Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
File: CzVgh8IMejJUFv2oA8t289p5R6k.mft (raw, json)
Hash identifier: Qf0mLPXUeOSO9PfSSynOQVPb5zR86VIPLxsZnOP85rk=
Subject key identifier: BE:C2:38:FE:45:34:3C:AB:76:B7:A0:81:9B:79:30:8E:DB:CA:00:92
Authority key identifier: 0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
Certificate issuer: /CN=0b356087c20c7a325416fda803cb76f3da7947a9
Certificate serial: 019CADFE1E46728E2BC9B651BE780047C6CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
Manifest number: 05D1
Signing time: Mon 02 Mar 2026 10:00:38 +0000
Manifest this update: Mon 02 Mar 2026 10:00:38 +0000
Manifest next update: Tue 03 Mar 2026 10:00:38 +0000
Files and hashes: 1: CzVgh8IMejJUFv2oA8t289p5R6k.crl (hash: NFIoglPDm+neFvgvZo1zT5UkYXGI4DAHvQfLNq8P3Eo=)
2: dh9HELJ4HeZmOUN7AF9in9ZZ-Wk.roa (hash: QD9afYe9Euena6uMhuaF6GPrPcYje7bkgfG0gL/2Snw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:fe:1e:46:72:8e:2b:c9:b6:51:be:78:00:47:c6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b356087c20c7a325416fda803cb76f3da7947a9
Validity
Not Before: Mar 2 10:00:38 2026 GMT
Not After : Mar 3 10:00:38 2026 GMT
Subject: CN=bec238fe45343cab76b7a0819b79308edbca0092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:af:6a:44:9f:f6:47:ea:52:89:9a:36:0b:46:
0e:48:97:e7:62:29:eb:18:a9:2a:4d:74:48:50:f7:
6e:cb:3c:46:3a:b7:79:42:77:b5:e1:5c:84:39:d4:
e1:8b:df:50:d1:3e:e5:bd:c0:b2:a2:6f:18:9a:83:
56:08:d5:ba:2b:53:31:8e:f0:2e:4d:df:7b:86:3d:
05:1d:06:ae:5d:c9:77:92:99:e1:57:1f:b6:2e:d4:
9d:fe:ac:8e:e9:6b:bb:1b:01:48:9f:0f:8d:07:55:
f8:52:6f:e0:49:e4:04:36:a5:cb:f5:b6:4a:9a:d5:
fb:27:0d:4d:1d:dc:97:79:da:35:80:b3:07:70:df:
09:6d:70:69:e7:23:a6:65:c6:36:05:f2:31:e9:65:
33:b3:2a:ee:07:65:5d:bc:cc:c0:44:42:cc:bf:c1:
db:3c:ab:f5:ec:d4:68:ef:fb:9e:09:5e:e9:07:7e:
63:77:6f:c7:2f:c3:9f:aa:4f:d2:45:d8:96:2c:61:
0b:18:7f:bb:fa:ed:4d:f0:e2:d0:53:7e:6a:ae:f8:
d9:36:b3:cc:f8:3a:f8:fb:4a:8c:6b:fb:99:61:7a:
37:3c:9e:88:70:3d:b3:f4:4d:5d:6b:c7:f8:58:80:
33:ae:d1:d2:ce:19:fa:51:81:4b:b1:74:c4:6b:dc:
9f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:C2:38:FE:45:34:3C:AB:76:B7:A0:81:9B:79:30:8E:DB:CA:00:92
X509v3 Authority Key Identifier:
keyid:0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6e:77:2b:f3:d2:c0:91:bd:e0:c6:63:d4:16:89:ef:ae:a8:66:
df:8a:36:bf:49:e9:a0:56:4e:b4:e9:c0:2f:28:96:37:62:7d:
07:80:21:42:52:b8:cb:b2:32:b3:97:3d:5d:d9:a6:ad:c3:05:
07:25:46:e1:cf:99:65:6b:e1:ca:4c:2e:3f:56:fa:cb:2a:78:
aa:bd:40:aa:0b:a6:40:68:83:97:d1:be:fd:0f:b4:7b:f9:3f:
93:82:f8:31:8e:f5:b9:be:9c:b4:0d:04:e8:9c:37:4b:3f:3b:
bc:c2:1f:ea:de:30:85:cb:88:2c:3e:d1:fc:b6:2e:16:61:09:
a0:c1:e0:6b:ae:4a:bc:37:94:c9:dd:db:03:e4:73:5d:a9:f4:
3a:c2:43:b8:0e:00:3b:c8:57:87:1f:52:0f:27:55:64:df:5e:
d2:78:77:b2:62:09:58:c3:51:80:e8:77:da:d9:e1:28:03:a3:
a7:c7:a7:5a:bc:66:a5:63:0f:de:3d:b8:dd:c7:04:9b:38:a3:
bb:67:c7:a2:43:db:a8:6f:b4:a6:9f:0c:ec:5a:98:24:e5:34:
7f:1e:ee:24:d7:2e:45:fd:ad:f3:44:f8:25:69:16:8f:e0:47:
df:c6:8d:62:36:a2:90:8a:f9:bd:ef:50:43:e1:c6:77:1c:8f:
66:37:3f:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyt/h5Gco4rybZRvngAR8bMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMzU2MDg3YzIwYzdhMzI1NDE2ZmRhODAzY2I3NmYzZGE3
OTQ3YTkwHhcNMjYwMzAyMTAwMDM4WhcNMjYwMzAzMTAwMDM4WjAzMTEwLwYDVQQD
EyhiZWMyMzhmZTQ1MzQzY2FiNzZiN2EwODE5Yjc5MzA4ZWRiY2EwMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa9qRJ/2R+pSiZo2C0YOSJfnYinr
GKkqTXRIUPduyzxGOrd5Qne14VyEOdThi99Q0T7lvcCyom8YmoNWCNW6K1MxjvAu
Td97hj0FHQauXcl3kpnhVx+2LtSd/qyO6Wu7GwFInw+NB1X4Um/gSeQENqXL9bZK
mtX7Jw1NHdyXedo1gLMHcN8JbXBp5yOmZcY2BfIx6WUzsyruB2VdvMzARELMv8Hb
PKv17NRo7/ueCV7pB35jd2/HL8Ofqk/SRdiWLGELGH+7+u1N8OLQU35qrvjZNrPM
+Dr4+0qMa/uZYXo3PJ6IcD2z9E1da8f4WIAzrtHSzhn6UYFLsXTEa9yf+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL7COP5FNDyrdreggZt5MI7bygCSMB8GA1UdIwQY
MBaAFAs1YIfCDHoyVBb9qAPLdvPaeUepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAt
NTdlYWY4MzNhYjBiLzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAtNTdlYWY4MzNhYjBi
LzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbncr89LA
kb3gxmPUFonvrqhm34o2v0npoFZOtOnALyiWN2J9B4AhQlK4y7Iys5c9XdmmrcMF
ByVG4c+ZZWvhykwuP1b6yyp4qr1AqgumQGiDl9G+/Q+0e/k/k4L4MY71ub6ctA0E
6Jw3Sz87vMIf6t4whcuILD7R/LYuFmEJoMHga65KvDeUyd3bA+RzXan0OsJDuA4A
O8hXhx9SDydVZN9e0nh3smIJWMNRgOh32tnhKAOjp8enWrxmpWMP3j243ccEmzij
u2fHokPbqG+0pp8M7FqYJOU0fx7uJNcuRf2t80T4JWkWj+BH38aNYjaikIr5ve9Q
Q+HGdxyPZjc/+Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:32:21 2026 by rpki-client