Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
File: CZ05RkE90RFhtGx99q02Kpk41dQ.mft (raw, json)
Hash identifier: BTJg0NBlZw09RsfFWA9ShGWGRjLNv0CwSYOg15rt/E4=
Subject key identifier: CB:37:D7:1F:BB:D1:DB:6A:D0:A6:3F:FC:B1:83:6C:85:AC:3C:65:66
Authority key identifier: 09:9D:39:46:41:3D:D1:11:61:B4:6C:7D:F6:AD:36:2A:99:38:D5:D4
Certificate issuer: /CN=099d3946413dd11161b46c7df6ad362a9938d5d4
Certificate serial: 019D38D33A6D2AE26606F4D6A9C828D61AD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ05RkE90RFhtGx99q02Kpk41dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
Manifest number: 0660
Signing time: Sun 29 Mar 2026 09:01:00 +0000
Manifest this update: Sun 29 Mar 2026 09:01:00 +0000
Manifest next update: Mon 30 Mar 2026 09:01:00 +0000
Files and hashes: 1: CZ05RkE90RFhtGx99q02Kpk41dQ.crl (hash: pdThDfZ2ylYz7/kDYulHOE2uArWvhnonXAjTB3a37Ts=)
2: Vq6guSZiHd2_t65zdN62Jv9BTnQ.roa (hash: AKFZbhDXoNeVRKob/sEuCdxQYeY1tKB1pRJCD6Qy3Uc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZ05RkE90RFhtGx99q02Kpk41dQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d3:3a:6d:2a:e2:66:06:f4:d6:a9:c8:28:d6:1a:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099d3946413dd11161b46c7df6ad362a9938d5d4
Validity
Not Before: Mar 29 09:01:00 2026 GMT
Not After : Mar 30 09:01:00 2026 GMT
Subject: CN=cb37d71fbbd1db6ad0a63ffcb1836c85ac3c6566
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:76:f3:bf:a7:ba:66:57:5a:6d:71:a9:89:c6:
86:6d:06:97:3d:60:64:0e:47:51:5a:b0:ba:04:4d:
72:38:37:2a:af:3c:0f:fe:8d:a1:c6:b0:de:ed:79:
4b:b6:7e:1b:ff:70:a2:dd:b9:35:ed:c5:7b:ce:90:
49:89:30:ce:4c:7c:22:9d:f5:d5:ec:23:72:80:1c:
9f:f4:dd:ae:26:6c:1d:d3:7f:fe:68:c3:53:29:ca:
5a:b7:0e:a5:20:55:03:e2:cf:a1:c6:2e:e4:a2:a9:
ba:34:1b:0f:14:b7:f4:5c:3b:cd:23:f2:c4:74:aa:
2b:0e:72:8d:43:fa:fd:e8:45:aa:91:b3:c0:2f:f0:
df:5b:4f:3a:0e:44:97:7a:43:f8:eb:b4:3b:e0:67:
0a:50:a2:99:cf:b0:f4:99:0a:66:94:41:56:f4:4b:
72:7d:df:72:f5:bf:7f:09:de:50:d8:b2:9e:10:73:
5e:d7:d9:30:94:6f:fa:40:a9:c6:4f:f2:08:bb:cc:
54:96:56:1b:39:51:f3:dc:6f:92:8a:92:90:cf:40:
82:cf:1c:ea:77:95:96:20:49:7e:bf:d5:b6:87:64:
76:15:ba:ae:2a:23:12:cc:8d:d8:c2:f3:85:3f:4f:
9b:3b:34:c5:ed:c3:b6:01:11:8c:68:80:a7:3b:05:
0c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:37:D7:1F:BB:D1:DB:6A:D0:A6:3F:FC:B1:83:6C:85:AC:3C:65:66
X509v3 Authority Key Identifier:
keyid:09:9D:39:46:41:3D:D1:11:61:B4:6C:7D:F6:AD:36:2A:99:38:D5:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ05RkE90RFhtGx99q02Kpk41dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:0c:89:ef:fd:3d:1e:41:d2:d5:66:a7:aa:49:fc:a5:0e:0b:
b6:7c:d8:85:9c:c6:c7:a4:33:73:62:78:f2:b2:92:9d:36:d6:
ff:05:73:a9:d9:d3:44:10:4a:d4:9e:ce:27:ce:98:41:f3:9d:
a1:1c:4d:43:6e:2d:f5:ce:c7:36:c5:85:75:10:61:dc:3f:e4:
28:81:1f:ef:01:99:13:ee:3c:a7:91:2c:a9:7f:70:37:41:08:
97:a5:b2:cd:02:72:17:d1:90:e0:78:6b:d6:68:d9:46:78:d9:
85:5a:3f:e1:0c:cc:b2:73:65:9f:21:43:05:14:92:64:8e:92:
b0:10:30:ad:e8:3b:22:d7:a1:b9:d5:64:85:1d:89:3c:54:0e:
a1:f8:37:7b:e1:5a:8d:52:89:ba:64:fb:8a:a3:0a:ac:0e:ee:
1b:6f:b1:5a:af:36:b0:79:e7:60:56:af:54:be:56:66:2f:eb:
c7:44:f8:97:57:ed:da:80:be:83:bb:a5:ca:f9:5e:7c:a8:79:
92:99:1a:c4:40:a3:d8:9b:e5:3e:2f:44:aa:90:56:af:a1:25:
66:1e:85:7a:ea:e2:56:16:c9:f5:84:de:03:30:cf:62:4f:5a:
d4:34:2a:10:02:1c:9c:96:81:d3:90:8a:8f:e0:f4:0f:fa:9d:
ea:3f:2f:e3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040zptKuJmBvTWqcgo1hrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWQzOTQ2NDEzZGQxMTE2MWI0NmM3ZGY2YWQzNjJhOTkz
OGQ1ZDQwHhcNMjYwMzI5MDkwMTAwWhcNMjYwMzMwMDkwMTAwWjAzMTEwLwYDVQQD
EyhjYjM3ZDcxZmJiZDFkYjZhZDBhNjNmZmNiMTgzNmM4NWFjM2M2NTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43bzv6e6ZldabXGpicaGbQaXPWBk
DkdRWrC6BE1yODcqrzwP/o2hxrDe7XlLtn4b/3Ci3bk17cV7zpBJiTDOTHwinfXV
7CNygByf9N2uJmwd03/+aMNTKcpatw6lIFUD4s+hxi7koqm6NBsPFLf0XDvNI/LE
dKorDnKNQ/r96EWqkbPAL/DfW086DkSXekP467Q74GcKUKKZz7D0mQpmlEFW9Ety
fd9y9b9/Cd5Q2LKeEHNe19kwlG/6QKnGT/IIu8xUllYbOVHz3G+SipKQz0CCzxzq
d5WWIEl+v9W2h2R2FbquKiMSzI3YwvOFP0+bOzTF7cO2ARGMaICnOwUMFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMs31x+70dtq0KY//LGDbIWsPGVmMB8GA1UdIwQY
MBaAFAmdOUZBPdERYbRsffatNiqZONXUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1owNVJrRTkwUkZodEd4OTlxMDJLcGs0MWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84NTY0NDMtYjhmYi00NzhlLTg3Yzkt
Y2Y1MmFhOWQ2Y2NjLzEvQ1owNVJrRTkwUkZodEd4OTlxMDJLcGs0MWRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84NTY0NDMtYjhmYi00NzhlLTg3YzktY2Y1MmFhOWQ2Y2Nj
LzEvQ1owNVJrRTkwUkZodEd4OTlxMDJLcGs0MWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuAyJ7/09
HkHS1Wanqkn8pQ4LtnzYhZzGx6Qzc2J48rKSnTbW/wVzqdnTRBBK1J7OJ86YQfOd
oRxNQ24t9c7HNsWFdRBh3D/kKIEf7wGZE+48p5EsqX9wN0EIl6WyzQJyF9GQ4Hhr
1mjZRnjZhVo/4QzMsnNlnyFDBRSSZI6SsBAwreg7ItehudVkhR2JPFQOofg3e+Fa
jVKJumT7iqMKrA7uG2+xWq82sHnnYFavVL5WZi/rx0T4l1ft2oC+g7ulyvlefKh5
kpkaxECj2JvlPi9EqpBWr6ElZh6FeuriVhbJ9YTeAzDPYk9a1DQqEAIcnJaB05CK
j+D0D/qd6j8v4w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:24:55 2026 by rpki-client