Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/ecaeb3-f42f-4bac-a49e-242ffdaa2670/1/zX7ksDJ5ljBM8YoSjiZVeAyda5s.mft
File: zX7ksDJ5ljBM8YoSjiZVeAyda5s.mft (raw, json)
Hash identifier: sUZ7+iDokUb/Fx/GIV6U368O/ZoA86ADHy2tj83Mx5M=
Subject key identifier: 3B:4B:FC:4A:64:CF:5E:FE:56:61:50:25:D6:50:D4:72:40:A0:F4:C5
Authority key identifier: CD:7E:E4:B0:32:79:96:30:4C:F1:8A:12:8E:26:55:78:0C:9D:6B:9B
Certificate issuer: /CN=cd7ee4b0327996304cf18a128e2655780c9d6b9b
Certificate serial: 019D382E331B1B717D7B3FD9A44DAEA08C1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zX7ksDJ5ljBM8YoSjiZVeAyda5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/ecaeb3-f42f-4bac-a49e-242ffdaa2670/1/zX7ksDJ5ljBM8YoSjiZVeAyda5s.mft
Manifest number: 0E2B
Signing time: Sun 29 Mar 2026 06:00:44 +0000
Manifest this update: Sun 29 Mar 2026 06:00:44 +0000
Manifest next update: Mon 30 Mar 2026 06:00:44 +0000
Files and hashes: 1: Q8ZJJ74q6bMVlfcvJJudps61QXo.roa (hash: 3ZMgLTga1etNt6/GjM7UgVlhZAFMLoY4B0xB96tmQlk=)
2: zX7ksDJ5ljBM8YoSjiZVeAyda5s.crl (hash: NFyZg2TrlTG0P9qqf7kZ74CqgG9huV6uCLk8jhW6zgo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/ecaeb3-f42f-4bac-a49e-242ffdaa2670/1/zX7ksDJ5ljBM8YoSjiZVeAyda5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/ecaeb3-f42f-4bac-a49e-242ffdaa2670/1/zX7ksDJ5ljBM8YoSjiZVeAyda5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/zX7ksDJ5ljBM8YoSjiZVeAyda5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:2e:33:1b:1b:71:7d:7b:3f:d9:a4:4d:ae:a0:8c:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd7ee4b0327996304cf18a128e2655780c9d6b9b
Validity
Not Before: Mar 29 06:00:44 2026 GMT
Not After : Mar 30 06:00:44 2026 GMT
Subject: CN=3b4bfc4a64cf5efe56615025d650d47240a0f4c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a8:c0:18:99:b0:0b:46:72:fd:82:d1:8b:b6:
2d:2e:24:cc:d0:da:9f:1a:76:e3:eb:18:7a:16:90:
41:a7:10:4e:3f:e3:81:b9:05:26:f2:43:0c:f2:32:
1e:ca:ad:c6:03:be:0e:af:b6:09:68:0e:12:5a:72:
11:58:9e:5c:d6:4a:73:04:8b:f4:9e:e1:8d:c2:53:
5d:30:15:77:12:cb:85:da:61:bf:69:eb:83:f6:c2:
36:cf:a8:f3:e2:4d:42:d9:76:11:ad:68:ee:2c:8a:
b6:60:31:6a:59:a4:8e:11:b9:79:5a:f4:cb:72:ef:
31:fa:2d:b6:61:fb:26:3f:6e:20:4c:21:4f:3a:f5:
be:84:d2:7d:28:da:28:c5:cb:a7:e6:27:3e:0c:2c:
1d:dc:04:ee:2c:80:90:d4:45:71:a5:ec:1c:e4:4d:
32:ec:f0:f8:ba:66:0b:db:fc:3a:c5:56:35:f2:46:
db:b8:f1:87:a7:3b:f4:46:61:44:45:81:50:f5:f5:
00:18:2c:12:bc:c2:6c:ae:9b:aa:fc:6a:b5:9a:9d:
e0:cf:39:b2:36:8c:52:8f:7d:2b:3e:2d:ee:3d:bf:
3b:32:51:ac:c1:2e:eb:2e:fe:27:2e:af:a6:3b:fc:
93:81:36:a1:8b:cc:9b:fc:94:a0:c4:64:37:9d:ee:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4B:FC:4A:64:CF:5E:FE:56:61:50:25:D6:50:D4:72:40:A0:F4:C5
X509v3 Authority Key Identifier:
keyid:CD:7E:E4:B0:32:79:96:30:4C:F1:8A:12:8E:26:55:78:0C:9D:6B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zX7ksDJ5ljBM8YoSjiZVeAyda5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ecaeb3-f42f-4bac-a49e-242ffdaa2670/1/zX7ksDJ5ljBM8YoSjiZVeAyda5s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/ecaeb3-f42f-4bac-a49e-242ffdaa2670/1/zX7ksDJ5ljBM8YoSjiZVeAyda5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:61:76:47:a9:9f:5e:c0:0b:ec:42:8e:f4:40:17:4e:71:66:
79:b4:a3:db:28:0e:0a:7f:76:67:f6:9d:76:f7:f7:c4:61:86:
1d:24:e3:0e:7b:df:e0:82:b9:5a:0d:8c:be:e5:9c:8f:2a:39:
fb:2b:3c:65:4c:41:42:4d:6a:8f:d7:e1:d0:b7:58:20:91:c0:
24:d8:3b:06:e8:82:7d:8d:00:2e:17:e7:de:8b:d6:92:9a:23:
6f:6b:18:2a:c9:5b:38:5a:77:05:1f:4a:de:fc:33:1f:78:5a:
a0:62:12:34:28:6c:99:43:8b:86:cc:3e:fb:65:08:e1:3b:1c:
34:c7:32:b4:8f:fe:ea:91:c4:b4:14:08:21:a0:4d:e2:f2:6d:
e1:68:63:c1:15:27:f2:02:8d:58:3a:44:fe:11:6e:de:d0:9f:
82:6a:61:c6:16:fc:76:5e:25:4a:80:78:73:9b:9d:bc:25:e2:
63:e5:69:d5:a8:4e:a3:58:f2:8c:27:8e:3d:05:b1:17:ee:88:
ba:82:90:a5:f9:59:a3:ea:56:ae:4a:ae:25:d2:2a:ec:2f:ac:
28:44:5a:72:a7:c3:6e:6e:cc:56:0d:69:28:15:36:a1:75:f8:
48:c3:5d:96:fa:b1:b9:36:fe:82:f4:a3:6e:ef:62:4e:31:8f:
80:8e:b7:be
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04LjMbG3F9ez/ZpE2uoIwdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkN2VlNGIwMzI3OTk2MzA0Y2YxOGExMjhlMjY1NTc4MGM5
ZDZiOWIwHhcNMjYwMzI5MDYwMDQ0WhcNMjYwMzMwMDYwMDQ0WjAzMTEwLwYDVQQD
EygzYjRiZmM0YTY0Y2Y1ZWZlNTY2MTUwMjVkNjUwZDQ3MjQwYTBmNGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqjAGJmwC0Zy/YLRi7YtLiTM0Nqf
Gnbj6xh6FpBBpxBOP+OBuQUm8kMM8jIeyq3GA74Or7YJaA4SWnIRWJ5c1kpzBIv0
nuGNwlNdMBV3EsuF2mG/aeuD9sI2z6jz4k1C2XYRrWjuLIq2YDFqWaSOEbl5WvTL
cu8x+i22YfsmP24gTCFPOvW+hNJ9KNooxcun5ic+DCwd3ATuLICQ1EVxpewc5E0y
7PD4umYL2/w6xVY18kbbuPGHpzv0RmFERYFQ9fUAGCwSvMJsrpuq/Gq1mp3gzzmy
NoxSj30rPi3uPb87MlGswS7rLv4nLq+mO/yTgTahi8yb/JSgxGQ3ne6+GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDtL/Epkz17+VmFQJdZQ1HJAoPTFMB8GA1UdIwQY
MBaAFM1+5LAyeZYwTPGKEo4mVXgMnWubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelg3a3NESjVsakJNOFlvU2ppWlZlQXlkYTVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lY2FlYjMtZjQyZi00YmFjLWE0OWUt
MjQyZmZkYWEyNjcwLzEvelg3a3NESjVsakJNOFlvU2ppWlZlQXlkYTVzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lY2FlYjMtZjQyZi00YmFjLWE0OWUtMjQyZmZkYWEyNjcw
LzEvelg3a3NESjVsakJNOFlvU2ppWlZlQXlkYTVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2F2R6mf
XsAL7EKO9EAXTnFmebSj2ygOCn92Z/addvf3xGGGHSTjDnvf4IK5Wg2MvuWcjyo5
+ys8ZUxBQk1qj9fh0LdYIJHAJNg7BuiCfY0ALhfn3ovWkpojb2sYKslbOFp3BR9K
3vwzH3haoGISNChsmUOLhsw++2UI4TscNMcytI/+6pHEtBQIIaBN4vJt4WhjwRUn
8gKNWDpE/hFu3tCfgmphxhb8dl4lSoB4c5udvCXiY+Vp1ahOo1jyjCeOPQWxF+6I
uoKQpflZo+pWrkquJdIq7C+sKERacqfDbm7MVg1pKBU2oXX4SMNdlvqxuTb+gvSj
bu9iTjGPgI63vg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:56:15 2026 by rpki-client