Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
File: cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft (raw, json)
Hash identifier: zcQR8e6QFMMefYQ3yefvo31Lw0B6AS+x79YGOQFNfNs=
Subject key identifier: 04:38:42:B6:26:DB:0E:6B:2B:07:A8:F5:48:E2:75:3A:DE:96:1F:4E
Authority key identifier: 71:92:F3:56:0C:15:B9:4D:1E:F4:97:72:68:45:D7:86:78:6B:C7:62
Certificate issuer: /CN=7192f3560c15b94d1ef497726845d786786bc762
Certificate serial: 019D3A53E219E971A71961A22A9D745A45EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
Manifest number: 0FC4
Signing time: Sun 29 Mar 2026 16:01:09 +0000
Manifest this update: Sun 29 Mar 2026 16:01:09 +0000
Manifest next update: Mon 30 Mar 2026 16:01:09 +0000
Files and hashes: 1: cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl (hash: WSJoqCA3+YjqJQILyaGFzHEqTWDcaDak/n91pIDkFII=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:53:e2:19:e9:71:a7:19:61:a2:2a:9d:74:5a:45:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7192f3560c15b94d1ef497726845d786786bc762
Validity
Not Before: Mar 29 16:01:09 2026 GMT
Not After : Mar 30 16:01:09 2026 GMT
Subject: CN=043842b626db0e6b2b07a8f548e2753ade961f4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4a:b9:cc:4e:ca:80:f8:dd:12:91:28:79:5a:
07:c5:06:50:46:82:ae:a9:10:f6:7a:bd:06:c3:b4:
2f:30:8a:3f:dc:53:93:9d:52:d0:9a:40:55:53:65:
db:d5:a2:59:bc:77:a7:1d:5d:58:c5:d3:1a:22:ad:
20:fc:9f:88:84:fc:3f:90:31:76:96:7d:22:fa:75:
9d:19:91:b5:a8:25:a7:02:58:3b:08:64:59:ae:85:
ec:89:80:94:3e:dc:eb:76:d4:17:cb:5e:3c:51:b3:
94:a5:4a:8f:71:d2:75:38:ad:e5:61:22:a1:a7:0b:
87:8c:51:96:cc:37:64:c4:dc:88:c0:72:80:53:37:
37:90:4d:aa:6d:c9:f7:8f:5b:84:29:2c:f3:7a:5b:
a8:c5:73:5a:9a:cf:30:56:d1:41:b2:0d:fc:1f:b3:
8d:73:3c:e0:7a:d3:c6:3e:4a:79:d2:31:7c:7d:db:
7f:d2:d8:94:37:0d:16:11:38:5e:4d:81:97:6f:dd:
5f:6a:cc:ca:cc:2f:8f:55:29:75:38:d0:db:7a:cd:
cf:08:53:95:5e:47:60:a0:51:5a:b3:f7:2b:e9:de:
36:2e:5f:6c:8c:68:6d:05:a9:a3:f7:c6:c7:55:60:
4e:1e:25:3d:b1:43:91:fe:90:e0:44:cf:e2:17:7c:
1b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:38:42:B6:26:DB:0E:6B:2B:07:A8:F5:48:E2:75:3A:DE:96:1F:4E
X509v3 Authority Key Identifier:
keyid:71:92:F3:56:0C:15:B9:4D:1E:F4:97:72:68:45:D7:86:78:6B:C7:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:02:d6:74:85:85:07:e4:1e:45:27:a0:46:58:0c:88:41:3f:
21:f7:f5:63:27:83:b9:3c:ab:60:5a:70:ed:f7:ca:c0:b8:50:
6a:47:49:dd:ba:ce:f7:da:86:74:db:15:a2:57:57:c2:4e:73:
49:dc:7c:b6:47:b3:e7:aa:cd:e8:64:be:eb:37:f1:ba:fb:fb:
cb:2b:dc:b3:3a:68:ee:06:19:39:bd:81:e4:25:70:25:59:46:
2f:a1:5b:6b:7d:d0:8a:05:9b:34:6f:74:34:8f:80:cb:77:47:
39:a1:cb:6a:14:27:e1:4d:69:db:36:d8:16:bd:8c:ae:ee:ae:
5e:98:8f:73:23:bb:bd:d4:25:d8:6b:46:21:ae:f4:c3:db:45:
22:27:8d:f0:75:96:d5:9d:d6:71:5a:c0:2e:c1:ba:db:10:a3:
61:5d:0b:07:0c:2a:fc:51:22:af:cb:81:f7:cf:81:39:f5:21:
3a:20:cb:21:44:60:1f:78:33:00:7f:ce:37:8a:8e:b4:4b:fe:
dd:04:92:a9:f3:50:06:60:a7:5e:d3:db:bf:7a:ec:30:65:14:
e9:7b:fa:5f:56:4b:c3:0d:4a:fd:e7:e1:2b:85:fc:ef:2d:4c:
b1:6d:1f:23:1d:56:4d:96:fb:9e:1e:b6:3c:bd:5c:6f:d8:9b:
7b:f6:7a:fa
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06U+IZ6XGnGWGiKp10WkXuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTJmMzU2MGMxNWI5NGQxZWY0OTc3MjY4NDVkNzg2Nzg2
YmM3NjIwHhcNMjYwMzI5MTYwMTA5WhcNMjYwMzMwMTYwMTA5WjAzMTEwLwYDVQQD
EygwNDM4NDJiNjI2ZGIwZTZiMmIwN2E4ZjU0OGUyNzUzYWRlOTYxZjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0q5zE7KgPjdEpEoeVoHxQZQRoKu
qRD2er0Gw7QvMIo/3FOTnVLQmkBVU2Xb1aJZvHenHV1YxdMaIq0g/J+IhPw/kDF2
ln0i+nWdGZG1qCWnAlg7CGRZroXsiYCUPtzrdtQXy148UbOUpUqPcdJ1OK3lYSKh
pwuHjFGWzDdkxNyIwHKAUzc3kE2qbcn3j1uEKSzzeluoxXNams8wVtFBsg38H7ON
czzgetPGPkp50jF8fdt/0tiUNw0WETheTYGXb91faszKzC+PVSl1ONDbes3PCFOV
XkdgoFFas/cr6d42Ll9sjGhtBamj98bHVWBOHiU9sUOR/pDgRM/iF3wbsQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAQ4QrYm2w5rKweo9UjidTrelh9OMB8GA1UdIwQY
MBaAFHGS81YMFblNHvSXcmhF14Z4a8diMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82OWEwMzQtYjUwOC00MmU4LTk5ZTgt
NzVlZTI0YTNmOTZiLzEvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82OWEwMzQtYjUwOC00MmU4LTk5ZTgtNzVlZTI0YTNmOTZi
LzEvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwLWdIWF
B+QeRSegRlgMiEE/Iff1YyeDuTyrYFpw7ffKwLhQakdJ3brO99qGdNsVoldXwk5z
Sdx8tkez56rN6GS+6zfxuvv7yyvcszpo7gYZOb2B5CVwJVlGL6Fba33QigWbNG90
NI+Ay3dHOaHLahQn4U1p2zbYFr2Mru6uXpiPcyO7vdQl2GtGIa70w9tFIieN8HWW
1Z3WcVrALsG62xCjYV0LBwwq/FEir8uB98+BOfUhOiDLIURgH3gzAH/ON4qOtEv+
3QSSqfNQBmCnXtPbv3rsMGUU6Xv6X1ZLww1K/efhK4X87y1MsW0fIx1WTZb7nh62
PL1cb9ibe/Z6+g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:50:21 2026 by rpki-client