Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
File: 0krezYS7F0i9NbmezqRncuAeyTU.mft (raw, json)
Hash identifier: KMzF1Gvvg14hDG4D/COXzm8iKVAbVze8S5dQTL2vBmg=
Subject key identifier: 3D:B0:0E:E1:76:BF:F4:61:CE:BE:F5:66:FF:6F:0B:07:16:E1:57:D9
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 019D37BFF1DCF905871AE1D27FC44D9D6EA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
Manifest number: 1892
Signing time: Sun 29 Mar 2026 04:00:19 +0000
Manifest this update: Sun 29 Mar 2026 04:00:19 +0000
Manifest next update: Mon 30 Mar 2026 04:00:19 +0000
Files and hashes: 1: 0krezYS7F0i9NbmezqRncuAeyTU.crl (hash: f/QOgU+O+nsKqDUzV5pdb4KVX3X8BeDvOw500jHwh4I=)
2: THoFRGj7we5B4orPSAEMrZc2v9I.roa (hash: nx8ZhN2tRi/Vu5vUK7/jsnnIAjWNN0LM5ZVA5cvmy60=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:bf:f1:dc:f9:05:87:1a:e1:d2:7f:c4:4d:9d:6e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Mar 29 04:00:19 2026 GMT
Not After : Mar 30 04:00:19 2026 GMT
Subject: CN=3db00ee176bff461cebef566ff6f0b0716e157d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:29:ea:26:6d:e7:a7:5f:f1:6d:f9:e8:f9:af:
c8:7f:38:e0:25:71:99:e2:ad:68:c9:b2:fe:24:5a:
0f:20:2d:1e:d9:85:a5:58:d2:0a:45:6e:23:a5:7a:
21:80:0f:b5:89:cb:90:3a:45:50:26:54:89:9f:72:
14:40:c4:00:0f:44:71:b6:55:13:7b:dc:75:9d:74:
71:7c:f8:15:fb:9b:6f:c0:90:1a:0a:6c:b5:4a:26:
dc:ea:23:0e:04:3e:7b:71:c4:3d:ad:bb:67:ae:85:
cc:80:5b:85:a1:16:81:e4:ab:ce:ab:7e:bf:66:84:
d5:6a:c7:68:0f:a0:e4:68:ee:e6:db:a1:6e:d2:ba:
4f:d6:f9:b2:9c:40:d5:21:85:1b:f6:c7:07:56:15:
0a:87:6c:43:5c:9a:ce:7d:70:34:71:93:18:49:7e:
e8:41:54:71:17:62:44:b6:8e:86:ba:2a:70:d1:86:
30:1a:f3:80:28:76:0f:a1:9c:f5:d6:2e:dd:b8:a4:
0c:e0:93:ce:f0:c7:e4:5d:48:dc:8b:79:1b:a2:25:
14:de:ff:a1:01:a4:72:eb:12:3a:21:a4:6a:01:a5:
74:57:07:03:96:f6:29:42:cd:9d:8a:b7:a3:df:e9:
56:59:df:3b:81:13:cd:2b:ab:76:b9:83:87:77:f3:
cb:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:B0:0E:E1:76:BF:F4:61:CE:BE:F5:66:FF:6F:0B:07:16:E1:57:D9
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:63:1a:fc:0b:59:ca:9d:b8:b1:bf:00:7b:33:cb:a7:ca:7d:
48:c9:8a:b5:84:e4:21:6e:59:1b:91:ff:e8:3a:e5:ce:29:51:
d0:f8:d6:e8:eb:d0:dd:d6:8a:dd:a4:d8:c7:de:69:93:f6:85:
da:97:4c:5f:50:e7:db:2b:69:0d:71:a6:10:1e:5d:b6:31:4a:
94:0c:c0:02:30:99:34:f9:db:83:7f:6d:a0:ac:1f:89:92:3d:
c1:12:a9:7f:7b:d7:e0:57:5a:1b:4d:fb:b9:5a:d0:47:5d:c9:
06:ca:32:be:6e:7a:51:8b:ac:53:a1:d2:92:e1:f1:99:70:de:
2d:65:7b:09:16:bf:71:ac:dd:11:ac:fb:92:1a:86:86:60:4e:
ee:96:44:5b:7a:c2:61:6c:8d:08:c5:6e:f1:2c:46:7e:60:03:
b9:ef:ce:97:16:a7:d8:f9:59:f1:a4:e9:d7:99:c1:26:f0:b6:
4a:01:ee:92:d0:6a:bc:f6:55:8c:9d:4a:80:34:6a:78:c7:45:
1f:7e:63:3b:b3:cf:55:dc:a2:17:e6:4c:a6:7f:ac:48:c8:55:
09:31:f3:11:d8:59:cf:10:0b:da:5e:90:a7:9b:b2:b8:33:3b:
19:73:ba:4d:05:f0:c6:65:00:c5:ee:e9:70:73:5e:22:ce:63:
f7:89:1c:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03v/Hc+QWHGuHSf8RNnW6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjYwMzI5MDQwMDE5WhcNMjYwMzMwMDQwMDE5WjAzMTEwLwYDVQQD
EygzZGIwMGVlMTc2YmZmNDYxY2ViZWY1NjZmZjZmMGIwNzE2ZTE1N2Q5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArinqJm3np1/xbfno+a/IfzjgJXGZ
4q1oybL+JFoPIC0e2YWlWNIKRW4jpXohgA+1icuQOkVQJlSJn3IUQMQAD0RxtlUT
e9x1nXRxfPgV+5tvwJAaCmy1Sibc6iMOBD57ccQ9rbtnroXMgFuFoRaB5KvOq36/
ZoTVasdoD6DkaO7m26Fu0rpP1vmynEDVIYUb9scHVhUKh2xDXJrOfXA0cZMYSX7o
QVRxF2JEto6Guipw0YYwGvOAKHYPoZz11i7duKQM4JPO8MfkXUjci3kboiUU3v+h
AaRy6xI6IaRqAaV0VwcDlvYpQs2direj3+lWWd87gRPNK6t2uYOHd/PL4wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD2wDuF2v/Rhzr71Zv9vCwcW4VfZMB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp2Ma/AtZ
yp24sb8AezPLp8p9SMmKtYTkIW5ZG5H/6DrlzilR0PjW6OvQ3daK3aTYx95pk/aF
2pdMX1Dn2ytpDXGmEB5dtjFKlAzAAjCZNPnbg39toKwfiZI9wRKpf3vX4FdaG037
uVrQR13JBsoyvm56UYusU6HSkuHxmXDeLWV7CRa/cazdEaz7khqGhmBO7pZEW3rC
YWyNCMVu8SxGfmADue/Olxan2PlZ8aTp15nBJvC2SgHuktBqvPZVjJ1KgDRqeMdF
H35jO7PPVdyiF+ZMpn+sSMhVCTHzEdhZzxAL2l6Qp5uyuDM7GXO6TQXwxmUAxe7p
cHNeIs5j94kcgQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:14:26 2026 by rpki-client