Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft
File: CZ-qshYRGNsbd8GnTszLc-doHDY.mft (raw, json)
Hash identifier: mVMcWw5c7kCEagwKZPQnHRVA79skWLfqnkNFsoXaTJw=
Subject key identifier: 31:A1:8D:E5:7E:51:95:63:A7:F6:D0:ED:09:36:3B:72:BE:D0:97:B8
Authority key identifier: 09:9F:AA:B2:16:11:18:DB:1B:77:C1:A7:4E:CC:CB:73:E7:68:1C:36
Certificate issuer: /CN=099faab2161118db1b77c1a74ecccb73e7681c36
Certificate serial: 019D38D3B94741A3268E1485865A7401522B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ-qshYRGNsbd8GnTszLc-doHDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft
Manifest number: 02B2
Signing time: Sun 29 Mar 2026 09:01:32 +0000
Manifest this update: Sun 29 Mar 2026 09:01:32 +0000
Manifest next update: Mon 30 Mar 2026 09:01:32 +0000
Files and hashes: 1: B4ECW0jtt5KyrtkmlUhbFQBxuus.roa (hash: Z8JjmJ/Yv+fCZ4euDC+I0rty80LYQ117ydvucBAt8Uw=)
2: CZ-qshYRGNsbd8GnTszLc-doHDY.crl (hash: ne855V92hy6suNXZIV9+uSq9h+VdkuodR+GGm90yBnY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZ-qshYRGNsbd8GnTszLc-doHDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:b9:47:41:a3:26:8e:14:85:86:5a:74:01:52:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099faab2161118db1b77c1a74ecccb73e7681c36
Validity
Not Before: Mar 29 09:01:32 2026 GMT
Not After : Mar 30 09:01:32 2026 GMT
Subject: CN=31a18de57e519563a7f6d0ed09363b72bed097b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:5e:30:91:d1:19:37:72:0b:cd:d4:df:bb:
99:e6:2c:30:6e:39:5b:5e:eb:b3:1e:3f:a9:6a:71:
7a:08:20:ee:31:8f:fc:5e:e0:3f:6f:d6:c8:32:d3:
07:56:5a:8e:58:7e:f3:d4:26:bb:64:52:4d:94:90:
20:4c:57:17:a2:bf:82:dd:b8:01:f9:2f:3f:46:a5:
d6:4e:ac:69:6f:04:04:e2:84:bd:79:8b:14:2f:ba:
0b:b4:e3:73:f1:e9:33:e6:cd:f9:7e:7a:c0:2e:02:
18:c8:ea:6d:59:d6:97:e2:20:52:13:e6:46:dc:15:
aa:fd:b7:1b:5c:1a:8a:48:3f:b5:a0:22:ca:48:ab:
81:b5:78:b9:32:80:6c:38:98:87:d5:7a:0b:a6:d2:
0e:c7:65:dc:d9:09:e9:c7:f0:66:aa:46:62:93:47:
8a:21:04:7a:f5:44:65:31:5e:08:49:21:66:cd:cf:
b3:34:a1:56:5f:20:34:c7:51:3f:46:c8:b5:2c:b2:
60:24:49:d1:ad:bd:45:2a:e1:90:8b:6e:4f:6c:af:
80:38:46:ca:3d:f0:0f:84:0d:56:96:36:3c:8c:9a:
eb:9e:5d:4b:e3:e0:21:03:3b:2c:ec:ae:ce:df:e1:
16:8d:a4:56:55:7e:aa:ad:37:53:ba:a1:59:ce:a8:
d2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:A1:8D:E5:7E:51:95:63:A7:F6:D0:ED:09:36:3B:72:BE:D0:97:B8
X509v3 Authority Key Identifier:
keyid:09:9F:AA:B2:16:11:18:DB:1B:77:C1:A7:4E:CC:CB:73:E7:68:1C:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ-qshYRGNsbd8GnTszLc-doHDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:8e:c5:5f:c7:a5:03:65:40:e8:37:b7:9c:1b:f3:87:22:5d:
26:69:6f:0e:73:b5:d5:7e:86:d8:71:30:ca:9f:77:d3:f3:17:
b7:94:26:3d:20:76:8a:1b:f6:d9:39:f4:13:d7:ca:65:66:56:
2e:5b:89:1d:c8:63:6d:43:2c:b8:f3:74:c3:0e:c9:5e:bc:19:
fd:41:72:62:31:86:63:26:49:b8:c8:06:8a:92:88:47:cb:e4:
6a:9f:a6:80:60:10:c2:fd:9f:3e:d4:3e:43:a8:19:e8:07:83:
36:b5:97:0d:23:45:53:20:81:06:4b:d4:70:36:06:d2:2e:d9:
09:cf:a8:b4:65:91:aa:d1:4a:bb:83:7f:6f:41:76:6b:f9:23:
1b:1c:ab:2f:5c:1b:11:17:f7:25:fe:79:ac:01:6b:1e:9a:6d:
d2:7a:2d:b9:73:a0:c3:36:4b:60:f6:6f:1c:4b:08:1d:26:19:
d2:44:48:7b:cc:5b:89:5c:e8:46:c5:27:d3:48:74:d5:7f:dc:
db:a5:ba:7c:78:b1:ed:d4:3b:98:42:68:da:83:34:5d:ec:c1:
f3:1f:40:23:62:71:e3:4d:f5:a9:0b:d8:65:1f:c4:46:d3:dd:
57:bb:c4:d6:d4:f3:fd:e4:f9:07:46:06:6d:57:7b:f5:c6:13:
c8:ea:b4:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0407lHQaMmjhSFhlp0AVIrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWZhYWIyMTYxMTE4ZGIxYjc3YzFhNzRlY2NjYjczZTc2
ODFjMzYwHhcNMjYwMzI5MDkwMTMyWhcNMjYwMzMwMDkwMTMyWjAzMTEwLwYDVQQD
EygzMWExOGRlNTdlNTE5NTYzYTdmNmQwZWQwOTM2M2I3MmJlZDA5N2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuReMJHRGTdyC83U37uZ5iwwbjlb
XuuzHj+panF6CCDuMY/8XuA/b9bIMtMHVlqOWH7z1Ca7ZFJNlJAgTFcXor+C3bgB
+S8/RqXWTqxpbwQE4oS9eYsUL7oLtONz8ekz5s35fnrALgIYyOptWdaX4iBSE+ZG
3BWq/bcbXBqKSD+1oCLKSKuBtXi5MoBsOJiH1XoLptIOx2Xc2Qnpx/BmqkZik0eK
IQR69URlMV4ISSFmzc+zNKFWXyA0x1E/Rsi1LLJgJEnRrb1FKuGQi25PbK+AOEbK
PfAPhA1WljY8jJrrnl1L4+AhAzss7K7O3+EWjaRWVX6qrTdTuqFZzqjSZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDGhjeV+UZVjp/bQ7Qk2O3K+0Je4MB8GA1UdIwQY
MBaAFAmfqrIWERjbG3fBp07My3PnaBw2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1otcXNoWVJHTnNiZDhHblRzekxjLWRvSERZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84OGI2Y2MtMmI0Mi00MWUyLTk5YTkt
NGUyNGIxMTljMTQ3LzEvQ1otcXNoWVJHTnNiZDhHblRzekxjLWRvSERZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi84OGI2Y2MtMmI0Mi00MWUyLTk5YTktNGUyNGIxMTljMTQ3
LzEvQ1otcXNoWVJHTnNiZDhHblRzekxjLWRvSERZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn47FX8el
A2VA6De3nBvzhyJdJmlvDnO11X6G2HEwyp930/MXt5QmPSB2ihv22Tn0E9fKZWZW
LluJHchjbUMsuPN0ww7JXrwZ/UFyYjGGYyZJuMgGipKIR8vkap+mgGAQwv2fPtQ+
Q6gZ6AeDNrWXDSNFUyCBBkvUcDYG0i7ZCc+otGWRqtFKu4N/b0F2a/kjGxyrL1wb
ERf3Jf55rAFrHppt0notuXOgwzZLYPZvHEsIHSYZ0kRIe8xbiVzoRsUn00h01X/c
26W6fHix7dQ7mEJo2oM0XezB8x9AI2Jx4031qQvYZR/ERtPdV7vE1tTz/eT5B0YG
bVd79cYTyOq0xQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:39 2026 by rpki-client