Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft
File: zf9bPNry6tG8MwlBG_lJLNmHr7o.mft (raw, json)
Hash identifier: eRVnkf3pwHqBx4G/4g0bd8lqnQ0N8EfKq1qvEiymITk=
Subject key identifier: 2C:16:DC:BB:0F:AC:C3:6C:01:6F:CF:41:52:B6:BD:2A:7B:98:01:10
Authority key identifier: CD:FF:5B:3C:DA:F2:EA:D1:BC:33:09:41:1B:F9:49:2C:D9:87:AF:BA
Certificate issuer: /CN=cdff5b3cdaf2ead1bc3309411bf9492cd987afba
Certificate serial: 019D3941876E338F34178064434AD7B48602
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft
Manifest number: 06EA
Signing time: Sun 29 Mar 2026 11:01:28 +0000
Manifest this update: Sun 29 Mar 2026 11:01:28 +0000
Manifest next update: Mon 30 Mar 2026 11:01:28 +0000
Files and hashes: 1: soD_TVroUhn4kOalbV5_zUUFF5o.roa (hash: 6MD8ohn7IGtOGpcI8Sh4nU/dqGzhAaKyVoNKEGen+rQ=)
2: zf9bPNry6tG8MwlBG_lJLNmHr7o.crl (hash: C+pyOZTGkidC3JLAaqicWc93B7qeFnP+qRkGZvETHpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 11:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:41:87:6e:33:8f:34:17:80:64:43:4a:d7:b4:86:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdff5b3cdaf2ead1bc3309411bf9492cd987afba
Validity
Not Before: Mar 29 11:01:28 2026 GMT
Not After : Mar 30 11:01:28 2026 GMT
Subject: CN=2c16dcbb0facc36c016fcf4152b6bd2a7b980110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:79:44:11:a7:8e:b3:7b:c8:01:5c:d0:78:6b:
57:72:76:ad:50:d5:e4:55:2a:c9:90:a9:d2:d1:92:
93:5f:9e:31:59:3c:79:ac:76:5c:09:c4:a4:f3:c3:
e8:d0:aa:68:b4:a1:90:f7:05:74:2e:83:27:85:f0:
d5:a4:df:64:91:a1:3e:53:e9:b4:8a:56:4d:26:81:
c4:46:c9:02:ca:72:5f:12:fa:bc:5d:a1:7a:33:81:
2b:85:f3:dc:d9:1a:d0:15:16:d5:42:20:61:44:bd:
f7:99:d6:03:a2:a5:78:37:73:29:3f:2b:50:95:fc:
42:73:32:32:30:d4:65:54:ec:86:50:01:0f:56:66:
cb:58:61:72:84:16:9e:d1:11:7f:6a:28:d8:e2:da:
10:2b:17:60:f1:5e:b0:9b:2f:86:98:31:85:40:ce:
63:6e:71:5f:74:8a:e1:24:d0:a0:30:c8:aa:8f:64:
b0:e7:1e:7a:40:09:b3:24:68:81:1f:47:86:87:06:
a3:95:f3:3d:8a:a5:80:92:ab:48:20:63:d0:a5:6a:
fe:e2:16:d9:c9:96:d4:5b:ae:d7:01:68:95:33:eb:
1e:4d:50:1e:fd:0b:27:a0:80:36:56:6c:71:e8:81:
80:a0:4f:df:51:e3:42:e3:11:e2:0e:3a:64:99:97:
9e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:16:DC:BB:0F:AC:C3:6C:01:6F:CF:41:52:B6:BD:2A:7B:98:01:10
X509v3 Authority Key Identifier:
keyid:CD:FF:5B:3C:DA:F2:EA:D1:BC:33:09:41:1B:F9:49:2C:D9:87:AF:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bd:ad:10:87:da:2e:5f:6d:8c:30:2f:86:1f:ea:07:1b:8b:8a:
6c:b6:37:bc:97:3e:f0:52:cf:5c:88:ae:d1:4d:ee:a3:db:20:
f7:bc:af:67:a1:2a:2e:c0:54:66:4f:73:cc:9d:db:2b:1f:be:
ed:44:0f:af:35:ff:f2:c2:cf:fc:2c:f7:b8:84:2f:39:01:36:
a9:3c:3d:b4:9e:25:6a:ab:95:7f:9c:23:38:0d:10:8f:7e:ce:
70:7b:ae:73:fd:09:fe:12:f6:bb:50:be:1b:6b:8d:61:fa:fe:
26:f6:21:2b:ef:2c:6c:6f:fa:81:56:93:14:1f:50:50:85:5c:
66:9a:2a:09:d2:f7:ca:e6:de:94:e6:9d:f2:7c:c8:58:d0:9b:
ec:4a:70:a8:61:63:50:83:0d:f5:e0:0c:28:ec:0d:ff:a8:8c:
10:85:ab:6a:0a:fb:08:19:1b:37:48:fa:82:f4:d8:e2:74:c2:
94:75:65:9b:31:99:d7:6c:32:08:cd:4f:ca:3f:a7:3d:7a:69:
e6:35:98:10:65:e3:fa:9f:f0:75:a5:20:63:7b:36:4c:22:77:
89:3c:98:51:0a:bd:e2:22:6a:af:82:27:39:48:65:44:3d:d3:
65:39:00:c2:4b:99:f2:c4:37:ee:4c:2b:38:47:cf:81:cf:2f:
f4:27:0f:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05QYduM480F4BkQ0rXtIYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZmY1YjNjZGFmMmVhZDFiYzMzMDk0MTFiZjk0OTJjZDk4
N2FmYmEwHhcNMjYwMzI5MTEwMTI4WhcNMjYwMzMwMTEwMTI4WjAzMTEwLwYDVQQD
EygyYzE2ZGNiYjBmYWNjMzZjMDE2ZmNmNDE1MmI2YmQyYTdiOTgwMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4XlEEaeOs3vIAVzQeGtXcnatUNXk
VSrJkKnS0ZKTX54xWTx5rHZcCcSk88Po0KpotKGQ9wV0LoMnhfDVpN9kkaE+U+m0
ilZNJoHERskCynJfEvq8XaF6M4ErhfPc2RrQFRbVQiBhRL33mdYDoqV4N3MpPytQ
lfxCczIyMNRlVOyGUAEPVmbLWGFyhBae0RF/aijY4toQKxdg8V6wmy+GmDGFQM5j
bnFfdIrhJNCgMMiqj2Sw5x56QAmzJGiBH0eGhwajlfM9iqWAkqtIIGPQpWr+4hbZ
yZbUW67XAWiVM+seTVAe/QsnoIA2Vmxx6IGAoE/fUeNC4xHiDjpkmZeeiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCwW3LsPrMNsAW/PQVK2vSp7mAEQMB8GA1UdIwQY
MBaAFM3/Wzza8urRvDMJQRv5SSzZh6+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iNzZkMzQtNWYwNy00MmQ4LWExMzEt
YTg3ODFhZGQyNDIzLzEvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9iNzZkMzQtNWYwNy00MmQ4LWExMzEtYTg3ODFhZGQyNDIz
LzEvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAva0Qh9ou
X22MMC+GH+oHG4uKbLY3vJc+8FLPXIiu0U3uo9sg97yvZ6EqLsBUZk9zzJ3bKx++
7UQPrzX/8sLP/Cz3uIQvOQE2qTw9tJ4laquVf5wjOA0Qj37OcHuuc/0J/hL2u1C+
G2uNYfr+JvYhK+8sbG/6gVaTFB9QUIVcZpoqCdL3yubelOad8nzIWNCb7EpwqGFj
UIMN9eAMKOwN/6iMEIWragr7CBkbN0j6gvTY4nTClHVlmzGZ12wyCM1Pyj+nPXpp
5jWYEGXj+p/wdaUgY3s2TCJ3iTyYUQq94iJqr4InOUhlRD3TZTkAwkuZ8sQ37kwr
OEfPgc8v9CcP9Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 21:15:38 2026 by rpki-client