Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
File: czsHKLegVDWEws0LSLdHjEGU7wo.mft (raw, json)
Hash identifier: 7QqfSFZvSWVpvqzMLJf+2ejKZ+AcTI1lbZQHAzYzqeo=
Subject key identifier: 8A:BE:5F:1F:6D:70:A6:89:88:62:BB:A1:EA:55:69:C0:36:0A:B3:BE
Authority key identifier: 73:3B:07:28:B7:A0:54:35:84:C2:CD:0B:48:B7:47:8C:41:94:EF:0A
Certificate issuer: /CN=733b0728b7a0543584c2cd0b48b7478c4194ef0a
Certificate serial: 019D27049CF4FC194E8CF47E68081887968C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
Manifest number: 09BE
Signing time: Wed 25 Mar 2026 22:01:46 +0000
Manifest this update: Wed 25 Mar 2026 22:01:46 +0000
Manifest next update: Thu 26 Mar 2026 22:01:46 +0000
Files and hashes: 1: Oce8w_FStQrxz5-sGyZ5GI_yylQ.roa (hash: /gUG2XD9ZyXjCehDc7TUgIzStA7kApp9jArOXsYwwL4=)
2: ZQWSBrSbVBwfkGrwKFFXvU4ra7w.roa (hash: r+NK3YQEVsT0+KvKCit8WLyB+4wd+LAbIvtambZpbro=)
3: czsHKLegVDWEws0LSLdHjEGU7wo.crl (hash: NkVMdd7xtJ4RYhcRTFXDrZunLe10msn3UfxOi5RqSsw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:04:9c:f4:fc:19:4e:8c:f4:7e:68:08:18:87:96:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=733b0728b7a0543584c2cd0b48b7478c4194ef0a
Validity
Not Before: Mar 25 22:01:46 2026 GMT
Not After : Mar 26 22:01:46 2026 GMT
Subject: CN=8abe5f1f6d70a6898862bba1ea5569c0360ab3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:29:d9:6f:42:3b:6e:af:05:0f:85:db:e2:85:
a4:23:76:be:c9:62:e0:5a:27:c2:e0:8c:f6:40:50:
a4:0f:bb:cd:f0:df:ce:1a:a6:3f:78:69:1a:d9:47:
ec:6a:f1:71:94:d8:86:08:32:31:ea:89:1b:ad:0f:
5e:5f:20:1b:30:b6:f3:45:b1:fb:b8:c8:c6:b9:df:
15:1f:c7:c4:72:eb:63:98:c6:bf:67:1e:77:87:12:
20:44:c5:cd:8a:fd:9f:5c:e0:83:20:b7:e5:f4:5b:
2b:c0:45:79:87:de:1c:32:70:4f:80:9d:22:e0:4b:
43:9e:7a:91:3a:df:40:29:23:3d:94:d5:4a:e8:3b:
fd:1f:17:e3:6e:1d:03:b3:37:cd:7b:61:02:6c:f4:
c3:ca:fb:6c:e2:91:bf:22:4c:58:e7:6a:62:ca:e2:
f7:14:25:c0:7d:6d:06:0f:7b:d8:fc:f6:4c:2b:b1:
5c:c5:80:a4:25:19:08:aa:a2:5b:51:5c:51:17:f0:
76:ec:14:f0:b7:15:bc:a5:57:d6:1c:9f:eb:84:d7:
26:31:4f:35:4c:b5:1c:de:10:e1:40:55:52:2e:19:
d0:8f:cb:3c:0c:e7:81:d8:9f:17:b0:41:b5:18:0a:
7b:00:e7:14:51:8b:d4:c5:a8:64:40:7a:d2:25:fb:
df:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:BE:5F:1F:6D:70:A6:89:88:62:BB:A1:EA:55:69:C0:36:0A:B3:BE
X509v3 Authority Key Identifier:
keyid:73:3B:07:28:B7:A0:54:35:84:C2:CD:0B:48:B7:47:8C:41:94:EF:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:bf:ed:a4:f6:15:de:ca:fd:20:8d:68:e2:f2:03:c2:ec:d4:
54:cd:fc:3b:2a:a7:41:5e:40:ab:78:f6:03:55:d8:fe:19:7f:
11:96:2d:f7:34:1b:8f:88:24:41:2a:f8:73:d9:39:85:96:8f:
43:9c:82:d5:f6:aa:8f:87:9a:60:cc:b9:1d:f1:2b:b1:8e:de:
bd:34:fc:cf:73:90:5a:9a:34:43:48:3d:50:63:50:27:cc:08:
6b:da:c0:68:01:f4:ce:dd:97:d3:30:5a:30:7c:05:b4:a3:b7:
5e:2e:e7:16:b1:21:a0:d1:79:16:ab:a2:51:34:11:2d:40:61:
7c:33:df:5d:5f:2a:63:9f:41:46:aa:96:b0:18:6e:3d:25:2a:
41:4c:a0:ed:ef:45:e6:ae:47:78:f2:c0:b9:01:87:69:a8:9a:
c3:87:a2:4e:89:52:79:36:bb:5b:74:7d:d2:1c:a7:f9:45:44:
c9:c1:2a:2f:30:a7:76:6f:60:37:ec:26:a2:c4:dd:ac:d2:d6:
12:7a:3b:64:03:37:85:ec:da:05:48:be:0d:e5:46:3c:25:73:
cb:8a:c3:c8:fb:76:32:bd:66:8f:93:50:9b:99:d4:4c:d6:6f:
bc:d9:49:f9:3b:1c:2c:1a:1a:bb:ea:10:7a:a4:96:ad:c6:d2:
9b:91:16:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nBJz0/BlOjPR+aAgYh5aMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczM2IwNzI4YjdhMDU0MzU4NGMyY2QwYjQ4Yjc0NzhjNDE5
NGVmMGEwHhcNMjYwMzI1MjIwMTQ2WhcNMjYwMzI2MjIwMTQ2WjAzMTEwLwYDVQQD
Eyg4YWJlNWYxZjZkNzBhNjg5ODg2MmJiYTFlYTU1NjljMDM2MGFiM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSnZb0I7bq8FD4Xb4oWkI3a+yWLg
WifC4Iz2QFCkD7vN8N/OGqY/eGka2UfsavFxlNiGCDIx6okbrQ9eXyAbMLbzRbH7
uMjGud8VH8fEcutjmMa/Zx53hxIgRMXNiv2fXOCDILfl9FsrwEV5h94cMnBPgJ0i
4EtDnnqROt9AKSM9lNVK6Dv9Hxfjbh0DszfNe2ECbPTDyvts4pG/IkxY52piyuL3
FCXAfW0GD3vY/PZMK7FcxYCkJRkIqqJbUVxRF/B27BTwtxW8pVfWHJ/rhNcmMU81
TLUc3hDhQFVSLhnQj8s8DOeB2J8XsEG1GAp7AOcUUYvUxahkQHrSJfvfdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIq+Xx9tcKaJiGK7oepVacA2CrO+MB8GA1UdIwQY
MBaAFHM7Byi3oFQ1hMLNC0i3R4xBlO8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hODM0ZGEtMWNjYS00MDE3LTkwYjgt
ZGFlZTBhZWFmYjJiLzEvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hODM0ZGEtMWNjYS00MDE3LTkwYjgtZGFlZTBhZWFmYjJi
LzEvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk7/tpPYV
3sr9II1o4vIDwuzUVM38OyqnQV5Aq3j2A1XY/hl/EZYt9zQbj4gkQSr4c9k5hZaP
Q5yC1faqj4eaYMy5HfErsY7evTT8z3OQWpo0Q0g9UGNQJ8wIa9rAaAH0zt2X0zBa
MHwFtKO3Xi7nFrEhoNF5FquiUTQRLUBhfDPfXV8qY59BRqqWsBhuPSUqQUyg7e9F
5q5HePLAuQGHaaiaw4eiTolSeTa7W3R90hyn+UVEycEqLzCndm9gN+wmosTdrNLW
Eno7ZAM3hezaBUi+DeVGPCVzy4rDyPt2Mr1mj5NQm5nUTNZvvNlJ+TscLBoau+oQ
eqSWrcbSm5EWjg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:59:02 2026 by rpki-client