Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.mft
File: ZSXYt_GeL7dct_lXidkRj2sblwU.mft (raw, json)
Hash identifier: 3O+7Q22cLXlrYLSO2svzkz6XKQidPiotOAg52rU2Yx8=
Subject key identifier: 8D:CA:BA:52:3D:B5:B1:24:57:6B:B0:5F:C2:46:73:52:0C:CF:99:79
Authority key identifier: 65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
Certificate issuer: /CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Certificate serial: 019D37C09652C0CD5063BBECDBED42058B95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.mft
Manifest number: 0DE4
Signing time: Sun 29 Mar 2026 04:01:01 +0000
Manifest this update: Sun 29 Mar 2026 04:01:01 +0000
Manifest next update: Mon 30 Mar 2026 04:01:01 +0000
Files and hashes: 1: ZSXYt_GeL7dct_lXidkRj2sblwU.crl (hash: W1tRs/B42S/pYSzcSfUZXbSs9fWWLdc1qSLgTrM81yQ=)
2: eX-mxCe4aOVRvqfABXD3XD44-Q0.roa (hash: WteYUUqDb29xXfLR9yOCxZhFZTrxf/JEk97tf2HnzV4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:96:52:c0:cd:50:63:bb:ec:db:ed:42:05:8b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Validity
Not Before: Mar 29 04:01:01 2026 GMT
Not After : Mar 30 04:01:01 2026 GMT
Subject: CN=8dcaba523db5b124576bb05fc24673520ccf9979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e1:41:ac:4c:93:de:6c:32:3c:e2:bc:ac:eb:
0c:88:7e:28:0c:25:23:f0:5f:bf:c6:bb:8c:5d:39:
d5:48:a8:90:9d:c8:00:9b:6b:e2:bf:f9:f5:40:27:
5c:36:aa:76:46:2c:b4:f7:d6:77:53:ea:02:21:e3:
f2:22:a6:50:14:e5:5e:f2:2f:82:c0:18:8f:ed:66:
2d:23:77:eb:7d:b2:aa:91:1a:1b:e4:f7:cc:41:cf:
57:dc:59:8b:45:bb:f7:e0:69:e5:d7:3b:ac:70:c8:
1d:40:7a:71:0c:d2:7b:a7:e9:74:75:61:9f:78:59:
f2:40:34:2f:fa:1c:38:3e:f3:f3:25:cf:8d:16:1e:
e7:3e:b7:b2:dc:d6:30:28:bf:17:8a:76:9d:86:57:
c3:47:1f:62:c6:e3:e4:f0:74:45:84:f1:8d:56:d6:
65:e2:00:af:7a:b7:27:68:51:73:27:e7:a2:4e:37:
c1:2a:6d:d8:98:31:0a:01:29:37:cb:b6:dd:62:fa:
66:82:8a:35:a4:b9:e4:d0:bd:90:ec:a1:95:48:45:
57:83:fb:99:d6:b4:d6:1f:cb:33:62:e6:df:17:ef:
4b:f9:bc:44:77:44:fb:a1:63:a9:7e:60:74:f3:d5:
01:3b:89:49:ad:11:da:26:62:b2:99:2e:a1:a9:6b:
e8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CA:BA:52:3D:B5:B1:24:57:6B:B0:5F:C2:46:73:52:0C:CF:99:79
X509v3 Authority Key Identifier:
keyid:65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:17:34:61:a6:3c:51:9e:65:45:b9:0d:75:d5:68:d5:2e:83:
03:08:6a:03:31:1c:49:b2:c3:96:32:cd:0b:38:84:73:c4:29:
3e:56:29:ac:7d:7b:e6:a2:c6:7a:2c:4b:2f:b3:4a:35:04:26:
eb:7d:31:68:43:76:ce:f7:8b:0b:78:5a:c6:28:3f:ef:24:5e:
24:fe:29:da:bf:31:35:ab:a0:7c:4d:c8:a9:f1:43:c5:4d:44:
db:96:27:b9:b8:76:35:5b:55:1d:a0:b7:a8:b8:7b:29:52:8a:
9f:45:12:69:63:1b:32:63:db:81:31:42:6f:14:03:01:31:e2:
f8:63:36:9a:15:22:56:d4:ee:d7:1e:ae:b9:7a:87:9e:a4:d0:
59:da:2d:74:d8:72:fd:b3:4b:98:0f:0a:34:3c:4c:05:51:ee:
91:fc:58:4c:9a:db:d3:8d:80:79:85:f9:34:8c:c3:b0:bf:d3:
73:54:68:9f:07:33:14:84:da:29:5c:30:d7:a7:e1:92:75:48:
2d:cd:70:9c:87:9d:34:9a:a4:45:41:4c:7c:6b:f6:90:f1:99:
35:f5:e4:ca:a5:e6:a1:59:bf:a8:87:cd:8a:35:52:69:34:2a:
e9:a1:c3:4c:9a:52:6e:f4:1b:62:3b:cf:20:ab:58:2b:73:a2:
a4:82:d4:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wJZSwM1QY7vs2+1CBYuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjVkOGI3ZjE5ZTJmYjc1Y2I3Zjk1Nzg5ZDkxMThmNmIx
Yjk3MDUwHhcNMjYwMzI5MDQwMTAxWhcNMjYwMzMwMDQwMTAxWjAzMTEwLwYDVQQD
Eyg4ZGNhYmE1MjNkYjViMTI0NTc2YmIwNWZjMjQ2NzM1MjBjY2Y5OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreFBrEyT3mwyPOK8rOsMiH4oDCUj
8F+/xruMXTnVSKiQncgAm2viv/n1QCdcNqp2Riy099Z3U+oCIePyIqZQFOVe8i+C
wBiP7WYtI3frfbKqkRob5PfMQc9X3FmLRbv34Gnl1zuscMgdQHpxDNJ7p+l0dWGf
eFnyQDQv+hw4PvPzJc+NFh7nPrey3NYwKL8XinadhlfDRx9ixuPk8HRFhPGNVtZl
4gCvercnaFFzJ+eiTjfBKm3YmDEKASk3y7bdYvpmgoo1pLnk0L2Q7KGVSEVXg/uZ
1rTWH8szYubfF+9L+bxEd0T7oWOpfmB089UBO4lJrRHaJmKymS6hqWvocQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI3KulI9tbEkV2uwX8JGc1IMz5l5MB8GA1UdIwQY
MBaAFGUl2Lfxni+3XLf5V4nZEY9rG5cFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUt
NDY2MDNkZTgwNWVjLzEvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUtNDY2MDNkZTgwNWVj
LzEvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAghc0YaY8
UZ5lRbkNddVo1S6DAwhqAzEcSbLDljLNCziEc8QpPlYprH175qLGeixLL7NKNQQm
630xaEN2zveLC3haxig/7yReJP4p2r8xNaugfE3IqfFDxU1E25Ynubh2NVtVHaC3
qLh7KVKKn0USaWMbMmPbgTFCbxQDATHi+GM2mhUiVtTu1x6uuXqHnqTQWdotdNhy
/bNLmA8KNDxMBVHukfxYTJrb042AeYX5NIzDsL/Tc1RonwczFITaKVww16fhknVI
Lc1wnIedNJqkRUFMfGv2kPGZNfXkyqXmoVm/qIfNijVSaTQq6aHDTJpSbvQbYjvP
IKtYK3OipILUJg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:06:53 2026 by rpki-client