Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
File: 8zk0PMbVHduONjgpmhu0lfRYCSE.mft (raw, json)
Hash identifier: J7DiWAdE1jk8yhuwaNDKqfI0rWMjVkNNTe7A3cjd0aw=
Subject key identifier: 8D:61:B0:B7:1B:4E:BF:DC:F2:84:06:C1:70:F0:93:A2:E2:BD:B1:0B
Authority key identifier: F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
Certificate issuer: /CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Certificate serial: 019CE66D5279CDADC7130BAC88C874E31C22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
Manifest number: 1864
Signing time: Fri 13 Mar 2026 09:00:50 +0000
Manifest this update: Fri 13 Mar 2026 09:00:50 +0000
Manifest next update: Sat 14 Mar 2026 09:00:50 +0000
Files and hashes: 1: 3ZbP8D4oyhCe4u5mlugxkhUP_G4.roa (hash: mYQ4ggMgVLrFbz01ZBuOhgHTwYfwTmz0/Kv0k+37TBo=)
2: 8zk0PMbVHduONjgpmhu0lfRYCSE.crl (hash: sm6uo6cQcxZ0F8JAoH6oCez5oHG7LX9AsadyKSAFqDo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e6:6d:52:79:cd:ad:c7:13:0b:ac:88:c8:74:e3:1c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Validity
Not Before: Mar 13 09:00:50 2026 GMT
Not After : Mar 14 09:00:50 2026 GMT
Subject: CN=8d61b0b71b4ebfdcf28406c170f093a2e2bdb10b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5e:dc:19:3d:b5:5b:03:2b:06:17:41:f5:ce:
e6:bd:02:66:cf:40:79:98:25:e8:9d:5a:ef:08:61:
03:63:ad:d6:bd:4a:e0:25:2e:55:62:91:ca:89:ac:
ae:c2:f1:e3:03:a5:a4:7c:1b:ef:1a:73:65:c9:07:
82:b2:c5:d4:68:ce:a5:7f:56:ff:07:39:84:ca:8c:
d7:27:7b:28:be:3c:61:74:9d:b9:4f:82:16:91:c0:
99:d3:0e:2a:4e:12:dc:12:c7:68:65:87:f5:11:bb:
5e:ba:6c:db:33:50:a3:67:f8:f7:16:e8:bd:25:72:
a8:ea:30:09:d6:18:fa:2d:bf:c0:28:4f:18:28:05:
ad:68:03:63:af:b8:83:cd:76:ce:f3:90:01:66:eb:
3c:f9:db:c5:68:aa:c5:bb:15:df:ed:fa:6f:98:dd:
a9:6e:c6:33:69:e3:23:44:62:31:cb:35:09:72:11:
39:fe:0c:52:44:94:49:9b:ca:ee:59:63:2a:0c:8e:
8b:44:3e:30:0d:58:a4:e7:9b:d2:f0:6c:d0:ab:b8:
67:d5:b0:0e:5a:4c:f2:3c:dd:93:73:12:64:ae:25:
03:06:51:d8:5e:4e:ef:c5:76:76:06:80:fe:30:ea:
e9:5e:63:81:7f:3a:15:5b:dd:0c:55:91:12:96:24:
28:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:61:B0:B7:1B:4E:BF:DC:F2:84:06:C1:70:F0:93:A2:E2:BD:B1:0B
X509v3 Authority Key Identifier:
keyid:F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
23:04:7b:54:0f:c5:55:2d:c1:07:77:03:07:ae:9a:26:5c:43:
76:c0:1e:4d:a9:0f:18:15:75:0a:50:ba:ad:59:e8:7b:d1:66:
ab:42:69:8b:e7:9d:15:97:ec:c8:22:22:bf:3b:30:9b:e6:e8:
3d:a2:a0:3b:0b:56:58:d3:ce:28:2d:94:23:1e:a5:ac:f8:f1:
1c:5e:29:e6:67:27:04:f3:34:76:d0:8b:9c:a0:6d:ec:0f:ba:
55:36:79:df:8f:62:ab:aa:42:3a:25:70:f8:ba:43:ad:f3:2d:
25:ea:2a:6a:1d:c9:4d:e6:54:89:de:36:6f:9a:3e:70:20:59:
bb:93:72:0c:bb:a3:f0:0b:58:af:46:e8:35:10:1d:97:11:84:
dc:83:88:ef:5f:f6:32:02:44:ad:2e:83:9e:02:6f:65:33:d3:
ef:48:40:04:c0:96:61:e9:29:f5:e7:34:27:2f:d3:6b:ed:46:
4e:92:10:bd:72:d7:3a:fb:00:e9:ec:ae:1a:2e:dc:d1:30:3f:
d6:e3:53:f1:b9:1b:03:7d:f9:b0:6d:c4:ec:9f:46:e8:ee:d7:
16:8f:1c:dd:1b:43:77:38:74:d1:92:b4:95:8f:b4:95:94:97:
9a:65:0b:bd:86:79:36:06:3b:cb:02:b0:4c:37:d8:3b:fc:bc:
c1:42:97:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzmbVJ5za3HEwusiMh04xwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMzkzNDNjYzZkNTFkZGI4ZTM2MzgyOTlhMWJiNDk1ZjQ1
ODA5MjEwHhcNMjYwMzEzMDkwMDUwWhcNMjYwMzE0MDkwMDUwWjAzMTEwLwYDVQQD
Eyg4ZDYxYjBiNzFiNGViZmRjZjI4NDA2YzE3MGYwOTNhMmUyYmRiMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuF7cGT21WwMrBhdB9c7mvQJmz0B5
mCXonVrvCGEDY63WvUrgJS5VYpHKiayuwvHjA6WkfBvvGnNlyQeCssXUaM6lf1b/
BzmEyozXJ3sovjxhdJ25T4IWkcCZ0w4qThLcEsdoZYf1EbteumzbM1CjZ/j3Fui9
JXKo6jAJ1hj6Lb/AKE8YKAWtaANjr7iDzXbO85ABZus8+dvFaKrFuxXf7fpvmN2p
bsYzaeMjRGIxyzUJchE5/gxSRJRJm8ruWWMqDI6LRD4wDVik55vS8GzQq7hn1bAO
WkzyPN2TcxJkriUDBlHYXk7vxXZ2BoD+MOrpXmOBfzoVW90MVZESliQomQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1hsLcbTr/c8oQGwXDwk6LivbELMB8GA1UdIwQY
MBaAFPM5NDzG1R3bjjY4KZobtJX0WAkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDIt
Mzc3ZDI1YmU1OTRkLzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDItMzc3ZDI1YmU1OTRk
LzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIwR7VA/F
VS3BB3cDB66aJlxDdsAeTakPGBV1ClC6rVnoe9Fmq0Jpi+edFZfsyCIivzswm+bo
PaKgOwtWWNPOKC2UIx6lrPjxHF4p5mcnBPM0dtCLnKBt7A+6VTZ5349iq6pCOiVw
+LpDrfMtJeoqah3JTeZUid42b5o+cCBZu5NyDLuj8AtYr0boNRAdlxGE3IOI71/2
MgJErS6DngJvZTPT70hABMCWYekp9ec0Jy/Ta+1GTpIQvXLXOvsA6eyuGi7c0TA/
1uNT8bkbA335sG3E7J9G6O7XFo8c3RtDdzh00ZK0lY+0lZSXmmULvYZ5NgY7ywKw
TDfYO/y8wUKXLQ==
-----END CERTIFICATE-----
Generated at Fri Mar 13 11:57:19 2026 by rpki-client