Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
File: cHl9sHv21Fl6wtyL40-JKYAI8s0.mft (raw, json)
Hash identifier: aJ12TGLKIwwe1H3Bv/UMg5NqeiTz1I8taUfi4R9NAXM=
Subject key identifier: 5A:B8:2C:C5:87:3E:9D:46:F3:DC:E1:DF:0F:58:33:AC:AE:BF:A0:ED
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 019CAD909D50D5D1203F28C57F353FD22ED7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
Manifest number: 184D
Signing time: Mon 02 Mar 2026 08:01:01 +0000
Manifest this update: Mon 02 Mar 2026 08:01:01 +0000
Manifest next update: Tue 03 Mar 2026 08:01:01 +0000
Files and hashes: 1: cAt58g0xkrFHt9-N3ZykhWH0ReM.roa (hash: zJIgtJYw+ptpKpZht1FAofTALod8Sw1aXf2YLrLjs1s=)
2: cHl9sHv21Fl6wtyL40-JKYAI8s0.crl (hash: AmR/GUTElDoALRyEZUhWoqmbca8EiTrAo4EmiLZ6+As=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:90:9d:50:d5:d1:20:3f:28:c5:7f:35:3f:d2:2e:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Mar 2 08:01:01 2026 GMT
Not After : Mar 3 08:01:01 2026 GMT
Subject: CN=5ab82cc5873e9d46f3dce1df0f5833acaebfa0ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:16:11:14:b9:3e:8b:46:77:4b:6f:20:c6:a4:
c4:ce:d8:3d:f9:85:d0:86:2f:f9:3a:b2:ea:7d:97:
1e:58:89:94:49:ec:d8:d9:94:8e:e5:51:75:e6:ad:
65:69:1a:85:41:50:2b:b0:86:70:cd:74:57:c2:49:
4d:83:b7:aa:f9:ec:f3:79:6c:6b:47:0b:a6:cf:6c:
5b:3b:02:19:e5:0b:d7:fe:4c:73:79:be:32:05:d3:
f1:86:85:49:3b:c9:81:a6:83:48:ce:02:e1:88:dc:
62:08:52:f6:47:c2:dc:6e:e1:b5:4d:4f:da:ed:bf:
13:67:7c:8d:80:1f:ef:5d:11:b1:3e:31:e5:49:8f:
6b:92:dd:ae:5e:ff:c7:04:fc:69:d8:1f:2f:82:6e:
ed:5e:7b:e1:f1:bc:4d:8f:54:fd:ee:21:66:c3:9c:
22:2f:05:c2:f7:e5:c5:d5:3e:24:43:0e:51:de:da:
e8:38:98:8f:fd:4c:18:37:82:bb:b3:73:89:3d:23:
9e:c0:45:2c:23:9f:98:63:17:82:27:2d:52:16:aa:
5c:90:5d:c4:40:36:ae:be:25:da:de:da:13:bb:bf:
43:77:2e:17:ba:e4:c7:15:8b:1f:b4:e2:6d:f0:93:
80:62:99:90:3a:44:d6:7a:38:1e:dd:ce:ca:ba:43:
5b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B8:2C:C5:87:3E:9D:46:F3:DC:E1:DF:0F:58:33:AC:AE:BF:A0:ED
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:68:b4:8c:0e:f7:2e:07:73:9d:cc:af:40:95:43:93:1e:a1:
90:21:72:ba:3f:ae:3e:9b:92:f7:1c:03:12:c6:4a:ea:68:0f:
c1:64:8d:7f:bf:a3:4f:59:1d:4c:3f:f7:b9:2d:fe:73:3c:51:
6b:d3:7f:3b:51:1c:56:c6:06:91:7c:ca:ac:e4:02:a3:ac:7f:
6f:4a:4a:c6:15:df:b0:9c:f2:ca:b7:04:91:bb:83:0b:1e:ae:
9b:d7:c1:8a:4d:fa:3d:1f:b4:dd:b3:a2:bd:5b:f4:72:d4:4a:
65:4b:4c:5c:98:2b:bc:52:d3:5b:9b:12:67:98:f7:d3:ee:c1:
b8:e1:69:27:9c:92:ae:b0:7d:1a:fc:35:8c:08:7c:29:67:71:
bc:7f:3a:e2:4a:67:1f:4d:db:ba:04:bd:3a:4d:99:dd:0c:f2:
5b:8c:7c:1e:ac:41:5c:4b:7d:0b:3b:e8:3d:15:8f:f3:10:c8:
0c:98:b1:f2:61:7b:4c:05:14:31:32:49:22:a4:35:e6:99:cd:
eb:2f:03:c9:02:6e:8b:5e:01:c0:5e:e8:4f:e3:84:f7:5f:ac:
87:d3:0f:42:c6:e0:d5:30:47:7d:ef:6a:ba:63:b6:56:33:64:
b6:03:fc:09:0c:30:c9:e0:4d:84:a0:2a:1e:a0:b9:64:b2:4f:
e8:ba:7e:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytkJ1Q1dEgPyjFfzU/0i7XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjYwMzAyMDgwMTAxWhcNMjYwMzAzMDgwMTAxWjAzMTEwLwYDVQQD
Eyg1YWI4MmNjNTg3M2U5ZDQ2ZjNkY2UxZGYwZjU4MzNhY2FlYmZhMGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthYRFLk+i0Z3S28gxqTEztg9+YXQ
hi/5OrLqfZceWImUSezY2ZSO5VF15q1laRqFQVArsIZwzXRXwklNg7eq+ezzeWxr
Rwumz2xbOwIZ5QvX/kxzeb4yBdPxhoVJO8mBpoNIzgLhiNxiCFL2R8LcbuG1TU/a
7b8TZ3yNgB/vXRGxPjHlSY9rkt2uXv/HBPxp2B8vgm7tXnvh8bxNj1T97iFmw5wi
LwXC9+XF1T4kQw5R3troOJiP/UwYN4K7s3OJPSOewEUsI5+YYxeCJy1SFqpckF3E
QDauviXa3toTu79Ddy4XuuTHFYsftOJt8JOAYpmQOkTWejge3c7KukNbQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFq4LMWHPp1G89zh3w9YM6yuv6DtMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGi0jA73
LgdzncyvQJVDkx6hkCFyuj+uPpuS9xwDEsZK6mgPwWSNf7+jT1kdTD/3uS3+czxR
a9N/O1EcVsYGkXzKrOQCo6x/b0pKxhXfsJzyyrcEkbuDCx6um9fBik36PR+03bOi
vVv0ctRKZUtMXJgrvFLTW5sSZ5j30+7BuOFpJ5ySrrB9Gvw1jAh8KWdxvH864kpn
H03bugS9Ok2Z3QzyW4x8HqxBXEt9CzvoPRWP8xDIDJix8mF7TAUUMTJJIqQ15pnN
6y8DyQJui14BwF7oT+OE91+sh9MPQsbg1TBHfe9qumO2VjNktgP8CQwwyeBNhKAq
HqC5ZLJP6Lp+FQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:34:31 2026 by rpki-client