Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
File: BZ9RaALCYTCaYQSHcubq_VhnqZA.mft (raw, json)
Hash identifier: G1hvW5CEEjJegbW0IJ5FJmRQzhWF83p7fQ6JRbppFfE=
Subject key identifier: DF:BA:DD:74:0F:05:08:BC:B3:F2:ED:63:20:FB:0A:AA:F2:B3:D0:28
Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990
Certificate serial: 019E31175DB976F8756B0CBFF56E051613CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
Manifest number: 17CD
Signing time: Sat 16 May 2026 14:01:15 +0000
Manifest this update: Sat 16 May 2026 14:01:15 +0000
Manifest next update: Sun 17 May 2026 14:01:15 +0000
Files and hashes: 1: 46krBMuMgQRTOnYjjiwz0jZnP9g.roa (hash: i+WuevI3Tnw5jBTEqmKxgeqDkLLDwvFZgvTXSU8JdlE=)
2: BZ9RaALCYTCaYQSHcubq_VhnqZA.crl (hash: TryMLzHHYkfVTidoly3czXclMxe+MaBOkrxv9PtSIYs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 12:40:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:31:17:5d:b9:76:f8:75:6b:0c:bf:f5:6e:05:16:13:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059f516802c261309a61048772e6eafd5867a990
Validity
Not Before: May 16 14:01:15 2026 GMT
Not After : May 17 14:01:15 2026 GMT
Subject: CN=dfbadd740f0508bcb3f2ed6320fb0aaaf2b3d028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a5:22:c7:de:94:c7:aa:50:39:bd:93:04:ba:
f0:45:7b:2b:67:d1:40:0c:5c:e5:9e:ba:11:9d:1c:
e0:10:c4:b3:47:74:5a:39:60:fe:90:a5:5a:64:72:
78:66:bc:34:1d:a4:2b:f9:b7:24:57:ae:6a:94:30:
3b:df:27:2d:3f:f0:51:0b:92:8e:f4:8b:c1:9b:ef:
c6:d7:68:cb:bf:4d:11:5c:fb:cc:b1:f1:e4:46:80:
1e:14:60:35:2d:8a:fd:59:db:c2:a2:a6:d4:7b:7b:
2a:33:31:9e:3a:c7:d9:64:e9:78:47:39:5d:82:ed:
01:e6:79:c6:84:ce:ab:7b:c1:19:a9:d3:94:af:8c:
b2:63:19:30:74:56:b8:4b:91:62:82:e4:dd:a1:41:
aa:19:09:83:e2:e4:2a:9f:0d:bf:eb:dc:ab:68:44:
ab:cc:de:5e:b7:76:90:af:32:14:85:4c:6c:24:46:
44:b6:3e:a7:e8:24:5d:d9:3f:74:d6:3b:f7:34:24:
43:9b:03:f7:40:62:b7:ad:d6:f0:5b:0b:02:c8:8d:
1c:0c:d2:9a:8d:cf:dd:c1:da:f7:bc:40:8f:c4:d3:
65:4c:e3:8a:6e:5d:68:52:af:86:1f:3a:c3:62:dd:
bf:ad:0d:e4:6f:5a:38:0d:ae:dc:9b:f2:52:9a:33:
8f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:BA:DD:74:0F:05:08:BC:B3:F2:ED:63:20:FB:0A:AA:F2:B3:D0:28
X509v3 Authority Key Identifier:
keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
88:b2:17:62:f2:e6:c8:d9:56:3a:55:5f:cb:36:37:98:e7:bb:
8e:87:ec:9c:c3:0c:5e:31:19:76:db:b0:07:a2:13:f7:df:45:
6e:1c:56:8b:85:0a:e8:d9:89:ab:49:51:3d:61:02:0a:80:b2:
93:cc:c8:b7:c6:ea:4c:60:84:36:fd:0a:37:19:ef:88:1c:3e:
82:cb:2e:e9:df:f0:13:91:96:50:fa:53:98:4d:58:c8:cf:60:
b6:7f:d7:c0:4c:a8:20:31:3a:54:3a:7e:38:a7:d9:15:c5:b5:
be:cd:66:51:f9:3e:3b:00:4a:c2:14:ec:62:39:6c:6d:b7:8e:
3c:ac:16:9b:da:bb:24:b7:17:3a:49:a4:7a:bb:a6:8b:d8:22:
ca:19:ce:df:8a:c5:ee:fc:a3:ab:23:4a:d6:6b:39:26:16:7e:
b9:ff:db:10:54:c7:25:65:6f:7e:2d:2a:1d:56:cf:95:91:64:
64:e4:1c:d3:18:86:45:5f:4c:32:ae:52:bd:ff:43:4b:d6:a3:
cd:48:e8:1a:09:41:3d:0c:4f:83:78:4f:72:91:1f:9f:80:93:
93:0a:2f:b1:23:d4:ea:dc:c7:54:a1:41:26:4b:e0:77:09:f3:
b2:24:f7:6f:7c:e0:e6:06:cb:1c:2b:37:38:e5:c8:41:fb:3a:
fb:9d:3c:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4xF125dvh1awy/9W4FFhPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2
N2E5OTAwHhcNMjYwNTE2MTQwMTE1WhcNMjYwNTE3MTQwMTE1WjAzMTEwLwYDVQQD
EyhkZmJhZGQ3NDBmMDUwOGJjYjNmMmVkNjMyMGZiMGFhYWYyYjNkMDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6Uix96Ux6pQOb2TBLrwRXsrZ9FA
DFzlnroRnRzgEMSzR3RaOWD+kKVaZHJ4Zrw0HaQr+bckV65qlDA73yctP/BRC5KO
9IvBm+/G12jLv00RXPvMsfHkRoAeFGA1LYr9WdvCoqbUe3sqMzGeOsfZZOl4Rzld
gu0B5nnGhM6re8EZqdOUr4yyYxkwdFa4S5FiguTdoUGqGQmD4uQqnw2/69yraESr
zN5et3aQrzIUhUxsJEZEtj6n6CRd2T901jv3NCRDmwP3QGK3rdbwWwsCyI0cDNKa
jc/dwdr3vECPxNNlTOOKbl1oUq+GHzrDYt2/rQ3kb1o4Da7cm/JSmjOPbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN+63XQPBQi8s/LtYyD7Cqrys9AoMB8GA1UdIwQY
MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt
OTUxYjE5ODU2NzFjLzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj
LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiLIXYvLm
yNlWOlVfyzY3mOe7jofsnMMMXjEZdtuwB6IT999FbhxWi4UK6NmJq0lRPWECCoCy
k8zIt8bqTGCENv0KNxnviBw+gssu6d/wE5GWUPpTmE1YyM9gtn/XwEyoIDE6VDp+
OKfZFcW1vs1mUfk+OwBKwhTsYjlsbbeOPKwWm9q7JLcXOkmkerumi9giyhnO34rF
7vyjqyNK1ms5JhZ+uf/bEFTHJWVvfi0qHVbPlZFkZOQc0xiGRV9MMq5Svf9DS9aj
zUjoGglBPQxPg3hPcpEfn4CTkwovsSPU6tzHVKFBJkvgdwnzsiT3b3zg5gbLHCs3
OOXIQfs6+508zQ==
-----END CERTIFICATE-----
Generated at Sat May 16 19:31:42 2026 by rpki-client