Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
File: z9rC7BEEwkXZyrqOthY46drxADk.mft (raw, json)
Hash identifier: qV0r1Le4PGrHyNQTxlqpWXU4GlTJj7MgaRJE7OE5A0Y=
Subject key identifier: AA:28:81:6D:91:31:24:BD:71:B8:93:CC:71:15:49:44:58:79:DE:41
Authority key identifier: CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39
Certificate issuer: /CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
Certificate serial: 019D386593B7FDC880D3790EA61525E419B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
Manifest number: 13CC
Signing time: Sun 29 Mar 2026 07:01:14 +0000
Manifest this update: Sun 29 Mar 2026 07:01:14 +0000
Manifest next update: Mon 30 Mar 2026 07:01:14 +0000
Files and hashes: 1: z9rC7BEEwkXZyrqOthY46drxADk.crl (hash: AMAfFxxU4+XzeBx/HxzCoAuldPGQVrOPZDqrappKj4o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:93:b7:fd:c8:80:d3:79:0e:a6:15:25:e4:19:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
Validity
Not Before: Mar 29 07:01:14 2026 GMT
Not After : Mar 30 07:01:14 2026 GMT
Subject: CN=aa28816d913124bd71b893cc711549445879de41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fe:b9:16:b8:1f:2e:17:a6:9a:90:ee:1c:b3:
49:49:a7:01:62:16:06:34:96:12:b5:63:4b:dd:1d:
65:33:dd:ff:0c:95:e2:5b:2f:a6:07:3b:5e:0f:6f:
2f:c3:07:98:1f:04:0a:49:2f:08:42:18:c9:64:be:
e3:4f:dc:97:02:23:3f:fe:38:d5:b0:da:93:a3:1b:
41:ad:cc:15:c1:fd:23:0b:9b:59:e7:56:0d:1b:a1:
17:69:c3:cb:f8:87:a7:a8:2b:fd:c3:54:31:e5:0b:
be:7f:34:f6:54:e4:bb:1a:2b:31:89:85:10:be:a3:
99:86:43:3d:a0:02:28:d2:3f:1c:95:ba:ce:61:a8:
53:22:72:62:5c:75:7e:3c:ab:68:cd:6b:8d:77:37:
26:97:d6:41:f7:d9:5a:ed:cb:38:c1:f6:aa:b0:37:
08:4c:6f:08:fb:46:9f:dc:71:85:d6:4d:3f:a3:07:
c7:ce:40:19:72:31:b0:9d:56:2b:08:06:1b:5e:63:
c6:7b:b6:95:53:9f:bd:ab:1b:c5:25:f7:22:85:64:
dc:94:f4:bc:e4:45:16:c7:cb:62:f8:c8:f5:bf:8b:
d2:91:95:dc:c6:e1:e4:28:f2:67:2e:02:26:f6:dd:
80:87:1b:01:28:02:3d:95:df:7e:70:43:32:76:67:
c5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:28:81:6D:91:31:24:BD:71:B8:93:CC:71:15:49:44:58:79:DE:41
X509v3 Authority Key Identifier:
keyid:CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:a8:ca:ec:f9:cc:c4:c3:35:e8:ae:d3:ed:52:c0:45:71:31:
cd:c6:57:62:b6:07:e2:5f:15:0a:e8:43:30:63:d9:4d:44:a4:
13:da:17:11:21:6d:9f:7f:10:e9:79:27:1a:7f:9a:c3:9e:dd:
00:c4:c8:38:72:dd:75:8e:b1:df:35:d4:34:dc:4d:e8:4e:1b:
56:e7:56:cc:d6:e2:78:e0:05:51:56:be:33:be:6e:f4:9b:68:
09:98:bd:f3:91:83:99:f4:00:5d:74:5e:bf:24:ed:09:b3:a5:
6d:97:c6:4f:fe:69:ad:9d:ac:a1:04:5d:9e:10:ca:a8:bd:b7:
22:9f:da:b1:97:35:1d:a8:d6:3e:b9:38:b2:8c:57:51:41:1d:
7a:52:d5:b5:d5:0b:41:9f:e6:14:44:a4:3e:67:65:2f:58:b3:
04:9f:7e:a5:7e:44:70:00:4a:73:43:f2:13:3c:57:19:70:7c:
19:ed:29:23:10:13:e2:61:be:dd:43:1f:64:7a:e3:6d:7f:e1:
e3:89:a9:df:52:43:a3:90:6f:d9:a5:f0:35:e2:06:a8:88:f4:
d8:fa:4f:46:87:82:ca:28:a3:89:14:05:e8:26:18:98:f5:a9:
00:69:e5:8b:8e:4c:c1:38:3d:c7:df:09:02:ca:a1:40:03:c1:
b6:85:f2:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZZO3/ciA03kOphUl5Bm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGFjMmVjMTEwNGMyNDVkOWNhYmE4ZWI2MTYzOGU5ZGFm
MTAwMzkwHhcNMjYwMzI5MDcwMTE0WhcNMjYwMzMwMDcwMTE0WjAzMTEwLwYDVQQD
EyhhYTI4ODE2ZDkxMzEyNGJkNzFiODkzY2M3MTE1NDk0NDU4NzlkZTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf65FrgfLhemmpDuHLNJSacBYhYG
NJYStWNL3R1lM93/DJXiWy+mBzteD28vwweYHwQKSS8IQhjJZL7jT9yXAiM//jjV
sNqToxtBrcwVwf0jC5tZ51YNG6EXacPL+IenqCv9w1Qx5Qu+fzT2VOS7GisxiYUQ
vqOZhkM9oAIo0j8clbrOYahTInJiXHV+PKtozWuNdzcml9ZB99la7cs4wfaqsDcI
TG8I+0af3HGF1k0/owfHzkAZcjGwnVYrCAYbXmPGe7aVU5+9qxvFJfcihWTclPS8
5EUWx8ti+Mj1v4vSkZXcxuHkKPJnLgIm9t2AhxsBKAI9ld9+cEMydmfFUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKoogW2RMSS9cbiTzHEVSURYed5BMB8GA1UdIwQY
MBaAFM/awuwRBMJF2cq6jrYWOOna8QA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYt
NTYwNzhjODRkYzE3LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYtNTYwNzhjODRkYzE3
LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaqjK7PnM
xMM16K7T7VLARXExzcZXYrYH4l8VCuhDMGPZTUSkE9oXESFtn38Q6XknGn+aw57d
AMTIOHLddY6x3zXUNNxN6E4bVudWzNbieOAFUVa+M75u9JtoCZi985GDmfQAXXRe
vyTtCbOlbZfGT/5prZ2soQRdnhDKqL23Ip/asZc1HajWPrk4soxXUUEdelLVtdUL
QZ/mFESkPmdlL1izBJ9+pX5EcABKc0PyEzxXGXB8Ge0pIxAT4mG+3UMfZHrjbX/h
44mp31JDo5Bv2aXwNeIGqIj02PpPRoeCyiijiRQF6CYYmPWpAGnli45MwTg9x98J
AsqhQAPBtoXycA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:27:31 2026 by rpki-client