Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
File: dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json)
Hash identifier: /rRj25Sazf4qfarN5XfPPFzf+B1mlz9d71qiHlBaPUM=
Subject key identifier: 95:68:B5:7C:9F:AE:13:F1:35:A3:96:2F:3C:DC:42:D8:E1:2F:FB:D9
Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
Certificate issuer: /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Certificate serial: 019D390A290557207E0546A3763DBA513345
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
Manifest number: 0C2F
Signing time: Sun 29 Mar 2026 10:01:00 +0000
Manifest this update: Sun 29 Mar 2026 10:01:00 +0000
Manifest next update: Mon 30 Mar 2026 10:01:00 +0000
Files and hashes: 1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: Aqy5J8/SV+WN1afcwGOfmCEmFj1Ek35mXo5mytTJ3aM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:29:05:57:20:7e:05:46:a3:76:3d:ba:51:33:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac
Validity
Not Before: Mar 29 10:01:00 2026 GMT
Not After : Mar 30 10:01:00 2026 GMT
Subject: CN=9568b57c9fae13f135a3962f3cdc42d8e12ffbd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e4:4e:07:1e:64:ad:0a:32:25:8b:98:07:f5:
3c:af:4e:67:f8:1f:cc:22:15:72:87:3a:69:c1:28:
90:e4:52:28:9d:7c:27:c7:c1:92:85:6a:fd:c4:d7:
4f:32:8c:14:0a:b0:97:73:f6:3d:b9:9f:25:4a:d7:
d5:a9:1d:7e:8b:2e:32:08:35:04:ce:7f:4a:4d:54:
6f:ad:62:90:d6:64:f3:c6:48:3a:7f:0a:db:25:44:
5b:24:2a:9c:42:25:b8:f6:2f:76:ed:d2:72:fe:71:
ca:52:4d:65:55:f7:e5:e2:51:74:5f:a5:34:ce:dd:
df:20:02:f1:8c:82:54:90:5d:c6:84:d6:80:f7:0b:
76:65:d0:b1:e6:bf:a0:d8:f3:07:33:1c:22:14:b9:
3b:78:bf:5b:87:8c:e6:92:3f:8b:3e:20:fe:0c:fc:
0c:1c:b2:6d:c8:74:9d:76:b9:70:30:4c:da:a2:e2:
97:64:bc:26:f7:26:8a:4e:02:b1:a4:d1:dd:65:4e:
74:8c:c3:53:ac:c5:88:1a:b7:e0:d1:c1:55:95:87:
00:ab:fc:10:11:c4:c6:05:7d:d9:9f:96:24:ec:3f:
39:2d:66:c8:7b:f3:11:5c:47:01:40:3f:95:22:b8:
9c:bf:b5:f2:cd:e6:68:77:19:18:5d:fd:82:74:6c:
e7:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:68:B5:7C:9F:AE:13:F1:35:A3:96:2F:3C:DC:42:D8:E1:2F:FB:D9
X509v3 Authority Key Identifier:
keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:b7:b3:3f:68:ba:d8:31:f6:d2:e5:c1:cd:44:e8:21:8e:87:
e2:bd:57:5c:89:af:38:b5:6b:20:a5:7d:46:46:b9:8a:09:fb:
f5:4a:1f:65:79:e1:cd:d3:68:aa:9b:2a:18:12:a2:61:cc:93:
97:f9:4b:61:ba:76:b1:a1:22:80:64:23:9b:3e:cf:34:88:f3:
4d:47:96:44:28:8e:4f:da:7a:a5:2f:86:d5:ad:fb:92:64:ab:
8b:da:ec:ec:fc:86:f7:41:8f:54:6b:54:91:2c:62:52:a8:3c:
51:66:fc:35:61:53:d6:a4:10:9d:3f:ef:33:ba:b1:05:22:cf:
9c:3e:72:47:40:cb:44:a9:c3:98:c6:e4:a3:00:cf:3d:da:9f:
5e:ae:a1:da:2a:45:15:89:9c:f5:b9:31:12:06:2c:34:81:18:
aa:92:ec:07:60:58:45:b2:9f:a0:be:53:8e:3d:b0:80:ca:73:
80:fc:e0:23:8e:3a:ad:a6:94:20:f0:43:60:1a:b9:05:71:05:
e3:c0:39:0e:c0:60:51:8d:0a:e2:60:96:d3:af:30:fc:b6:08:
03:de:70:4f:a9:92:bf:86:76:de:09:9b:49:ac:f0:57:f3:86:
9f:ae:a8:24:9b:0a:33:28:db:7c:35:b5:fb:5b:2f:d1:e2:76:
38:b8:d8:36
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CikFVyB+BUajdj26UTNFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5
ZjZjYWMwHhcNMjYwMzI5MTAwMTAwWhcNMjYwMzMwMTAwMTAwWjAzMTEwLwYDVQQD
Eyg5NTY4YjU3YzlmYWUxM2YxMzVhMzk2MmYzY2RjNDJkOGUxMmZmYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ROBx5krQoyJYuYB/U8r05n+B/M
IhVyhzppwSiQ5FIonXwnx8GShWr9xNdPMowUCrCXc/Y9uZ8lStfVqR1+iy4yCDUE
zn9KTVRvrWKQ1mTzxkg6fwrbJURbJCqcQiW49i927dJy/nHKUk1lVffl4lF0X6U0
zt3fIALxjIJUkF3GhNaA9wt2ZdCx5r+g2PMHMxwiFLk7eL9bh4zmkj+LPiD+DPwM
HLJtyHSddrlwMEzaouKXZLwm9yaKTgKxpNHdZU50jMNTrMWIGrfg0cFVlYcAq/wQ
EcTGBX3Zn5Yk7D85LWbIe/MRXEcBQD+VIricv7XyzeZodxkYXf2CdGznPQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJVotXyfrhPxNaOWLzzcQtjhL/vZMB8GA1UdIwQY
MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt
NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3
LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARrezP2i6
2DH20uXBzUToIY6H4r1XXImvOLVrIKV9Rka5ign79UofZXnhzdNoqpsqGBKiYcyT
l/lLYbp2saEigGQjmz7PNIjzTUeWRCiOT9p6pS+G1a37kmSri9rs7PyG90GPVGtU
kSxiUqg8UWb8NWFT1qQQnT/vM7qxBSLPnD5yR0DLRKnDmMbkowDPPdqfXq6h2ipF
FYmc9bkxEgYsNIEYqpLsB2BYRbKfoL5Tjj2wgMpzgPzgI446raaUIPBDYBq5BXEF
48A5DsBgUY0K4mCW068w/LYIA95wT6mSv4Z23gmbSazwV/OGn66oJJsKMyjbfDW1
+1sv0eJ2OLjYNg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:46:40 2026 by rpki-client