Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
File: D9zw7HuvNJ6JLVERXCLA29Q1C44.mft (raw, json)
Hash identifier: SBlhi4EmRcDzfryjs2Rs0IMj+SOjDv1baSu4Q+WADCY=
Subject key identifier: D9:36:61:A6:AC:22:30:A2:BD:B2:FA:63:69:47:D9:12:4B:44:D4:8C
Authority key identifier: 0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
Certificate issuer: /CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Certificate serial: 019D382DD8F73ED86563DC3DBE6DC5CBA737
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
Manifest number: 0547
Signing time: Sun 29 Mar 2026 06:00:21 +0000
Manifest this update: Sun 29 Mar 2026 06:00:21 +0000
Manifest next update: Mon 30 Mar 2026 06:00:21 +0000
Files and hashes: 1: D9zw7HuvNJ6JLVERXCLA29Q1C44.crl (hash: ZS1riN/5YWlv6QMCL+CWzF8GRDzflAGsRQ3fUEYDlFk=)
2: Jv3FrbaSeXZke2UP27JZQguG_qc.roa (hash: dePpEEDTqP/enapSxKmHvz68yt/UQtEn5OCz1CdZVCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2d:d8:f7:3e:d8:65:63:dc:3d:be:6d:c5:cb:a7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Validity
Not Before: Mar 29 06:00:21 2026 GMT
Not After : Mar 30 06:00:21 2026 GMT
Subject: CN=d93661a6ac2230a2bdb2fa636947d9124b44d48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:da:a9:66:3b:cc:d1:68:fa:8c:48:b0:b3:82:
55:32:5d:32:69:59:2d:be:08:f0:56:9d:29:0b:ba:
39:a4:ef:72:c1:53:bd:f5:a1:ad:f4:f6:67:fc:2f:
cd:29:a9:2d:77:94:4f:d0:71:a4:5c:c1:55:e4:bd:
08:6e:bf:fa:3e:f8:87:ce:61:5d:54:a0:d5:2f:d5:
d0:4b:9e:be:2f:04:c9:fc:95:f4:88:a0:24:9a:5d:
8d:1d:57:98:e6:da:3b:90:33:05:44:4f:b4:bd:04:
31:24:24:62:b9:7f:21:ae:88:19:f7:7c:a8:2c:15:
33:2c:07:90:75:bf:0e:3c:90:3a:55:e3:86:b5:6b:
ee:19:d1:f0:2a:7f:c0:21:f3:ab:e1:9d:03:98:d6:
5b:0b:ce:cd:3d:a3:ef:33:10:30:5c:54:f1:78:b5:
81:a6:47:ba:a2:0f:dc:71:88:bf:15:f1:a7:f3:88:
b0:48:64:e5:aa:97:f5:b3:c3:b9:67:2d:25:38:8a:
ea:80:f5:8b:69:99:87:2c:13:40:8b:fd:99:7a:39:
ed:67:18:0e:99:65:18:a6:d3:28:df:c1:7c:18:56:
b9:e9:c0:64:8a:25:01:4f:63:9f:74:b4:30:6f:1d:
29:8a:40:ad:52:37:51:8b:59:25:c1:ac:3e:1d:c0:
30:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:36:61:A6:AC:22:30:A2:BD:B2:FA:63:69:47:D9:12:4B:44:D4:8C
X509v3 Authority Key Identifier:
keyid:0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:b7:32:54:af:ec:73:42:3c:8c:01:82:f3:86:c9:fa:12:42:
5c:cb:84:ab:ee:9c:f2:84:3e:24:5d:01:ed:3b:f6:d4:ce:b4:
cc:48:bc:c7:77:c9:2b:04:fc:b0:e4:4d:d3:95:51:7f:db:d0:
f1:c2:0e:3d:b9:cf:7c:f4:3d:64:94:48:b7:f6:fb:8f:cd:33:
2d:18:31:a2:3d:da:83:c0:70:12:38:bb:3a:b3:77:87:1c:7d:
29:95:e3:15:6d:7f:54:43:89:1c:97:23:6b:34:24:9b:12:73:
de:c6:12:b9:a7:24:5f:5a:ea:26:7d:bb:d8:c5:8c:cc:78:7f:
4d:a2:4d:54:bd:f3:cb:8d:b1:ee:f9:e7:85:b7:60:82:9c:9b:
82:ec:5d:12:3c:dd:06:c4:21:41:a7:bb:92:12:61:c1:7a:47:
7d:3a:83:ff:b2:e9:bd:16:9c:72:ac:9c:e3:7d:7f:e5:9d:c2:
1f:8f:e3:0a:84:d2:50:2c:59:b3:4c:0d:45:67:95:a8:a7:f4:
01:ed:be:b3:8b:c4:be:f0:5b:c1:11:2e:ea:11:c9:76:f3:d6:
63:1f:19:92:38:fb:16:10:43:f9:30:19:83:27:22:69:9b:ff:
74:40:a6:40:e9:df:d2:e4:93:48:4c:d9:4e:52:bc:b5:b7:ad:
b6:c4:37:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04Ldj3PthlY9w9vm3Fy6c3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGNmMGVjN2JhZjM0OWU4OTJkNTExMTVjMjJjMGRiZDQz
NTBiOGUwHhcNMjYwMzI5MDYwMDIxWhcNMjYwMzMwMDYwMDIxWjAzMTEwLwYDVQQD
EyhkOTM2NjFhNmFjMjIzMGEyYmRiMmZhNjM2OTQ3ZDkxMjRiNDRkNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9qpZjvM0Wj6jEiws4JVMl0yaVkt
vgjwVp0pC7o5pO9ywVO99aGt9PZn/C/NKaktd5RP0HGkXMFV5L0Ibr/6PviHzmFd
VKDVL9XQS56+LwTJ/JX0iKAkml2NHVeY5to7kDMFRE+0vQQxJCRiuX8hrogZ93yo
LBUzLAeQdb8OPJA6VeOGtWvuGdHwKn/AIfOr4Z0DmNZbC87NPaPvMxAwXFTxeLWB
pke6og/ccYi/FfGn84iwSGTlqpf1s8O5Zy0lOIrqgPWLaZmHLBNAi/2ZejntZxgO
mWUYptMo38F8GFa56cBkiiUBT2OfdLQwbx0pikCtUjdRi1klwaw+HcAwNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNk2YaasIjCivbL6Y2lH2RJLRNSMMB8GA1UdIwQY
MBaAFA/c8Ox7rzSeiS1REVwiwNvUNQuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2Ut
YjI5NTgzOGFiYmQ5LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2UtYjI5NTgzOGFiYmQ5
LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW7cyVK/s
c0I8jAGC84bJ+hJCXMuEq+6c8oQ+JF0B7Tv21M60zEi8x3fJKwT8sORN05VRf9vQ
8cIOPbnPfPQ9ZJRIt/b7j80zLRgxoj3ag8BwEji7OrN3hxx9KZXjFW1/VEOJHJcj
azQkmxJz3sYSuackX1rqJn272MWMzHh/TaJNVL3zy42x7vnnhbdggpybguxdEjzd
BsQhQae7khJhwXpHfTqD/7LpvRaccqyc431/5Z3CH4/jCoTSUCxZs0wNRWeVqKf0
Ae2+s4vEvvBbwREu6hHJdvPWYx8Zkjj7FhBD+TAZgyciaZv/dECmQOnf0uSTSEzZ
TlK8tbettsQ3UQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:48 2026 by rpki-client