Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier: pTFGtM541mxs4iYUfpGzh6ThLXd3T5QePh192LlmVXM=
Subject key identifier: 52:17:62:AE:31:5D:33:6F:60:F0:35:D4:51:1E:CC:DF:67:CA:71:6F
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 019DCFE34199A04450C35E3A05F6EFFF9402
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number: 18DF
Signing time: Mon 27 Apr 2026 17:01:10 +0000
Manifest this update: Mon 27 Apr 2026 17:01:10 +0000
Manifest next update: Tue 28 Apr 2026 17:01:10 +0000
Files and hashes: 1: _NSxXKWLAT32ACYjnb_Q_v0bth4.roa (hash: jFEG3V9iSls0XRVWy4kyBvsz0M23pnXIeMtJ7lA5i08=)
2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: s9KVuYFDamXwta+msd1sEl3sR/1sv8wN+IDTvA5TBf8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:27:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:e3:41:99:a0:44:50:c3:5e:3a:05:f6:ef:ff:94:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Apr 27 17:01:10 2026 GMT
Not After : Apr 28 17:01:10 2026 GMT
Subject: CN=521762ae315d336f60f035d4511eccdf67ca716f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:0f:c8:cf:f3:72:58:43:96:62:54:2c:ac:
fa:9c:74:20:10:2a:35:8c:2d:9e:63:73:83:5f:8f:
d8:b6:dd:e9:50:e7:7f:ac:e7:3f:ee:53:10:34:3b:
89:5e:71:72:b3:5c:3d:6a:67:72:1e:d8:d8:b4:43:
d9:58:96:40:f1:5c:81:fb:c3:b6:d1:8f:f4:a6:a8:
d9:9e:50:12:05:1b:9e:ec:2a:27:72:db:1a:09:e2:
90:f5:82:8a:0a:7d:24:fb:8a:b4:c5:21:ae:05:4a:
27:f5:05:ad:24:81:a7:00:95:e8:6e:b2:53:ae:60:
a5:7d:e0:c8:f6:9b:af:0f:37:22:b3:97:e2:3d:b0:
20:61:24:c2:69:76:5d:43:cf:24:41:46:e7:0f:31:
ea:e7:ff:bd:73:01:0f:57:62:1a:30:1e:d8:d5:45:
05:c2:8d:b8:4a:09:c9:39:b0:7d:47:82:b4:9b:ee:
84:7f:79:be:3e:a0:69:34:df:5c:a9:2b:b4:96:1a:
0c:3b:8f:27:47:b7:21:1f:db:0f:0f:ea:b7:e6:89:
00:46:80:be:3a:4f:64:12:ed:be:cd:7a:ef:00:45:
e7:f0:87:ae:1a:b4:a1:52:e2:04:f7:ce:d8:04:db:
d1:4d:e9:0f:8b:bd:75:64:2e:44:73:8f:a7:94:55:
4f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:17:62:AE:31:5D:33:6F:60:F0:35:D4:51:1E:CC:DF:67:CA:71:6F
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ce:64:df:49:19:ca:c6:db:83:79:f9:ba:3c:2c:4a:6b:2d:6e:
f9:97:be:88:e6:c2:da:13:55:ef:b2:07:27:30:63:13:1c:b4:
fb:4e:51:5f:b7:76:c1:6a:df:ec:d7:55:bd:86:37:32:ef:91:
7c:d4:f7:6c:5c:27:f2:31:3d:8c:85:30:d5:47:1c:53:7f:8f:
31:2e:10:85:f2:fd:ef:7e:be:ad:47:6b:0d:98:81:56:24:c4:
6a:02:db:f5:b6:cf:90:fa:36:74:42:72:33:88:21:c7:bc:1c:
9f:03:af:6d:f3:e0:15:b4:b5:4f:48:49:a1:80:d3:8a:41:47:
cc:e0:60:eb:56:1e:b6:96:81:f3:02:8f:16:47:a4:50:1e:2f:
cf:01:db:59:27:f9:3a:7d:d4:b5:d2:3a:da:e0:e1:1c:c2:e7:
56:63:8e:af:b2:d0:8b:6f:bb:58:3a:73:4c:59:14:ec:20:37:
1e:fc:c4:02:71:ca:b9:a4:8d:b2:ca:e1:72:9f:a7:fd:c0:d0:
ce:51:64:35:c1:79:d5:4c:31:c1:87:84:cf:0a:35:a0:8a:40:
36:18:6d:c6:53:2f:b2:79:03:bf:11:ec:b9:21:89:ee:8f:ac:
6c:2d:42:46:c5:e7:24:dd:11:e3:d1:6b:a7:0b:f0:34:a2:db:
a7:b6:ec:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3P40GZoERQw146Bfbv/5QCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjYwNDI3MTcwMTEwWhcNMjYwNDI4MTcwMTEwWjAzMTEwLwYDVQQD
Eyg1MjE3NjJhZTMxNWQzMzZmNjBmMDM1ZDQ1MTFlY2NkZjY3Y2E3MTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0IPyM/zclhDlmJULKz6nHQgECo1
jC2eY3ODX4/Ytt3pUOd/rOc/7lMQNDuJXnFys1w9amdyHtjYtEPZWJZA8VyB+8O2
0Y/0pqjZnlASBRue7ConctsaCeKQ9YKKCn0k+4q0xSGuBUon9QWtJIGnAJXobrJT
rmClfeDI9puvDzcis5fiPbAgYSTCaXZdQ88kQUbnDzHq5/+9cwEPV2IaMB7Y1UUF
wo24SgnJObB9R4K0m+6Ef3m+PqBpNN9cqSu0lhoMO48nR7chH9sPD+q35okARoC+
Ok9kEu2+zXrvAEXn8IeuGrShUuIE987YBNvRTekPi711ZC5Ec4+nlFVPBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIXYq4xXTNvYPA11FEezN9nynFvMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzmTfSRnK
xtuDefm6PCxKay1u+Ze+iObC2hNV77IHJzBjExy0+05RX7d2wWrf7NdVvYY3Mu+R
fNT3bFwn8jE9jIUw1UccU3+PMS4QhfL9736+rUdrDZiBViTEagLb9bbPkPo2dEJy
M4ghx7wcnwOvbfPgFbS1T0hJoYDTikFHzOBg61YetpaB8wKPFkekUB4vzwHbWSf5
On3UtdI62uDhHMLnVmOOr7LQi2+7WDpzTFkU7CA3HvzEAnHKuaSNssrhcp+n/cDQ
zlFkNcF51UwxwYeEzwo1oIpANhhtxlMvsnkDvxHsuSGJ7o+sbC1CRsXnJN0R49Fr
pwvwNKLbp7bsjQ==
-----END CERTIFICATE-----
Generated at Mon Apr 27 18:29:48 2026 by rpki-client