Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
File: ZKDbECcDCCx8pVSrtbInYAGNVj8.mft (raw, json)
Hash identifier: Rlja4n0Lmk0d4VAKm5658hvRYluokOfvoujK/bKWF5k=
Subject key identifier: 8D:D7:F9:F5:2F:97:3F:F8:74:84:86:AF:93:6E:2F:BF:12:BC:E9:F8
Authority key identifier: 64:A0:DB:10:27:03:08:2C:7C:A5:54:AB:B5:B2:27:60:01:8D:56:3F
Certificate issuer: /CN=64a0db102703082c7ca554abb5b22760018d563f
Certificate serial: 019D37C0CF364C5CC136909A38EB448BE8E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 04:01:15 +0000
Manifest this update: Sun 29 Mar 2026 04:01:15 +0000
Manifest next update: Mon 30 Mar 2026 04:01:15 +0000
Files and hashes: 1: 3yADdDDzcZW_FNyfLRFjmJYJIcY.roa (hash: vhBQD1/rqueuWkSga6Bimchj7hsJoyusDZ80Vt3wI/g=)
2: ZKDbECcDCCx8pVSrtbInYAGNVj8.crl (hash: QDVs64tEOdFyhHXiXEegfEPIp1VD94Uq8k/tGnaf7TE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:cf:36:4c:5c:c1:36:90:9a:38:eb:44:8b:e8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a0db102703082c7ca554abb5b22760018d563f
Validity
Not Before: Mar 29 04:01:15 2026 GMT
Not After : Mar 30 04:01:15 2026 GMT
Subject: CN=8dd7f9f52f973ff8748486af936e2fbf12bce9f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e2:62:e2:ba:c5:66:bd:a4:e7:c4:ec:8e:6e:
87:4f:28:d5:e6:ec:79:e8:85:76:fc:7a:d6:6a:9b:
56:6b:b0:44:61:8b:66:ff:d4:ea:cb:57:90:29:b1:
d0:77:b7:f0:47:96:e9:96:72:d0:c6:1b:5e:65:e5:
0e:09:de:ff:9c:27:b7:17:5a:32:4a:e9:3d:6b:31:
96:e1:f7:c3:6c:d9:93:79:1b:34:fc:8c:f9:aa:79:
e6:89:a8:2e:bd:0c:ed:73:01:38:b3:e9:8c:b5:5c:
3a:b5:45:05:48:41:c7:f0:3f:a3:fc:eb:7a:05:af:
ca:09:98:5d:8a:42:58:08:93:82:04:dd:2b:8d:0e:
91:0f:6d:9e:40:ae:d5:be:0a:4b:99:7d:f3:a1:29:
aa:ae:17:24:97:7b:51:0f:98:a5:79:d0:b4:ff:03:
0e:2d:45:33:4c:af:3c:66:79:ef:41:48:14:92:6a:
cd:b3:92:6c:ec:7e:34:d5:2b:e0:36:38:c3:0b:9d:
33:ae:12:31:bd:1e:e2:4e:f6:69:4b:5f:53:f1:02:
04:40:55:b2:c4:bf:58:30:9e:db:d2:05:be:77:0b:
5d:80:b2:1a:1f:55:cd:7f:4c:82:6a:74:e1:16:99:
b6:24:62:36:01:d7:de:00:be:f1:9f:d1:ba:ad:36:
13:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D7:F9:F5:2F:97:3F:F8:74:84:86:AF:93:6E:2F:BF:12:BC:E9:F8
X509v3 Authority Key Identifier:
keyid:64:A0:DB:10:27:03:08:2C:7C:A5:54:AB:B5:B2:27:60:01:8D:56:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b3:99:71:a2:d1:33:bb:64:72:4e:2c:ca:68:58:39:61:b9:6c:
63:b2:78:2f:9d:70:ed:d1:a7:55:28:56:49:73:f2:f5:e8:7f:
77:00:df:4b:62:4d:28:18:5d:23:07:86:f9:a1:76:fb:9f:35:
8a:ae:59:3b:34:79:cb:70:2f:66:e4:38:62:a4:8e:c6:90:a0:
9a:93:cd:be:22:df:75:55:d9:7b:4b:45:bb:d5:75:b9:ca:0e:
07:e0:ed:af:d5:cd:e0:6b:04:6e:e1:4e:83:b5:6b:52:8c:23:
34:29:20:2c:a7:b7:ed:14:c9:40:fc:5e:c8:dc:71:75:c6:a1:
dd:66:7d:c0:42:b3:d3:1e:51:92:66:7e:75:75:dc:8f:0e:89:
b7:f8:ba:de:88:03:3d:4f:60:b8:3d:0d:eb:ae:f4:df:67:ef:
bc:f7:47:59:bf:78:f2:74:76:9c:99:ba:77:70:50:b2:36:1c:
d1:e0:d1:6d:8a:9d:06:db:a4:aa:ba:d8:a0:b8:a8:bd:9b:ce:
36:27:a9:97:39:25:8c:b6:f5:25:c4:b8:2b:26:45:54:36:f1:
46:b8:ca:00:2f:f0:65:d8:45:3a:64:9d:9b:f1:1e:ba:d8:92:
3b:be:0c:ca:4d:99:a3:b4:94:2b:25:da:2a:61:3b:85:09:f8:
a3:51:76:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wM82TFzBNpCaOOtEi+jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTBkYjEwMjcwMzA4MmM3Y2E1NTRhYmI1YjIyNzYwMDE4
ZDU2M2YwHhcNMjYwMzI5MDQwMTE1WhcNMjYwMzMwMDQwMTE1WjAzMTEwLwYDVQQD
Eyg4ZGQ3ZjlmNTJmOTczZmY4NzQ4NDg2YWY5MzZlMmZiZjEyYmNlOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OJi4rrFZr2k58Tsjm6HTyjV5ux5
6IV2/HrWaptWa7BEYYtm/9Tqy1eQKbHQd7fwR5bplnLQxhteZeUOCd7/nCe3F1oy
Suk9azGW4ffDbNmTeRs0/Iz5qnnmiaguvQztcwE4s+mMtVw6tUUFSEHH8D+j/Ot6
Ba/KCZhdikJYCJOCBN0rjQ6RD22eQK7VvgpLmX3zoSmqrhckl3tRD5iledC0/wMO
LUUzTK88ZnnvQUgUkmrNs5Js7H401SvgNjjDC50zrhIxvR7iTvZpS19T8QIEQFWy
xL9YMJ7b0gW+dwtdgLIaH1XNf0yCanThFpm2JGI2AdfeAL7xn9G6rTYT1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3X+fUvlz/4dISGr5NuL78SvOn4MB8GA1UdIwQY
MBaAFGSg2xAnAwgsfKVUq7WyJ2ABjVY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mOWEwMGEtODRlZS00N2EwLTllYTEt
ZjE3OWRiNWYwNGI2LzEvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mOWEwMGEtODRlZS00N2EwLTllYTEtZjE3OWRiNWYwNGI2
LzEvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAs5lxotEz
u2RyTizKaFg5YblsY7J4L51w7dGnVShWSXPy9eh/dwDfS2JNKBhdIweG+aF2+581
iq5ZOzR5y3AvZuQ4YqSOxpCgmpPNviLfdVXZe0tFu9V1ucoOB+Dtr9XN4GsEbuFO
g7VrUowjNCkgLKe37RTJQPxeyNxxdcah3WZ9wEKz0x5RkmZ+dXXcjw6Jt/i63ogD
PU9guD0N667032fvvPdHWb948nR2nJm6d3BQsjYc0eDRbYqdBtukqrrYoLiovZvO
NieplzkljLb1JcS4KyZFVDbxRrjKAC/wZdhFOmSdm/EeutiSO74Myk2Zo7SUKyXa
KmE7hQn4o1F2JA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:29:38 2026 by rpki-client