Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
File: D9zw7HuvNJ6JLVERXCLA29Q1C44.mft (raw, json)
Hash identifier: /75phOxAs+IWXHhN6G8uqsW8/vphQz5D5FLXFfn55Ko=
Subject key identifier: 80:78:9B:B7:A2:6E:CD:83:D9:DB:57:31:80:D0:A3:A2:51:B8:75:A9
Authority key identifier: 0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
Certificate issuer: /CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Certificate serial: 019D2AA9CABCE8AB5DF6B2F1E5E0BFE35EF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
Manifest number: 0540
Signing time: Thu 26 Mar 2026 15:01:03 +0000
Manifest this update: Thu 26 Mar 2026 15:01:03 +0000
Manifest next update: Fri 27 Mar 2026 15:01:03 +0000
Files and hashes: 1: D9zw7HuvNJ6JLVERXCLA29Q1C44.crl (hash: bkkaoHusLFGxNmrIrask/yMK3UuPpr3aVjR/JgEVrK4=)
2: Jv3FrbaSeXZke2UP27JZQguG_qc.roa (hash: dePpEEDTqP/enapSxKmHvz68yt/UQtEn5OCz1CdZVCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:a9:ca:bc:e8:ab:5d:f6:b2:f1:e5:e0:bf:e3:5e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Validity
Not Before: Mar 26 15:01:03 2026 GMT
Not After : Mar 27 15:01:03 2026 GMT
Subject: CN=80789bb7a26ecd83d9db573180d0a3a251b875a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:42:c4:5f:73:b3:06:a8:79:8f:75:98:4e:b2:
c3:15:1f:44:9b:1f:b0:50:84:09:bc:1a:0c:d3:63:
af:82:4a:54:82:97:36:31:53:bb:6b:6e:ef:59:41:
96:14:78:5e:ab:95:27:0a:dd:8f:bc:bc:98:49:04:
41:55:80:05:82:a1:ea:bf:b4:df:86:9f:5f:33:e5:
28:d1:33:93:25:97:c3:f4:3c:d9:95:2d:64:2d:12:
6f:8a:11:7f:1a:99:ee:3b:e8:2e:4a:0d:07:ab:75:
26:e1:a1:03:59:fe:18:d4:d6:b2:59:9f:cc:75:be:
4b:90:2e:bc:7c:6d:78:6a:ab:5f:e8:da:60:27:23:
9f:ef:57:6d:ad:0d:61:a9:38:3a:d8:02:f9:11:f7:
7e:b6:89:2e:48:49:f5:24:71:1c:11:17:9b:c6:49:
15:77:ce:b5:ce:3c:f0:89:45:fb:e5:36:5b:8a:97:
41:6b:f6:f0:2e:9c:63:07:08:2b:c5:c0:66:af:49:
76:61:f7:2c:de:f4:0c:ab:db:94:4d:ca:d5:ae:d4:
3a:6f:5b:fb:8f:bb:93:2a:46:3e:e0:f4:e0:33:ce:
81:3f:6f:e0:6c:9b:20:27:3b:6d:00:2b:11:d3:ea:
1e:5f:5c:8d:4f:87:64:c7:b0:6a:05:a4:cb:12:0b:
a0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:78:9B:B7:A2:6E:CD:83:D9:DB:57:31:80:D0:A3:A2:51:B8:75:A9
X509v3 Authority Key Identifier:
keyid:0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:01:50:56:4c:a9:22:88:ff:4a:43:9e:83:c0:d1:b3:0a:e4:
e4:41:f3:8a:1b:91:2b:2b:05:bb:3f:5a:fb:7d:46:8b:07:2c:
01:47:b4:a1:fa:92:bf:3f:32:d3:c7:f9:46:0b:70:b9:38:e1:
b4:47:f7:55:b7:2d:2b:e9:f8:8a:17:3b:ce:62:32:6f:30:a4:
68:b9:3e:b6:29:20:63:36:13:77:3b:bf:64:85:3e:7e:ed:ec:
e4:cf:8c:6c:1c:b6:ca:cf:bb:79:90:7b:92:cc:ab:48:15:df:
65:ef:ac:2b:b7:3c:44:2a:fd:57:98:51:3f:90:1f:82:3a:90:
5c:72:76:78:70:ef:bb:b9:5f:a0:40:26:c0:4d:d3:e6:f9:af:
64:fc:35:98:c9:0c:a4:5c:70:e0:85:54:c3:81:f2:c7:50:62:
5b:c8:f3:26:b0:6c:0f:56:de:20:90:10:35:f2:a3:8b:96:b2:
70:b0:a3:a2:e9:c4:1d:a9:98:73:d8:05:14:e9:3d:82:12:1c:
98:82:3a:7c:8a:60:c5:69:d8:d7:53:ed:4c:79:ec:2d:ea:60:
05:f4:0b:ce:3a:66:93:02:02:b7:8e:c8:3e:1e:35:5b:85:ce:
9d:b1:29:f3:31:6b:35:55:23:b6:33:c5:6c:4f:54:40:2b:c5:
fd:ed:c9:12
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qqcq86Ktd9rLx5eC/4175MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGNmMGVjN2JhZjM0OWU4OTJkNTExMTVjMjJjMGRiZDQz
NTBiOGUwHhcNMjYwMzI2MTUwMTAzWhcNMjYwMzI3MTUwMTAzWjAzMTEwLwYDVQQD
Eyg4MDc4OWJiN2EyNmVjZDgzZDlkYjU3MzE4MGQwYTNhMjUxYjg3NWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kLEX3OzBqh5j3WYTrLDFR9Emx+w
UIQJvBoM02OvgkpUgpc2MVO7a27vWUGWFHheq5UnCt2PvLyYSQRBVYAFgqHqv7Tf
hp9fM+Uo0TOTJZfD9DzZlS1kLRJvihF/GpnuO+guSg0Hq3Um4aEDWf4Y1NayWZ/M
db5LkC68fG14aqtf6NpgJyOf71dtrQ1hqTg62AL5Efd+tokuSEn1JHEcERebxkkV
d861zjzwiUX75TZbipdBa/bwLpxjBwgrxcBmr0l2Yfcs3vQMq9uUTcrVrtQ6b1v7
j7uTKkY+4PTgM86BP2/gbJsgJzttACsR0+oeX1yNT4dkx7BqBaTLEgugkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIB4m7eibs2D2dtXMYDQo6JRuHWpMB8GA1UdIwQY
MBaAFA/c8Ox7rzSeiS1REVwiwNvUNQuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2Ut
YjI5NTgzOGFiYmQ5LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2UtYjI5NTgzOGFiYmQ5
LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARAFQVkyp
Ioj/SkOeg8DRswrk5EHzihuRKysFuz9a+31GiwcsAUe0ofqSvz8y08f5RgtwuTjh
tEf3VbctK+n4ihc7zmIybzCkaLk+tikgYzYTdzu/ZIU+fu3s5M+MbBy2ys+7eZB7
ksyrSBXfZe+sK7c8RCr9V5hRP5AfgjqQXHJ2eHDvu7lfoEAmwE3T5vmvZPw1mMkM
pFxw4IVUw4Hyx1BiW8jzJrBsD1beIJAQNfKji5aycLCjounEHamYc9gFFOk9ghIc
mII6fIpgxWnY11PtTHnsLepgBfQLzjpmkwICt47IPh41W4XOnbEp8zFrNVUjtjPF
bE9UQCvF/e3JEg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:48:06 2026 by rpki-client