Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
File: dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft (raw, json)
Hash identifier: G+nANeC1NBIHYH9lbuHKP3EvswlztCwVzNofiq6nKLA=
Subject key identifier: F1:57:4F:8A:71:C2:4A:52:FF:14:68:8E:AA:1D:56:EF:F4:9F:A2:02
Authority key identifier: 75:92:3E:C5:46:DF:37:1D:09:E6:8C:6B:06:02:5E:A3:12:61:23:4A
Certificate issuer: /CN=75923ec546df371d09e68c6b06025ea31261234a
Certificate serial: 019D420CB113A4A050987B605D36F280CCBB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
Manifest number: 1891
Signing time: Tue 31 Mar 2026 04:00:20 +0000
Manifest this update: Tue 31 Mar 2026 04:00:20 +0000
Manifest next update: Wed 01 Apr 2026 04:00:20 +0000
Files and hashes: 1: dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl (hash: 8T3gQvmhrYX9uzb22YcJheLCP5t7FUKUeSzAqFttI70=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:42:0c:b1:13:a4:a0:50:98:7b:60:5d:36:f2:80:cc:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75923ec546df371d09e68c6b06025ea31261234a
Validity
Not Before: Mar 31 04:00:20 2026 GMT
Not After : Apr 1 04:00:20 2026 GMT
Subject: CN=f1574f8a71c24a52ff14688eaa1d56eff49fa202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:84:2e:52:66:5c:db:d9:23:33:f2:df:03:02:
4d:09:ab:9e:14:87:33:7a:67:89:cb:0a:04:83:6f:
0c:1e:a8:d2:6e:06:73:9b:69:b2:ba:46:fe:e7:1d:
bd:bb:9f:82:07:7e:77:35:7d:87:24:9c:9c:5a:9b:
15:f7:e2:ea:91:34:de:b7:aa:b8:7e:9b:84:1d:dc:
15:48:d6:c0:c2:d3:2e:9e:5e:d3:4d:f6:74:54:25:
1b:c6:2e:61:2b:4a:e0:23:7e:ce:07:7b:dc:50:ef:
63:4c:c1:4b:64:92:77:f3:7a:61:62:45:15:85:76:
b6:34:f9:73:4c:6f:74:2e:83:74:36:80:f1:4d:39:
cc:eb:ad:fa:41:88:75:45:35:e6:1f:3d:9a:f4:8b:
b3:59:5d:a9:0d:b2:14:2b:cc:cd:b8:d5:af:59:48:
f0:de:37:3f:32:25:02:55:ea:02:cf:9c:99:8b:be:
24:c8:44:04:8b:8d:42:d9:f7:d6:74:58:c6:24:88:
0a:78:f8:5f:df:ec:c7:8e:71:a0:c3:25:ca:89:6d:
c0:17:e7:8c:ce:ed:22:04:3e:ff:78:e9:10:1a:e2:
8d:79:41:42:8b:f4:c3:70:a1:d2:28:d7:31:c5:a9:
ea:fa:1d:a2:b7:d5:73:f5:36:8d:5c:6e:1e:8b:59:
0a:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:57:4F:8A:71:C2:4A:52:FF:14:68:8E:AA:1D:56:EF:F4:9F:A2:02
X509v3 Authority Key Identifier:
keyid:75:92:3E:C5:46:DF:37:1D:09:E6:8C:6B:06:02:5E:A3:12:61:23:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:8e:04:42:78:08:3c:2d:4e:24:5b:a6:5d:7e:30:21:86:45:
cd:96:06:ab:bf:d6:14:0a:d1:dc:35:dc:b8:e8:57:4a:9b:b2:
e0:11:03:3a:3e:41:31:d8:e3:27:8e:2a:3a:b1:27:ef:02:bd:
e5:93:9c:d6:b8:0f:e6:0c:9f:d8:fe:48:96:45:d2:cd:ce:55:
29:22:de:7d:e9:8d:27:0c:cf:8f:3a:45:e4:90:a0:73:29:72:
35:de:2c:e9:3f:6d:f0:f4:12:42:1c:b1:22:9b:fb:b4:ee:f6:
d5:a5:d3:1c:a9:c3:95:da:05:d0:a9:4c:7f:cb:1b:0d:1d:67:
17:22:ee:fe:d9:c1:16:19:5d:39:34:ca:81:b7:6e:49:47:cd:
19:8d:32:f2:8d:45:2c:20:ba:06:38:64:16:2f:b1:cd:38:ee:
aa:d6:cc:f4:0c:39:4c:36:19:92:2d:26:ca:cc:ab:76:e5:a2:
b7:c0:f3:e2:cc:06:45:66:fd:0f:5f:1a:7c:bd:35:7b:fc:ec:
ea:f5:5f:d7:c3:b5:3d:9d:fd:bc:9a:40:75:00:34:d8:84:15:
6d:6a:1e:a8:69:6d:47:9d:f7:ba:f9:51:77:c9:30:e7:99:d2:
37:f2:bb:fd:22:c1:a2:d5:f6:13:94:71:77:84:32:2a:46:ff:
7a:2d:95:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ1CDLETpKBQmHtgXTbygMy7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTIzZWM1NDZkZjM3MWQwOWU2OGM2YjA2MDI1ZWEzMTI2
MTIzNGEwHhcNMjYwMzMxMDQwMDIwWhcNMjYwNDAxMDQwMDIwWjAzMTEwLwYDVQQD
EyhmMTU3NGY4YTcxYzI0YTUyZmYxNDY4OGVhYTFkNTZlZmY0OWZhMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoIQuUmZc29kjM/LfAwJNCaueFIcz
emeJywoEg28MHqjSbgZzm2myukb+5x29u5+CB353NX2HJJycWpsV9+LqkTTet6q4
fpuEHdwVSNbAwtMunl7TTfZ0VCUbxi5hK0rgI37OB3vcUO9jTMFLZJJ383phYkUV
hXa2NPlzTG90LoN0NoDxTTnM6636QYh1RTXmHz2a9IuzWV2pDbIUK8zNuNWvWUjw
3jc/MiUCVeoCz5yZi74kyEQEi41C2ffWdFjGJIgKePhf3+zHjnGgwyXKiW3AF+eM
zu0iBD7/eOkQGuKNeUFCi/TDcKHSKNcxxanq+h2it9Vz9TaNXG4ei1kK0wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFXT4pxwkpS/xRojqodVu/0n6ICMB8GA1UdIwQY
MBaAFHWSPsVG3zcdCeaMawYCXqMSYSNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNmM2OGMtMDQ4Mi00YjYyLWIyYWYt
NDg1NTM2NmVkZmVmLzEvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNmM2OGMtMDQ4Mi00YjYyLWIyYWYtNDg1NTM2NmVkZmVm
LzEvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwo4EQngI
PC1OJFumXX4wIYZFzZYGq7/WFArR3DXcuOhXSpuy4BEDOj5BMdjjJ44qOrEn7wK9
5ZOc1rgP5gyf2P5IlkXSzc5VKSLefemNJwzPjzpF5JCgcylyNd4s6T9t8PQSQhyx
Ipv7tO721aXTHKnDldoF0KlMf8sbDR1nFyLu/tnBFhldOTTKgbduSUfNGY0y8o1F
LCC6BjhkFi+xzTjuqtbM9Aw5TDYZki0mysyrduWit8Dz4swGRWb9D18afL01e/zs
6vVf18O1PZ39vJpAdQA02IQVbWoeqGltR533uvlRd8kw55nSN/K7/SLBotX2E5Rx
d4QyKkb/ei2VNQ==
-----END CERTIFICATE-----
Generated at Tue Mar 31 09:16:30 2026 by rpki-client