Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.mft
File: CbtjJ836FlJNx9AzcTivMl-14tk.mft (raw, json)
Hash identifier: eM6mWbhexh0EGEykfIoTfISL+GrvviJtnASESAkDCZo=
Subject key identifier: 8B:97:5C:F2:06:AA:73:BF:0C:6E:ED:69:5D:73:C0:3F:15:ED:F8:A4
Authority key identifier: 09:BB:63:27:CD:FA:16:52:4D:C7:D0:33:71:38:AF:32:5F:B5:E2:D9
Certificate issuer: /CN=09bb6327cdfa16524dc7d0337138af325fb5e2d9
Certificate serial: 019DA45369E154DADED0DCAD1065172C93C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbtjJ836FlJNx9AzcTivMl-14tk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.mft
Manifest number: 168B
Signing time: Sun 19 Apr 2026 06:00:23 +0000
Manifest this update: Sun 19 Apr 2026 06:00:23 +0000
Manifest next update: Mon 20 Apr 2026 06:00:23 +0000
Files and hashes: 1: CbtjJ836FlJNx9AzcTivMl-14tk.crl (hash: Jng+pTB8MZ87xxeJrlyNrLsvNoxwrghz8nhGgIaz5Xs=)
2: xAAFr_8pM0qHutXKz5bJzNuOHSs.roa (hash: mrqi/YUBSl2ewfWvM3J/1CATw90lWobMjcJ1JqVQVtQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CbtjJ836FlJNx9AzcTivMl-14tk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a4:53:69:e1:54:da:de:d0:dc:ad:10:65:17:2c:93:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09bb6327cdfa16524dc7d0337138af325fb5e2d9
Validity
Not Before: Apr 19 06:00:23 2026 GMT
Not After : Apr 20 06:00:23 2026 GMT
Subject: CN=8b975cf206aa73bf0c6eed695d73c03f15edf8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0d:1b:c4:a9:72:f1:f3:50:a0:39:d1:db:a0:
06:bf:8b:06:04:f7:f0:b8:df:3b:00:c8:4e:5e:05:
c9:cb:99:cc:c5:81:cb:6a:87:e6:36:b7:dc:32:74:
e9:cb:9b:8b:27:37:f5:e4:11:f5:7b:3e:4e:88:32:
eb:33:7e:29:af:dd:b3:58:ff:13:9f:2a:74:dc:0c:
76:89:1b:b8:78:ba:5a:48:45:5c:f4:f3:d0:df:c0:
e6:a0:fa:58:05:c1:41:38:08:fb:2f:12:40:25:e3:
f9:19:96:f6:b3:dc:73:2a:7a:fe:a0:1a:be:bc:49:
5c:5f:3d:98:a7:a9:4c:b7:0a:ee:08:64:a9:52:22:
7e:b7:05:9e:ce:ed:11:92:08:a7:cc:7a:43:67:36:
d7:ed:f8:85:5d:23:ec:16:4c:5d:cd:61:e7:b1:24:
7f:20:70:6e:70:ab:9b:50:e3:c1:20:29:6c:42:03:
28:91:26:d4:96:8a:59:96:ee:85:63:51:9b:54:2f:
0c:27:39:2b:37:27:c0:07:08:d6:ea:ea:bc:23:4b:
83:e5:6b:8e:7f:51:0e:60:52:2a:c7:ab:75:04:60:
c3:83:52:ac:dc:e8:7f:33:f2:b7:7c:a9:67:61:d4:
9c:1a:ae:1c:1c:00:76:ac:ae:4c:16:90:0b:b1:68:
f8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:97:5C:F2:06:AA:73:BF:0C:6E:ED:69:5D:73:C0:3F:15:ED:F8:A4
X509v3 Authority Key Identifier:
keyid:09:BB:63:27:CD:FA:16:52:4D:C7:D0:33:71:38:AF:32:5F:B5:E2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbtjJ836FlJNx9AzcTivMl-14tk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/fffde1-9d87-4408-acc2-e7360323303c/1/CbtjJ836FlJNx9AzcTivMl-14tk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:da:63:e3:e8:0c:88:17:ce:66:28:f4:ef:08:aa:cd:a2:9e:
df:42:81:f0:29:2e:ab:6a:01:7f:c7:7a:72:24:36:24:b4:3d:
94:4a:d1:6d:bb:7f:a5:3f:bc:e7:ed:0f:7c:e2:0f:e0:f2:d4:
75:bf:35:12:e7:17:b1:6d:c9:44:76:66:2c:cd:a9:68:3e:af:
49:77:1a:33:77:23:f2:29:15:08:26:1c:5d:a2:0c:25:0e:90:
90:83:0c:25:0c:a1:8e:6b:80:41:67:f0:4b:89:c4:fc:ac:4c:
20:b9:02:2d:77:e7:0a:af:b3:65:29:93:c1:1d:9a:44:c3:14:
db:0e:65:46:85:a8:d9:74:5f:22:95:f5:76:72:65:dd:e1:f4:
11:bd:d3:dd:61:36:16:a1:b4:e5:e9:e0:6a:60:64:f5:26:b3:
e0:66:1a:c4:1e:29:f2:f3:0d:95:25:a3:f7:ca:1a:d9:66:64:
57:63:fa:36:28:15:2a:be:30:3d:11:2f:05:87:57:0d:5d:7e:
fc:b5:4d:78:7a:34:4e:ac:57:76:11:33:2e:9f:d7:16:cb:f2:
29:12:e8:d5:59:08:20:bf:7f:9b:1c:36:21:cb:bb:9e:2c:18:
75:20:4c:b5:78:09:c0:ec:83:97:42:32:6f:c6:31:3a:e5:7e:
4e:87:55:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2kU2nhVNre0NytEGUXLJPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YmI2MzI3Y2RmYTE2NTI0ZGM3ZDAzMzcxMzhhZjMyNWZi
NWUyZDkwHhcNMjYwNDE5MDYwMDIzWhcNMjYwNDIwMDYwMDIzWjAzMTEwLwYDVQQD
Eyg4Yjk3NWNmMjA2YWE3M2JmMGM2ZWVkNjk1ZDczYzAzZjE1ZWRmOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQ0bxKly8fNQoDnR26AGv4sGBPfw
uN87AMhOXgXJy5nMxYHLaofmNrfcMnTpy5uLJzf15BH1ez5OiDLrM34pr92zWP8T
nyp03Ax2iRu4eLpaSEVc9PPQ38DmoPpYBcFBOAj7LxJAJeP5GZb2s9xzKnr+oBq+
vElcXz2Yp6lMtwruCGSpUiJ+twWezu0RkginzHpDZzbX7fiFXSPsFkxdzWHnsSR/
IHBucKubUOPBIClsQgMokSbUlopZlu6FY1GbVC8MJzkrNyfABwjW6uq8I0uD5WuO
f1EOYFIqx6t1BGDDg1Ks3Oh/M/K3fKlnYdScGq4cHAB2rK5MFpALsWj40QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIuXXPIGqnO/DG7taV1zwD8V7fikMB8GA1UdIwQY
MBaAFAm7YyfN+hZSTcfQM3E4rzJfteLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2J0ako4MzZGbEpOeDlBemNUaXZNbC0xNHRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9mZmZkZTEtOWQ4Ny00NDA4LWFjYzIt
ZTczNjAzMjMzMDNjLzEvQ2J0ako4MzZGbEpOeDlBemNUaXZNbC0xNHRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9mZmZkZTEtOWQ4Ny00NDA4LWFjYzItZTczNjAzMjMzMDNj
LzEvQ2J0ako4MzZGbEpOeDlBemNUaXZNbC0xNHRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYtpj4+gM
iBfOZij07wiqzaKe30KB8Ckuq2oBf8d6ciQ2JLQ9lErRbbt/pT+85+0PfOIP4PLU
db81EucXsW3JRHZmLM2paD6vSXcaM3cj8ikVCCYcXaIMJQ6QkIMMJQyhjmuAQWfw
S4nE/KxMILkCLXfnCq+zZSmTwR2aRMMU2w5lRoWo2XRfIpX1dnJl3eH0Eb3T3WE2
FqG05engamBk9Saz4GYaxB4p8vMNlSWj98oa2WZkV2P6NigVKr4wPREvBYdXDV1+
/LVNeHo0TqxXdhEzLp/XFsvyKRLo1VkIIL9/mxw2Icu7niwYdSBMtXgJwOyDl0Iy
b8YxOuV+TodVVg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:14:18 2026 by rpki-client