Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier: UHnlmbKu4Q3u3yGmoJyDVJ9FhUuOIVOPh/Uz8v06/g0=
Subject key identifier: EB:14:6F:13:7E:D0:35:52:C8:05:0B:0A:23:EA:26:4B:5E:92:75:A5
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 019CE636AD4B2E84D770EE748D8BF98596BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number: 1866
Signing time: Fri 13 Mar 2026 08:01:08 +0000
Manifest this update: Fri 13 Mar 2026 08:01:08 +0000
Manifest next update: Sat 14 Mar 2026 08:01:08 +0000
Files and hashes: 1: _NSxXKWLAT32ACYjnb_Q_v0bth4.roa (hash: jFEG3V9iSls0XRVWy4kyBvsz0M23pnXIeMtJ7lA5i08=)
2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: rWwixZC5z0bJPbnMgzOsUghekYmwzNsX/Bc1+h4SFvY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:36:ad:4b:2e:84:d7:70:ee:74:8d:8b:f9:85:96:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Mar 13 08:01:08 2026 GMT
Not After : Mar 14 08:01:08 2026 GMT
Subject: CN=eb146f137ed03552c8050b0a23ea264b5e9275a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0a:69:67:c5:0b:89:cc:92:ed:04:e1:4b:68:
50:a5:cd:cb:92:6a:0d:e1:83:4f:02:db:ed:4a:c1:
44:01:69:c8:fd:21:23:54:51:b7:d4:ee:0c:05:5b:
69:3a:e0:12:6a:67:74:c5:7c:9e:e6:43:39:f6:be:
a2:37:8a:0b:21:f3:f2:e5:5c:c3:b7:44:6f:97:7d:
3f:d5:93:4a:44:e2:f8:54:25:1d:bc:c6:b6:63:77:
79:d5:17:ea:8d:f0:7a:2f:31:d1:f4:a8:ba:27:4c:
34:1e:35:44:32:c4:56:2c:b1:30:d2:54:81:f4:17:
8d:97:3c:4d:53:70:97:73:6d:2c:41:d7:24:75:6f:
08:7a:a8:80:48:6e:29:cc:d8:ea:c4:f5:d1:9f:cc:
06:0d:05:85:85:c5:3d:3b:81:ba:45:72:9f:99:af:
68:73:cd:0a:7a:e7:55:82:c7:31:94:28:a4:b0:e8:
af:50:3a:9e:7a:07:f6:c5:30:6f:e6:57:11:9d:a1:
d8:7a:e8:83:62:ce:bf:1b:f3:43:a6:27:d9:cd:7b:
c5:42:80:a3:46:45:dd:25:89:6b:30:6d:e2:b8:09:
ef:49:4f:f2:da:b5:72:55:ea:04:4c:b5:37:e0:7d:
1c:ed:1f:85:25:f5:f9:c0:f7:ab:8b:3f:56:4d:8f:
82:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:14:6F:13:7E:D0:35:52:C8:05:0B:0A:23:EA:26:4B:5E:92:75:A5
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:84:31:2e:0e:e5:21:d1:8d:0e:d1:20:cd:53:a3:3d:29:82:
c1:58:20:d1:d5:3b:69:3f:2a:d7:d9:37:36:41:1b:4e:ea:4c:
8f:eb:51:7d:d3:f0:45:4f:f4:61:df:14:3f:1f:7d:6d:fb:72:
ac:11:a7:41:05:f4:cf:8f:f1:41:41:f1:d9:bd:f8:bd:29:a1:
3a:19:2d:2e:d5:d6:d1:d5:bc:75:ae:8c:1f:62:f3:d1:24:e4:
f8:1b:d3:fe:2c:52:b8:a8:21:66:c4:fe:05:8c:91:4d:41:fa:
eb:3f:1d:c5:5d:ca:ec:6d:3b:2f:92:57:41:d1:d9:51:07:46:
f4:25:12:75:97:15:66:5b:a4:c3:60:4c:dc:51:45:e1:a2:d2:
8b:6a:cf:af:b2:16:13:d5:f0:57:26:98:9c:6a:f2:2e:8d:a9:
6d:52:3a:d3:85:de:9e:55:35:a8:b9:96:55:bb:ae:cd:35:91:
2e:e5:b2:c8:a4:3a:e3:4b:53:3f:e6:06:a4:ae:32:8f:75:d9:
cb:65:bb:ee:57:72:2e:c9:69:e4:45:bb:bb:5b:a7:14:e2:4e:
b9:67:3d:1b:49:87:45:6d:e1:e8:15:8c:6e:4d:21:6f:65:f8:
27:fd:46:d7:3a:a5:bf:33:86:9b:2a:96:1e:7f:8b:49:08:63:
ba:eb:bf:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzmNq1LLoTXcO50jYv5hZa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjYwMzEzMDgwMTA4WhcNMjYwMzE0MDgwMTA4WjAzMTEwLwYDVQQD
EyhlYjE0NmYxMzdlZDAzNTUyYzgwNTBiMGEyM2VhMjY0YjVlOTI3NWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQppZ8ULicyS7QThS2hQpc3LkmoN
4YNPAtvtSsFEAWnI/SEjVFG31O4MBVtpOuASamd0xXye5kM59r6iN4oLIfPy5VzD
t0Rvl30/1ZNKROL4VCUdvMa2Y3d51RfqjfB6LzHR9Ki6J0w0HjVEMsRWLLEw0lSB
9BeNlzxNU3CXc20sQdckdW8IeqiASG4pzNjqxPXRn8wGDQWFhcU9O4G6RXKfma9o
c80KeudVgscxlCiksOivUDqeegf2xTBv5lcRnaHYeuiDYs6/G/NDpifZzXvFQoCj
RkXdJYlrMG3iuAnvSU/y2rVyVeoETLU34H0c7R+FJfX5wPeriz9WTY+CeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOsUbxN+0DVSyAULCiPqJkteknWlMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMIQxLg7l
IdGNDtEgzVOjPSmCwVgg0dU7aT8q19k3NkEbTupMj+tRfdPwRU/0Yd8UPx99bfty
rBGnQQX0z4/xQUHx2b34vSmhOhktLtXW0dW8da6MH2Lz0STk+BvT/ixSuKghZsT+
BYyRTUH66z8dxV3K7G07L5JXQdHZUQdG9CUSdZcVZlukw2BM3FFF4aLSi2rPr7IW
E9XwVyaYnGryLo2pbVI604XenlU1qLmWVbuuzTWRLuWyyKQ640tTP+YGpK4yj3XZ
y2W77ldyLslp5EW7u1unFOJOuWc9G0mHRW3h6BWMbk0hb2X4J/1G1zqlvzOGmyqW
Hn+LSQhjuuu/kg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 11:09:59 2026 by rpki-client