Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
File: 7zAIudH6IIoVT1hcruy7UsGyXOQ.mft (raw, json)
Hash identifier: Fvd4J05Om6TBiU920HSTlk2Z5oBy7SCn9qhCx8MXu+w=
Subject key identifier: 5C:9F:D9:39:22:93:15:27:98:C6:35:37:35:6C:41:5F:F3:3D:F8:27
Authority key identifier: EF:30:08:B9:D1:FA:20:8A:15:4F:58:5C:AE:EC:BB:52:C1:B2:5C:E4
Certificate issuer: /CN=ef3008b9d1fa208a154f585caeecbb52c1b25ce4
Certificate serial: 019D322C393B59DD32FB352B08207EAB93B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7zAIudH6IIoVT1hcruy7UsGyXOQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
Manifest number: 3D
Signing time: Sat 28 Mar 2026 02:00:52 +0000
Manifest this update: Sat 28 Mar 2026 02:00:52 +0000
Manifest next update: Sun 29 Mar 2026 02:00:52 +0000
Files and hashes: 1: 7zAIudH6IIoVT1hcruy7UsGyXOQ.crl (hash: wV/B5N4TYsGP6GkSBWq2eVaXoZvorF25lFX9Kh6GLpA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/7zAIudH6IIoVT1hcruy7UsGyXOQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:32:2c:39:3b:59:dd:32:fb:35:2b:08:20:7e:ab:93:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef3008b9d1fa208a154f585caeecbb52c1b25ce4
Validity
Not Before: Mar 28 02:00:52 2026 GMT
Not After : Mar 29 02:00:52 2026 GMT
Subject: CN=5c9fd9392293152798c63537356c415ff33df827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:06:7a:fa:06:51:b3:ad:91:fb:7d:63:1e:1f:
a8:57:70:fd:1a:f1:c3:42:7f:57:5d:f3:9e:52:6b:
04:cf:00:34:8c:e3:2b:8c:4f:6a:9e:50:08:b2:68:
03:f1:cb:ef:99:f2:5f:65:26:09:2d:0e:cf:f1:a3:
cb:b4:4a:a4:6f:cf:e6:e0:d6:40:60:9c:fc:cc:73:
81:99:8e:a0:68:93:3e:81:2f:50:a4:c2:5a:38:fb:
99:ff:e5:87:43:28:a4:8e:97:6a:77:f3:41:a1:ee:
54:e8:e0:3b:19:f3:f6:99:74:c0:c3:f8:87:ea:18:
64:29:1a:31:35:95:eb:a1:89:53:fc:33:17:30:e4:
c2:9c:1d:38:a2:5e:1b:63:26:5a:e3:19:71:5e:51:
78:4a:6b:5e:a4:13:5c:8f:53:3e:6b:ef:d5:fa:cb:
03:a8:75:f5:db:d0:c7:8f:80:63:09:8e:aa:7c:03:
9b:71:6b:3f:29:9e:17:12:f0:95:19:e9:ca:17:1c:
c6:8a:dc:a5:de:f5:d5:e3:02:83:5f:6f:d4:39:a7:
07:5e:0a:00:d4:c7:34:de:0a:20:7e:19:d9:7c:d4:
8d:9c:0f:3b:a5:4b:6a:a6:03:dd:8a:f0:ff:a4:44:
1f:c4:eb:e0:a7:8a:2c:aa:0f:6f:d4:3b:23:0a:a7:
e1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:9F:D9:39:22:93:15:27:98:C6:35:37:35:6C:41:5F:F3:3D:F8:27
X509v3 Authority Key Identifier:
keyid:EF:30:08:B9:D1:FA:20:8A:15:4F:58:5C:AE:EC:BB:52:C1:B2:5C:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7zAIudH6IIoVT1hcruy7UsGyXOQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/4089cd-5ba0-483c-883d-c8c0ff55f52d/1/7zAIudH6IIoVT1hcruy7UsGyXOQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:a3:e6:97:1b:cf:0c:66:39:6c:ca:ca:85:ed:71:44:c0:0a:
1f:ea:60:62:44:37:b9:f3:46:df:97:f0:e4:16:63:5b:8d:04:
7a:a1:6d:f4:d4:60:30:b7:d1:88:f7:ae:1d:73:e1:04:c7:e3:
2e:99:10:81:79:ab:d5:25:83:cb:bd:18:f3:71:2e:51:4c:59:
8f:ad:02:00:4c:5d:3d:1a:7d:3d:fe:2d:10:04:b6:7b:52:61:
64:0c:aa:0b:5d:b0:5e:8c:b9:72:7f:12:c3:43:cf:b2:84:ad:
aa:95:04:93:ac:ee:8f:fb:25:a8:f5:12:34:e5:45:1a:59:82:
5b:71:70:0f:7a:17:a6:fa:ba:56:23:dc:ce:d3:98:3f:ab:6b:
b5:55:af:d1:2b:97:01:85:84:53:29:76:70:6c:16:5f:4e:bd:
01:a3:6e:e7:3e:f2:fc:da:11:3a:e1:b7:a9:c9:84:1c:cd:17:
07:fa:2b:c9:3f:2e:c6:eb:68:67:da:4b:1d:36:1a:03:30:66:
3c:a5:f8:53:5a:4d:d8:b8:da:1f:14:d2:b7:f9:e0:67:cb:7d:
a9:f3:3e:70:35:f1:aa:b2:70:79:4f:68:75:93:97:08:32:a0:
ce:12:e0:c0:d6:14:2a:ab:2e:b9:03:f4:3f:36:36:d0:2f:0f:
e5:0c:31:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0yLDk7Wd0y+zUrCCB+q5OxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMzAwOGI5ZDFmYTIwOGExNTRmNTg1Y2FlZWNiYjUyYzFi
MjVjZTQwHhcNMjYwMzI4MDIwMDUyWhcNMjYwMzI5MDIwMDUyWjAzMTEwLwYDVQQD
Eyg1YzlmZDkzOTIyOTMxNTI3OThjNjM1MzczNTZjNDE1ZmYzM2RmODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowZ6+gZRs62R+31jHh+oV3D9GvHD
Qn9XXfOeUmsEzwA0jOMrjE9qnlAIsmgD8cvvmfJfZSYJLQ7P8aPLtEqkb8/m4NZA
YJz8zHOBmY6gaJM+gS9QpMJaOPuZ/+WHQyikjpdqd/NBoe5U6OA7GfP2mXTAw/iH
6hhkKRoxNZXroYlT/DMXMOTCnB04ol4bYyZa4xlxXlF4SmtepBNcj1M+a+/V+ssD
qHX129DHj4BjCY6qfAObcWs/KZ4XEvCVGenKFxzGityl3vXV4wKDX2/UOacHXgoA
1Mc03gogfhnZfNSNnA87pUtqpgPdivD/pEQfxOvgp4osqg9v1DsjCqfhRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFyf2TkikxUnmMY1NzVsQV/zPfgnMB8GA1UdIwQY
MBaAFO8wCLnR+iCKFU9YXK7su1LBslzkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3pBSXVkSDZJSW9WVDFoY3J1eTdVc0d5WE9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC80MDg5Y2QtNWJhMC00ODNjLTg4M2Qt
YzhjMGZmNTVmNTJkLzEvN3pBSXVkSDZJSW9WVDFoY3J1eTdVc0d5WE9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC80MDg5Y2QtNWJhMC00ODNjLTg4M2QtYzhjMGZmNTVmNTJk
LzEvN3pBSXVkSDZJSW9WVDFoY3J1eTdVc0d5WE9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjKPmlxvP
DGY5bMrKhe1xRMAKH+pgYkQ3ufNG35fw5BZjW40EeqFt9NRgMLfRiPeuHXPhBMfj
LpkQgXmr1SWDy70Y83EuUUxZj60CAExdPRp9Pf4tEAS2e1JhZAyqC12wXoy5cn8S
w0PPsoStqpUEk6zuj/slqPUSNOVFGlmCW3FwD3oXpvq6ViPcztOYP6trtVWv0SuX
AYWEUyl2cGwWX069AaNu5z7y/NoROuG3qcmEHM0XB/oryT8uxutoZ9pLHTYaAzBm
PKX4U1pN2LjaHxTSt/ngZ8t9qfM+cDXxqrJweU9odZOXCDKgzhLgwNYUKqsuuQP0
PzY20C8P5QwxTA==
-----END CERTIFICATE-----
Generated at Sat Mar 28 11:28:06 2026 by rpki-client