Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
File: ZCOaUQhPGytcaEZDysFGIXx5-NE.mft (raw, json)
Hash identifier: hUANctSGiDUC9XdIYr3DyKJDvrD6sg8Z4aHGU91xmRs=
Subject key identifier: DA:D0:C1:19:8C:48:E9:0D:6E:5C:12:0F:53:97:AF:C0:42:89:C1:70
Authority key identifier: 64:23:9A:51:08:4F:1B:2B:5C:68:46:43:CA:C1:46:21:7C:79:F8:D1
Certificate issuer: /CN=64239a51084f1b2b5c684643cac146217c79f8d1
Certificate serial: 019D39777DC26B09C6A643D24032BA0429EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
Manifest number: 0BCB
Signing time: Sun 29 Mar 2026 12:00:25 +0000
Manifest this update: Sun 29 Mar 2026 12:00:25 +0000
Manifest next update: Mon 30 Mar 2026 12:00:25 +0000
Files and hashes: 1: 4ImyGgFKvZr9G9AC8qgE9m3Cntc.roa (hash: YciKFVkaY1et6p1gervIPcpyQE7yFFy/esyiuxYNcNY=)
2: ZCOaUQhPGytcaEZDysFGIXx5-NE.crl (hash: uA1fJuwImaakAUQCZVbAPiCdDG3lc7i2+xEOU3+1ds0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:7d:c2:6b:09:c6:a6:43:d2:40:32:ba:04:29:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64239a51084f1b2b5c684643cac146217c79f8d1
Validity
Not Before: Mar 29 12:00:25 2026 GMT
Not After : Mar 30 12:00:25 2026 GMT
Subject: CN=dad0c1198c48e90d6e5c120f5397afc04289c170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:73:10:ed:d8:ee:2d:c7:d8:44:21:7e:ee:a8:
b7:1e:f0:78:61:25:64:dc:2f:51:d6:3c:0c:f9:8d:
96:5a:38:cb:fc:6a:8a:1e:78:35:1e:95:87:7c:dd:
37:9e:b8:bc:eb:3c:07:44:9e:2f:06:74:b7:99:97:
31:50:2c:07:55:16:39:8f:3f:92:64:f6:e3:81:c7:
1e:62:b7:af:7f:a4:68:05:5a:f3:cc:3c:7f:c5:8e:
12:aa:10:2c:ba:0a:e8:45:42:87:cd:b6:0b:c4:00:
e8:ae:ff:93:c5:d4:5e:77:75:93:30:c5:5f:32:0b:
d9:65:e7:ad:78:e9:2f:3d:a5:ab:78:fb:84:6c:18:
fd:be:73:22:56:f5:fb:4d:73:ee:e1:6a:53:e9:7a:
b1:3b:02:5d:d9:f2:be:96:7e:c4:f2:89:3e:5e:50:
3d:3b:8d:46:45:72:22:db:40:7c:9f:18:db:53:8b:
b0:7d:1d:7b:63:7b:b2:22:c0:43:6d:0c:0f:09:9f:
a4:59:1b:1e:fb:72:25:1e:af:ec:fc:fe:9f:85:f9:
37:0c:32:d0:0a:17:c8:a8:f9:99:75:92:04:07:75:
ef:ef:6e:c9:32:c3:f7:c1:9e:3a:14:32:e1:86:f4:
5b:a2:3f:ea:9d:5e:4a:dd:82:1b:84:7d:e2:82:e0:
78:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:D0:C1:19:8C:48:E9:0D:6E:5C:12:0F:53:97:AF:C0:42:89:C1:70
X509v3 Authority Key Identifier:
keyid:64:23:9A:51:08:4F:1B:2B:5C:68:46:43:CA:C1:46:21:7C:79:F8:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
85:03:4f:c7:08:8b:24:f6:98:1d:2d:7a:31:58:2f:45:eb:80:
9c:31:de:07:26:c0:08:03:fa:77:06:a4:f4:6d:6e:2c:b4:96:
a3:22:a6:d8:d2:6e:b6:cc:11:1e:5d:28:eb:2e:c0:a0:97:c0:
e5:13:60:54:83:0b:cd:67:ea:9b:89:93:fa:64:33:21:31:e1:
4f:31:53:a7:e6:a9:73:7e:4f:80:02:83:e0:f0:3f:bc:15:54:
f3:31:36:24:26:15:63:05:10:a6:cd:ca:02:c9:d3:e3:c7:e7:
e2:40:fb:cb:7d:0a:46:cf:49:f7:97:f9:79:95:69:93:5a:b3:
a3:dd:a4:a9:b4:18:09:2b:cb:5a:42:41:dc:f7:4e:f7:8f:b0:
69:e0:3d:a1:31:88:62:8a:50:80:c0:9d:1e:0c:39:c4:66:71:
08:75:0a:9b:a5:26:f9:bf:17:c6:07:ba:bd:2e:ce:1d:35:cf:
48:30:a2:a2:2d:70:09:0e:cc:f3:a6:d6:30:68:a8:f2:18:59:
4f:b3:bd:6c:86:6a:f6:c6:87:0d:e9:e6:dd:23:cc:24:4a:1b:
7b:0d:bb:e4:3b:48:0f:c4:8b:d6:45:b8:1f:6e:e0:4e:f5:1e:
c8:4f:66:e3:0b:e8:47:27:59:86:d4:b2:12:d6:28:8d:dc:70:
5d:3a:31:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d33CawnGpkPSQDK6BCnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MjM5YTUxMDg0ZjFiMmI1YzY4NDY0M2NhYzE0NjIxN2M3
OWY4ZDEwHhcNMjYwMzI5MTIwMDI1WhcNMjYwMzMwMTIwMDI1WjAzMTEwLwYDVQQD
EyhkYWQwYzExOThjNDhlOTBkNmU1YzEyMGY1Mzk3YWZjMDQyODljMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonMQ7djuLcfYRCF+7qi3HvB4YSVk
3C9R1jwM+Y2WWjjL/GqKHng1HpWHfN03nri86zwHRJ4vBnS3mZcxUCwHVRY5jz+S
ZPbjgcceYrevf6RoBVrzzDx/xY4SqhAsugroRUKHzbYLxADorv+TxdRed3WTMMVf
MgvZZeeteOkvPaWrePuEbBj9vnMiVvX7TXPu4WpT6XqxOwJd2fK+ln7E8ok+XlA9
O41GRXIi20B8nxjbU4uwfR17Y3uyIsBDbQwPCZ+kWRse+3IlHq/s/P6fhfk3DDLQ
ChfIqPmZdZIEB3Xv727JMsP3wZ46FDLhhvRboj/qnV5K3YIbhH3iguB4lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNrQwRmMSOkNblwSD1OXr8BCicFwMB8GA1UdIwQY
MBaAFGQjmlEITxsrXGhGQ8rBRiF8efjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zMWRjMTAtNTY2My00NTU1LWE4MDYt
NGU5MzA1Y2FmMWEzLzEvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zMWRjMTAtNTY2My00NTU1LWE4MDYtNGU5MzA1Y2FmMWEz
LzEvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhQNPxwiL
JPaYHS16MVgvReuAnDHeBybACAP6dwak9G1uLLSWoyKm2NJutswRHl0o6y7AoJfA
5RNgVIMLzWfqm4mT+mQzITHhTzFTp+apc35PgAKD4PA/vBVU8zE2JCYVYwUQps3K
AsnT48fn4kD7y30KRs9J95f5eZVpk1qzo92kqbQYCSvLWkJB3PdO94+waeA9oTGI
YopQgMCdHgw5xGZxCHUKm6Um+b8Xxge6vS7OHTXPSDCioi1wCQ7M86bWMGio8hhZ
T7O9bIZq9saHDenm3SPMJEobew275DtID8SL1kW4H27gTvUeyE9m4wvoRydZhtSy
EtYojdxwXToxXg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 16:59:00 2026 by rpki-client