Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
File: cdiwl1czMSbftYNIDqji09NGwI0.mft (raw, json)
Hash identifier: SRZDhn+6LeBrsRLiShR9YRpqfBzJ8v1VSDiS4QxDBmA=
Subject key identifier: 4B:25:33:6A:F9:ED:8A:3D:CF:4D:4D:0B:97:55:47:9D:82:A2:85:FA
Authority key identifier: 71:D8:B0:97:57:33:31:26:DF:B5:83:48:0E:A8:E2:D3:D3:46:C0:8D
Certificate issuer: /CN=71d8b09757333126dfb583480ea8e2d3d346c08d
Certificate serial: 019D382DE6CDFE547C6B0FE3F0D9720EA42D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
Manifest number: 01A7
Signing time: Sun 29 Mar 2026 06:00:25 +0000
Manifest this update: Sun 29 Mar 2026 06:00:25 +0000
Manifest next update: Mon 30 Mar 2026 06:00:25 +0000
Files and hashes: 1: cdiwl1czMSbftYNIDqji09NGwI0.crl (hash: QaIMSxlMmOqSezAe2/1njKle36u2yGMuiYPG64mqQU4=)
2: d7QLV60EzdcK6Z9SHb-OI9Vui7M.roa (hash: rchiT/bvXuEanUa+M3WmCKgTEc1BUzo1gca2cFJPRLs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:e6:cd:fe:54:7c:6b:0f:e3:f0:d9:72:0e:a4:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d8b09757333126dfb583480ea8e2d3d346c08d
Validity
Not Before: Mar 29 06:00:25 2026 GMT
Not After : Mar 30 06:00:25 2026 GMT
Subject: CN=4b25336af9ed8a3dcf4d4d0b9755479d82a285fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:bc:bb:78:c2:78:fb:5a:1b:98:65:24:39:7e:
d9:aa:b1:6e:d4:10:45:df:a2:f4:54:12:d7:f1:df:
09:bf:8d:e5:48:24:ce:9f:87:07:64:ad:cc:85:f7:
40:05:b6:03:4f:b9:9a:26:5e:7e:2f:bb:5c:3a:12:
17:5b:25:ac:f4:71:e7:c2:93:9c:f3:06:db:14:44:
92:ea:78:45:26:78:3d:9a:7b:4b:d0:5b:63:80:98:
12:91:a9:02:77:29:a0:40:df:ea:b3:48:1a:70:c0:
bb:72:cf:7c:1a:3d:3f:a2:c1:c6:6d:e1:25:3c:2c:
13:f9:79:2e:b4:3b:77:41:b5:1e:be:36:9e:b7:79:
89:e4:bf:2f:c2:e5:ff:bf:7d:20:6e:09:38:84:cd:
63:64:55:cd:6f:16:7a:6b:7e:79:78:39:09:22:f9:
9b:d6:b4:81:95:b5:cf:2a:36:b0:d7:05:00:73:1b:
66:8f:5a:ba:df:b5:ba:21:ca:ec:66:69:a4:f8:d1:
d7:a0:1a:f2:c2:b3:37:fd:13:62:d4:d7:5b:10:b7:
f7:fe:a2:b2:bb:a0:7f:e5:76:59:93:47:ea:d0:0d:
57:61:c0:ce:1d:ca:65:d8:29:a6:38:c0:57:4f:3f:
34:53:f9:75:29:8b:0e:5c:21:ec:c9:0b:13:ed:52:
92:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:25:33:6A:F9:ED:8A:3D:CF:4D:4D:0B:97:55:47:9D:82:A2:85:FA
X509v3 Authority Key Identifier:
keyid:71:D8:B0:97:57:33:31:26:DF:B5:83:48:0E:A8:E2:D3:D3:46:C0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdiwl1czMSbftYNIDqji09NGwI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/6b9626-fb1a-445e-b95a-b002f35be739/1/cdiwl1czMSbftYNIDqji09NGwI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:3c:97:f0:7d:75:21:57:a3:df:9d:c8:a7:6f:9e:74:6d:67:
ba:85:33:3a:d6:72:57:aa:bf:ce:6a:49:16:0d:96:24:ed:17:
dd:6e:42:42:f4:fb:a6:d4:29:8c:06:1d:64:c8:b3:69:af:f4:
7b:84:cf:8e:6b:23:ca:b0:4b:b9:3d:69:7a:6b:c7:ed:f7:f8:
18:54:0c:87:de:7e:76:6a:7f:2f:1f:2e:da:1d:46:ff:22:bf:
bc:b2:3b:a8:54:25:98:53:37:1c:40:20:a7:4f:85:1a:6d:da:
26:9a:f4:ca:03:97:51:bd:74:bb:71:d4:3f:d7:0e:c5:cf:53:
f5:9f:b0:ce:08:de:51:33:bd:e5:61:fb:21:e0:0c:8e:ee:21:
d6:99:b4:97:bd:7f:30:84:81:70:73:7f:74:a2:55:96:17:ff:
72:1c:1c:23:1a:b7:7f:49:26:4b:67:6f:b4:fd:8e:93:b4:ae:
c3:22:e2:74:d2:05:6b:ff:4c:13:62:4c:b4:a7:5c:dc:6c:b8:
24:bd:38:65:b5:32:9a:5e:1e:b5:5f:26:45:24:86:d5:22:24:
33:80:88:cc:93:03:1c:66:27:4f:d2:a6:39:10:ac:51:d6:0b:
78:b4:06:ef:78:4f:0e:6e:a7:52:df:b9:ca:c9:f0:60:7d:14:
54:05:f2:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LebN/lR8aw/j8NlyDqQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDhiMDk3NTczMzMxMjZkZmI1ODM0ODBlYThlMmQzZDM0
NmMwOGQwHhcNMjYwMzI5MDYwMDI1WhcNMjYwMzMwMDYwMDI1WjAzMTEwLwYDVQQD
Eyg0YjI1MzM2YWY5ZWQ4YTNkY2Y0ZDRkMGI5NzU1NDc5ZDgyYTI4NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ly7eMJ4+1obmGUkOX7ZqrFu1BBF
36L0VBLX8d8Jv43lSCTOn4cHZK3MhfdABbYDT7maJl5+L7tcOhIXWyWs9HHnwpOc
8wbbFESS6nhFJng9mntL0FtjgJgSkakCdymgQN/qs0gacMC7cs98Gj0/osHGbeEl
PCwT+XkutDt3QbUevjaet3mJ5L8vwuX/v30gbgk4hM1jZFXNbxZ6a355eDkJIvmb
1rSBlbXPKjaw1wUAcxtmj1q637W6IcrsZmmk+NHXoBrywrM3/RNi1NdbELf3/qKy
u6B/5XZZk0fq0A1XYcDOHcpl2CmmOMBXTz80U/l1KYsOXCHsyQsT7VKS0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEslM2r57Yo9z01NC5dVR52CooX6MB8GA1UdIwQY
MBaAFHHYsJdXMzEm37WDSA6o4tPTRsCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy82Yjk2MjYtZmIxYS00NDVlLWI5NWEt
YjAwMmYzNWJlNzM5LzEvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy82Yjk2MjYtZmIxYS00NDVlLWI5NWEtYjAwMmYzNWJlNzM5
LzEvY2Rpd2wxY3pNU2JmdFlOSURxamkwOU5Hd0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPTyX8H11
IVej353Ip2+edG1nuoUzOtZyV6q/zmpJFg2WJO0X3W5CQvT7ptQpjAYdZMizaa/0
e4TPjmsjyrBLuT1pemvH7ff4GFQMh95+dmp/Lx8u2h1G/yK/vLI7qFQlmFM3HEAg
p0+FGm3aJpr0ygOXUb10u3HUP9cOxc9T9Z+wzgjeUTO95WH7IeAMju4h1pm0l71/
MISBcHN/dKJVlhf/chwcIxq3f0kmS2dvtP2Ok7SuwyLidNIFa/9ME2JMtKdc3Gy4
JL04ZbUyml4etV8mRSSG1SIkM4CIzJMDHGYnT9KmORCsUdYLeLQG73hPDm6nUt+5
ysnwYH0UVAXy8A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:13:16 2026 by rpki-client