Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
File: zTwRDf139XdXORwPrt7r42CGVx0.mft (raw, json)
Hash identifier: EtzvheI1g9tGSOtbKvuDk+n84hOoyxyLJ5Q+mBIpvGE=
Subject key identifier: F9:34:0A:99:66:EC:DC:3C:1A:1B:61:49:5F:95:51:C1:DC:B5:67:0A
Authority key identifier: CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
Certificate issuer: /CN=cd3c110dfd77f57757391c0faedeebe36086571d
Certificate serial: 019D3789300E2CA498E71A7826170EA317A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
Manifest number: 10AB
Signing time: Sun 29 Mar 2026 03:00:30 +0000
Manifest this update: Sun 29 Mar 2026 03:00:30 +0000
Manifest next update: Mon 30 Mar 2026 03:00:30 +0000
Files and hashes: 1: FAnp13R7vZew86VD0yXy30rskus.roa (hash: inPyQ73AzxqgSN178lLSbPKZBhe3Io2ja2XLtWWA0uk=)
2: zTwRDf139XdXORwPrt7r42CGVx0.crl (hash: 4Tayp7Rj8fqnWwYVgHEsoZkAEc4bqEbryo07SSg9cew=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 03:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:89:30:0e:2c:a4:98:e7:1a:78:26:17:0e:a3:17:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3c110dfd77f57757391c0faedeebe36086571d
Validity
Not Before: Mar 29 03:00:30 2026 GMT
Not After : Mar 30 03:00:30 2026 GMT
Subject: CN=f9340a9966ecdc3c1a1b61495f9551c1dcb5670a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:51:57:56:37:89:d6:b3:66:72:ac:0a:48:ce:
2a:88:0a:1f:ed:07:4b:91:ce:8e:eb:7b:c6:1d:07:
d6:46:ce:79:89:7d:8e:86:f6:f1:3b:eb:c3:65:18:
b5:8e:ff:95:30:1b:13:db:67:6c:f5:1d:a4:c6:08:
81:e4:51:94:fb:6f:a4:81:77:54:a2:ce:72:c8:1c:
f8:79:77:24:91:bf:fa:34:2d:60:92:45:02:a7:0f:
29:0c:c1:ff:9e:c9:82:00:8d:5a:b1:9a:e0:37:83:
e8:84:70:0e:59:4f:f2:e9:78:36:ca:93:a6:43:66:
e2:1c:98:33:62:f9:5e:a7:ab:ba:be:ab:8d:2a:b4:
71:92:46:1f:01:5a:ca:d7:aa:b5:61:46:df:61:51:
2b:cf:75:3b:f6:61:bd:64:3c:28:95:98:e7:fa:69:
88:38:a3:a2:4d:15:6c:71:82:8b:f6:62:5c:8a:da:
75:83:db:d5:59:46:c9:16:19:05:65:23:1d:8a:0b:
01:c8:37:f8:7c:e6:ad:44:33:0f:27:7b:76:71:cc:
93:68:be:da:2c:9c:62:33:53:d1:af:65:5c:cb:da:
c3:47:6e:84:90:49:c7:ec:d9:56:57:79:d1:78:ca:
38:0d:06:e0:33:65:1d:a3:e0:c4:51:30:96:40:5f:
34:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:34:0A:99:66:EC:DC:3C:1A:1B:61:49:5F:95:51:C1:DC:B5:67:0A
X509v3 Authority Key Identifier:
keyid:CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:7b:26:f1:bf:ae:cb:0b:a0:06:fa:08:8f:60:9c:cc:fe:52:
c3:fe:56:3d:6a:b6:3a:33:1e:62:d2:c9:ee:57:cf:92:d7:fa:
bb:a9:35:b3:9e:a4:1b:7d:63:d6:d3:ec:13:a5:1e:6d:a5:f7:
67:45:a1:01:f1:0f:46:fe:90:b4:47:d2:3b:75:cf:34:63:bf:
d6:8a:a8:0a:4b:2a:e0:3f:22:bd:d3:68:e3:5d:1c:59:99:48:
46:19:e2:01:81:08:a0:fa:4f:e9:53:ae:62:f0:33:80:ab:c7:
99:c5:5b:f0:0d:f7:c6:49:b9:7f:d9:f7:c1:01:c9:1a:54:92:
d9:c7:b5:9b:44:c9:c6:4b:c0:0e:37:f9:d4:fe:93:33:4b:ec:
db:a2:97:c0:3b:e1:b8:b5:af:73:23:76:80:03:ca:40:c6:86:
8f:71:b0:ee:c1:c8:6b:a5:92:ae:f1:04:95:b0:10:4a:1f:40:
d0:3f:1d:84:3a:5e:ef:84:ea:e5:0f:4c:23:18:fc:a4:a7:07:
13:94:e5:c6:4b:12:60:90:10:1d:d1:f4:33:bf:a3:98:2a:9b:
0d:71:1e:5d:4f:32:8b:28:e6:02:f6:f4:0d:11:03:d5:2d:12:
cd:33:7e:6d:7f:f1:8a:6e:ca:38:09:31:8c:5d:81:4d:d0:c5:
09:09:92:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03iTAOLKSY5xp4JhcOoxenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2MxMTBkZmQ3N2Y1Nzc1NzM5MWMwZmFlZGVlYmUzNjA4
NjU3MWQwHhcNMjYwMzI5MDMwMDMwWhcNMjYwMzMwMDMwMDMwWjAzMTEwLwYDVQQD
EyhmOTM0MGE5OTY2ZWNkYzNjMWExYjYxNDk1Zjk1NTFjMWRjYjU2NzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FFXVjeJ1rNmcqwKSM4qiAof7QdL
kc6O63vGHQfWRs55iX2OhvbxO+vDZRi1jv+VMBsT22ds9R2kxgiB5FGU+2+kgXdU
os5yyBz4eXckkb/6NC1gkkUCpw8pDMH/nsmCAI1asZrgN4PohHAOWU/y6Xg2ypOm
Q2biHJgzYvlep6u6vquNKrRxkkYfAVrK16q1YUbfYVErz3U79mG9ZDwolZjn+mmI
OKOiTRVscYKL9mJcitp1g9vVWUbJFhkFZSMdigsByDf4fOatRDMPJ3t2ccyTaL7a
LJxiM1PRr2Vcy9rDR26EkEnH7NlWV3nReMo4DQbgM2Udo+DEUTCWQF80GQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPk0Cplm7Nw8GhthSV+VUcHctWcKMB8GA1UdIwQY
MBaAFM08EQ39d/V3VzkcD67e6+NghlcdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYt
NmMwMmVjMTliODA5LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYtNmMwMmVjMTliODA5
LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhnsm8b+u
ywugBvoIj2CczP5Sw/5WPWq2OjMeYtLJ7lfPktf6u6k1s56kG31j1tPsE6UebaX3
Z0WhAfEPRv6QtEfSO3XPNGO/1oqoCksq4D8ivdNo410cWZlIRhniAYEIoPpP6VOu
YvAzgKvHmcVb8A33xkm5f9n3wQHJGlSS2ce1m0TJxkvADjf51P6TM0vs26KXwDvh
uLWvcyN2gAPKQMaGj3Gw7sHIa6WSrvEElbAQSh9A0D8dhDpe74Tq5Q9MIxj8pKcH
E5TlxksSYJAQHdH0M7+jmCqbDXEeXU8yiyjmAvb0DRED1S0SzTN+bX/xim7KOAkx
jF2BTdDFCQmS9Q==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:25:34 2026 by rpki-client