Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
File: zahD6BKxbexgu3CYykEzEX24R00.mft (raw, json)
Hash identifier: 4phYBm+IIZ6iUcDfcsz7waF1MyScWbWmuRDeYNgyjM4=
Subject key identifier: 3B:EB:C7:AA:40:75:CA:E7:80:EB:96:52:12:CF:61:81:B0:67:DA:9F
Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
Certificate issuer: /CN=cda843e812b16dec60bb7098ca4133117db8474d
Certificate serial: 019CBE83F0CEC9E6684E614CF6378BA074D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
Manifest number: 1851
Signing time: Thu 05 Mar 2026 15:00:43 +0000
Manifest this update: Thu 05 Mar 2026 15:00:43 +0000
Manifest next update: Fri 06 Mar 2026 15:00:43 +0000
Files and hashes: 1: xAJAqKl5Srwo2ARzZhLG6xPoMEY.roa (hash: zXin4xfG6I9ng2fyOSNQGYSR3toHXgB+MkkZOtI6MnY=)
2: zahD6BKxbexgu3CYykEzEX24R00.crl (hash: 8vNcgOusZ9KJigU8iS3dqGwAomkeG3gBTRMRUMtUK90=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 15:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:83:f0:ce:c9:e6:68:4e:61:4c:f6:37:8b:a0:74:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d
Validity
Not Before: Mar 5 15:00:43 2026 GMT
Not After : Mar 6 15:00:43 2026 GMT
Subject: CN=3bebc7aa4075cae780eb965212cf6181b067da9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a1:e5:df:33:8f:ed:e2:40:3f:af:54:07:f0:
a9:8b:52:cc:eb:b6:a5:24:8c:a8:74:1a:90:86:59:
4f:29:11:65:dc:9a:50:ef:f8:39:fd:47:db:cf:75:
81:52:4e:68:60:ae:24:1b:51:11:20:88:67:b8:ea:
7e:14:47:23:cf:1b:c9:5a:e7:5c:1d:47:d4:f4:25:
d6:6f:cf:34:fd:50:93:b8:a0:bb:f7:c5:b6:8d:6a:
d1:64:41:3c:30:6c:5e:4e:18:f2:ac:04:8a:6b:dd:
74:71:0a:45:ee:aa:73:78:24:47:a9:8d:07:1d:db:
13:1b:4a:50:89:86:e0:57:94:6f:7d:fe:1c:b8:74:
4c:15:4b:75:ba:b4:d5:91:9c:72:20:7f:ce:76:c6:
a8:e1:a8:0c:50:80:a1:55:27:fe:63:d4:03:a8:d9:
41:a4:48:8a:bd:7c:27:a2:d8:8b:41:a9:24:11:b8:
50:5d:04:48:4b:da:6d:7a:31:b8:9c:c8:c4:5b:20:
d7:65:a8:a4:c3:b3:6d:3e:1a:c5:eb:f3:ad:9d:d5:
0e:76:d9:94:1c:da:31:56:c4:19:4d:a4:85:2b:ec:
b4:09:6b:c7:ee:06:ff:25:78:3f:55:53:6e:02:0a:
89:4a:30:3a:3b:aa:fb:85:67:45:3e:95:3b:9c:d8:
bc:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EB:C7:AA:40:75:CA:E7:80:EB:96:52:12:CF:61:81:B0:67:DA:9F
X509v3 Authority Key Identifier:
keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:cb:76:f3:26:28:a9:a9:38:99:62:d5:dd:22:1e:c4:96:ea:
cc:76:8e:9b:04:06:b7:c1:0e:bc:ae:b0:37:f0:e5:1f:2c:33:
ce:80:0c:58:39:82:94:bd:b4:30:6b:8b:53:07:3c:0e:00:eb:
a6:71:35:90:9b:4c:b8:8d:22:67:2f:26:03:e6:3c:c8:f2:7e:
6a:ca:1f:15:6a:08:c6:39:b1:1f:3b:0b:c3:a9:25:de:ab:da:
49:bc:30:97:fb:1a:76:0c:81:28:dc:73:2d:1f:43:93:94:96:
4b:51:a2:f0:31:d2:76:10:52:2e:c9:65:e8:7b:12:9c:7e:7e:
be:5b:14:f0:cd:b2:c2:da:78:57:2b:41:7e:83:d5:ce:5b:6d:
7e:f1:cf:16:af:cb:fb:35:f3:e4:fc:d5:b0:97:63:d6:56:34:
dd:b3:d2:29:be:05:17:f0:28:34:d6:78:95:6e:b4:fd:ac:e9:
85:e4:23:5a:df:d4:0b:da:7f:30:76:2e:85:d4:6e:e6:16:99:
8d:50:e5:e2:89:fe:b1:91:cd:c4:3e:63:00:78:d7:91:1e:36:
8c:15:95:3b:80:d8:00:c8:60:15:db:ea:2a:b3:91:49:73:7e:
2f:c0:f9:cf:5b:5a:bb:bb:4c:9a:b5:e4:f8:c5:eb:b0:69:01:
9c:31:db:0a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZy+g/DOyeZoTmFM9jeLoHTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTg0M2U4MTJiMTZkZWM2MGJiNzA5OGNhNDEzMzExN2Ri
ODQ3NGQwHhcNMjYwMzA1MTUwMDQzWhcNMjYwMzA2MTUwMDQzWjAzMTEwLwYDVQQD
EygzYmViYzdhYTQwNzVjYWU3ODBlYjk2NTIxMmNmNjE4MWIwNjdkYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqHl3zOP7eJAP69UB/Cpi1LM67al
JIyodBqQhllPKRFl3JpQ7/g5/Ufbz3WBUk5oYK4kG1ERIIhnuOp+FEcjzxvJWudc
HUfU9CXWb880/VCTuKC798W2jWrRZEE8MGxeThjyrASKa910cQpF7qpzeCRHqY0H
HdsTG0pQiYbgV5Rvff4cuHRMFUt1urTVkZxyIH/Odsao4agMUIChVSf+Y9QDqNlB
pEiKvXwnotiLQakkEbhQXQRIS9ptejG4nMjEWyDXZaikw7NtPhrF6/OtndUOdtmU
HNoxVsQZTaSFK+y0CWvH7gb/JXg/VVNuAgqJSjA6O6r7hWdFPpU7nNi8qQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvrx6pAdcrngOuWUhLPYYGwZ9qfMB8GA1UdIwQY
MBaAFM2oQ+gSsW3sYLtwmMpBMxF9uEdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQt
ODQyMWQ3ODFiMDNiLzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQtODQyMWQ3ODFiMDNi
LzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8t28yYo
qak4mWLV3SIexJbqzHaOmwQGt8EOvK6wN/DlHywzzoAMWDmClL20MGuLUwc8DgDr
pnE1kJtMuI0iZy8mA+Y8yPJ+asofFWoIxjmxHzsLw6kl3qvaSbwwl/sadgyBKNxz
LR9Dk5SWS1Gi8DHSdhBSLsll6HsSnH5+vlsU8M2ywtp4VytBfoPVzlttfvHPFq/L
+zXz5PzVsJdj1lY03bPSKb4FF/AoNNZ4lW60/azpheQjWt/UC9p/MHYuhdRu5haZ
jVDl4on+sZHNxD5jAHjXkR42jBWVO4DYAMhgFdvqKrORSXN+L8D5z1tau7tMmrXk
+MXrsGkBnDHbCg==
-----END CERTIFICATE-----
Generated at Thu Mar 5 23:59:44 2026 by rpki-client