Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
File: BZ9RaALCYTCaYQSHcubq_VhnqZA.mft (raw, json)
Hash identifier: IUMzsyyuKK5tMRprgPzYBak7/h/Ouu1trQaEYlChOpA=
Subject key identifier: 3D:E1:BF:F1:DE:58:0A:3C:DB:C0:2D:19:64:8D:FD:7D:A8:C7:C9:43
Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990
Certificate serial: 019D37F766522EB6ED88BB16B72DABBE2B00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
Manifest number: 174C
Signing time: Sun 29 Mar 2026 05:00:53 +0000
Manifest this update: Sun 29 Mar 2026 05:00:53 +0000
Manifest next update: Mon 30 Mar 2026 05:00:53 +0000
Files and hashes: 1: 46krBMuMgQRTOnYjjiwz0jZnP9g.roa (hash: i+WuevI3Tnw5jBTEqmKxgeqDkLLDwvFZgvTXSU8JdlE=)
2: BZ9RaALCYTCaYQSHcubq_VhnqZA.crl (hash: HQ/fG/F1L5VkckLPuiwrLCqf+6/BvYJkfcUEsNPy5bc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:66:52:2e:b6:ed:88:bb:16:b7:2d:ab:be:2b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059f516802c261309a61048772e6eafd5867a990
Validity
Not Before: Mar 29 05:00:53 2026 GMT
Not After : Mar 30 05:00:53 2026 GMT
Subject: CN=3de1bff1de580a3cdbc02d19648dfd7da8c7c943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:22:4b:02:ee:30:cf:ce:a3:6f:71:ae:91:fd:
14:f4:80:1d:3b:38:72:f3:25:c5:a3:b0:17:0e:11:
17:54:b3:4a:2b:d6:66:d7:92:f7:8c:d3:52:a7:02:
b1:50:f4:7a:31:11:45:8f:99:54:22:ee:e6:ce:6d:
70:11:66:1b:1a:80:1e:bb:1a:86:86:80:02:62:5d:
a6:7a:81:00:cc:aa:49:0a:98:48:cb:40:c4:93:71:
a5:a9:ba:ca:2c:6e:d5:00:bf:8d:16:ec:dd:33:34:
a3:8d:50:7d:34:df:fd:5f:73:67:c9:6f:81:b3:88:
e8:93:ba:fe:ed:a7:9f:b7:ed:7b:31:f3:d9:43:9c:
c0:54:fd:cb:f9:d3:da:f3:98:5b:8e:d9:28:a2:cb:
36:e2:c9:c4:9b:5e:1d:12:f9:9a:f0:9e:a1:31:10:
41:79:56:1b:5c:c9:68:84:04:b1:87:33:d2:0b:7e:
35:82:d5:0b:0a:1e:9e:ad:2f:33:02:8a:6b:d7:e8:
04:a4:b2:a3:c5:cd:83:90:38:14:ae:66:ff:2d:86:
ad:14:c5:98:a6:b2:70:d5:78:0d:1a:89:a5:68:6b:
64:12:3e:b2:60:f4:f7:71:1c:a6:f0:89:b3:6e:81:
35:72:37:78:50:dd:4e:cd:76:8f:fc:00:49:5e:5f:
38:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:E1:BF:F1:DE:58:0A:3C:DB:C0:2D:19:64:8D:FD:7D:A8:C7:C9:43
X509v3 Authority Key Identifier:
keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:ef:81:dd:21:b5:81:0f:c9:e8:f3:19:90:26:cf:8b:42:62:
eb:90:0d:83:0c:63:9e:87:28:f6:80:5a:14:26:1a:5e:fa:f5:
7b:1d:68:39:75:16:79:bc:52:f6:bf:29:ff:00:cf:ba:35:b7:
57:ff:73:58:e0:aa:9e:9b:62:b2:68:44:8e:45:2d:8a:bd:65:
c9:0e:e1:80:5d:3a:2a:a3:65:a8:a4:f1:49:cb:4f:5a:d9:bc:
fa:60:96:61:96:88:35:45:cc:bd:25:6b:5f:eb:98:d8:0d:1c:
aa:54:b6:08:da:ae:c0:7d:a1:b1:93:3b:fa:28:de:9c:93:40:
1b:b7:52:c1:6b:84:74:b4:c1:f1:b1:0a:87:cb:75:8b:56:2e:
4f:63:6c:ff:dc:67:31:dc:fb:49:20:4e:33:c5:00:71:28:fb:
19:6d:0f:e1:4c:29:b9:e9:3e:b5:f2:8b:49:8e:78:78:ed:c1:
48:6b:c1:9b:1a:24:c6:92:23:f2:6b:95:b3:73:8c:37:3c:97:
5d:fe:1b:43:52:36:7b:7e:4f:78:fa:de:d4:e1:e6:61:41:37:
4d:45:88:07:e3:2f:4f:ca:13:36:bf:20:d1:b6:54:b6:50:04:
00:84:11:55:7d:8a:fb:20:27:5b:dc:e3:6a:17:0c:02:01:fb:
88:ed:ea:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0392ZSLrbtiLsWty2rvisAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2
N2E5OTAwHhcNMjYwMzI5MDUwMDUzWhcNMjYwMzMwMDUwMDUzWjAzMTEwLwYDVQQD
EygzZGUxYmZmMWRlNTgwYTNjZGJjMDJkMTk2NDhkZmQ3ZGE4YzdjOTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSJLAu4wz86jb3Gukf0U9IAdOzhy
8yXFo7AXDhEXVLNKK9Zm15L3jNNSpwKxUPR6MRFFj5lUIu7mzm1wEWYbGoAeuxqG
hoACYl2meoEAzKpJCphIy0DEk3GlqbrKLG7VAL+NFuzdMzSjjVB9NN/9X3NnyW+B
s4jok7r+7aeft+17MfPZQ5zAVP3L+dPa85hbjtkooss24snEm14dEvma8J6hMRBB
eVYbXMlohASxhzPSC341gtULCh6erS8zAopr1+gEpLKjxc2DkDgUrmb/LYatFMWY
prJw1XgNGomlaGtkEj6yYPT3cRym8ImzboE1cjd4UN1OzXaP/ABJXl842QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD3hv/HeWAo828AtGWSN/X2ox8lDMB8GA1UdIwQY
MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt
OTUxYjE5ODU2NzFjLzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj
LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMO+B3SG1
gQ/J6PMZkCbPi0Ji65ANgwxjnoco9oBaFCYaXvr1ex1oOXUWebxS9r8p/wDPujW3
V/9zWOCqnptismhEjkUtir1lyQ7hgF06KqNlqKTxSctPWtm8+mCWYZaINUXMvSVr
X+uY2A0cqlS2CNquwH2hsZM7+ijenJNAG7dSwWuEdLTB8bEKh8t1i1YuT2Ns/9xn
Mdz7SSBOM8UAcSj7GW0P4Uwpuek+tfKLSY54eO3BSGvBmxokxpIj8muVs3OMNzyX
Xf4bQ1I2e35PePre1OHmYUE3TUWIB+MvT8oTNr8g0bZUtlAEAIQRVX2K+yAnW9zj
ahcMAgH7iO3qnQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:56:46 2026 by rpki-client