:2b:1f:d3:62:30:a5:02:5f:b8:15:d7:
e1:fd:0b:10:e2:4b:d8:85:bd:94:d7:e9:8e:ad:3b:1a:b2:ac:
bd:d6:13:05:2c:b3:02:c4:32:0b:2a:cb:c4:06:fe:17:d3:56:
61:68:68:e7:2c:2c:7a:57:63:06:da:2f:06:08:dc:a9:fd:0d:
ed:db:73:11:a4:b5:ad:3c:8f:78:ee:a8:e3:9b:e0:04:46:53:
e1:05:2b:b0:d1:c5:95:97:03:89:cf:99:77:71:23:b9:0d:31:
ed:be:e9:0b:a7:4a:ba:e5:99:6b:c6:33:bb:c0:68:69:01:ce:
a9:a2:2c:dc:85:8f:07:59:f4:8e:d8:0e:76:58:49:63:9b:6b:
79:76:ab:02:29:a2:c1:22:07:41:fa:6e:9e:73:20:15:6b:a3:
38:82:96:18:74:a9:44:4d:18:9b:80:c8:3a:95:09:4d:f1:c7:
b0:c5:e3:cb:14:c3:e7:93:af:6d:6d:db:13:5d:1b:9b:5c:1d:
37:78:1d:41:3c:7a:f8:5a:58:76:7e:20:5d:a9:f0:1a:5f:21:
bc:61:f1:32:38:7c:75:d9:59:9d:9a:21:14:fb:31:f9:3d:44:
84:ab:0e:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj7JKb8E+7bbGEZV5Tg0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwMTJhNTJlODhiMDE4MzJjZjBlZTM3Y2NkYWI2MWRlY2U3
ZDEyYzYwHhcNMjYwMzAxMTgwMTA5WhcNMjYwMzAyMTgwMTA5WjAzMTEwLwYDVQQD
EygzNTY4ZTBjMWZlY2FlNjAyMDVlOTI3OTZkZDY0MWY5MmFlYWZjZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukQnsfbL26amoklVb1jJrWpd4bb5
8+Gl+/MT/h2JVVCn6PFTS4d8OP8Edm4DiyNOJPF/GPsTmbTRSeAlJOemGdyXgICX
DGvRm5vVKkzcc5FP0FPkTFM53h23hcV7UUeZbugt2wOHAG+dZgICBvlSMpIQ2hM9
XmU7JitpqI3GjS2lE0l88+ow0JM5RpdXtX9DzMRblUJcKSbTzsQ1B1EEwqji311C
+u6hCK0v7RYOqg+ej1hgGk+FXqwTLBpk4PyjAp53lfbNcgKVoJ1eOYaYbyuzw8oN
X5LfvbJkSYE0XRraVDZ8HNiVQamJ/upo3yJ/xgJTicQWK5xnKSlkr8XTHwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDVo4MH+yuYCBeknlt1kH5Kur8/OMB8GA1UdIwQY
MBaAFHASpS6IsBgyzw7jfM2rYd7OfRLGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgt
MzIwMWI4N2YxNDkwLzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wZTU0NWItNDQzZi00Y2ZiLThjMjgtMzIwMWI4N2YxNDkw
LzEvY0JLbExvaXdHRExQRHVOOHphdGgzczU5RXNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPfyIsvwB
2RA3h2OBAbVPsRymlAu/M9qI7ysf02IwpQJfuBXX4f0LEOJL2IW9lNfpjq07GrKs
vdYTBSyzAsQyCyrLxAb+F9NWYWho5ywseldjBtovBgjcqf0N7dtzEaS1rTyPeO6o
45vgBEZT4QUrsNHFlZcDic+Zd3EjuQ0x7b7pC6dKuuWZa8Yzu8BoaQHOqaIs3IWP
B1n0jtgOdlhJY5treXarAimiwSIHQfpunnMgFWujOIKWGHSpRE0Ym4DIOpUJTfHH
sMXjyxTD55OvbW3bE10bm1wdN3gdQTx6+FpYdn4gXanwGl8hvGHxMjh8ddlZnZoh
FPsx+T1EhKsOyA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:07:27 2026 by rpki-client