Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
File: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft (raw, json)
Hash identifier: 39+YDxL5Gm2yyrLkudzZqOQUPCzE5pwjVzu/wfkk85s=
Subject key identifier: 1A:DD:86:B2:55:E7:37:88:49:AD:D6:F3:C1:41:3D:67:94:FE:55:75
Authority key identifier: AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
Certificate issuer: /CN=af3465437669ce586261a066cc4ad1ea464eb663
Certificate serial: 019D9AE39907D4462E155B2D04A55C11798E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
Manifest number: 1171
Signing time: Fri 17 Apr 2026 10:01:40 +0000
Manifest this update: Fri 17 Apr 2026 10:01:40 +0000
Manifest next update: Sat 18 Apr 2026 10:01:40 +0000
Files and hashes: 1: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl (hash: cye1BNS6Vyk2q9ExnIE1prlOX82PIRlegapkCCK1/20=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:e3:99:07:d4:46:2e:15:5b:2d:04:a5:5c:11:79:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3465437669ce586261a066cc4ad1ea464eb663
Validity
Not Before: Apr 17 10:01:40 2026 GMT
Not After : Apr 18 10:01:40 2026 GMT
Subject: CN=1add86b255e7378849add6f3c1413d6794fe5575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d1:16:c3:9a:cc:45:b1:dd:fb:45:36:47:46:
17:e4:a4:51:e2:41:03:f5:aa:3f:bf:5b:34:ed:b6:
d5:8a:5d:ea:13:37:b8:24:34:43:ec:54:88:5a:36:
45:97:f0:04:62:89:38:29:fb:ea:90:a7:76:f0:05:
f9:28:24:97:09:3b:f3:28:e4:eb:3f:13:8f:42:4b:
bf:ab:8b:b3:1c:d4:f0:00:b7:09:9e:a3:78:61:8e:
6a:59:d8:85:cf:30:94:f9:2a:88:88:f6:51:85:40:
0c:e5:09:94:52:96:0c:5d:d8:2b:81:6e:96:4b:b0:
e7:2f:37:e5:21:3e:0c:17:d7:16:e5:ba:11:73:26:
a5:80:f3:31:1b:99:cb:1e:2c:55:89:75:45:53:97:
3e:ac:36:dd:29:a0:f1:d2:fd:98:89:e8:2c:56:d7:
41:af:c2:e0:87:09:06:91:9d:78:3b:7e:5b:84:9b:
c4:a9:0c:83:79:0d:41:b6:fc:7b:c6:de:f4:1f:b7:
e4:0c:6f:42:90:58:bd:6c:54:04:9e:d9:4c:d3:89:
51:e1:c8:dd:93:85:d4:54:6f:9d:c9:5d:a8:71:4b:
cd:4d:a1:c0:ea:2c:58:15:19:fb:49:ed:b3:cf:29:
00:86:44:db:ab:3e:bf:2a:d4:17:e3:b6:79:a7:53:
7a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:DD:86:B2:55:E7:37:88:49:AD:D6:F3:C1:41:3D:67:94:FE:55:75
X509v3 Authority Key Identifier:
keyid:AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:61:ad:fc:73:13:c6:87:84:9c:bf:b6:b9:7c:12:41:54:ad:
aa:61:47:ed:25:cd:e1:ad:e2:32:d0:69:f7:32:a2:5b:55:0a:
40:3d:dc:dc:85:ca:47:8f:59:4b:34:ca:69:39:09:5d:41:13:
d6:d7:e1:43:04:49:ed:06:e6:c4:0c:02:ab:85:b6:dd:03:da:
96:e8:9d:1b:53:88:54:44:56:82:bf:e8:d9:dd:a3:84:25:db:
d4:37:3e:c9:6d:50:20:b6:2d:ae:62:80:04:67:dd:5f:a5:fc:
5d:32:11:df:b1:d6:06:69:26:24:a7:1f:0f:69:31:f9:61:9c:
b1:6f:e0:30:1b:da:e2:6d:b1:88:29:13:6d:92:4b:71:d8:9d:
84:b1:1a:84:ce:23:d5:9c:3d:10:d1:83:97:d4:9a:ac:e7:c8:
54:6c:32:d3:e5:6f:60:d8:3f:6e:65:4d:4e:5b:73:fe:41:27:
fe:16:aa:b7:e1:1d:8f:d0:7a:4e:bb:bf:de:0c:1b:7d:03:58:
81:16:e3:c5:53:50:bf:c7:05:4e:b3:94:18:e3:82:cd:a7:88:
45:1b:e0:6c:67:3a:40:34:78:09:62:c7:0e:4a:28:85:65:64:
bd:f3:f3:71:cb:07:b1:ca:f3:66:bb:83:58:4f:3f:58:7e:fe:
07:de:6b:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2a45kH1EYuFVstBKVcEXmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzQ2NTQzNzY2OWNlNTg2MjYxYTA2NmNjNGFkMWVhNDY0
ZWI2NjMwHhcNMjYwNDE3MTAwMTQwWhcNMjYwNDE4MTAwMTQwWjAzMTEwLwYDVQQD
EygxYWRkODZiMjU1ZTczNzg4NDlhZGQ2ZjNjMTQxM2Q2Nzk0ZmU1NTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtEWw5rMRbHd+0U2R0YX5KRR4kED
9ao/v1s07bbVil3qEze4JDRD7FSIWjZFl/AEYok4KfvqkKd28AX5KCSXCTvzKOTr
PxOPQku/q4uzHNTwALcJnqN4YY5qWdiFzzCU+SqIiPZRhUAM5QmUUpYMXdgrgW6W
S7DnLzflIT4MF9cW5boRcyalgPMxG5nLHixViXVFU5c+rDbdKaDx0v2YiegsVtdB
r8LghwkGkZ14O35bhJvEqQyDeQ1Btvx7xt70H7fkDG9CkFi9bFQEntlM04lR4cjd
k4XUVG+dyV2ocUvNTaHA6ixYFRn7Se2zzykAhkTbqz6/KtQX47Z5p1N6rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBrdhrJV5zeISa3W88FBPWeU/lV1MB8GA1UdIwQY
MBaAFK80ZUN2ac5YYmGgZsxK0epGTrZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQt
NjBjZjY2MGFkNTMzLzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQtNjBjZjY2MGFkNTMz
LzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANGGt/HMT
xoeEnL+2uXwSQVStqmFH7SXN4a3iMtBp9zKiW1UKQD3c3IXKR49ZSzTKaTkJXUET
1tfhQwRJ7QbmxAwCq4W23QPaluidG1OIVERWgr/o2d2jhCXb1Dc+yW1QILYtrmKA
BGfdX6X8XTIR37HWBmkmJKcfD2kx+WGcsW/gMBva4m2xiCkTbZJLcdidhLEahM4j
1Zw9ENGDl9SarOfIVGwy0+VvYNg/bmVNTltz/kEn/haqt+Edj9B6Tru/3gwbfQNY
gRbjxVNQv8cFTrOUGOOCzaeIRRvgbGc6QDR4CWLHDkoohWVkvfPzccsHscrzZruD
WE8/WH7+B95rKA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 15:22:08 2026 by rpki-client