Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: ij+4PdPH+BaRqy721LMLZVJlc2Vyr79ZUb56IofvFpY=
Subject key identifier: BB:37:E1:31:16:80:A9:18:9D:FE:D5:A2:E4:10:18:48:BB:4A:7C:CC
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 019D386614E02772634B3CDB2E269538E1D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 188F
Signing time: Sun 29 Mar 2026 07:01:47 +0000
Manifest this update: Sun 29 Mar 2026 07:01:47 +0000
Manifest next update: Mon 30 Mar 2026 07:01:47 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: j8MBJnRwcV7G6hrOl7ihPzpP4G55FCXGVDRc1yvPPK0=)
2: R1HqNhBgcIe-3oW62MxdKjDKqQw.roa (hash: qEknwbkXeioT3cO8P3jelWto+d9dLLFAHoISR08x8Pc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:66:14:e0:27:72:63:4b:3c:db:2e:26:95:38:e1:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Mar 29 07:01:47 2026 GMT
Not After : Mar 30 07:01:47 2026 GMT
Subject: CN=bb37e1311680a9189dfed5a2e4101848bb4a7ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:64:11:82:be:77:c3:10:0c:ec:a5:a3:96:7b:
fe:c2:be:5e:d5:e3:76:e0:b5:56:1b:be:7c:0f:3d:
a0:9f:0e:f0:4c:be:c6:a6:c0:f0:47:14:6f:dc:7d:
5b:3d:ef:8c:e9:77:76:ba:09:f7:ea:e3:1b:38:09:
cf:23:b0:5c:29:73:d8:2e:77:b0:87:58:03:04:41:
cd:1b:71:b7:cd:aa:c4:ff:be:5a:33:65:db:5f:f6:
55:da:74:c0:24:ab:81:18:1a:62:fb:cf:c4:9a:b9:
71:8d:38:f7:f2:30:e0:4d:d3:28:52:4c:b6:95:0b:
35:d7:88:6b:df:a1:e9:bd:48:3b:f3:55:90:6e:d6:
6c:0b:5b:21:bc:c1:9c:88:a2:9e:54:3a:f9:bb:ca:
79:d0:9a:95:13:88:48:ae:83:51:11:15:dd:fa:c8:
49:09:2e:2c:57:e0:b7:a1:5e:aa:04:15:5f:fd:03:
d5:3a:19:a2:4b:c3:8a:36:02:bf:90:fd:cb:c5:5d:
43:e8:a0:91:7a:28:8f:9c:aa:44:d2:3e:ec:68:a4:
08:3e:f3:ac:8e:27:90:d5:74:ae:43:87:4f:04:e4:
4c:14:d1:f3:0d:dd:3c:6c:39:f5:df:17:28:0c:1a:
0a:ff:71:dc:58:44:8e:bf:3f:ee:70:70:e9:f5:b7:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:37:E1:31:16:80:A9:18:9D:FE:D5:A2:E4:10:18:48:BB:4A:7C:CC
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6f:aa:15:6c:9f:ef:f8:f5:61:e9:06:5c:77:d4:bb:fb:07:4d:
5d:6d:84:a0:a1:cd:b2:e8:57:1c:dc:32:0d:96:26:92:de:ba:
5b:b4:8a:82:c6:2e:22:46:c7:9f:81:29:2e:95:84:d3:a9:00:
d0:df:29:44:6c:8a:bf:76:0b:09:df:4d:c2:5f:0d:69:2d:83:
cf:33:37:2b:25:26:4a:5b:f2:aa:78:c3:ee:ad:94:37:42:d6:
21:b3:f2:7a:66:32:93:6d:f3:92:64:ff:27:a9:ff:01:2b:e4:
de:13:cf:b0:aa:62:ef:ba:a7:5a:3e:22:69:78:03:b9:c7:a8:
9e:66:6f:15:a5:fd:62:26:4a:04:c2:27:2c:13:65:cb:fb:b9:
10:56:a3:bb:59:85:76:51:7c:8e:30:3c:20:7d:7f:d8:9f:28:
ae:ec:f5:06:f7:85:80:44:ec:94:49:e4:44:7c:32:e5:69:7a:
fe:77:ac:4e:09:55:c7:56:cc:24:54:d4:6a:83:fc:2a:7b:fc:
ea:9a:aa:50:7a:38:e7:ce:24:7f:b3:a4:4b:af:f1:d7:d3:8a:
77:70:7d:a3:86:5d:48:d0:af:e9:01:2e:5e:a5:a7:14:aa:ba:
cf:ad:10:16:12:39:ce:ef:f0:95:b6:27:45:eb:28:84:b1:53:
20:e9:df:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZhTgJ3JjSzzbLiaVOOHXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjYwMzI5MDcwMTQ3WhcNMjYwMzMwMDcwMTQ3WjAzMTEwLwYDVQQD
EyhiYjM3ZTEzMTE2ODBhOTE4OWRmZWQ1YTJlNDEwMTg0OGJiNGE3Y2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2QRgr53wxAM7KWjlnv+wr5e1eN2
4LVWG758Dz2gnw7wTL7GpsDwRxRv3H1bPe+M6Xd2ugn36uMbOAnPI7BcKXPYLnew
h1gDBEHNG3G3zarE/75aM2XbX/ZV2nTAJKuBGBpi+8/EmrlxjTj38jDgTdMoUky2
lQs114hr36HpvUg781WQbtZsC1shvMGciKKeVDr5u8p50JqVE4hIroNRERXd+shJ
CS4sV+C3oV6qBBVf/QPVOhmiS8OKNgK/kP3LxV1D6KCReiiPnKpE0j7saKQIPvOs
jieQ1XSuQ4dPBORMFNHzDd08bDn13xcoDBoK/3HcWESOvz/ucHDp9beguQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLs34TEWgKkYnf7VouQQGEi7SnzMMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAb6oVbJ/v
+PVh6QZcd9S7+wdNXW2EoKHNsuhXHNwyDZYmkt66W7SKgsYuIkbHn4EpLpWE06kA
0N8pRGyKv3YLCd9Nwl8NaS2DzzM3KyUmSlvyqnjD7q2UN0LWIbPyemYyk23zkmT/
J6n/ASvk3hPPsKpi77qnWj4iaXgDuceonmZvFaX9YiZKBMInLBNly/u5EFaju1mF
dlF8jjA8IH1/2J8oruz1BveFgETslEnkRHwy5Wl6/nesTglVx1bMJFTUaoP8Knv8
6pqqUHo4584kf7OkS6/x19OKd3B9o4ZdSNCv6QEuXqWnFKq6z60QFhI5zu/wlbYn
ResohLFTIOnf7Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:07:31 2026 by rpki-client