Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
File: z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json)
Hash identifier: LuV5W32AsRqFVYMxJ3u4naJQBXHpn3HSCgF/BjNU2r0=
Subject key identifier: 9F:A3:E5:A4:38:9F:EA:9F:AD:6A:40:09:90:90:A7:FE:D6:0E:03:90
Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
Certificate issuer: /CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Certificate serial: 019D3940CB07610E2E5B1321BFA14AEFA817
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
Manifest number: 188C
Signing time: Sun 29 Mar 2026 11:00:40 +0000
Manifest this update: Sun 29 Mar 2026 11:00:40 +0000
Manifest next update: Mon 30 Mar 2026 11:00:40 +0000
Files and hashes: 1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: iO0yurXUFYGKE5PK5t+3QKDlO1+D9ZTyG7F/DTO4UFc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:40:cb:07:61:0e:2e:5b:13:21:bf:a1:4a:ef:a8:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812
Validity
Not Before: Mar 29 11:00:40 2026 GMT
Not After : Mar 30 11:00:40 2026 GMT
Subject: CN=9fa3e5a4389fea9fad6a40099090a7fed60e0390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:dd:aa:dc:04:1c:9f:c8:31:37:af:68:7d:fd:
0b:56:4a:07:5d:cb:df:d0:6c:cf:5b:56:11:3a:2b:
62:06:57:ef:f0:4d:ac:53:73:48:01:0e:d7:7f:83:
70:9a:40:f7:45:1d:11:d1:1d:79:ea:80:55:e8:bd:
2d:92:81:0d:4b:5f:a8:ce:8c:9d:bb:eb:9e:5e:44:
9c:25:34:43:3e:f1:a0:92:8e:e3:c5:cd:b1:e4:ed:
f3:4d:63:e6:dd:4f:a6:85:3d:a7:d4:b6:38:14:3f:
fd:9f:aa:9c:41:70:d8:e2:77:90:2f:ae:f6:10:b7:
8e:57:5f:ad:43:8a:43:83:6a:80:3d:f8:6a:b2:66:
c7:01:a1:31:d5:6f:8c:48:07:9f:cf:24:99:fa:e3:
c9:67:4e:7f:ab:e1:6a:ba:5b:ae:dc:ba:b6:7c:74:
6f:6a:72:40:e7:bc:d0:e5:48:b5:01:a0:79:67:29:
bb:5c:dd:cf:a8:12:d6:22:fd:73:9c:34:f5:b6:5d:
37:55:c6:e2:e1:a8:69:d6:50:9e:bf:63:18:58:b8:
4a:c2:9e:e3:1e:ef:27:dc:87:f8:17:fa:c8:41:25:
c7:34:d4:9b:7a:2c:8b:c9:60:80:07:1b:98:0b:91:
eb:62:97:e6:59:8d:31:a4:9b:28:a7:08:18:d1:fb:
96:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A3:E5:A4:38:9F:EA:9F:AD:6A:40:09:90:90:A7:FE:D6:0E:03:90
X509v3 Authority Key Identifier:
keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:bf:22:b8:32:5b:56:20:c0:cd:a3:09:e5:6f:f6:18:15:37:
83:73:6c:66:d2:7a:4a:22:ef:18:6e:f5:5d:20:ad:ce:8b:b1:
0a:62:44:e9:16:57:c5:49:5f:72:dc:26:80:08:c9:48:dc:de:
ba:20:9a:85:a4:00:73:ee:3c:4c:97:6b:5a:e2:b9:ff:7e:ee:
9d:01:fe:15:f9:60:60:0e:b9:1b:66:7f:83:e1:09:ce:d1:47:
4f:6e:91:e2:62:bd:f5:39:a9:3b:41:10:55:be:51:d7:3d:27:
1f:fa:28:6d:69:dd:60:44:56:e9:0d:31:bb:99:8b:6a:e0:9c:
29:2c:a2:7c:24:f6:4f:68:77:84:3b:b4:ec:75:41:22:9a:69:
e3:98:c6:50:61:f8:d0:47:dd:c3:9a:26:c5:54:82:a1:64:f4:
84:b6:fe:1f:b8:9b:54:3c:fb:69:79:8c:93:b6:d7:dc:5e:62:
37:b3:64:7d:e5:ec:bf:ac:41:38:d7:29:7c:d2:47:e8:2f:5b:
04:f4:34:43:f0:1a:38:a9:21:5f:b5:dc:9f:d4:bb:9e:83:f7:
f8:c0:23:3c:9d:86:38:22:13:4e:7e:b5:3e:ab:a4:51:62:0b:
9e:a1:63:ee:db:a7:0f:a7:17:90:15:29:5e:83:07:cd:86:bc:
c2:c6:5a:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QMsHYQ4uWxMhv6FK76gXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3
NGE4MTIwHhcNMjYwMzI5MTEwMDQwWhcNMjYwMzMwMTEwMDQwWjAzMTEwLwYDVQQD
Eyg5ZmEzZTVhNDM4OWZlYTlmYWQ2YTQwMDk5MDkwYTdmZWQ2MGUwMzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy92q3AQcn8gxN69off0LVkoHXcvf
0GzPW1YROitiBlfv8E2sU3NIAQ7Xf4NwmkD3RR0R0R156oBV6L0tkoENS1+ozoyd
u+ueXkScJTRDPvGgko7jxc2x5O3zTWPm3U+mhT2n1LY4FD/9n6qcQXDY4neQL672
ELeOV1+tQ4pDg2qAPfhqsmbHAaEx1W+MSAefzySZ+uPJZ05/q+Fquluu3Lq2fHRv
anJA57zQ5Ui1AaB5Zym7XN3PqBLWIv1znDT1tl03Vcbi4ahp1lCev2MYWLhKwp7j
Hu8n3If4F/rIQSXHNNSbeiyLyWCABxuYC5HrYpfmWY0xpJsopwgY0fuW+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ+j5aQ4n+qfrWpACZCQp/7WDgOQMB8GA1UdIwQY
MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt
Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk
LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqb8iuDJb
ViDAzaMJ5W/2GBU3g3NsZtJ6SiLvGG71XSCtzouxCmJE6RZXxUlfctwmgAjJSNze
uiCahaQAc+48TJdrWuK5/37unQH+FflgYA65G2Z/g+EJztFHT26R4mK99TmpO0EQ
Vb5R1z0nH/oobWndYERW6Q0xu5mLauCcKSyifCT2T2h3hDu07HVBIppp45jGUGH4
0Efdw5omxVSCoWT0hLb+H7ibVDz7aXmMk7bX3F5iN7NkfeXsv6xBONcpfNJH6C9b
BPQ0Q/AaOKkhX7Xcn9S7noP3+MAjPJ2GOCITTn61PqukUWILnqFj7tunD6cXkBUp
XoMHzYa8wsZa5g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:38:59 2026 by rpki-client