Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
File: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft (raw, json)
Hash identifier: 3gZRq7Y0UY6oJSLs/HwQlo3Inqavfpyuw7D5APjVOCg=
Subject key identifier: D0:10:43:E2:8C:E6:53:64:9D:2E:C7:62:0D:C8:CA:08:CF:C6:AA:84
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 019D38D2DC300652B1FEDE44F9727294165A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
Manifest number: 1896
Signing time: Sun 29 Mar 2026 09:00:36 +0000
Manifest this update: Sun 29 Mar 2026 09:00:36 +0000
Manifest next update: Mon 30 Mar 2026 09:00:36 +0000
Files and hashes: 1: dCjH0v3m8tCVY_tkggWdXHZn358.roa (hash: a8K+Ic68j3/hayz7h7GvBE1rHXDfwuhE74wsEmkFkNk=)
2: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl (hash: 0DVQFB1KdoiJkLHOCYBMExMIs4VO0vnbZPaumR5/VCY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:dc:30:06:52:b1:fe:de:44:f9:72:72:94:16:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Mar 29 09:00:36 2026 GMT
Not After : Mar 30 09:00:36 2026 GMT
Subject: CN=d01043e28ce653649d2ec7620dc8ca08cfc6aa84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e4:92:ad:9a:5c:e4:8c:0e:e5:c5:48:97:5b:
e7:99:8b:aa:75:af:d4:d3:67:56:43:8c:81:b6:6a:
77:44:4c:d1:e0:d6:06:86:98:f8:99:da:0a:b7:d7:
84:64:3b:e8:74:90:ca:be:1a:87:77:f1:03:a5:f5:
ff:d5:ff:6d:70:33:8c:81:c8:d1:fe:fa:14:c1:d6:
e1:9e:71:4e:a0:b5:58:35:8e:49:10:9b:0d:fe:b4:
9c:dd:bf:72:de:a6:9e:bf:b3:65:13:ce:e1:c8:f1:
ae:cc:e7:85:73:cd:a4:9d:3d:d7:a3:57:34:fa:f9:
29:1b:60:f5:f8:13:f6:e6:b6:bf:4b:f0:88:85:e2:
9b:a2:b7:1d:e3:ce:b4:45:eb:c8:03:63:1c:ef:a0:
fe:26:6b:3e:fa:a0:08:f3:a8:f3:1d:ff:d0:09:5e:
82:92:c6:5f:e5:27:57:27:3d:b6:d0:2a:87:1f:0d:
bc:0f:58:64:e9:3b:c1:92:26:63:ef:af:be:18:9a:
19:37:b0:ce:dd:f4:0e:7a:0a:7b:70:0c:2c:9a:db:
d3:65:aa:05:39:0f:2f:96:a6:ef:a5:94:d6:ca:63:
82:ad:68:37:1c:21:ba:4c:5a:1a:48:8d:f2:11:75:
60:78:f7:71:ca:49:6d:3b:a0:28:e1:dc:34:a0:17:
f0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:10:43:E2:8C:E6:53:64:9D:2E:C7:62:0D:C8:CA:08:CF:C6:AA:84
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:28:b2:74:cb:c3:59:89:fc:aa:e1:0a:0d:fd:67:76:84:51:
b9:76:24:23:da:2e:78:fb:df:7b:b4:8c:f2:25:e1:6b:b9:74:
3f:a0:ba:be:2c:4b:92:0f:70:4e:c6:61:00:e5:79:98:17:e2:
9c:34:94:12:e1:f5:9f:f1:c7:b2:98:55:c5:e8:20:00:8b:48:
ea:b8:a4:7d:1e:69:b5:a0:44:91:68:1f:47:3a:74:c2:f4:ad:
ce:91:dd:61:69:81:26:0b:0e:6e:6a:05:66:43:64:7a:a0:07:
33:79:42:41:e9:89:bd:64:86:d1:38:0e:82:3a:99:9f:48:9f:
9f:56:f6:78:40:b4:77:e6:51:c1:37:d3:47:5f:c1:d5:6b:49:
f9:29:d6:34:eb:05:45:b8:20:77:ce:ba:df:63:c9:50:82:a4:
b7:a2:ad:a3:5f:cb:d9:0d:8b:37:9c:ea:c3:8d:53:01:e3:41:
80:d8:74:94:fc:b0:b8:6f:40:9c:c6:f3:dc:94:19:03:f2:be:
54:b4:f8:c4:dc:44:77:79:59:5e:70:6c:1c:a8:36:62:d8:8c:
b3:0e:30:e3:d6:ea:0d:e9:81:3b:a0:48:f8:88:9c:e1:e1:3e:
a3:43:82:dc:ec:74:36:70:94:2d:7f:db:46:8a:47:ee:85:57:
95:36:75:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040twwBlKx/t5E+XJylBZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjYwMzI5MDkwMDM2WhcNMjYwMzMwMDkwMDM2WjAzMTEwLwYDVQQD
EyhkMDEwNDNlMjhjZTY1MzY0OWQyZWM3NjIwZGM4Y2EwOGNmYzZhYTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uSSrZpc5IwO5cVIl1vnmYuqda/U
02dWQ4yBtmp3REzR4NYGhpj4mdoKt9eEZDvodJDKvhqHd/EDpfX/1f9tcDOMgcjR
/voUwdbhnnFOoLVYNY5JEJsN/rSc3b9y3qaev7NlE87hyPGuzOeFc82knT3Xo1c0
+vkpG2D1+BP25ra/S/CIheKborcd4860RevIA2Mc76D+Jms++qAI86jzHf/QCV6C
ksZf5SdXJz220CqHHw28D1hk6TvBkiZj76++GJoZN7DO3fQOegp7cAwsmtvTZaoF
OQ8vlqbvpZTWymOCrWg3HCG6TFoaSI3yEXVgePdxykltO6Ao4dw0oBfwswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNAQQ+KM5lNknS7HYg3IygjPxqqEMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiiydMvD
WYn8quEKDf1ndoRRuXYkI9ouePvfe7SM8iXha7l0P6C6vixLkg9wTsZhAOV5mBfi
nDSUEuH1n/HHsphVxeggAItI6rikfR5ptaBEkWgfRzp0wvStzpHdYWmBJgsObmoF
ZkNkeqAHM3lCQemJvWSG0TgOgjqZn0ifn1b2eEC0d+ZRwTfTR1/B1WtJ+SnWNOsF
Rbggd86632PJUIKkt6Kto1/L2Q2LN5zqw41TAeNBgNh0lPywuG9AnMbz3JQZA/K+
VLT4xNxEd3lZXnBsHKg2YtiMsw4w49bqDemBO6BI+Iic4eE+o0OC3Ox0NnCULX/b
RopH7oVXlTZ1JA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:29:23 2026 by rpki-client