Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
File: zy7ueKAITYMd4aJQAYPhZIlRbM8.mft (raw, json)
Hash identifier: 1V+X29xlhvFXe4/CDv+Q+1zt9HrJR65nkQ4ZY3p5BbI=
Subject key identifier: 12:53:08:81:2E:0A:C2:FD:D0:50:89:46:25:BE:AE:A0:CF:88:7D:A0
Authority key identifier: CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
Certificate issuer: /CN=cf2eee78a0084d831de1a2500183e16489516ccf
Certificate serial: 019D37F71E4542EC34C9D18FFC4703260C5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
Manifest number: 1193
Signing time: Sun 29 Mar 2026 05:00:34 +0000
Manifest this update: Sun 29 Mar 2026 05:00:34 +0000
Manifest next update: Mon 30 Mar 2026 05:00:34 +0000
Files and hashes: 1: 2hflLbfqAWKpFyYGnXBTWiWqwxs.roa (hash: lI9Xhzw78sH7hBtTcjJSosgoG/UbF5gG44NR4ynAOeo=)
2: zy7ueKAITYMd4aJQAYPhZIlRbM8.crl (hash: GIARateLXPgMvroLwx5dwWMkjUR3hLF3mxYLKrGzreI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 05:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:f7:1e:45:42:ec:34:c9:d1:8f:fc:47:03:26:0c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf2eee78a0084d831de1a2500183e16489516ccf
Validity
Not Before: Mar 29 05:00:34 2026 GMT
Not After : Mar 30 05:00:34 2026 GMT
Subject: CN=125308812e0ac2fdd050894625beaea0cf887da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:99:84:95:33:c3:94:1f:a8:0b:b5:c6:16:e9:
5e:91:9d:04:28:c9:7c:e9:5e:ac:8d:d3:4e:aa:61:
19:3b:8b:4a:3b:b6:c3:20:d2:3d:d4:6a:f8:36:0e:
f6:3b:e1:14:cc:43:f9:cd:b0:36:2a:29:76:dc:8b:
be:45:ca:36:e9:67:26:06:70:f9:d2:59:ca:78:8d:
2b:45:fc:60:1c:8a:21:2a:15:41:b0:d8:48:2d:ff:
ef:14:18:b2:25:d5:d8:75:73:72:50:f1:08:95:a1:
29:ce:49:bd:53:0c:05:be:94:52:c8:e8:5f:30:34:
c7:8a:da:fb:b2:ee:34:d2:0e:32:95:3c:4b:4a:cd:
dd:61:94:43:7c:ba:d0:9a:d8:0b:d8:98:9a:68:ae:
02:63:04:ec:5e:ac:a8:bd:7b:0a:ae:13:ef:82:fc:
41:a5:64:55:48:b3:be:86:bc:f7:be:d7:a6:a3:a6:
08:b4:ad:76:4f:d0:8e:76:f9:ba:55:33:dd:80:e4:
3a:73:c6:bb:01:ce:d1:ff:71:84:a1:05:b9:5a:53:
82:5d:d6:8b:62:e6:80:15:6b:d4:df:74:b6:97:5b:
ac:c7:4a:15:48:49:22:f5:01:07:b3:34:34:f9:6b:
6b:96:c7:4d:f1:12:2f:8d:1a:3c:ae:09:f4:15:0f:
0c:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:53:08:81:2E:0A:C2:FD:D0:50:89:46:25:BE:AE:A0:CF:88:7D:A0
X509v3 Authority Key Identifier:
keyid:CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:62:db:e0:ef:a7:98:89:d5:8d:f6:54:c1:4c:07:f0:0c:f5:
0f:57:95:30:5d:36:98:d2:a5:b4:2e:dc:77:8b:61:1c:9c:f4:
1b:ff:a7:5c:39:1e:8e:75:ea:87:53:3c:bd:c6:2c:82:53:a4:
1d:42:ba:f3:76:0b:99:c8:44:36:f7:75:ff:4d:66:a6:65:11:
2f:6d:80:c0:ab:be:20:50:b1:a3:41:fa:7c:b1:17:58:6f:7b:
93:dd:2d:f3:ca:83:a9:0c:37:2d:99:74:38:fe:0f:5b:cd:2a:
1f:aa:37:5c:56:8d:52:2f:66:f3:de:5b:76:fd:44:c8:e8:14:
45:5d:c1:48:35:c5:1b:1c:e7:8c:51:49:62:bc:71:5c:f2:30:
c6:88:5c:a4:d0:07:f5:17:cc:79:86:3c:a4:23:e8:0c:ff:20:
72:76:42:af:16:cb:67:d2:d1:5d:0e:26:4f:04:df:a5:c7:94:
8d:ea:c8:84:c5:e7:d3:73:31:81:6d:54:35:96:91:8f:06:4a:
71:81:d6:e7:e6:b5:46:4a:be:05:dc:fe:f5:55:e7:64:33:bd:
ed:f1:68:6b:cd:42:64:ec:f5:1c:f7:a2:a9:e1:2c:40:c7:53:
f1:23:77:e5:70:0b:b0:46:f0:7b:58:ae:f1:12:0b:7c:c2:2b:
5a:ec:69:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ039x5FQuw0ydGP/EcDJgxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMmVlZTc4YTAwODRkODMxZGUxYTI1MDAxODNlMTY0ODk1
MTZjY2YwHhcNMjYwMzI5MDUwMDM0WhcNMjYwMzMwMDUwMDM0WjAzMTEwLwYDVQQD
EygxMjUzMDg4MTJlMGFjMmZkZDA1MDg5NDYyNWJlYWVhMGNmODg3ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA75mElTPDlB+oC7XGFulekZ0EKMl8
6V6sjdNOqmEZO4tKO7bDINI91Gr4Ng72O+EUzEP5zbA2Kil23Iu+Rco26WcmBnD5
0lnKeI0rRfxgHIohKhVBsNhILf/vFBiyJdXYdXNyUPEIlaEpzkm9UwwFvpRSyOhf
MDTHitr7su400g4ylTxLSs3dYZRDfLrQmtgL2JiaaK4CYwTsXqyovXsKrhPvgvxB
pWRVSLO+hrz3vtemo6YItK12T9COdvm6VTPdgOQ6c8a7Ac7R/3GEoQW5WlOCXdaL
YuaAFWvU33S2l1usx0oVSEki9QEHszQ0+WtrlsdN8RIvjRo8rgn0FQ8MjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBJTCIEuCsL90FCJRiW+rqDPiH2gMB8GA1UdIwQY
MBaAFM8u7nigCE2DHeGiUAGD4WSJUWzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYt
NzE4YjljNDBmZDI1LzEvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYtNzE4YjljNDBmZDI1
LzEvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASWLb4O+n
mInVjfZUwUwH8Az1D1eVMF02mNKltC7cd4thHJz0G/+nXDkejnXqh1M8vcYsglOk
HUK683YLmchENvd1/01mpmURL22AwKu+IFCxo0H6fLEXWG97k90t88qDqQw3LZl0
OP4PW80qH6o3XFaNUi9m895bdv1EyOgURV3BSDXFGxznjFFJYrxxXPIwxohcpNAH
9RfMeYY8pCPoDP8gcnZCrxbLZ9LRXQ4mTwTfpceUjerIhMXn03MxgW1UNZaRjwZK
cYHW5+a1Rkq+Bdz+9VXnZDO97fFoa81CZOz1HPeiqeEsQMdT8SN35XALsEbwe1iu
8RILfMIrWuxpNA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:34:57 2026 by rpki-client