Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.mft
File: ZqHRoBeALlxX2ll4VE_FN0A9pzo.mft (raw, json)
Hash identifier: EDIbkhiCJNGUJ+R72QWxtBSXJJ9LxokZIHF1WQcsknQ=
Subject key identifier: E3:C2:A9:30:0F:F2:DD:76:0D:E1:F9:28:34:57:EB:D1:3A:5C:89:3C
Authority key identifier: 66:A1:D1:A0:17:80:2E:5C:57:DA:59:78:54:4F:C5:37:40:3D:A7:3A
Certificate issuer: /CN=66a1d1a017802e5c57da5978544fc537403da73a
Certificate serial: 019D37C0BF6B90538186661E130F514C6D57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZqHRoBeALlxX2ll4VE_FN0A9pzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.mft
Manifest number: 0BA7
Signing time: Sun 29 Mar 2026 04:01:11 +0000
Manifest this update: Sun 29 Mar 2026 04:01:11 +0000
Manifest next update: Mon 30 Mar 2026 04:01:11 +0000
Files and hashes: 1: 3YnZtmegxXoZvb9K7_HalTViL0w.roa (hash: B1b4mNLvcXEYUbcOc3EYX+Xry/YHoo7ZiUdGbEg4AFc=)
2: ZqHRoBeALlxX2ll4VE_FN0A9pzo.crl (hash: Ma+dSxbAvhYxVDAe8muKBBZp6HuPoGiBgucd0tKo1hE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZqHRoBeALlxX2ll4VE_FN0A9pzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:bf:6b:90:53:81:86:66:1e:13:0f:51:4c:6d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66a1d1a017802e5c57da5978544fc537403da73a
Validity
Not Before: Mar 29 04:01:11 2026 GMT
Not After : Mar 30 04:01:11 2026 GMT
Subject: CN=e3c2a9300ff2dd760de1f9283457ebd13a5c893c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ff:df:58:14:b4:b9:2b:96:77:af:f6:7d:94:
f5:8d:05:a2:90:c0:62:3e:e2:4d:d9:e3:3c:1f:ef:
5e:44:9f:1f:38:89:ba:c2:1c:ca:60:98:05:29:af:
85:59:cc:1f:35:12:d0:86:6d:2b:d8:62:20:f7:bc:
3c:0f:2f:98:e6:1e:c4:d7:2e:13:04:6e:7c:25:05:
db:e5:13:01:e8:36:31:1a:cb:4d:c7:92:a3:ca:fc:
d1:97:a0:8e:f6:80:aa:69:f6:53:c4:31:43:96:c2:
8b:e4:87:97:ac:e6:46:96:46:06:33:64:69:60:09:
da:17:c1:40:a1:4a:e9:cc:76:9c:8f:6c:b3:f9:f2:
2a:f6:08:f7:48:ad:bc:c9:c8:b2:05:4c:72:5d:7c:
7a:5c:2c:d2:c4:33:9d:6c:b8:b5:61:4b:2d:52:09:
d4:17:0e:63:34:b4:26:61:dd:56:b5:37:06:be:fc:
b7:d6:25:01:2a:b2:af:8f:32:bd:62:e4:88:80:91:
da:3a:94:8a:5b:43:a9:65:b4:ce:a9:d7:c4:b2:a4:
66:08:c3:62:e9:c2:7b:87:87:5e:64:4b:48:80:d2:
0a:09:f9:bc:ec:b0:ae:f0:4b:64:2c:12:c5:d7:47:
6f:59:c1:4e:7d:74:e1:27:a4:b0:55:62:14:7a:ac:
94:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:C2:A9:30:0F:F2:DD:76:0D:E1:F9:28:34:57:EB:D1:3A:5C:89:3C
X509v3 Authority Key Identifier:
keyid:66:A1:D1:A0:17:80:2E:5C:57:DA:59:78:54:4F:C5:37:40:3D:A7:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZqHRoBeALlxX2ll4VE_FN0A9pzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/91548b-bab5-454c-b60b-19f2a1d16033/1/ZqHRoBeALlxX2ll4VE_FN0A9pzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:74:0c:2b:74:80:89:e0:d7:9b:a1:ea:1c:06:c7:74:e4:57:
2f:25:05:bf:94:ad:2f:b7:e7:d2:cf:5e:6c:99:a7:5d:be:9e:
db:da:82:fc:64:49:77:a6:fe:f4:2f:27:8b:a7:d2:7e:64:84:
b2:16:6c:b2:de:df:47:27:69:33:72:5b:07:90:05:2f:f4:ec:
ff:32:20:e0:b5:f6:0f:fd:34:19:c3:2a:46:b2:93:74:a9:15:
ae:d4:f4:89:48:d5:d4:34:44:27:4d:2a:d9:3f:43:48:dd:05:
fc:1b:79:68:8e:7d:47:82:64:11:04:30:e8:02:4b:50:01:17:
ce:0f:af:c0:51:15:42:71:60:c2:90:b6:f4:7f:26:74:a0:fd:
37:10:fe:07:c8:31:f4:bb:ae:f4:b7:b5:a1:52:0d:b3:de:f0:
45:37:2a:89:e8:ad:c3:64:bf:cf:fb:e9:9a:66:a9:52:5e:f0:
b3:60:06:f8:e5:d9:28:36:b8:2b:17:1c:9d:8d:52:c2:1b:be:
3f:df:d6:16:86:9d:48:4e:47:19:9a:89:04:ed:4a:e3:f7:de:
6c:49:14:09:95:e6:e6:77:b0:74:6c:71:a7:14:e9:d5:93:3f:
8c:3f:94:27:0b:3f:eb:d9:62:62:e7:21:e8:b7:d4:7c:1f:28:
5c:f7:23:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wL9rkFOBhmYeEw9RTG1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YTFkMWEwMTc4MDJlNWM1N2RhNTk3ODU0NGZjNTM3NDAz
ZGE3M2EwHhcNMjYwMzI5MDQwMTExWhcNMjYwMzMwMDQwMTExWjAzMTEwLwYDVQQD
EyhlM2MyYTkzMDBmZjJkZDc2MGRlMWY5MjgzNDU3ZWJkMTNhNWM4OTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtP/fWBS0uSuWd6/2fZT1jQWikMBi
PuJN2eM8H+9eRJ8fOIm6whzKYJgFKa+FWcwfNRLQhm0r2GIg97w8Dy+Y5h7E1y4T
BG58JQXb5RMB6DYxGstNx5KjyvzRl6CO9oCqafZTxDFDlsKL5IeXrOZGlkYGM2Rp
YAnaF8FAoUrpzHacj2yz+fIq9gj3SK28yciyBUxyXXx6XCzSxDOdbLi1YUstUgnU
Fw5jNLQmYd1WtTcGvvy31iUBKrKvjzK9YuSIgJHaOpSKW0OpZbTOqdfEsqRmCMNi
6cJ7h4deZEtIgNIKCfm87LCu8EtkLBLF10dvWcFOfXThJ6SwVWIUeqyUJQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOPCqTAP8t12DeH5KDRX69E6XIk8MB8GA1UdIwQY
MBaAFGah0aAXgC5cV9pZeFRPxTdAPac6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnFIUm9CZUFMbHhYMmxsNFZFX0ZOMEE5cHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85MTU0OGItYmFiNS00NTRjLWI2MGIt
MTlmMmExZDE2MDMzLzEvWnFIUm9CZUFMbHhYMmxsNFZFX0ZOMEE5cHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85MTU0OGItYmFiNS00NTRjLWI2MGItMTlmMmExZDE2MDMz
LzEvWnFIUm9CZUFMbHhYMmxsNFZFX0ZOMEE5cHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaHQMK3SA
ieDXm6HqHAbHdORXLyUFv5StL7fn0s9ebJmnXb6e29qC/GRJd6b+9C8ni6fSfmSE
shZsst7fRydpM3JbB5AFL/Ts/zIg4LX2D/00GcMqRrKTdKkVrtT0iUjV1DREJ00q
2T9DSN0F/Bt5aI59R4JkEQQw6AJLUAEXzg+vwFEVQnFgwpC29H8mdKD9NxD+B8gx
9Luu9Le1oVINs97wRTcqieitw2S/z/vpmmapUl7ws2AG+OXZKDa4KxccnY1Swhu+
P9/WFoadSE5HGZqJBO1K4/febEkUCZXm5newdGxxpxTp1ZM/jD+UJws/69liYuch
6LfUfB8oXPcj1w==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:45:41 2026 by rpki-client