Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
File: CzVgh8IMejJUFv2oA8t289p5R6k.mft (raw, json)
Hash identifier: 8kk12cHdKBS6Z1J2I8YaLi33DBCmYLic9b9QwCSc/lw=
Subject key identifier: CF:7B:71:3E:92:AB:B0:1F:FE:FA:39:74:5C:98:6F:86:02:5E:12:90
Authority key identifier: 0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
Certificate issuer: /CN=0b356087c20c7a325416fda803cb76f3da7947a9
Certificate serial: 019D9B87F918D1037A3A4F6B905114C7C11C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
Manifest number: 064C
Signing time: Fri 17 Apr 2026 13:01:12 +0000
Manifest this update: Fri 17 Apr 2026 13:01:12 +0000
Manifest next update: Sat 18 Apr 2026 13:01:12 +0000
Files and hashes: 1: CzVgh8IMejJUFv2oA8t289p5R6k.crl (hash: k1l9i80qNqBrdYyGlzp/cN0iwliKiCTd3cB+NcWUbNI=)
2: dh9HELJ4HeZmOUN7AF9in9ZZ-Wk.roa (hash: QD9afYe9Euena6uMhuaF6GPrPcYje7bkgfG0gL/2Snw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:87:f9:18:d1:03:7a:3a:4f:6b:90:51:14:c7:c1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b356087c20c7a325416fda803cb76f3da7947a9
Validity
Not Before: Apr 17 13:01:12 2026 GMT
Not After : Apr 18 13:01:12 2026 GMT
Subject: CN=cf7b713e92abb01ffefa39745c986f86025e1290
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5c:ee:60:57:a3:3d:1d:8f:c0:c3:ef:a6:3d:
7a:58:87:a8:8c:b8:bd:b2:9b:3d:f4:20:cd:f5:ae:
12:04:41:8c:02:57:da:a4:c5:3d:03:e7:4f:e8:79:
fa:90:c8:76:55:ad:28:fd:77:b4:54:ca:1f:ff:b0:
54:80:34:94:64:7d:37:8b:04:30:99:18:4b:f4:ad:
77:27:2c:31:f0:16:e5:e9:c7:5e:72:86:17:0e:4e:
e3:90:5a:d2:60:cd:2d:e3:a8:db:cd:b5:5b:f8:7d:
1d:5c:fd:d5:9b:b7:d4:15:eb:e4:04:4a:ff:c7:8f:
63:f4:3c:ee:ca:d5:8b:f3:63:51:47:5f:d0:b8:a2:
8a:26:16:9f:aa:6f:ed:5b:d3:eb:1f:27:bc:4a:c1:
d9:ba:7e:4d:52:3f:b2:93:63:b7:66:88:af:6c:d7:
be:f5:b3:eb:a6:73:3a:bd:00:a8:8d:64:f8:77:3c:
78:59:9c:3d:e3:e2:12:a6:be:18:fc:68:74:cb:c1:
93:03:4d:e5:17:b7:bb:ea:c3:15:c7:be:a9:82:f0:
43:4d:21:85:d1:90:5f:d3:f3:61:bf:ed:36:79:41:
90:fb:de:fe:8c:e7:d1:ac:9f:77:65:9b:e9:71:2e:
b5:33:48:ef:d2:39:de:e9:77:06:54:21:e5:fd:9a:
c9:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:7B:71:3E:92:AB:B0:1F:FE:FA:39:74:5C:98:6F:86:02:5E:12:90
X509v3 Authority Key Identifier:
keyid:0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:fd:7b:2d:ed:8b:31:86:5f:38:34:91:7c:ee:8a:d6:15:ee:
fd:a2:00:7c:18:3e:2a:8d:16:3e:40:81:89:12:d7:a2:63:5b:
05:bd:fe:6c:7f:0d:f5:91:6a:22:b1:49:86:32:17:8d:2d:8a:
84:53:7e:bf:3f:a2:56:77:a5:7e:05:2f:e0:54:88:12:35:53:
55:59:a6:5b:45:7a:86:8d:ac:b9:0d:31:f0:63:4e:7d:2a:37:
0f:dc:f6:6d:78:13:fd:a8:b0:f8:f5:16:4b:84:d5:5f:6b:51:
28:f0:09:da:46:d7:57:78:18:e1:6a:b2:d2:87:d0:60:90:33:
d0:40:58:8f:6c:6d:44:f3:21:cd:9a:fd:47:1b:ad:ec:e1:bd:
9f:b0:1d:b8:4d:ba:74:78:8a:63:38:ee:42:1a:c0:c6:55:3a:
74:57:7f:33:9f:e3:57:11:75:b8:ce:5c:08:85:50:37:ad:d0:
6a:10:f3:a5:29:c1:bc:ac:41:fa:c4:3b:50:c6:03:9b:f0:22:
15:c0:c2:42:a5:ec:4a:e3:f2:35:e4:6f:8d:87:2f:ce:8e:0e:
9b:7c:bb:91:e8:86:5d:32:cc:1c:3c:5e:23:5f:38:04:b4:48:
be:ce:e8:06:c4:fa:d3:cf:39:8c:34:19:ea:02:c0:16:cf:74:
36:4c:08:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bh/kY0QN6Ok9rkFEUx8EcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMzU2MDg3YzIwYzdhMzI1NDE2ZmRhODAzY2I3NmYzZGE3
OTQ3YTkwHhcNMjYwNDE3MTMwMTEyWhcNMjYwNDE4MTMwMTEyWjAzMTEwLwYDVQQD
EyhjZjdiNzEzZTkyYWJiMDFmZmVmYTM5NzQ1Yzk4NmY4NjAyNWUxMjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVzuYFejPR2PwMPvpj16WIeojLi9
sps99CDN9a4SBEGMAlfapMU9A+dP6Hn6kMh2Va0o/Xe0VMof/7BUgDSUZH03iwQw
mRhL9K13Jywx8Bbl6cdecoYXDk7jkFrSYM0t46jbzbVb+H0dXP3Vm7fUFevkBEr/
x49j9DzuytWL82NRR1/QuKKKJhafqm/tW9PrHye8SsHZun5NUj+yk2O3ZoivbNe+
9bPrpnM6vQCojWT4dzx4WZw94+ISpr4Y/Gh0y8GTA03lF7e76sMVx76pgvBDTSGF
0ZBf0/Nhv+02eUGQ+97+jOfRrJ93ZZvpcS61M0jv0jne6XcGVCHl/ZrJrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM97cT6Sq7Af/vo5dFyYb4YCXhKQMB8GA1UdIwQY
MBaAFAs1YIfCDHoyVBb9qAPLdvPaeUepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAt
NTdlYWY4MzNhYjBiLzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAtNTdlYWY4MzNhYjBi
LzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/17Le2L
MYZfODSRfO6K1hXu/aIAfBg+Ko0WPkCBiRLXomNbBb3+bH8N9ZFqIrFJhjIXjS2K
hFN+vz+iVnelfgUv4FSIEjVTVVmmW0V6ho2suQ0x8GNOfSo3D9z2bXgT/aiw+PUW
S4TVX2tRKPAJ2kbXV3gY4Wqy0ofQYJAz0EBYj2xtRPMhzZr9Rxut7OG9n7AduE26
dHiKYzjuQhrAxlU6dFd/M5/jVxF1uM5cCIVQN63QahDzpSnBvKxB+sQ7UMYDm/Ai
FcDCQqXsSuPyNeRvjYcvzo4Om3y7keiGXTLMHDxeI184BLRIvs7oBsT60885jDQZ
6gLAFs90NkwInw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:39:12 2026 by rpki-client