Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
File: kziECSasc-rVthh5GeiPEAMimco.mft (raw, json)
Hash identifier: 0K2dCkV7Khnx4rY6bETT7fjvEVWMS2ML5NnrEirujWI=
Subject key identifier: 3B:82:F8:2C:0B:87:A1:48:28:72:60:18:3B:7C:AF:77:25:C5:FB:10
Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca
Certificate serial: 019CDFFE08DACB4775F35ACA85D93110522E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
Manifest number: 0157
Signing time: Thu 12 Mar 2026 03:01:33 +0000
Manifest this update: Thu 12 Mar 2026 03:01:33 +0000
Manifest next update: Fri 13 Mar 2026 03:01:33 +0000
Files and hashes: 1: 1-z0Y3fH_aErOAd2Nag5ZT3JcPH4.roa (hash: ajlsAWqEGjBF2s25AsAbzW/nKPdDq6JxNB0eWlyY3OU=)
2: 6lmykGrjWlxTI-Qm8cv1Wru-ZUM.roa (hash: 3/8y+29k2Z9zB5VeslI5T+W11/MyhEBGlF4ugyZh+nA=)
3: FcXUetsC0-6bv54Z1lmHoqKMdxM.roa (hash: dFkWAsnbwOvbQKILV1fPns+xMo4goiFme2jYhULRvHk=)
4: Y4x7zeztB7lrOx01OBJN1UiLyT0.roa (hash: gs7Dc5as7DJ7oLTov6hgPGgK6t+t5Pe4B5kRBUgM7WI=)
5: _SAMOxgv34T8ZP2BEt3dVFweldA.roa (hash: bU6RDLC/fFMgRKk4b1P2ryi1ytEL97qHkSA7liSJFY0=)
6: kziECSasc-rVthh5GeiPEAMimco.crl (hash: Sn6m6w/oyAVsbtxogNjcf/qI64jlGaYNiPIdkCfTh1c=)
7: nKQXbT6FciiHVvddJS0_5sOh1ms.asa (hash: 7BE1jfl/pKiooWczO/8pMkQZmIL4Zuvts1Z6qAFpwl4=)
8: nf63dpM5Md5RBRi4P-HwEK-eN_E.roa (hash: 9d7TgxCegK25CmqdbC1sGXI3mJJK7sBKT2RoRfBWFdw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:df:fe:08:da:cb:47:75:f3:5a:ca:85:d9:31:10:52:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca
Validity
Not Before: Mar 12 03:01:33 2026 GMT
Not After : Mar 13 03:01:33 2026 GMT
Subject: CN=3b82f82c0b87a148287260183b7caf7725c5fb10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e0:9a:ca:30:a4:0b:66:d0:a1:58:f4:e1:9f:
ea:c2:c0:bc:9a:3a:b5:77:7d:7b:c7:73:03:bf:71:
c6:71:10:7e:1f:88:75:69:83:b4:e8:d0:46:f5:18:
85:35:99:8e:55:18:fb:d4:c0:aa:e2:96:aa:4b:b3:
b0:35:64:82:a3:e4:92:0b:e6:cc:f5:5e:3c:cc:30:
58:be:e4:90:33:35:66:5c:a0:54:33:f5:1f:72:a1:
f4:1a:a0:e6:2e:72:5d:38:3a:78:de:47:0a:d2:ba:
36:b3:d8:39:ba:3d:88:81:c8:bf:a1:3f:ce:2f:2f:
f5:25:ea:00:dc:e0:3a:f9:12:82:32:60:9f:09:87:
ed:0d:07:c0:66:07:07:ca:24:bf:b0:3e:c7:9e:e2:
e7:63:5c:7b:e5:9b:92:a5:66:a1:cf:79:c8:00:0a:
a8:74:88:d5:19:2b:38:eb:c7:a3:3a:3d:75:58:2c:
4b:11:f4:4e:56:d5:c9:18:2b:5a:22:4d:ad:3c:27:
f1:d2:aa:bb:8c:b3:2d:14:17:e2:dc:e6:a8:f6:cf:
15:38:ef:6f:f8:74:79:69:6a:aa:52:41:a1:67:4c:
88:c9:c5:f7:21:8e:a7:d7:5b:a7:70:52:20:f5:e9:
d5:dd:b4:c5:4b:c8:81:95:6b:7a:03:15:16:9b:0c:
9e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:82:F8:2C:0B:87:A1:48:28:72:60:18:3B:7C:AF:77:25:C5:FB:10
X509v3 Authority Key Identifier:
keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:f9:82:b1:8f:c7:d1:ef:c1:5a:8e:4c:99:5d:58:43:c6:1b:
f2:3c:e4:4b:99:75:3d:58:52:fa:47:00:bd:56:26:bc:d3:a7:
e9:3c:3a:c3:44:06:0e:82:d9:ec:ad:9c:15:53:f6:64:3a:b5:
4b:b1:1e:f1:a5:67:dd:ed:a7:fb:4d:63:21:a9:69:87:6e:fa:
6d:9f:54:c6:d7:97:04:f6:f8:9b:86:21:54:ac:2b:c7:4d:35:
5e:46:1d:1c:a8:21:e5:08:04:5e:b9:18:ad:4c:ff:b4:64:52:
48:a8:f5:98:6d:a3:35:6a:ba:a9:7c:e4:b1:e9:4e:f6:4d:11:
90:d4:75:d8:e7:a9:4c:8e:3d:ee:80:d6:2e:4a:e0:ce:47:0a:
c4:61:27:37:f9:c8:5a:21:14:6c:6c:e1:dc:77:32:fb:15:36:
c2:43:f7:f9:85:43:21:03:49:42:1c:fb:a0:04:ff:66:de:f6:
42:aa:f7:94:cf:84:13:d0:e3:ce:fd:5e:71:ee:f1:8a:20:47:
1d:86:09:7a:a9:d9:a7:fd:22:4f:dc:84:ef:47:8f:d5:e5:59:
53:0a:89:f6:29:d6:5c:59:97:d2:43:6d:7c:80:be:8c:2b:28:
90:4d:5f:59:c6:43:cf:de:cf:d1:de:03:10:a8:93:86:a0:ef:
84:b9:81:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZzf/gjay0d181rKhdkxEFIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy
Mjk5Y2EwHhcNMjYwMzEyMDMwMTMzWhcNMjYwMzEzMDMwMTMzWjAzMTEwLwYDVQQD
EygzYjgyZjgyYzBiODdhMTQ4Mjg3MjYwMTgzYjdjYWY3NzI1YzVmYjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+CayjCkC2bQoVj04Z/qwsC8mjq1
d317x3MDv3HGcRB+H4h1aYO06NBG9RiFNZmOVRj71MCq4paqS7OwNWSCo+SSC+bM
9V48zDBYvuSQMzVmXKBUM/UfcqH0GqDmLnJdODp43kcK0ro2s9g5uj2Igci/oT/O
Ly/1JeoA3OA6+RKCMmCfCYftDQfAZgcHyiS/sD7HnuLnY1x75ZuSpWahz3nIAAqo
dIjVGSs468ejOj11WCxLEfROVtXJGCtaIk2tPCfx0qq7jLMtFBfi3Oao9s8VOO9v
+HR5aWqqUkGhZ0yIycX3IY6n11uncFIg9enV3bTFS8iBlWt6AxUWmwyeTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDuC+CwLh6FIKHJgGDt8r3clxfsQMB8GA1UdIwQY
MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt
ZWE3YWU3MmJkMzJkLzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk
LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAPmCsY/H
0e/BWo5MmV1YQ8Yb8jzkS5l1PVhS+kcAvVYmvNOn6Tw6w0QGDoLZ7K2cFVP2ZDq1
S7Ee8aVn3e2n+01jIalph276bZ9UxteXBPb4m4YhVKwrx001XkYdHKgh5QgEXrkY
rUz/tGRSSKj1mG2jNWq6qXzkselO9k0RkNR12OepTI497oDWLkrgzkcKxGEnN/nI
WiEUbGzh3Hcy+xU2wkP3+YVDIQNJQhz7oAT/Zt72Qqr3lM+EE9Djzv1ece7xiiBH
HYYJeqnZp/0iT9yE70eP1eVZUwqJ9inWXFmX0kNtfIC+jCsokE1fWcZDz97P0d4D
EKiThqDvhLmBzg==
-----END CERTIFICATE-----
Generated at Thu Mar 12 07:53:55 2026 by rpki-client