Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft
File: czaDy4VtbZ_1jih-ipBdKS3KazQ.mft (raw, json)
Hash identifier: xeL1PTeZY9zTxk6I1i8WGuToCj0xU2flfjnYtrA8Ors=
Subject key identifier: CB:6B:34:27:90:01:D6:47:94:80:BB:B8:56:ED:9B:0A:87:88:2F:47
Authority key identifier: 73:36:83:CB:85:6D:6D:9F:F5:8E:28:7E:8A:90:5D:29:2D:CA:6B:34
Certificate issuer: /CN=733683cb856d6d9ff58e287e8a905d292dca6b34
Certificate serial: 019D3865E31A5A200A15B7A3488E4F5AFD37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft
Manifest number: 14D5
Signing time: Sun 29 Mar 2026 07:01:34 +0000
Manifest this update: Sun 29 Mar 2026 07:01:34 +0000
Manifest next update: Mon 30 Mar 2026 07:01:34 +0000
Files and hashes: 1: FhBG6EZ_K984KUIz81WFHdsRYxw.roa (hash: KOb98v+CSmeD7NnmSTq6hlY5QkxEZeCFyxvl1RnJ2hw=)
2: czaDy4VtbZ_1jih-ipBdKS3KazQ.crl (hash: Hj7OcCAqNeK2kM1M0tKkK4WeaiB7G6czX/QPpJIIt6M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:e3:1a:5a:20:0a:15:b7:a3:48:8e:4f:5a:fd:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=733683cb856d6d9ff58e287e8a905d292dca6b34
Validity
Not Before: Mar 29 07:01:34 2026 GMT
Not After : Mar 30 07:01:34 2026 GMT
Subject: CN=cb6b34279001d6479480bbb856ed9b0a87882f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:f7:e9:47:64:2a:9f:aa:26:1a:1c:ed:be:c9:
3b:bc:64:f4:2b:07:b3:b4:a3:99:9e:a8:4c:3f:04:
20:50:63:df:56:b5:ef:c6:d8:55:60:78:5f:f8:67:
32:a2:72:fd:8a:fe:34:de:5b:f5:1a:c6:24:ab:ba:
95:d5:b6:7c:41:bc:9a:e0:56:87:3f:72:6f:99:dc:
8a:ed:c0:7e:23:63:15:0c:ec:ba:99:9f:22:f9:21:
ac:fe:96:b7:09:3e:86:4f:54:32:46:b5:d7:d3:9b:
54:71:ca:3a:e7:33:ce:f2:7d:23:09:a2:4b:b7:07:
40:24:9a:87:02:44:1a:eb:4a:75:6a:03:a6:6b:82:
e1:b1:a2:c1:1c:b3:bf:b6:05:eb:90:65:03:63:50:
9e:26:01:a2:07:61:d5:5a:ce:39:d0:19:0e:1f:0a:
01:29:44:8a:38:b0:06:19:c7:f6:5a:45:d7:a5:82:
53:42:48:28:66:60:37:b7:9c:78:36:52:29:65:23:
96:6c:05:74:1f:ac:3e:74:0c:1f:5b:a3:3e:54:3c:
17:a5:ee:82:f4:54:da:fc:7e:8f:2d:86:7b:b1:93:
36:71:d5:97:df:c9:ea:92:31:6f:89:77:a8:d6:e5:
93:06:74:67:b1:fc:12:b4:7d:b9:96:b4:52:1f:11:
67:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:6B:34:27:90:01:D6:47:94:80:BB:B8:56:ED:9B:0A:87:88:2F:47
X509v3 Authority Key Identifier:
keyid:73:36:83:CB:85:6D:6D:9F:F5:8E:28:7E:8A:90:5D:29:2D:CA:6B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:0e:19:46:0a:10:b4:12:7e:02:06:67:4a:77:af:e1:27:8e:
16:29:d4:26:e4:53:70:e1:77:09:f8:27:19:ba:a0:0e:27:9d:
f3:91:96:d1:41:ee:ce:9a:37:20:90:a5:c8:59:0e:05:1c:68:
69:99:fe:e3:8b:b1:bb:5f:ca:50:b3:55:07:bb:0e:5d:b6:f8:
37:86:7c:4a:64:a3:8e:5c:7a:8c:e2:13:ea:05:72:26:94:ec:
df:5a:1e:68:37:f9:34:93:26:1f:35:4e:b2:b4:19:f6:ef:38:
be:47:91:1d:31:3e:25:b7:26:49:8b:8d:72:fd:cd:b8:aa:4b:
cd:17:1f:86:31:b3:8d:f9:c4:eb:b2:24:b3:f7:08:24:34:c7:
b0:9f:38:fb:71:da:c4:db:5a:80:c9:8d:98:0a:72:c6:68:fa:
4e:a9:53:3c:75:8f:36:28:92:f8:60:1f:12:fd:ae:d2:f7:66:
96:32:0f:7f:5f:20:44:2c:4f:79:5b:39:6e:85:cd:c6:fd:d9:
1f:14:25:5c:21:c9:3f:1a:db:69:2d:93:f5:0f:79:1a:1b:34:
46:73:77:d4:84:27:b3:4f:36:23:ed:2e:61:4c:eb:d8:01:a6:
78:cd:8a:2d:b6:b2:df:0b:e8:46:74:da:0c:ed:91:d2:74:99:
f3:a5:14:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZeMaWiAKFbejSI5PWv03MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMzY4M2NiODU2ZDZkOWZmNThlMjg3ZThhOTA1ZDI5MmRj
YTZiMzQwHhcNMjYwMzI5MDcwMTM0WhcNMjYwMzMwMDcwMTM0WjAzMTEwLwYDVQQD
EyhjYjZiMzQyNzkwMDFkNjQ3OTQ4MGJiYjg1NmVkOWIwYTg3ODgyZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ffpR2Qqn6omGhztvsk7vGT0Kwez
tKOZnqhMPwQgUGPfVrXvxthVYHhf+GcyonL9iv403lv1GsYkq7qV1bZ8Qbya4FaH
P3JvmdyK7cB+I2MVDOy6mZ8i+SGs/pa3CT6GT1QyRrXX05tUcco65zPO8n0jCaJL
twdAJJqHAkQa60p1agOma4LhsaLBHLO/tgXrkGUDY1CeJgGiB2HVWs450BkOHwoB
KUSKOLAGGcf2WkXXpYJTQkgoZmA3t5x4NlIpZSOWbAV0H6w+dAwfW6M+VDwXpe6C
9FTa/H6PLYZ7sZM2cdWX38nqkjFviXeo1uWTBnRnsfwStH25lrRSHxFnBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMtrNCeQAdZHlIC7uFbtmwqHiC9HMB8GA1UdIwQY
MBaAFHM2g8uFbW2f9Y4ofoqQXSktyms0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NDQ3NjktY2IzZS00NWNkLTkxNjUt
Njg3YWU2ZmJhM2FkLzEvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS84NDQ3NjktY2IzZS00NWNkLTkxNjUtNjg3YWU2ZmJhM2Fk
LzEvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABg4ZRgoQ
tBJ+AgZnSnev4SeOFinUJuRTcOF3CfgnGbqgDied85GW0UHuzpo3IJClyFkOBRxo
aZn+44uxu1/KULNVB7sOXbb4N4Z8SmSjjlx6jOIT6gVyJpTs31oeaDf5NJMmHzVO
srQZ9u84vkeRHTE+JbcmSYuNcv3NuKpLzRcfhjGzjfnE67Iks/cIJDTHsJ84+3Ha
xNtagMmNmApyxmj6TqlTPHWPNiiS+GAfEv2u0vdmljIPf18gRCxPeVs5boXNxv3Z
HxQlXCHJPxrbaS2T9Q95Ghs0RnN31IQns082I+0uYUzr2AGmeM2KLbay3wvoRnTa
DO2R0nSZ86UUGA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:15 2026 by rpki-client