Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
File: CZoxZcQAepQBMaMnzHfMIhzBadk.mft (raw, json)
Hash identifier: wcMmm75wdQNO/Ko1ccSrnBJ56mjtt8dtgjIvj6Aut8E=
Subject key identifier: 34:4D:59:E9:3E:75:15:0E:D8:A8:7F:5A:CC:9B:FE:6B:E9:98:A6:B7
Authority key identifier: 09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9
Certificate issuer: /CN=099a3165c4007a940131a327cc77cc221cc169d9
Certificate serial: 019D3865845B03A24CDFD648B87A5965FF38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
Manifest number: 188B
Signing time: Sun 29 Mar 2026 07:01:10 +0000
Manifest this update: Sun 29 Mar 2026 07:01:10 +0000
Manifest next update: Mon 30 Mar 2026 07:01:10 +0000
Files and hashes: 1: CZoxZcQAepQBMaMnzHfMIhzBadk.crl (hash: ziQwTx3dnmBG0VjjgvSAgIrHbMSTeQvZ80XDe6fAWsg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:65:84:5b:03:a2:4c:df:d6:48:b8:7a:59:65:ff:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a3165c4007a940131a327cc77cc221cc169d9
Validity
Not Before: Mar 29 07:01:10 2026 GMT
Not After : Mar 30 07:01:10 2026 GMT
Subject: CN=344d59e93e75150ed8a87f5acc9bfe6be998a6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:89:1c:aa:bc:7f:c1:eb:b4:e7:54:44:8b:4b:
b6:8f:38:76:dd:c0:14:06:65:b0:9e:9e:ee:86:af:
03:1c:00:83:28:61:a8:5d:d3:e7:36:f8:30:a5:ef:
bd:8d:11:ac:98:69:f6:e2:74:82:ba:bb:1e:fd:07:
2f:fb:4e:77:f4:0e:98:c6:34:89:c8:12:16:ec:f9:
2d:2e:e0:c6:e1:55:94:c6:38:e3:13:0d:f2:97:08:
91:49:1f:82:ba:64:c7:d5:45:d5:21:2e:29:8e:7e:
01:75:75:35:31:4a:f1:b8:2f:50:de:18:49:0b:82:
64:db:ec:69:2d:9e:5c:41:16:2d:81:7d:75:8f:44:
ee:ca:a3:40:6b:8d:93:c9:27:9f:40:c1:24:da:40:
33:1e:d8:72:76:b2:76:f0:68:37:04:22:f6:58:54:
1e:b7:b2:ed:60:6d:50:4e:62:08:64:aa:f9:a9:96:
56:76:02:44:2a:cb:f9:f8:d9:c9:bc:f0:ba:a0:36:
ff:60:f0:57:75:be:d9:95:66:f0:c0:6f:b6:3a:fe:
86:73:a3:db:77:8d:39:50:01:71:72:dc:c6:d7:35:
41:41:b9:c6:47:17:4b:03:3f:97:13:e1:3f:0f:cf:
c5:e3:87:d5:19:f8:2f:2c:34:15:c6:28:f8:87:62:
85:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4D:59:E9:3E:75:15:0E:D8:A8:7F:5A:CC:9B:FE:6B:E9:98:A6:B7
X509v3 Authority Key Identifier:
keyid:09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:b7:3b:cd:45:9e:8b:c4:e0:40:15:dd:7b:7d:eb:8f:b4:74:
3c:70:f1:54:98:e9:07:28:e9:0c:eb:9c:e7:6d:be:5e:49:c6:
1c:76:18:ea:84:fd:3f:76:8b:a5:a0:30:b8:19:75:03:92:2a:
e4:45:d4:96:ca:05:6b:97:1d:6d:68:d5:1c:76:32:1c:e2:b3:
d8:b8:ca:9f:64:b1:74:6c:f9:0f:f0:3d:74:63:bc:c7:fc:b7:
19:6d:1d:7f:60:1e:45:cc:83:c6:24:3f:f8:66:41:fd:42:9e:
20:3a:9b:55:2f:ab:e3:a7:72:80:9c:e1:6a:9e:4d:25:2b:ce:
17:8b:28:d9:9c:68:46:d6:07:3a:42:f2:0f:61:cd:54:f0:ae:
8b:a5:e2:32:1c:cf:1b:05:e4:04:1b:cb:ab:0b:0f:bd:34:ae:
03:2a:aa:53:d7:b8:1a:91:df:bc:0c:2e:db:52:83:f5:4a:b9:
71:7f:bf:84:b5:8a:b3:79:4b:6e:5f:d5:33:5b:3d:5e:be:6e:
51:89:cf:b1:08:e0:6d:cb:7f:ee:37:58:5b:7b:f9:15:3b:05:
87:6e:23:0a:e8:61:f3:8f:60:54:75:cf:f3:b1:45:42:30:f3:
92:40:bc:de:0f:a5:04:21:b8:9e:5c:39:da:be:c2:24:f1:24:
df:34:5e:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04ZYRbA6JM39ZIuHpZZf84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWEzMTY1YzQwMDdhOTQwMTMxYTMyN2NjNzdjYzIyMWNj
MTY5ZDkwHhcNMjYwMzI5MDcwMTEwWhcNMjYwMzMwMDcwMTEwWjAzMTEwLwYDVQQD
EygzNDRkNTllOTNlNzUxNTBlZDhhODdmNWFjYzliZmU2YmU5OThhNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14kcqrx/weu051REi0u2jzh23cAU
BmWwnp7uhq8DHACDKGGoXdPnNvgwpe+9jRGsmGn24nSCurse/Qcv+0539A6YxjSJ
yBIW7PktLuDG4VWUxjjjEw3ylwiRSR+CumTH1UXVIS4pjn4BdXU1MUrxuC9Q3hhJ
C4Jk2+xpLZ5cQRYtgX11j0TuyqNAa42TySefQMEk2kAzHthydrJ28Gg3BCL2WFQe
t7LtYG1QTmIIZKr5qZZWdgJEKsv5+NnJvPC6oDb/YPBXdb7ZlWbwwG+2Ov6Gc6Pb
d405UAFxctzG1zVBQbnGRxdLAz+XE+E/D8/F44fVGfgvLDQVxij4h2KFcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDRNWek+dRUO2Kh/Wsyb/mvpmKa3MB8GA1UdIwQY
MBaAFAmaMWXEAHqUATGjJ8x3zCIcwWnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2Mzgt
NTA2NjcyNzY5ZDljLzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2MzgtNTA2NjcyNzY5ZDlj
LzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgbc7zUWe
i8TgQBXde33rj7R0PHDxVJjpByjpDOuc522+XknGHHYY6oT9P3aLpaAwuBl1A5Iq
5EXUlsoFa5cdbWjVHHYyHOKz2LjKn2SxdGz5D/A9dGO8x/y3GW0df2AeRcyDxiQ/
+GZB/UKeIDqbVS+r46dygJzhap5NJSvOF4so2ZxoRtYHOkLyD2HNVPCui6XiMhzP
GwXkBBvLqwsPvTSuAyqqU9e4GpHfvAwu21KD9Uq5cX+/hLWKs3lLbl/VM1s9Xr5u
UYnPsQjgbct/7jdYW3v5FTsFh24jCuhh849gVHXP87FFQjDzkkC83g+lBCG4nlw5
2r7CJPEk3zRexg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:28:09 2026 by rpki-client