Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
File: gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft (raw, json)
Hash identifier: bMPAZnCRzOcL9VPlzBJYmHAplCnRXV1RmeEy13/tQco=
Subject key identifier: 1E:7D:84:BB:FB:F7:50:4D:49:AB:65:23:44:07:F7:DC:AC:D5:7B:A5
Authority key identifier: 83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
Certificate issuer: /CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Certificate serial: 019D382EB184B64978718092CB222764587B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
Manifest number: 11F1
Signing time: Sun 29 Mar 2026 06:01:17 +0000
Manifest this update: Sun 29 Mar 2026 06:01:17 +0000
Manifest next update: Mon 30 Mar 2026 06:01:17 +0000
Files and hashes: 1: VlW6EtyMaH795hvnaMozw2BfYQQ.roa (hash: my2rC1+ycBVaR38Z3DLdakYhoWnomEP/kZgHcgk7zUE=)
2: gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl (hash: Cmnc3/NGeAhTdNySlvGkniByrxi708O+OLtQibwzEbI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:b1:84:b6:49:78:71:80:92:cb:22:27:64:58:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8336ca151ed4c323d498f06dd7c5ae394ceac59f
Validity
Not Before: Mar 29 06:01:17 2026 GMT
Not After : Mar 30 06:01:17 2026 GMT
Subject: CN=1e7d84bbfbf7504d49ab65234407f7dcacd57ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:85:58:db:a5:0d:9b:09:9b:34:03:96:9e:
11:1d:c0:d7:b3:7c:87:6d:c7:e0:b8:d6:09:44:78:
18:82:3d:54:6f:40:9b:d9:06:97:68:d1:12:b7:d0:
8a:b9:04:ef:c1:62:26:54:0f:dd:c0:a9:40:9d:44:
ff:79:2a:b1:57:f7:19:17:c1:77:5f:97:50:ba:26:
87:23:03:d0:e5:4d:7e:09:3a:0d:c3:0f:49:04:3c:
72:c5:ef:20:b6:ec:76:7e:fd:86:c4:46:ee:75:38:
14:22:17:a3:fc:cc:d6:c2:a2:20:58:4b:c3:31:2f:
ed:79:8d:be:d6:89:e4:66:66:c9:53:3c:46:ab:89:
f6:af:40:30:5a:95:7b:80:9d:9d:1d:e5:c1:5a:5d:
1c:6d:c2:70:70:04:29:d6:02:d9:cf:c0:fa:ba:5f:
0c:f1:6a:88:02:f3:3a:08:65:e5:ac:0c:1a:73:8d:
a9:11:b1:e4:90:87:2c:66:ce:d0:f4:32:13:c1:d5:
e0:d2:26:c4:6f:2a:f4:49:31:ff:82:b2:99:21:0c:
a4:e2:3c:09:d2:c3:2c:27:5e:fb:d4:14:6e:20:9f:
34:e0:63:98:4d:18:50:4e:fa:c4:aa:87:e1:d4:a2:
cb:d3:2a:9f:c9:0a:1e:6f:69:3f:2d:ff:30:9f:af:
94:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:7D:84:BB:FB:F7:50:4D:49:AB:65:23:44:07:F7:DC:AC:D5:7B:A5
X509v3 Authority Key Identifier:
keyid:83:36:CA:15:1E:D4:C3:23:D4:98:F0:6D:D7:C5:AE:39:4C:EA:C5:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzbKFR7UwyPUmPBt18WuOUzqxZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1face1-9e28-4d89-bf52-91795319845c/1/gzbKFR7UwyPUmPBt18WuOUzqxZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1f:c9:08:ef:fe:6f:5b:0a:92:58:e0:b7:a2:01:00:13:95:74:
15:44:56:19:7f:f7:7a:fd:9b:c2:fd:83:50:0a:88:84:a6:2c:
92:63:e1:5c:0b:a2:7a:24:d6:a4:0b:f6:4f:ca:4d:23:69:79:
6f:1c:87:00:2d:95:83:c6:02:ed:33:6c:b8:ca:0d:c5:c1:6a:
9a:a0:4a:35:cc:bd:22:40:2d:e0:90:f5:69:6c:70:cf:39:fc:
52:df:c3:08:13:66:d4:3f:b3:97:06:31:79:5b:ef:e7:51:f2:
54:38:a3:d9:32:85:b6:0f:3d:4b:64:3a:c3:86:28:2c:bd:f8:
1d:3c:93:a5:0a:9c:d0:86:11:6d:45:63:da:ef:e7:eb:28:09:
a5:12:88:1c:f3:6a:33:19:2b:b7:ff:5c:1e:45:28:cf:1d:02:
36:d5:24:97:ff:8f:59:e1:57:02:b6:33:7b:53:a0:3d:18:00:
c1:17:ed:72:98:31:b8:48:f6:ec:69:24:b6:c7:df:ee:2a:7b:
6e:3e:b1:05:90:8a:cf:26:0d:a2:a0:a3:5c:6c:6b:41:17:0a:
1e:c8:64:24:69:30:0d:84:26:6f:76:1e:1e:c3:a7:f7:93:86:
bf:a3:2c:c1:6d:63:e3:d7:dc:4a:52:af:24:55:05:34:43:14:
bb:1b:1a:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LrGEtkl4cYCSyyInZFh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzZjYTE1MWVkNGMzMjNkNDk4ZjA2ZGQ3YzVhZTM5NGNl
YWM1OWYwHhcNMjYwMzI5MDYwMTE3WhcNMjYwMzMwMDYwMTE3WjAzMTEwLwYDVQQD
EygxZTdkODRiYmZiZjc1MDRkNDlhYjY1MjM0NDA3ZjdkY2FjZDU3YmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXmFWNulDZsJmzQDlp4RHcDXs3yH
bcfguNYJRHgYgj1Ub0Cb2QaXaNESt9CKuQTvwWImVA/dwKlAnUT/eSqxV/cZF8F3
X5dQuiaHIwPQ5U1+CToNww9JBDxyxe8gtux2fv2GxEbudTgUIhej/MzWwqIgWEvD
MS/teY2+1onkZmbJUzxGq4n2r0AwWpV7gJ2dHeXBWl0cbcJwcAQp1gLZz8D6ul8M
8WqIAvM6CGXlrAwac42pEbHkkIcsZs7Q9DITwdXg0ibEbyr0STH/grKZIQyk4jwJ
0sMsJ1771BRuIJ804GOYTRhQTvrEqofh1KLL0yqfyQoeb2k/Lf8wn6+UkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB59hLv791BNSatlI0QH99ys1XulMB8GA1UdIwQY
MBaAFIM2yhUe1MMj1JjwbdfFrjlM6sWfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTIt
OTE3OTUzMTk4NDVjLzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xZmFjZTEtOWUyOC00ZDg5LWJmNTItOTE3OTUzMTk4NDVj
LzEvZ3piS0ZSN1V3eVBVbVBCdDE4V3VPVXpxeFo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAH8kI7/5v
WwqSWOC3ogEAE5V0FURWGX/3ev2bwv2DUAqIhKYskmPhXAuieiTWpAv2T8pNI2l5
bxyHAC2Vg8YC7TNsuMoNxcFqmqBKNcy9IkAt4JD1aWxwzzn8Ut/DCBNm1D+zlwYx
eVvv51HyVDij2TKFtg89S2Q6w4YoLL34HTyTpQqc0IYRbUVj2u/n6ygJpRKIHPNq
Mxkrt/9cHkUozx0CNtUkl/+PWeFXArYze1OgPRgAwRftcpgxuEj27Gkktsff7ip7
bj6xBZCKzyYNoqCjXGxrQRcKHshkJGkwDYQmb3YeHsOn95OGv6MswW1j49fcSlKv
JFUFNEMUuxsasQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:27:50 2026 by rpki-client