Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.mft
File: rz9wBQP0ByCoL3bvFc2mICLx-ak.mft (raw, json)
Hash identifier: lBk/jbTcck7Bwi6TOxMWAbow0pG+kW1FIAsHJpyDUDY=
Subject key identifier: D5:A9:52:5C:CA:98:FE:70:92:45:37:61:E6:51:31:47:76:BC:70:8E
Authority key identifier: AF:3F:70:05:03:F4:07:20:A8:2F:76:EF:15:CD:A6:20:22:F1:F9:A9
Certificate issuer: /CN=af3f700503f40720a82f76ef15cda62022f1f9a9
Certificate serial: 019DCE2BC8BE9926FDB643F663337876A5B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rz9wBQP0ByCoL3bvFc2mICLx-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.mft
Manifest number: 0FA3
Signing time: Mon 27 Apr 2026 09:01:09 +0000
Manifest this update: Mon 27 Apr 2026 09:01:09 +0000
Manifest next update: Tue 28 Apr 2026 09:01:09 +0000
Files and hashes: 1: 8LnVsjH2EwUmwFrvwngeTt29sfc.roa (hash: zoMdGFAt0JgG0lcHzQngcTPabdRrKnSlHq63qMuC6dU=)
2: rz9wBQP0ByCoL3bvFc2mICLx-ak.crl (hash: HFShnAnrTBk4zWen+ybliGOcW0WzktsFlQhsOFtBPWI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/rz9wBQP0ByCoL3bvFc2mICLx-ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 09:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:2b:c8:be:99:26:fd:b6:43:f6:63:33:78:76:a5:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3f700503f40720a82f76ef15cda62022f1f9a9
Validity
Not Before: Apr 27 09:01:09 2026 GMT
Not After : Apr 28 09:01:09 2026 GMT
Subject: CN=d5a9525cca98fe7092453761e651314776bc708e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:31:11:46:33:cb:bb:41:81:50:f4:89:81:10:
82:94:de:6a:a3:74:1c:8d:5c:0c:b8:63:32:18:14:
d6:71:71:0e:5f:24:20:9a:2b:e0:e1:cf:67:dc:17:
5f:3c:b5:12:b0:84:df:9f:9d:16:fe:75:eb:e1:bd:
f4:0c:23:f3:ee:45:22:3b:fe:a5:e3:67:76:c2:9c:
57:60:86:59:b1:41:6d:d1:e4:a7:04:61:44:c2:8b:
6a:3f:b9:ef:48:4a:6d:65:54:85:32:4f:9d:45:25:
02:14:e0:85:f9:10:0b:a1:6f:ed:56:ea:9b:6a:2b:
02:bb:97:90:59:3d:87:42:3e:34:aa:db:30:f2:69:
98:05:b7:b9:11:3a:06:45:91:99:90:34:2b:5c:63:
10:35:62:90:23:c5:95:10:97:cb:71:eb:3e:75:60:
67:48:ee:ad:82:10:8a:e6:c1:56:c3:47:46:98:24:
b5:3b:ce:9e:35:6d:d2:dd:9b:02:41:e4:a2:b0:78:
0a:92:7f:86:a6:c8:52:86:01:22:d3:74:8f:5f:89:
00:7a:60:39:bd:8a:a7:0f:45:17:04:6a:3a:f2:7a:
46:ca:55:54:70:c2:97:0d:9d:b2:ce:98:6b:eb:ff:
6b:8a:f5:a4:5c:d0:e2:4a:03:89:a2:79:ab:1a:64:
41:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A9:52:5C:CA:98:FE:70:92:45:37:61:E6:51:31:47:76:BC:70:8E
X509v3 Authority Key Identifier:
keyid:AF:3F:70:05:03:F4:07:20:A8:2F:76:EF:15:CD:A6:20:22:F1:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rz9wBQP0ByCoL3bvFc2mICLx-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/7b7f26-f841-4700-aafb-ead0634192cd/1/rz9wBQP0ByCoL3bvFc2mICLx-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:c9:e1:47:a1:61:bb:15:ad:ff:76:2e:12:4d:5a:43:99:b2:
8d:96:85:a5:94:db:7d:9f:c8:0e:0e:a8:1c:1d:82:56:56:4d:
38:15:ed:64:d9:ce:0b:a4:e3:b3:8c:f8:f2:54:f0:ff:84:b1:
24:ec:6b:22:a4:65:70:c2:eb:25:55:02:fe:83:21:79:4a:b8:
df:58:32:6b:3b:83:c0:4f:e3:4a:79:df:2c:c0:90:a1:18:8a:
ac:ef:e2:77:e0:f9:14:2d:31:85:1e:17:09:e6:69:d8:6b:43:
e6:c1:7a:28:f2:79:51:ea:50:72:b3:bd:6f:bd:06:4e:a0:1c:
34:f4:7e:7a:6e:2f:85:a2:f8:79:be:c2:54:f6:07:89:9b:b1:
26:a3:43:18:ad:a1:db:88:09:bb:24:44:e6:93:63:1a:f2:42:
0d:22:36:48:98:11:e7:95:07:88:ac:9a:dd:06:70:73:63:5c:
70:93:32:13:28:c9:f6:84:94:a6:a5:c5:14:df:ea:26:a2:38:
02:f3:31:58:8e:8c:6b:94:73:b7:d3:c5:e1:df:34:23:4a:17:
c8:e6:ca:03:38:ff:ad:83:d4:74:72:0c:1e:c5:c3:21:d6:15:
e1:10:88:b0:94:cf:ca:3b:81:c2:eb:1c:82:9b:1e:68:71:55:
50:4f:22:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OK8i+mSb9tkP2YzN4dqW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmM2Y3MDA1MDNmNDA3MjBhODJmNzZlZjE1Y2RhNjIwMjJm
MWY5YTkwHhcNMjYwNDI3MDkwMTA5WhcNMjYwNDI4MDkwMTA5WjAzMTEwLwYDVQQD
EyhkNWE5NTI1Y2NhOThmZTcwOTI0NTM3NjFlNjUxMzE0Nzc2YmM3MDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDERRjPLu0GBUPSJgRCClN5qo3Qc
jVwMuGMyGBTWcXEOXyQgmivg4c9n3BdfPLUSsITfn50W/nXr4b30DCPz7kUiO/6l
42d2wpxXYIZZsUFt0eSnBGFEwotqP7nvSEptZVSFMk+dRSUCFOCF+RALoW/tVuqb
aisCu5eQWT2HQj40qtsw8mmYBbe5EToGRZGZkDQrXGMQNWKQI8WVEJfLces+dWBn
SO6tghCK5sFWw0dGmCS1O86eNW3S3ZsCQeSisHgKkn+GpshShgEi03SPX4kAemA5
vYqnD0UXBGo68npGylVUcMKXDZ2yzphr6/9rivWkXNDiSgOJonmrGmRBZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWpUlzKmP5wkkU3YeZRMUd2vHCOMB8GA1UdIwQY
MBaAFK8/cAUD9AcgqC927xXNpiAi8fmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcno5d0JRUDBCeUNvTDNidkZjMm1JQ0x4LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83YjdmMjYtZjg0MS00NzAwLWFhZmIt
ZWFkMDYzNDE5MmNkLzEvcno5d0JRUDBCeUNvTDNidkZjMm1JQ0x4LWFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83YjdmMjYtZjg0MS00NzAwLWFhZmItZWFkMDYzNDE5MmNk
LzEvcno5d0JRUDBCeUNvTDNidkZjMm1JQ0x4LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXMnhR6Fh
uxWt/3YuEk1aQ5myjZaFpZTbfZ/IDg6oHB2CVlZNOBXtZNnOC6Tjs4z48lTw/4Sx
JOxrIqRlcMLrJVUC/oMheUq431gyazuDwE/jSnnfLMCQoRiKrO/id+D5FC0xhR4X
CeZp2GtD5sF6KPJ5UepQcrO9b70GTqAcNPR+em4vhaL4eb7CVPYHiZuxJqNDGK2h
24gJuyRE5pNjGvJCDSI2SJgR55UHiKya3QZwc2NccJMyEyjJ9oSUpqXFFN/qJqI4
AvMxWI6Ma5Rzt9PF4d80I0oXyObKAzj/rYPUdHIMHsXDIdYV4RCIsJTPyjuBwusc
gpseaHFVUE8ilg==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:32:37 2026 by rpki-client