Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
File: MzOeZKWFFMmwkemy5o4pNx5D498.mft (raw, json)
Hash identifier: +u2YuboB+3946yWHGkPwIeYCZMFg21f4ZlPBEoJeySM=
Subject key identifier: AA:56:02:96:F9:E9:21:F9:93:9A:60:EC:DA:20:53:D5:E8:EF:22:EE
Authority key identifier: 33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
Certificate issuer: /CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Certificate serial: 019D2AA927A86E52AFC6C1346CE5CCF5F5A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
Manifest number: 0CD2
Signing time: Thu 26 Mar 2026 15:00:21 +0000
Manifest this update: Thu 26 Mar 2026 15:00:21 +0000
Manifest next update: Fri 27 Mar 2026 15:00:21 +0000
Files and hashes: 1: MzOeZKWFFMmwkemy5o4pNx5D498.crl (hash: yzrI3vaDH0uZlSPIyLx18l5mdshg1mRgKwI/YufaGjs=)
2: _buqN6yYSytWYhTqNPA1kKSIBNk.roa (hash: c6bP7C3wNXIAyK047P+noenWK/m8RQLknUBgsv8PDgI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:a9:27:a8:6e:52:af:c6:c1:34:6c:e5:cc:f5:f5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33339e64a58514c9b091e9b2e68e29371e43e3df
Validity
Not Before: Mar 26 15:00:21 2026 GMT
Not After : Mar 27 15:00:21 2026 GMT
Subject: CN=aa560296f9e921f9939a60ecda2053d5e8ef22ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:41:87:73:3d:85:9d:32:00:04:1c:50:ab:96:
07:33:06:02:b4:27:8d:dd:41:19:c3:35:7d:d9:9e:
c2:9a:28:f2:3e:3e:22:e6:86:01:3e:85:d5:9b:12:
ae:36:ba:8a:7d:1b:21:d3:f5:17:6c:ee:b0:47:22:
1e:46:7e:3f:98:e2:f3:75:e9:ed:b7:8e:4a:11:b5:
7d:b0:33:10:28:85:09:f1:ad:c7:e8:03:bb:94:aa:
b4:61:1d:1c:07:4b:37:79:2e:31:a8:46:6a:3a:3b:
ae:af:ea:74:2e:13:07:93:1e:8e:27:73:41:21:5c:
f5:f8:08:c6:38:31:21:64:a6:26:ff:c6:ef:6f:7a:
b5:1c:a4:a5:97:b6:a7:11:88:21:4a:e8:82:ec:56:
a1:5a:4c:86:f8:7f:b4:9a:9a:fa:64:b9:c2:27:d4:
d3:3d:4b:e8:c3:05:81:82:a5:bd:fd:e7:a9:41:58:
a8:ea:ac:c0:af:f1:87:fc:99:87:0b:6c:e5:3d:cb:
45:d8:0f:77:85:ed:e4:45:af:8d:70:6b:00:a9:2f:
7f:13:cc:c8:0c:40:dd:b4:a6:6b:c2:f9:2c:31:4f:
d8:05:88:1d:dd:10:70:3a:2f:b4:f4:bf:c9:ac:44:
fd:63:46:3e:ce:42:60:cf:7c:de:a8:ad:89:50:e3:
24:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:56:02:96:F9:E9:21:F9:93:9A:60:EC:DA:20:53:D5:E8:EF:22:EE
X509v3 Authority Key Identifier:
keyid:33:33:9E:64:A5:85:14:C9:B0:91:E9:B2:E6:8E:29:37:1E:43:E3:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MzOeZKWFFMmwkemy5o4pNx5D498.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/cd504a-0189-4554-b501-639dc4d5f370/1/MzOeZKWFFMmwkemy5o4pNx5D498.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:d4:80:f0:f3:d6:2a:60:4d:03:30:60:75:54:2d:a0:f8:09:
a9:6f:e4:3c:20:24:34:38:1e:31:ef:be:28:b3:3f:c5:8d:1b:
07:cb:79:bb:ea:38:05:4f:58:f7:f8:b1:02:ea:90:48:5c:c3:
07:ab:01:39:3c:8e:a5:8d:e3:42:bc:52:70:00:be:d0:cf:1c:
be:81:19:ed:ea:86:df:12:7a:5b:9d:83:92:70:da:4e:ca:ca:
c1:0f:d8:e5:b5:ed:c2:ba:d7:20:2f:1a:69:a7:e8:39:95:69:
bc:37:c4:8e:df:1e:0d:32:59:18:b3:43:d2:82:48:fc:69:61:
02:3b:97:9e:10:27:35:b8:e1:0a:fe:b5:d5:04:a8:32:2c:93:
56:60:c7:7e:6c:ea:ca:f9:7e:43:45:1d:c5:e5:b1:59:ff:06:
d1:3e:79:2b:33:0d:54:37:82:18:b7:c6:2b:25:fa:72:67:8d:
27:d5:57:2e:01:8d:00:35:42:52:7f:8d:90:8f:03:f1:9d:7d:
c0:46:41:31:26:19:82:3b:92:1f:dd:71:62:16:a7:5f:c3:65:
d7:4f:bc:3f:29:db:25:28:43:d9:fe:eb:b4:60:45:22:00:fe:
55:be:cc:d8:88:b2:93:d4:24:36:16:70:99:82:1d:e6:ef:47:
19:36:22:4a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0qqSeoblKvxsE0bOXM9fWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMzM5ZTY0YTU4NTE0YzliMDkxZTliMmU2OGUyOTM3MWU0
M2UzZGYwHhcNMjYwMzI2MTUwMDIxWhcNMjYwMzI3MTUwMDIxWjAzMTEwLwYDVQQD
EyhhYTU2MDI5NmY5ZTkyMWY5OTM5YTYwZWNkYTIwNTNkNWU4ZWYyMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0GHcz2FnTIABBxQq5YHMwYCtCeN
3UEZwzV92Z7CmijyPj4i5oYBPoXVmxKuNrqKfRsh0/UXbO6wRyIeRn4/mOLzdent
t45KEbV9sDMQKIUJ8a3H6AO7lKq0YR0cB0s3eS4xqEZqOjuur+p0LhMHkx6OJ3NB
IVz1+AjGODEhZKYm/8bvb3q1HKSll7anEYghSuiC7FahWkyG+H+0mpr6ZLnCJ9TT
PUvowwWBgqW9/eepQVio6qzAr/GH/JmHC2zlPctF2A93he3kRa+NcGsAqS9/E8zI
DEDdtKZrwvksMU/YBYgd3RBwOi+09L/JrET9Y0Y+zkJgz3zeqK2JUOMkjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKpWApb56SH5k5pg7NogU9Xo7yLuMB8GA1UdIwQY
MBaAFDMznmSlhRTJsJHpsuaOKTceQ+PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEt
NjM5ZGM0ZDVmMzcwLzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9jZDUwNGEtMDE4OS00NTU0LWI1MDEtNjM5ZGM0ZDVmMzcw
LzEvTXpPZVpLV0ZGTW13a2VteTVvNHBOeDVENDk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtNSA8PPW
KmBNAzBgdVQtoPgJqW/kPCAkNDgeMe++KLM/xY0bB8t5u+o4BU9Y9/ixAuqQSFzD
B6sBOTyOpY3jQrxScAC+0M8cvoEZ7eqG3xJ6W52DknDaTsrKwQ/Y5bXtwrrXIC8a
aafoOZVpvDfEjt8eDTJZGLND0oJI/GlhAjuXnhAnNbjhCv611QSoMiyTVmDHfmzq
yvl+Q0UdxeWxWf8G0T55KzMNVDeCGLfGKyX6cmeNJ9VXLgGNADVCUn+NkI8D8Z19
wEZBMSYZgjuSH91xYhanX8Nl10+8PynbJShD2f7rtGBFIgD+Vb7M2Iiyk9QkNhZw
mYId5u9HGTYiSg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:56:46 2026 by rpki-client