Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft
File: Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft (raw, json)
Hash identifier: PposXns2sB16/VRc8tBLpcdqmDGgD8O7PbXuWlViKjQ=
Subject key identifier: A1:63:DA:93:3C:49:CC:B8:54:C5:62:CE:7E:C9:E1:42:73:A9:BE:3F
Authority key identifier: 67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2
Certificate issuer: /CN=670ec53068393d90db601ec295e42908525e10c2
Certificate serial: 019DCE629D9F242FB8BD89F8CA45E60960B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft
Manifest number: 0FC7
Signing time: Mon 27 Apr 2026 10:01:02 +0000
Manifest this update: Mon 27 Apr 2026 10:01:02 +0000
Manifest next update: Tue 28 Apr 2026 10:01:02 +0000
Files and hashes: 1: Nh6TGiZWo0EOxhMqHLoTd_RYjgw.roa (hash: jvTmWCCcSLAGtI/9GquGJ7vRIPsivGfTGeyKsvphVGk=)
2: Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl (hash: sulJUJulHrIL39uefvwbAu1CuVSWi21FAWOBaGt6gYI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 10:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ce:62:9d:9f:24:2f:b8:bd:89:f8:ca:45:e6:09:60:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=670ec53068393d90db601ec295e42908525e10c2
Validity
Not Before: Apr 27 10:01:02 2026 GMT
Not After : Apr 28 10:01:02 2026 GMT
Subject: CN=a163da933c49ccb854c562ce7ec9e14273a9be3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:a8:2d:aa:63:88:27:22:1e:82:fa:9d:fa:
50:90:e0:f0:59:2c:43:d2:bd:37:c7:81:30:f0:39:
2e:cc:bf:95:49:a7:c8:00:e5:8f:85:a4:e9:83:b6:
39:fa:b0:fd:46:be:78:46:8f:f8:ad:62:c2:2b:44:
69:a4:1e:a2:c4:9a:4d:2a:d4:45:de:4e:99:64:fc:
49:ac:83:e7:d5:3d:e8:39:7f:55:b8:d3:c3:ae:08:
4f:7f:2c:f6:88:c5:45:cc:43:0b:3d:2a:0c:a5:51:
17:62:96:7f:b1:f7:93:97:fb:6d:72:5b:22:1a:c0:
5a:d7:e7:76:82:dd:17:79:8d:4d:b3:aa:ad:a1:ce:
50:89:64:c1:f2:33:2b:54:1f:d4:95:37:1f:14:6f:
43:da:31:ee:34:b8:11:0e:8f:ea:b3:b4:42:1a:41:
db:f6:a9:36:0e:b6:01:5b:43:74:f9:a8:92:17:78:
9e:a4:14:e6:27:d5:70:01:85:72:44:3c:1f:78:3f:
9e:ce:db:a9:f2:90:df:25:0a:89:d8:76:de:3c:da:
7f:76:a1:82:db:02:15:8d:cd:cd:60:a5:b6:b1:06:
c6:bb:e9:8e:30:d3:74:c6:55:3e:78:91:ea:fb:bf:
eb:27:26:c4:aa:c6:9e:84:73:c9:34:de:5a:88:65:
a8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:63:DA:93:3C:49:CC:B8:54:C5:62:CE:7E:C9:E1:42:73:A9:BE:3F
X509v3 Authority Key Identifier:
keyid:67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:3d:17:35:f4:59:5c:66:9d:f6:a9:d9:e9:ab:48:1b:20:56:
db:ad:94:0e:c5:e3:65:9a:8b:b1:eb:b6:91:fd:b9:ca:76:3b:
dc:5b:3a:7a:69:ca:0b:24:3f:66:f9:be:1d:5b:75:77:47:1f:
cd:85:d5:62:c7:dd:67:8b:9a:75:f9:cb:b3:6c:c0:fc:e9:2c:
b9:6e:b0:a3:b9:fe:7c:06:e2:0d:4b:ff:82:22:f9:08:19:51:
3f:64:cb:59:b4:59:ab:5b:3e:bc:c4:81:5b:06:16:58:12:8d:
62:55:92:ae:83:0f:0b:01:cb:4d:63:c0:6d:8f:a9:05:99:f1:
30:e5:21:ed:77:07:f5:97:9d:6b:21:4e:0c:f3:19:c0:90:92:
b7:43:1d:ce:17:a0:a7:f1:2b:e2:b6:5e:7f:cd:b0:9a:69:12:
6d:52:f3:d0:57:5c:d2:cc:59:92:74:aa:e8:f0:ce:8e:e5:8d:
b9:b4:99:cf:df:19:aa:28:63:e1:d7:32:7f:b0:d9:97:c4:4e:
a9:f6:79:ce:ea:39:21:f0:87:0e:43:28:1b:df:f0:e4:03:89:
af:d0:ac:2e:14:44:84:cd:66:1e:2d:33:f1:d2:ee:f8:e5:92:
9f:89:f1:43:96:44:c5:12:83:7f:3f:5e:b0:30:7c:9e:13:04:
43:0e:1b:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ3OYp2fJC+4vYn4ykXmCWCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3MGVjNTMwNjgzOTNkOTBkYjYwMWVjMjk1ZTQyOTA4NTI1
ZTEwYzIwHhcNMjYwNDI3MTAwMTAyWhcNMjYwNDI4MTAwMTAyWjAzMTEwLwYDVQQD
EyhhMTYzZGE5MzNjNDljY2I4NTRjNTYyY2U3ZWM5ZTE0MjczYTliZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleioLapjiCciHoL6nfpQkODwWSxD
0r03x4Ew8DkuzL+VSafIAOWPhaTpg7Y5+rD9Rr54Ro/4rWLCK0RppB6ixJpNKtRF
3k6ZZPxJrIPn1T3oOX9VuNPDrghPfyz2iMVFzEMLPSoMpVEXYpZ/sfeTl/ttclsi
GsBa1+d2gt0XeY1Ns6qtoc5QiWTB8jMrVB/UlTcfFG9D2jHuNLgRDo/qs7RCGkHb
9qk2DrYBW0N0+aiSF3iepBTmJ9VwAYVyRDwfeD+eztup8pDfJQqJ2HbePNp/dqGC
2wIVjc3NYKW2sQbGu+mOMNN0xlU+eJHq+7/rJybEqsaehHPJNN5aiGWoGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKFj2pM8Scy4VMVizn7J4UJzqb4/MB8GA1UdIwQY
MBaAFGcOxTBoOT2Q22AewpXkKQhSXhDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEt
NzNkMjE4YTQ5MDNlLzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEtNzNkMjE4YTQ5MDNl
LzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeD0XNfRZ
XGad9qnZ6atIGyBW262UDsXjZZqLseu2kf25ynY73Fs6emnKCyQ/Zvm+HVt1d0cf
zYXVYsfdZ4uadfnLs2zA/OksuW6wo7n+fAbiDUv/giL5CBlRP2TLWbRZq1s+vMSB
WwYWWBKNYlWSroMPCwHLTWPAbY+pBZnxMOUh7XcH9ZedayFODPMZwJCSt0Mdzheg
p/Er4rZef82wmmkSbVLz0Fdc0sxZknSq6PDOjuWNubSZz98Zqihj4dcyf7DZl8RO
qfZ5zuo5IfCHDkMoG9/w5AOJr9CsLhREhM1mHi0z8dLu+OWSn4nxQ5ZExRKDfz9e
sDB8nhMEQw4bqw==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:07:04 2026 by rpki-client