Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: WDgvQghqF1rs3fVdA1SzkoOgJFq0KeHrjcoWslQk7bc=
Subject key identifier: CF:43:6D:A5:EC:9B:13:1B:45:D8:13:C0:79:AB:38:3D:CB:E8:9A:E2
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 019F1943FCA413E40239DCB6177C5A50C8E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 1988
Signing time: Tue 30 Jun 2026 16:01:53 +0000
Manifest this update: Tue 30 Jun 2026 16:01:53 +0000
Manifest next update: Wed 01 Jul 2026 16:01:53 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: 9JX0mvAC5+eKFVklhjjUS3iTv/RWGiiShmW+4HYn2x0=)
2: R1HqNhBgcIe-3oW62MxdKjDKqQw.roa (hash: qEknwbkXeioT3cO8P3jelWto+d9dLLFAHoISR08x8Pc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 14:31:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:19:43:fc:a4:13:e4:02:39:dc:b6:17:7c:5a:50:c8:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Jun 30 16:01:53 2026 GMT
Not After : Jul 1 16:01:53 2026 GMT
Subject: CN=cf436da5ec9b131b45d813c079ab383dcbe89ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:5c:71:ad:1e:69:e3:c4:52:2c:5c:3c:9f:15:
f0:47:9b:30:34:e5:12:b0:36:5c:6e:5d:26:cc:ed:
c2:85:94:f6:1d:53:4a:55:55:e3:61:96:ec:c1:7f:
49:cd:95:e8:37:21:51:9b:bd:e3:ae:c3:72:01:6e:
31:cf:0b:47:20:f7:bc:55:89:e5:a5:97:97:d0:ca:
2b:f9:a5:77:10:11:94:c8:e0:34:36:63:cc:6f:a8:
8b:be:02:58:9c:e6:5c:22:07:9e:ac:10:2c:45:20:
05:e1:2b:6b:ac:90:02:0d:e2:b2:56:f4:b2:8d:aa:
8d:da:74:0a:1c:0f:8a:4f:7b:3f:68:bb:7b:e8:56:
3c:16:20:0d:c4:60:b6:24:21:f6:8a:5c:60:da:85:
b7:81:45:fe:69:f4:b3:10:38:5f:f8:2b:fb:ba:98:
27:7a:44:d7:1c:f8:8d:8f:f3:aa:d8:ef:80:5c:eb:
26:63:2a:9f:55:15:df:88:16:e7:d4:42:5b:e2:4a:
42:86:ed:0a:82:cd:aa:c7:97:6d:e7:1c:e4:04:53:
c7:b0:23:fc:04:16:aa:06:1d:ad:c3:4f:92:65:5e:
66:31:8f:05:aa:5b:af:6a:82:64:5a:48:99:d5:4a:
11:8c:dd:7c:6f:7c:1b:58:a9:63:c7:1b:87:df:3a:
fd:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:43:6D:A5:EC:9B:13:1B:45:D8:13:C0:79:AB:38:3D:CB:E8:9A:E2
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:39:46:a6:ab:a9:ad:e3:7c:a4:23:3b:22:d1:0e:df:01:b5:
37:70:51:7d:1c:47:54:81:53:2f:6f:e7:f1:c7:e2:49:43:09:
2b:c6:1e:df:f6:a5:f0:dc:a0:5a:91:97:02:93:59:7b:99:d4:
06:8a:1e:13:3c:d3:e6:db:f2:6b:5d:00:4e:cc:b0:86:1a:d9:
dc:24:16:10:35:ed:ad:a8:63:6e:ed:a3:df:75:dc:99:19:3b:
78:7a:3a:1a:18:ad:be:d0:eb:70:00:80:38:34:93:c4:50:e2:
d8:84:71:ee:dd:4e:e9:88:47:32:f1:b9:d1:a4:96:8a:98:c5:
2c:c7:91:e2:b8:8f:05:21:6d:29:50:5d:56:00:56:aa:62:b2:
dc:94:7a:26:e8:f1:c3:5c:aa:7e:79:0d:95:95:a9:35:86:59:
bc:f0:74:0d:64:2a:1f:7a:ec:15:e9:7a:a1:19:99:73:93:6c:
ed:39:2e:4e:b8:7d:a3:1c:24:f2:0c:12:8e:f4:8c:51:18:e2:
61:d4:a7:40:6c:0c:80:0e:30:a7:14:cb:d2:ff:1e:f0:1b:35:
2e:f9:03:f8:1e:aa:ca:51:92:76:41:7d:1f:ea:52:42:62:a3:
d6:15:93:5a:37:d2:77:60:99:c5:05:ab:56:c9:1d:25:4e:25:
d4:1c:e2:3d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ8ZQ/ykE+QCOdy2F3xaUMjoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjYwNjMwMTYwMTUzWhcNMjYwNzAxMTYwMTUzWjAzMTEwLwYDVQQD
EyhjZjQzNmRhNWVjOWIxMzFiNDVkODEzYzA3OWFiMzgzZGNiZTg5YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFxxrR5p48RSLFw8nxXwR5swNOUS
sDZcbl0mzO3ChZT2HVNKVVXjYZbswX9JzZXoNyFRm73jrsNyAW4xzwtHIPe8VYnl
pZeX0Mor+aV3EBGUyOA0NmPMb6iLvgJYnOZcIgeerBAsRSAF4StrrJACDeKyVvSy
jaqN2nQKHA+KT3s/aLt76FY8FiANxGC2JCH2ilxg2oW3gUX+afSzEDhf+Cv7upgn
ekTXHPiNj/Oq2O+AXOsmYyqfVRXfiBbn1EJb4kpChu0Kgs2qx5dt5xzkBFPHsCP8
BBaqBh2tw0+SZV5mMY8FqluvaoJkWkiZ1UoRjN18b3wbWKljxxuH3zr9CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM9DbaXsmxMbRdgTwHmrOD3L6JriMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAejlGpqup
reN8pCM7ItEO3wG1N3BRfRxHVIFTL2/n8cfiSUMJK8Ye3/al8NygWpGXApNZe5nU
BooeEzzT5tvya10ATsywhhrZ3CQWEDXtrahjbu2j33XcmRk7eHo6GhitvtDrcACA
ODSTxFDi2IRx7t1O6YhHMvG50aSWipjFLMeR4riPBSFtKVBdVgBWqmKy3JR6Jujx
w1yqfnkNlZWpNYZZvPB0DWQqH3rsFel6oRmZc5Ns7TkuTrh9oxwk8gwSjvSMURji
YdSnQGwMgA4wpxTL0v8e8Bs1LvkD+B6qylGSdkF9H+pSQmKj1hWTWjfSd2CZxQWr
VskdJU4l1BziPQ==
-----END CERTIFICATE-----
Generated at Tue Jun 30 19:30:20 2026 by rpki-client