Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
File: pZyqKnNoBpiyyeGmyWQadPPOdug.mft (raw, json)
Hash identifier: BDkJQr9ioIEz8E2uIsFh36OJuzcbeeoSdtSKE3OzkwA=
Subject key identifier: 7A:39:CE:86:05:67:B4:45:05:2F:40:B2:5D:DC:DC:50:A5:B5:08:9C
Authority key identifier: A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
Certificate issuer: /CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Certificate serial: 019D3AF802875C333EE44AA0CAE1FC5A461D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
Manifest number: 0D26
Signing time: Sun 29 Mar 2026 19:00:25 +0000
Manifest this update: Sun 29 Mar 2026 19:00:25 +0000
Manifest next update: Mon 30 Mar 2026 19:00:25 +0000
Files and hashes: 1: pZyqKnNoBpiyyeGmyWQadPPOdug.crl (hash: s5GxdoADYaM/odB5NFZOb+sdZlhUKY7hzjioYpEwZMY=)
2: rRTCZ5FyRdDiK7BZGTzqpa0QNeg.roa (hash: mji6QPUv0yUiA70EcUkHQFZ0veAkRZWxgnDOQwOKKtU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:f8:02:87:5c:33:3e:e4:4a:a0:ca:e1:fc:5a:46:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Validity
Not Before: Mar 29 19:00:25 2026 GMT
Not After : Mar 30 19:00:25 2026 GMT
Subject: CN=7a39ce860567b445052f40b25ddcdc50a5b5089c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:5c:06:2b:1c:f7:65:15:e0:9e:77:7d:c1:a1:
04:03:93:d7:c5:08:4f:ab:61:33:3a:cf:f7:a0:ed:
a0:38:ac:9a:3e:c1:18:64:de:62:02:77:be:e4:b6:
9c:d0:7e:d3:48:4c:32:0e:93:5e:91:4a:e0:38:2d:
04:0a:c4:74:b8:28:08:94:1b:6e:c0:0f:bf:09:15:
d0:fd:4e:43:7d:97:26:0f:73:07:c1:d0:95:a6:0f:
25:50:36:d3:24:89:87:9a:1f:23:8e:1c:5e:8e:f5:
52:7b:13:67:1a:01:96:6d:2c:6e:f0:a2:ac:89:ec:
90:09:21:ce:28:f0:54:bf:cb:95:ba:85:67:df:19:
58:9b:02:9a:87:76:5a:69:71:7d:5a:a2:3e:3e:b3:
5a:1c:b8:4f:c5:8b:0f:b4:72:74:70:72:69:7a:80:
85:c6:c1:c9:b5:ea:03:99:e9:bb:53:c8:e4:2d:49:
b1:00:14:0f:82:01:a5:1a:bc:66:a8:e2:43:f2:4e:
56:ea:25:32:45:2e:59:20:0f:b2:16:61:15:cd:c6:
2f:83:2c:3d:1c:98:64:67:16:a2:5a:d6:cf:19:82:
7a:6a:b5:ec:d7:91:ec:5b:d9:32:79:f4:2e:ca:1c:
db:49:ef:b7:13:86:20:b4:23:f4:f9:b3:72:77:eb:
ce:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:39:CE:86:05:67:B4:45:05:2F:40:B2:5D:DC:DC:50:A5:B5:08:9C
X509v3 Authority Key Identifier:
keyid:A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:24:05:1a:3c:79:27:a2:b4:77:61:09:34:c0:f5:e7:1d:14:
56:d7:99:8b:66:76:cc:6b:0e:85:ea:38:15:34:09:08:58:5d:
fd:b0:21:af:de:2a:ea:be:b6:2f:01:11:18:b8:79:6b:48:96:
04:8d:df:a9:ab:d7:e8:bf:40:c8:fa:80:8d:d2:01:67:15:41:
59:23:41:24:db:14:c3:51:af:64:c3:84:8b:6f:60:2b:d3:6f:
98:2a:c8:78:68:cc:5c:8c:7e:e5:b0:0f:dd:29:92:ab:f6:7c:
1b:b3:b5:35:af:78:c2:50:51:20:e7:cd:ab:83:de:dc:64:1f:
62:bd:b4:08:d5:34:43:f4:2f:04:5d:c8:2c:e7:86:48:76:5f:
65:ab:13:bb:af:c2:f4:9c:5b:2e:db:08:12:8b:63:69:64:58:
c5:b0:73:ee:65:9b:e6:66:ff:a1:68:d8:c3:18:49:e9:67:33:
de:e7:ae:8c:94:da:e8:3a:59:1e:a5:e3:f3:0c:b8:71:28:15:
eb:3d:f0:db:35:46:54:18:db:bf:8a:dd:a2:21:76:26:6f:e2:
b4:d3:ae:af:06:df:32:95:29:bd:e0:43:8f:51:5b:f9:db:50:
d2:8a:16:6c:eb:cc:22:52:eb:07:e5:54:7e:e6:de:ec:5b:00:
48:34:31:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06+AKHXDM+5EqgyuH8WkYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWNhYTJhNzM2ODA2OThiMmM5ZTFhNmM5NjQxYTc0ZjNj
ZTc2ZTgwHhcNMjYwMzI5MTkwMDI1WhcNMjYwMzMwMTkwMDI1WjAzMTEwLwYDVQQD
Eyg3YTM5Y2U4NjA1NjdiNDQ1MDUyZjQwYjI1ZGRjZGM1MGE1YjUwODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1wGKxz3ZRXgnnd9waEEA5PXxQhP
q2EzOs/3oO2gOKyaPsEYZN5iAne+5Lac0H7TSEwyDpNekUrgOC0ECsR0uCgIlBtu
wA+/CRXQ/U5DfZcmD3MHwdCVpg8lUDbTJImHmh8jjhxejvVSexNnGgGWbSxu8KKs
ieyQCSHOKPBUv8uVuoVn3xlYmwKah3ZaaXF9WqI+PrNaHLhPxYsPtHJ0cHJpeoCF
xsHJteoDmem7U8jkLUmxABQPggGlGrxmqOJD8k5W6iUyRS5ZIA+yFmEVzcYvgyw9
HJhkZxaiWtbPGYJ6arXs15HsW9kyefQuyhzbSe+3E4YgtCP0+bNyd+vO5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHo5zoYFZ7RFBS9Asl3c3FCltQicMB8GA1UdIwQY
MBaAFKWcqipzaAaYssnhpslkGnTzznboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYt
YWU5MWFiMzQyYmUxLzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYtYWU5MWFiMzQyYmUx
LzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUyQFGjx5
J6K0d2EJNMD15x0UVteZi2Z2zGsOheo4FTQJCFhd/bAhr94q6r62LwERGLh5a0iW
BI3fqavX6L9AyPqAjdIBZxVBWSNBJNsUw1GvZMOEi29gK9NvmCrIeGjMXIx+5bAP
3SmSq/Z8G7O1Na94wlBRIOfNq4Pe3GQfYr20CNU0Q/QvBF3ILOeGSHZfZasTu6/C
9JxbLtsIEotjaWRYxbBz7mWb5mb/oWjYwxhJ6Wcz3ueujJTa6DpZHqXj8wy4cSgV
6z3w2zVGVBjbv4rdoiF2Jm/itNOurwbfMpUpveBDj1Fb+dtQ0ooWbOvMIlLrB+VU
fube7FsASDQxGw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:29:29 2026 by rpki-client