Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
File: ZD2vEi46h6yqb9tiw1olKhmaWNk.mft (raw, json)
Hash identifier: lbbgNXo7iZjejA/YnkgEXBU8HWA2cAWW1T67FOK4i2A=
Subject key identifier: 35:A8:AA:62:76:B9:0D:DE:80:F0:C5:EA:3E:0D:B4:2B:0F:95:A6:FB
Authority key identifier: 64:3D:AF:12:2E:3A:87:AC:AA:6F:DB:62:C3:5A:25:2A:19:9A:58:D9
Certificate issuer: /CN=643daf122e3a87acaa6fdb62c35a252a199a58d9
Certificate serial: 019D371B615BC6FBC41C30408203DA2A6CAF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
Manifest number: 1012
Signing time: Sun 29 Mar 2026 01:00:34 +0000
Manifest this update: Sun 29 Mar 2026 01:00:34 +0000
Manifest next update: Mon 30 Mar 2026 01:00:34 +0000
Files and hashes: 1: E02kulG3cuFET7qCfIGELuqcrIw.roa (hash: PQPtlTXvYqFKCXRfSmjkrshxIArKKipQAXnmpgfBnic=)
2: ZD2vEi46h6yqb9tiw1olKhmaWNk.crl (hash: ZsrKDXttBOa08TglcYMHns8oRIZtLjV/bMIwQUEUPjQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:61:5b:c6:fb:c4:1c:30:40:82:03:da:2a:6c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643daf122e3a87acaa6fdb62c35a252a199a58d9
Validity
Not Before: Mar 29 01:00:34 2026 GMT
Not After : Mar 30 01:00:34 2026 GMT
Subject: CN=35a8aa6276b90dde80f0c5ea3e0db42b0f95a6fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:22:90:c1:00:e5:17:fc:44:cf:55:e6:0e:ec:
fa:98:34:27:df:54:77:44:aa:03:8e:0a:9a:7f:9a:
24:bc:e3:f0:15:30:bd:62:e7:64:f7:50:85:a0:3a:
45:69:c8:80:17:0d:77:65:82:d9:94:fc:cb:d8:b4:
ec:69:54:80:12:88:bd:bd:db:5e:94:f9:0a:8f:d8:
33:3e:e7:93:4d:85:06:56:c2:11:eb:a8:0a:69:3e:
f7:4d:cb:c7:16:4a:98:c2:67:67:b0:d7:e6:06:fb:
0b:51:0d:9b:e9:67:89:9e:e4:7f:ad:cc:55:5f:ba:
89:8d:1e:ba:f3:4d:e6:9f:de:7c:62:c6:27:ab:b8:
b0:14:12:9c:97:0d:c8:1e:03:94:2d:69:dd:cf:7d:
40:20:ed:54:cf:63:e5:7e:1b:d9:ba:94:a8:c9:2c:
53:5b:3b:fd:ef:b4:a2:29:8c:40:f4:a6:43:7f:8c:
68:08:69:10:5b:01:77:8b:76:cc:3d:fa:ac:64:57:
fc:8d:c3:0a:25:73:61:12:80:41:f1:14:56:52:f6:
ed:a6:fa:0b:01:4a:5d:d8:81:1e:87:f5:e7:62:ad:
f9:29:55:71:02:b7:6a:13:11:94:f5:1b:ee:a8:f7:
69:d1:58:85:cc:0b:9c:ba:63:08:05:2d:e2:37:33:
24:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A8:AA:62:76:B9:0D:DE:80:F0:C5:EA:3E:0D:B4:2B:0F:95:A6:FB
X509v3 Authority Key Identifier:
keyid:64:3D:AF:12:2E:3A:87:AC:AA:6F:DB:62:C3:5A:25:2A:19:9A:58:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:18:c6:dd:b3:e9:47:c1:d9:72:89:e7:6f:27:5f:e8:21:a3:
ba:56:d7:77:7d:97:2c:7e:68:1d:e6:2c:6a:f9:8b:c5:0e:7f:
b5:02:29:47:60:0a:fd:e4:a2:bf:df:14:b7:bb:bc:1f:39:89:
70:b6:1f:22:3b:65:53:7c:fc:9d:f7:a4:c8:86:70:eb:9f:e5:
95:86:9a:d5:1a:a7:a6:25:ab:96:69:bd:a5:16:0e:38:78:f7:
41:60:eb:7a:6b:e8:93:ad:73:d4:89:5b:00:9a:b0:6e:63:c8:
d5:cd:98:68:09:f5:22:8c:93:ff:bd:6b:06:54:a4:2b:1c:6b:
d5:0f:90:ef:87:e0:fb:d5:d2:9a:36:a8:7a:da:ec:a1:9e:75:
51:f8:45:64:b4:6a:e2:b3:ea:e1:6d:92:31:3b:7f:5a:60:25:
47:4f:20:29:03:fb:41:a8:f1:18:c2:95:e9:17:67:f6:62:16:
70:76:c5:b5:09:38:c7:36:62:6c:a6:98:d5:61:87:b3:6b:5d:
d9:67:d9:71:a5:53:0a:d5:2a:0e:4c:20:fe:a9:4a:4c:7a:62:
bb:1f:5f:26:a4:86:46:34:e7:ae:00:e8:78:5a:2f:c7:ff:a5:
8f:32:8a:e3:af:04:26:f3:03:22:45:ce:23:4e:47:f7:d9:d0:
a2:a0:6f:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G2FbxvvEHDBAggPaKmyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2RhZjEyMmUzYTg3YWNhYTZmZGI2MmMzNWEyNTJhMTk5
YTU4ZDkwHhcNMjYwMzI5MDEwMDM0WhcNMjYwMzMwMDEwMDM0WjAzMTEwLwYDVQQD
EygzNWE4YWE2Mjc2YjkwZGRlODBmMGM1ZWEzZTBkYjQyYjBmOTVhNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCKQwQDlF/xEz1XmDuz6mDQn31R3
RKoDjgqaf5okvOPwFTC9Yudk91CFoDpFaciAFw13ZYLZlPzL2LTsaVSAEoi9vdte
lPkKj9gzPueTTYUGVsIR66gKaT73TcvHFkqYwmdnsNfmBvsLUQ2b6WeJnuR/rcxV
X7qJjR66803mn958YsYnq7iwFBKclw3IHgOULWndz31AIO1Uz2PlfhvZupSoySxT
Wzv977SiKYxA9KZDf4xoCGkQWwF3i3bMPfqsZFf8jcMKJXNhEoBB8RRWUvbtpvoL
AUpd2IEeh/XnYq35KVVxArdqExGU9RvuqPdp0ViFzAucumMIBS3iNzMk5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDWoqmJ2uQ3egPDF6j4NtCsPlab7MB8GA1UdIwQY
MBaAFGQ9rxIuOoesqm/bYsNaJSoZmljZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lZDNkNGEtNzA0Zi00YWE0LTgyMWYt
ZGNkNWU5NDc4MDg0LzEvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lZDNkNGEtNzA0Zi00YWE0LTgyMWYtZGNkNWU5NDc4MDg0
LzEvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghjG3bPp
R8HZconnbydf6CGjulbXd32XLH5oHeYsavmLxQ5/tQIpR2AK/eSiv98Ut7u8HzmJ
cLYfIjtlU3z8nfekyIZw65/llYaa1RqnpiWrlmm9pRYOOHj3QWDremvok61z1Ilb
AJqwbmPI1c2YaAn1IoyT/71rBlSkKxxr1Q+Q74fg+9XSmjaoetrsoZ51UfhFZLRq
4rPq4W2SMTt/WmAlR08gKQP7QajxGMKV6Rdn9mIWcHbFtQk4xzZibKaY1WGHs2td
2WfZcaVTCtUqDkwg/qlKTHpiux9fJqSGRjTnrgDoeFovx/+ljzKK468EJvMDIkXO
I05H99nQoqBveQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:26:52 2026 by rpki-client