Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/fcd855-fc2c-460e-bcea-8d7c8ac0621a/1/dzDRbvGVhk8NvoqGca-2N2g7djs.mft
File: dzDRbvGVhk8NvoqGca-2N2g7djs.mft (raw, json)
Hash identifier: 0tW3UFFFeRz7ArCd4QhM1PiDL5y/dXYHdY18sgmYwoQ=
Subject key identifier: CD:C6:66:08:0A:70:7E:90:39:BD:37:BE:6E:58:9C:EA:E4:F9:EE:3E
Authority key identifier: 77:30:D1:6E:F1:95:86:4F:0D:BE:8A:86:71:AF:B6:37:68:3B:76:3B
Certificate issuer: /CN=7730d16ef195864f0dbe8a8671afb637683b763b
Certificate serial: 019D382E7DDBB017EA8CD87E5D41AE61BC71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dzDRbvGVhk8NvoqGca-2N2g7djs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/fcd855-fc2c-460e-bcea-8d7c8ac0621a/1/dzDRbvGVhk8NvoqGca-2N2g7djs.mft
Manifest number: 01AD
Signing time: Sun 29 Mar 2026 06:01:04 +0000
Manifest this update: Sun 29 Mar 2026 06:01:04 +0000
Manifest next update: Mon 30 Mar 2026 06:01:04 +0000
Files and hashes: 1: dzDRbvGVhk8NvoqGca-2N2g7djs.crl (hash: 6AwyeW5vGd0Rt9i1fcO80jmGKCnOCFUk3WeMQh6sXeA=)
2: o2VO5oX-mcICPglQ6TuJXF-puG0.roa (hash: QGvRH3mpnPRRYbJ9WRorNDsxj8CF3Y8SPJsGxZhiJ6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/fcd855-fc2c-460e-bcea-8d7c8ac0621a/1/dzDRbvGVhk8NvoqGca-2N2g7djs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/fcd855-fc2c-460e-bcea-8d7c8ac0621a/1/dzDRbvGVhk8NvoqGca-2N2g7djs.mft
rsync://rpki.ripe.net/repository/DEFAULT/dzDRbvGVhk8NvoqGca-2N2g7djs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:7d:db:b0:17:ea:8c:d8:7e:5d:41:ae:61:bc:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7730d16ef195864f0dbe8a8671afb637683b763b
Validity
Not Before: Mar 29 06:01:04 2026 GMT
Not After : Mar 30 06:01:04 2026 GMT
Subject: CN=cdc666080a707e9039bd37be6e589ceae4f9ee3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e3:44:79:9d:9f:d1:6a:ef:94:82:cf:e1:13:
95:d4:e0:f7:a0:79:b9:26:d3:49:f0:87:c6:60:19:
9c:bc:8e:ed:ce:bf:c2:c9:f8:68:a8:a3:c0:d3:9b:
bb:9b:11:e3:96:26:0e:44:6c:de:42:61:ed:28:90:
5e:51:c9:3a:00:a9:f6:24:69:13:2d:09:bd:fc:d6:
f3:ab:7b:82:ac:7c:ff:28:d4:81:6f:5a:65:3b:69:
16:c1:23:f5:29:6e:75:41:de:15:c9:85:1d:52:24:
28:db:b7:8a:1d:cc:25:06:bc:0e:e5:cb:a3:07:89:
1f:50:46:a5:48:95:d2:eb:69:3b:08:97:54:6e:da:
49:ca:1d:74:df:c0:db:43:82:4c:d5:12:5d:b3:3a:
df:0c:03:57:14:7a:52:50:48:b8:0e:35:8b:1c:db:
2b:53:1f:4a:a5:ba:9f:ed:a7:29:e2:26:8d:80:e6:
fa:91:4c:bf:2b:d0:8b:1d:c5:92:0f:62:f6:79:66:
c7:45:22:fe:26:eb:fd:52:1c:8a:f1:89:47:ab:9a:
3c:7b:df:2d:7b:90:0b:e8:88:4c:e3:7f:58:8c:4e:
a7:55:9d:9d:80:6e:a4:09:eb:5b:5e:4c:b1:1b:8d:
75:e6:1b:a2:a2:ac:53:97:dc:de:94:72:28:87:15:
2f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C6:66:08:0A:70:7E:90:39:BD:37:BE:6E:58:9C:EA:E4:F9:EE:3E
X509v3 Authority Key Identifier:
keyid:77:30:D1:6E:F1:95:86:4F:0D:BE:8A:86:71:AF:B6:37:68:3B:76:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dzDRbvGVhk8NvoqGca-2N2g7djs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/fcd855-fc2c-460e-bcea-8d7c8ac0621a/1/dzDRbvGVhk8NvoqGca-2N2g7djs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/fcd855-fc2c-460e-bcea-8d7c8ac0621a/1/dzDRbvGVhk8NvoqGca-2N2g7djs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:cf:b8:cf:9d:80:c1:73:7f:79:72:10:d6:19:c2:98:55:d8:
04:e8:3d:bb:ab:ec:7a:d9:f2:e5:57:3d:8c:a4:3d:5d:90:48:
8b:f0:e4:96:3e:c9:87:c7:2e:ac:72:26:d6:40:fe:72:4c:c1:
bd:28:68:a0:9e:86:83:6a:ba:e4:76:9b:d5:8f:eb:35:5e:55:
8f:38:53:ef:57:c8:a3:aa:29:75:2f:8f:99:38:57:02:6d:ea:
83:42:c9:cd:1f:6a:c7:cc:bc:31:e5:2d:ba:b5:2d:28:9b:c7:
a4:f3:c1:61:16:29:d7:73:1c:55:6a:92:ec:f3:99:91:4c:4e:
4a:7f:aa:84:dd:d3:c9:90:a6:24:f0:c8:a3:90:15:95:36:e3:
f3:36:6f:f7:60:d5:da:3e:c4:8f:39:f8:a2:f7:13:e3:f1:8e:
6b:bc:63:0d:c7:6e:31:70:a9:c1:c1:bd:5a:df:b9:a9:76:a8:
07:c4:3a:c9:01:36:2f:12:a1:50:87:2a:72:fc:f6:15:55:6d:
73:c4:09:9a:d8:a3:26:f5:cd:98:d6:7f:bf:75:95:47:2f:58:
ec:6f:6a:3a:97:14:1b:a0:72:79:16:12:eb:7c:30:fb:49:a5:
23:f8:49:f5:56:a0:6d:8f:09:28:63:26:bb:f0:67:09:d2:65:
f8:94:9f:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ln3bsBfqjNh+XUGuYbxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MzBkMTZlZjE5NTg2NGYwZGJlOGE4NjcxYWZiNjM3Njgz
Yjc2M2IwHhcNMjYwMzI5MDYwMTA0WhcNMjYwMzMwMDYwMTA0WjAzMTEwLwYDVQQD
EyhjZGM2NjYwODBhNzA3ZTkwMzliZDM3YmU2ZTU4OWNlYWU0ZjllZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuONEeZ2f0WrvlILP4ROV1OD3oHm5
JtNJ8IfGYBmcvI7tzr/CyfhoqKPA05u7mxHjliYORGzeQmHtKJBeUck6AKn2JGkT
LQm9/Nbzq3uCrHz/KNSBb1plO2kWwSP1KW51Qd4VyYUdUiQo27eKHcwlBrwO5cuj
B4kfUEalSJXS62k7CJdUbtpJyh1038DbQ4JM1RJdszrfDANXFHpSUEi4DjWLHNsr
Ux9Kpbqf7acp4iaNgOb6kUy/K9CLHcWSD2L2eWbHRSL+Juv9UhyK8YlHq5o8e98t
e5AL6IhM439YjE6nVZ2dgG6kCetbXkyxG4115huioqxTl9zelHIohxUvfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM3GZggKcH6QOb03vm5YnOrk+e4+MB8GA1UdIwQY
MBaAFHcw0W7xlYZPDb6KhnGvtjdoO3Y7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHpEUmJ2R1ZoazhOdm9xR2NhLTJOMmc3ZGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mY2Q4NTUtZmMyYy00NjBlLWJjZWEt
OGQ3YzhhYzA2MjFhLzEvZHpEUmJ2R1ZoazhOdm9xR2NhLTJOMmc3ZGpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mY2Q4NTUtZmMyYy00NjBlLWJjZWEtOGQ3YzhhYzA2MjFh
LzEvZHpEUmJ2R1ZoazhOdm9xR2NhLTJOMmc3ZGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADs+4z52A
wXN/eXIQ1hnCmFXYBOg9u6vsetny5Vc9jKQ9XZBIi/Dklj7Jh8curHIm1kD+ckzB
vShooJ6Gg2q65Hab1Y/rNV5VjzhT71fIo6opdS+PmThXAm3qg0LJzR9qx8y8MeUt
urUtKJvHpPPBYRYp13McVWqS7POZkUxOSn+qhN3TyZCmJPDIo5AVlTbj8zZv92DV
2j7Ejzn4ovcT4/GOa7xjDcduMXCpwcG9Wt+5qXaoB8Q6yQE2LxKhUIcqcvz2FVVt
c8QJmtijJvXNmNZ/v3WVRy9Y7G9qOpcUG6ByeRYS63ww+0mlI/hJ9VagbY8JKGMm
u/BnCdJl+JSfMA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:13 2026 by rpki-client