Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
File: zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft (raw, json)
Hash identifier: FKHGVRyiiBjZLIfm63kKwn0dyfy7qVXPHvUCAO2OBbg=
Subject key identifier: 4B:CF:CB:6F:BC:14:73:BB:A0:27:EC:8C:26:47:C0:BF:D8:61:7D:16
Authority key identifier: CC:8D:F8:80:54:06:0D:F6:85:BB:A9:73:91:23:E8:34:2D:47:9E:84
Certificate issuer: /CN=cc8df88054060df685bba9739123e8342d479e84
Certificate serial: 019D390A3688D5649F0CDFB90C7CD4527544
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
Manifest number: 1829
Signing time: Sun 29 Mar 2026 10:01:03 +0000
Manifest this update: Sun 29 Mar 2026 10:01:03 +0000
Manifest next update: Mon 30 Mar 2026 10:01:03 +0000
Files and hashes: 1: nWemIk_PUFibWyxsMCHuSPNqyxE.roa (hash: LfDaK0qO1xTJjSEUv9R58HxO4b8gyazqBrXpwSZbnWE=)
2: zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl (hash: 89pQ6AKlRJtVu+tEA1SpPUjjebOs6x/e2k9hm4vjEgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:0a:36:88:d5:64:9f:0c:df:b9:0c:7c:d4:52:75:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc8df88054060df685bba9739123e8342d479e84
Validity
Not Before: Mar 29 10:01:03 2026 GMT
Not After : Mar 30 10:01:03 2026 GMT
Subject: CN=4bcfcb6fbc1473bba027ec8c2647c0bfd8617d16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e5:b2:86:5d:bb:57:c2:68:ff:72:f0:bf:70:
e7:ff:06:6e:59:a5:18:24:85:86:5a:e7:d0:67:ca:
de:04:7c:8e:2f:38:2a:b9:b1:4a:34:24:0f:fb:2f:
d0:a3:49:81:a7:14:3e:a4:1d:da:86:a3:b1:57:06:
57:e7:95:e5:a0:7a:84:c6:ed:f9:75:13:3d:9e:e0:
ae:59:6a:f9:e8:6e:df:63:95:fa:b3:b0:f8:af:2d:
57:0f:af:2b:41:22:94:6b:be:43:3e:f7:b9:14:7c:
d8:8a:c0:b1:4b:45:f2:16:0d:8a:36:b8:7e:86:af:
b9:ad:bc:4b:0f:0c:3f:c4:6d:41:f9:2a:e6:80:f3:
f4:cf:3f:f5:e7:0f:63:5a:e9:38:eb:f7:f2:09:f7:
70:1e:27:ee:ba:be:d8:21:48:7c:35:ee:fa:52:f9:
ef:ed:b0:65:46:d1:b6:f0:52:37:ac:03:17:be:f6:
c7:80:86:45:f2:c2:97:7a:40:01:72:5e:1d:55:05:
4c:c6:01:fb:e2:5b:01:80:de:b8:67:23:1a:a5:f6:
12:99:22:af:99:d5:41:7f:be:aa:a1:8a:11:ea:7b:
a4:fb:d2:46:e5:44:34:46:e7:cb:b8:9f:ef:41:50:
ce:5e:9c:c2:c8:26:b2:4f:7a:1c:f5:3a:2f:da:98:
08:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:CF:CB:6F:BC:14:73:BB:A0:27:EC:8C:26:47:C0:BF:D8:61:7D:16
X509v3 Authority Key Identifier:
keyid:CC:8D:F8:80:54:06:0D:F6:85:BB:A9:73:91:23:E8:34:2D:47:9E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:2c:d3:74:0a:69:f2:48:b8:bb:0b:9c:1a:9d:ab:68:ea:44:
b6:94:65:1f:b2:8e:cf:34:67:1f:d7:38:c7:0b:54:21:79:fb:
d4:3b:aa:a0:7b:50:13:08:cf:f1:7b:21:0b:07:5f:3b:f1:7b:
d8:e4:f6:8e:8f:ef:07:70:22:8d:45:72:58:c3:e1:ae:ba:84:
72:d2:ab:10:4e:6f:eb:1e:b5:4f:c3:ab:2e:a6:91:90:c1:ed:
f8:9a:64:e4:e6:49:48:40:56:39:43:b1:2e:2a:d8:1a:2b:a2:
3d:81:3f:52:dd:ac:2b:99:7f:da:03:e0:68:38:4e:49:4a:7a:
63:70:0f:48:6c:cb:da:41:e0:4f:48:0b:35:aa:65:39:2f:eb:
37:26:12:72:3e:f6:a2:f3:03:3e:c2:a0:5d:29:78:eb:f9:15:
2a:2c:b5:b2:86:11:96:89:93:28:a8:70:f4:08:92:a5:e0:5b:
40:0d:85:9b:82:01:51:8a:50:1c:89:73:0f:0d:2f:14:c7:e8:
59:ca:c6:08:64:2a:a3:5b:0a:c5:ae:42:ae:dd:76:ff:08:0f:
af:bf:46:d0:d4:a0:fe:10:82:52:e2:3e:e3:0c:46:e1:34:83:
03:cc:25:14:94:a7:12:50:3a:10:a5:56:f8:0f:01:d1:2c:84:
75:59:4c:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CjaI1WSfDN+5DHzUUnVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOGRmODgwNTQwNjBkZjY4NWJiYTk3MzkxMjNlODM0MmQ0
NzllODQwHhcNMjYwMzI5MTAwMTAzWhcNMjYwMzMwMTAwMTAzWjAzMTEwLwYDVQQD
Eyg0YmNmY2I2ZmJjMTQ3M2JiYTAyN2VjOGMyNjQ3YzBiZmQ4NjE3ZDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneWyhl27V8Jo/3Lwv3Dn/wZuWaUY
JIWGWufQZ8reBHyOLzgqubFKNCQP+y/Qo0mBpxQ+pB3ahqOxVwZX55XloHqExu35
dRM9nuCuWWr56G7fY5X6s7D4ry1XD68rQSKUa75DPve5FHzYisCxS0XyFg2KNrh+
hq+5rbxLDww/xG1B+SrmgPP0zz/15w9jWuk46/fyCfdwHifuur7YIUh8Ne76Uvnv
7bBlRtG28FI3rAMXvvbHgIZF8sKXekABcl4dVQVMxgH74lsBgN64ZyMapfYSmSKv
mdVBf76qoYoR6nuk+9JG5UQ0RufLuJ/vQVDOXpzCyCayT3oc9Tov2pgINwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEvPy2+8FHO7oCfsjCZHwL/YYX0WMB8GA1UdIwQY
MBaAFMyN+IBUBg32hbupc5Ej6DQtR56EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kYjhkMzgtMDc3Zi00ZDc3LTkzODMt
ZGM3ODFjYzJhMjU4LzEvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kYjhkMzgtMDc3Zi00ZDc3LTkzODMtZGM3ODFjYzJhMjU4
LzEvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFyzTdApp
8ki4uwucGp2raOpEtpRlH7KOzzRnH9c4xwtUIXn71DuqoHtQEwjP8XshCwdfO/F7
2OT2jo/vB3AijUVyWMPhrrqEctKrEE5v6x61T8OrLqaRkMHt+Jpk5OZJSEBWOUOx
LirYGiuiPYE/Ut2sK5l/2gPgaDhOSUp6Y3APSGzL2kHgT0gLNaplOS/rNyYScj72
ovMDPsKgXSl46/kVKiy1soYRlomTKKhw9AiSpeBbQA2Fm4IBUYpQHIlzDw0vFMfo
WcrGCGQqo1sKxa5Crt12/wgPr79G0NSg/hCCUuI+4wxG4TSDA8wlFJSnElA6EKVW
+A8B0SyEdVlMIg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:54:36 2026 by rpki-client