Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
File: zl1FYESPeKTc3LeRoH2tIWOgjN8.mft (raw, json)
Hash identifier: HFNBS+1fnDnKq9DaJ/kyOyL8CtgAgGmGaUtQTKP1f0k=
Subject key identifier: 18:44:FC:84:99:87:30:37:E4:B1:A4:E7:FE:ED:D0:8F:E0:36:35:91
Authority key identifier: CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF
Certificate issuer: /CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf
Certificate serial: 019CA29EFA83083FAA7D22FFE1D8754C6550
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
Manifest number: 17D5
Signing time: Sat 28 Feb 2026 05:00:53 +0000
Manifest this update: Sat 28 Feb 2026 05:00:53 +0000
Manifest next update: Sun 01 Mar 2026 05:00:53 +0000
Files and hashes: 1: kJTuRCvouXJMaVDF0pdJUxYymkE.roa (hash: u4BkMutspCjtHl2p10ecFJYI7igX5XDffjXXKmzdde8=)
2: zl1FYESPeKTc3LeRoH2tIWOgjN8.crl (hash: zzGSOl8RtMvplRyGrSudIcntnJGdMsBclMKtF+SHS4I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 01 Mar 2026 03:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a2:9e:fa:83:08:3f:aa:7d:22:ff:e1:d8:75:4c:65:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf
Validity
Not Before: Feb 28 05:00:53 2026 GMT
Not After : Mar 1 05:00:53 2026 GMT
Subject: CN=1844fc8499873037e4b1a4e7feedd08fe0363591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:2b:b3:b9:7d:22:2e:f5:42:1e:bb:2a:5c:5c:
d9:5d:1e:f3:9d:80:08:e1:71:51:31:83:07:a6:28:
47:97:5b:1b:6a:2b:d5:c4:40:83:13:66:62:e0:7e:
0b:63:b3:12:40:ad:91:7c:19:2d:f2:df:c9:60:d1:
86:56:6e:b8:61:8f:3f:35:37:83:0c:bb:c4:6a:d4:
ca:e9:e5:bd:2c:44:fb:b8:ee:2c:49:f1:14:6a:ee:
9c:54:c0:92:d6:6c:a9:60:34:ff:cb:ae:c7:58:69:
2b:f9:90:b2:ae:f6:ab:34:cb:ff:c5:e9:05:79:4a:
2a:dd:5c:e2:ef:d6:93:c4:f6:21:85:c8:43:af:eb:
b6:33:57:52:ab:01:e7:15:4d:b1:d7:58:d5:bc:28:
d0:a6:ab:80:87:b4:34:24:13:de:41:a8:a5:91:71:
46:64:b3:ea:58:18:65:df:6a:8e:3d:fc:66:24:9b:
df:3d:f5:6e:16:79:48:d0:df:be:45:c4:ca:39:13:
a7:0f:2c:0d:f1:1c:dd:b3:5c:24:80:cc:e8:c4:c1:
56:df:7a:46:53:a8:cf:c5:9b:d6:6b:8d:e1:1b:77:
5e:18:f6:5b:25:be:0d:33:50:08:c3:10:6c:82:87:
2d:aa:1c:6d:cb:43:c0:3c:35:3c:41:d0:7d:0c:7a:
87:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:44:FC:84:99:87:30:37:E4:B1:A4:E7:FE:ED:D0:8F:E0:36:35:91
X509v3 Authority Key Identifier:
keyid:CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:81:98:cc:bc:36:6c:3d:3f:87:df:c1:df:8c:97:cb:a5:16:
c6:bd:71:60:d3:57:c0:6c:5e:31:4b:4b:0b:b3:80:f2:07:cf:
3e:ea:f8:1f:44:10:c3:f0:0a:3c:62:7d:85:4f:20:95:4c:27:
ed:77:69:70:82:c3:b1:80:26:96:7e:24:f1:34:e7:31:31:59:
ac:f6:2b:0a:48:b5:43:d8:17:86:23:7b:72:73:ac:32:5e:ab:
5d:45:36:cc:44:35:79:70:1e:a0:36:ed:15:31:b3:c1:2c:c8:
4e:77:df:1f:bc:bc:99:6d:d1:26:c8:0a:11:37:d5:6f:24:e3:
61:a2:68:cd:b8:bd:67:9b:9c:2e:27:04:35:69:dc:0f:99:31:
8f:2b:98:20:6f:ec:b7:1e:bd:5c:b9:43:72:d2:b9:da:87:ed:
0b:66:97:82:d6:16:80:60:a3:20:cd:2c:c1:7e:b6:af:02:7d:
fd:bc:e2:4d:cc:18:a5:d5:a8:79:7a:a6:c4:96:b0:68:63:ad:
bb:d5:39:67:98:9e:26:fc:bc:64:bf:d2:e8:bf:50:f7:fa:84:
dc:d9:3f:4c:61:6d:54:32:6b:a9:29:a6:6c:e3:62:c9:47:4b:
fe:13:52:9b:df:c8:00:7a:7e:15:43:e7:84:31:14:26:2a:2b:
3a:da:c7:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyinvqDCD+qfSL/4dh1TGVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWQ0NTYwNDQ4Zjc4YTRkY2RjYjc5MWEwN2RhZDIxNjNh
MDhjZGYwHhcNMjYwMjI4MDUwMDUzWhcNMjYwMzAxMDUwMDUzWjAzMTEwLwYDVQQD
EygxODQ0ZmM4NDk5ODczMDM3ZTRiMWE0ZTdmZWVkZDA4ZmUwMzYzNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCuzuX0iLvVCHrsqXFzZXR7znYAI
4XFRMYMHpihHl1sbaivVxECDE2Zi4H4LY7MSQK2RfBkt8t/JYNGGVm64YY8/NTeD
DLvEatTK6eW9LET7uO4sSfEUau6cVMCS1mypYDT/y67HWGkr+ZCyrvarNMv/xekF
eUoq3Vzi79aTxPYhhchDr+u2M1dSqwHnFU2x11jVvCjQpquAh7Q0JBPeQailkXFG
ZLPqWBhl32qOPfxmJJvfPfVuFnlI0N++RcTKOROnDywN8Rzds1wkgMzoxMFW33pG
U6jPxZvWa43hG3deGPZbJb4NM1AIwxBsgoctqhxty0PAPDU8QdB9DHqHcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBhE/ISZhzA35LGk5/7t0I/gNjWRMB8GA1UdIwQY
MBaAFM5dRWBEj3ik3Ny3kaB9rSFjoIzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQt
NzhkMTE0NGFkOTY3LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQtNzhkMTE0NGFkOTY3
LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD4GYzLw2
bD0/h9/B34yXy6UWxr1xYNNXwGxeMUtLC7OA8gfPPur4H0QQw/AKPGJ9hU8glUwn
7XdpcILDsYAmln4k8TTnMTFZrPYrCki1Q9gXhiN7cnOsMl6rXUU2zEQ1eXAeoDbt
FTGzwSzITnffH7y8mW3RJsgKETfVbyTjYaJozbi9Z5ucLicENWncD5kxjyuYIG/s
tx69XLlDctK52oftC2aXgtYWgGCjIM0swX62rwJ9/bziTcwYpdWoeXqmxJawaGOt
u9U5Z5ieJvy8ZL/S6L9Q9/qE3Nk/TGFtVDJrqSmmbONiyUdL/hNSm9/IAHp+FUPn
hDEUJiorOtrHvQ==
-----END CERTIFICATE-----
Generated at Sat Feb 28 07:45:36 2026 by rpki-client