Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
File: zK1o9-irrfRHJiM0OjJWFQciQYk.mft (raw, json)
Hash identifier: JaVnnMvIvSCfub+2BPvqpuJCG+e7PXLuI03ccQw2aWI=
Subject key identifier: 30:7A:2C:71:83:3B:7E:02:3F:2F:B8:24:9E:1B:1D:3A:68:F5:07:7D
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Certificate issuer: /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial: 019D390A383D8501785E10FB61410AE2C033
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
Manifest number: 0A00
Signing time: Sun 29 Mar 2026 10:01:04 +0000
Manifest this update: Sun 29 Mar 2026 10:01:04 +0000
Manifest next update: Mon 30 Mar 2026 10:01:04 +0000
Files and hashes: 1: wEZZX0o5N8nlP47tu1RwoQ2y0AY.roa (hash: ddJPky6VMI6qp8TK3QriFAzhCSzbyfK/JMSPvgj4FCE=)
2: zK1o9-irrfRHJiM0OjJWFQciQYk.crl (hash: E1Sw2MO5Yy1DH6AC5Fq0Kmw2ZsX0SAlvh6ygPxsAHcw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:38:3d:85:01:78:5e:10:fb:61:41:0a:e2:c0:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
Validity
Not Before: Mar 29 10:01:04 2026 GMT
Not After : Mar 30 10:01:04 2026 GMT
Subject: CN=307a2c71833b7e023f2fb8249e1b1d3a68f5077d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7b:39:79:71:f7:47:e4:56:9c:0c:c5:4e:a6:
a4:92:d8:5a:93:53:72:a6:03:8d:92:d5:80:d9:98:
a7:03:a4:af:27:8a:ce:72:bb:b9:d9:97:75:24:78:
78:3e:8b:72:eb:3b:cc:f2:d5:69:bd:d8:54:b1:54:
48:f3:3c:9a:17:cc:9d:39:34:6d:80:e2:6f:bc:2b:
33:dd:9e:ba:ac:a6:5b:a0:7d:ae:c3:8b:f2:11:dd:
66:bc:30:5c:2b:12:a7:73:49:56:fd:8d:9a:46:e5:
06:cb:7f:74:95:20:1f:62:7b:70:72:0a:9c:0a:a8:
07:8c:0b:c0:a7:d4:79:c5:6d:75:e9:db:89:d6:05:
8b:05:f4:c3:ba:b3:ee:d8:9c:4e:ee:12:ff:8f:d8:
23:24:67:27:72:7e:9c:6f:86:21:4c:f4:2c:cb:2b:
8d:4b:4d:d7:4f:41:00:9d:4c:9a:82:7c:be:eb:83:
e8:34:14:1b:37:b5:27:aa:36:da:8a:5c:8c:a3:24:
28:a3:fa:e9:e8:aa:05:af:db:cf:2f:ac:3a:61:f2:
86:65:de:d8:48:f0:63:d5:f1:0e:8b:d4:8a:83:69:
a5:ec:d3:e8:7d:d3:76:18:75:f0:8b:13:a8:65:55:
f7:d5:ce:86:df:7d:9d:77:2c:12:2a:f0:22:53:02:
f3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:7A:2C:71:83:3B:7E:02:3F:2F:B8:24:9E:1B:1D:3A:68:F5:07:7D
X509v3 Authority Key Identifier:
keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:5d:d8:ef:04:c2:b3:29:d0:05:a6:3a:10:d1:fc:88:2f:52:
32:0c:db:73:d8:76:02:d1:84:05:45:97:47:d6:a1:e9:05:52:
8b:0a:d8:b0:a4:48:27:32:ec:61:3e:37:70:1f:ce:94:8a:d6:
cc:31:03:59:90:44:68:7a:8d:c9:60:f7:30:9b:fa:0c:32:9a:
74:67:4a:81:06:4b:9a:dc:fb:35:77:f4:d8:d8:40:20:c3:b6:
19:28:ac:a7:2d:7d:d5:38:4c:9d:42:9d:dc:72:c2:5d:6a:ec:
8f:78:bd:04:34:da:e4:e4:fb:63:37:f0:a0:73:6a:87:8a:fb:
0f:44:c7:ba:24:a2:af:14:23:6d:d7:53:9f:47:0b:62:0d:5b:
20:19:43:69:f9:fe:35:8e:5f:c6:71:af:e2:66:6b:29:42:64:
08:47:b8:b9:30:46:28:22:88:84:89:26:95:16:1d:e7:a7:82:
b5:cc:ca:51:e7:7b:51:02:42:bc:70:a4:db:74:28:92:56:44:
3e:60:5e:7f:7a:b4:0f:7b:dd:cd:96:31:b2:de:77:84:8e:98:
6b:a5:f9:17:43:9d:f9:7b:c1:c8:f5:ed:49:2b:2a:9b:9b:89:
7b:42:ac:b9:21:a3:a9:98:b5:d9:14:83:66:34:57:04:e0:8f:
0d:e0:fc:cf
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05Cjg9hQF4XhD7YUEK4sAzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjYwMzI5MTAwMTA0WhcNMjYwMzMwMTAwMTA0WjAzMTEwLwYDVQQD
EygzMDdhMmM3MTgzM2I3ZTAyM2YyZmI4MjQ5ZTFiMWQzYTY4ZjUwNzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHs5eXH3R+RWnAzFTqakkthak1Ny
pgONktWA2ZinA6SvJ4rOcru52Zd1JHh4Poty6zvM8tVpvdhUsVRI8zyaF8ydOTRt
gOJvvCsz3Z66rKZboH2uw4vyEd1mvDBcKxKnc0lW/Y2aRuUGy390lSAfYntwcgqc
CqgHjAvAp9R5xW116duJ1gWLBfTDurPu2JxO7hL/j9gjJGcncn6cb4YhTPQsyyuN
S03XT0EAnUyagny+64PoNBQbN7UnqjbailyMoyQoo/rp6KoFr9vPL6w6YfKGZd7Y
SPBj1fEOi9SKg2ml7NPofdN2GHXwixOoZVX31c6G332ddywSKvAiUwLzYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDB6LHGDO34CPy+4JJ4bHTpo9Qd9MB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkF3Y7wTC
synQBaY6ENH8iC9SMgzbc9h2AtGEBUWXR9ah6QVSiwrYsKRIJzLsYT43cB/OlIrW
zDEDWZBEaHqNyWD3MJv6DDKadGdKgQZLmtz7NXf02NhAIMO2GSispy191ThMnUKd
3HLCXWrsj3i9BDTa5OT7YzfwoHNqh4r7D0THuiSirxQjbddTn0cLYg1bIBlDafn+
NY5fxnGv4mZrKUJkCEe4uTBGKCKIhIkmlRYd56eCtczKUed7UQJCvHCk23QoklZE
PmBef3q0D3vdzZYxst53hI6Ya6X5F0Od+XvByPXtSSsqm5uJe0KsuSGjqZi12RSD
ZjRXBOCPDeD8zw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:46:20 2026 by rpki-client