Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
File: PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft (raw, json)
Hash identifier: TX+SjaapodIjJv91779vF2QxPxD+botRaQm16leMGh8=
Subject key identifier: A5:A4:73:84:0D:90:E7:81:E7:92:84:0E:CB:5D:EF:CC:C0:38:E5:83
Authority key identifier: 3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7
Certificate issuer: /CN=3d94df65a3bdddfb55609f1850e149f82bea78f7
Certificate serial: 019D371B596DFA8BAD37A098065B344DB825
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
Manifest number: 0DAB
Signing time: Sun 29 Mar 2026 01:00:32 +0000
Manifest this update: Sun 29 Mar 2026 01:00:32 +0000
Manifest next update: Mon 30 Mar 2026 01:00:32 +0000
Files and hashes: 1: PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl (hash: sHRrnQ/8ht6+rxwrHRPqRZV5QvEdMPxYClZyrtOXBx4=)
2: TLFiEoQRGLVMCGc46Mn0G99fC5U.roa (hash: gDFtNWXwzA45vosk76KSuCgqR0QSeN+bVcyur4756BI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 01:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:1b:59:6d:fa:8b:ad:37:a0:98:06:5b:34:4d:b8:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d94df65a3bdddfb55609f1850e149f82bea78f7
Validity
Not Before: Mar 29 01:00:32 2026 GMT
Not After : Mar 30 01:00:32 2026 GMT
Subject: CN=a5a473840d90e781e792840ecb5defccc038e583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4c:98:2a:f2:87:3e:24:d5:c9:2b:09:3e:ef:
1f:16:17:a4:07:c0:4e:64:2a:2d:27:59:2a:19:44:
d8:6b:7c:dd:ce:af:e2:ba:42:24:73:d9:64:d4:31:
a4:18:a8:c1:6a:a2:2f:1a:29:7f:fa:b5:2f:b2:c9:
35:70:a4:6b:05:a7:a0:34:02:50:5b:4a:69:66:30:
5e:37:de:e9:ac:3e:de:5d:3f:b6:3e:6e:a0:d2:54:
ad:29:8b:f8:ea:ea:4f:eb:33:e2:ec:66:c5:3d:f6:
80:f2:38:30:55:02:d8:28:91:60:25:10:f0:a8:f4:
60:81:39:3d:2f:30:d2:9a:0e:3f:1c:1e:8f:bc:d3:
a2:52:b0:22:f1:96:20:c7:13:4e:d5:7d:9b:d9:d7:
e9:61:7b:fe:78:de:68:83:38:80:55:9b:f1:9a:4e:
21:82:3e:a7:4a:ca:c7:2e:6e:b4:5c:1a:12:55:ea:
07:71:7a:b8:c5:b1:cd:24:09:65:30:97:a9:02:60:
dc:55:2d:76:ac:f3:7a:8a:55:c8:5b:02:c7:69:89:
76:c0:d5:1f:be:55:90:bd:4e:a1:ec:99:59:be:51:
06:dd:06:a6:a5:4a:ea:79:6f:3c:b3:a3:a8:91:82:
58:5f:6e:35:3d:97:57:1f:eb:25:e7:53:b7:56:31:
76:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A4:73:84:0D:90:E7:81:E7:92:84:0E:CB:5D:EF:CC:C0:38:E5:83
X509v3 Authority Key Identifier:
keyid:3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:bc:ec:91:70:47:7d:9f:d6:c7:98:21:a5:f3:e5:c4:23:05:
90:6b:b7:7c:d9:1a:e8:c6:90:57:b9:ac:de:52:97:db:51:2d:
a9:24:b4:a9:2e:77:4b:51:f1:98:49:7a:85:b7:c6:fe:72:09:
89:16:7c:2e:c2:f3:55:40:b2:79:d4:5e:47:83:06:33:7f:5b:
b9:5f:41:e0:b6:dd:3f:57:3a:7e:eb:c1:24:66:87:01:a1:23:
1c:c5:58:2b:53:56:f3:80:62:f4:ac:cb:35:a9:24:cc:67:09:
da:1a:53:e9:eb:f2:23:39:83:c5:77:2b:f9:0c:8a:a4:5c:c4:
ff:8c:e7:6c:12:b6:1b:f7:00:4c:ce:bf:8c:58:e9:54:94:e0:
1d:7b:a2:fd:b1:82:ca:3a:9a:00:a5:95:b5:a0:69:10:50:6f:
ae:1a:01:73:77:7f:32:44:47:5b:e4:5e:5c:d8:54:35:21:3f:
53:4f:fa:6e:3d:ce:49:4b:a9:03:c0:29:68:68:b8:86:59:6b:
99:4d:5e:6a:df:d4:47:db:cb:06:b3:79:f8:52:16:d0:4c:9b:
0e:01:fa:d3:c1:35:4a:e5:cf:de:42:09:49:b0:f1:db:8d:b1:
8e:2c:d4:4c:52:98:67:66:2b:63:69:91:d9:5b:67:92:c5:a9:
bb:57:ab:78
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03G1lt+outN6CYBls0TbglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTRkZjY1YTNiZGRkZmI1NTYwOWYxODUwZTE0OWY4MmJl
YTc4ZjcwHhcNMjYwMzI5MDEwMDMyWhcNMjYwMzMwMDEwMDMyWjAzMTEwLwYDVQQD
EyhhNWE0NzM4NDBkOTBlNzgxZTc5Mjg0MGVjYjVkZWZjY2MwMzhlNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0yYKvKHPiTVySsJPu8fFhekB8BO
ZCotJ1kqGUTYa3zdzq/iukIkc9lk1DGkGKjBaqIvGil/+rUvssk1cKRrBaegNAJQ
W0ppZjBeN97prD7eXT+2Pm6g0lStKYv46upP6zPi7GbFPfaA8jgwVQLYKJFgJRDw
qPRggTk9LzDSmg4/HB6PvNOiUrAi8ZYgxxNO1X2b2dfpYXv+eN5ogziAVZvxmk4h
gj6nSsrHLm60XBoSVeoHcXq4xbHNJAllMJepAmDcVS12rPN6ilXIWwLHaYl2wNUf
vlWQvU6h7JlZvlEG3QampUrqeW88s6OokYJYX241PZdXH+sl51O3VjF2mQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWkc4QNkOeB55KEDstd78zAOOWDMB8GA1UdIwQY
MBaAFD2U32Wjvd37VWCfGFDhSfgr6nj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmIt
MDZiOWVkOTlmMTZjLzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmItMDZiOWVkOTlmMTZj
LzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfrzskXBH
fZ/Wx5ghpfPlxCMFkGu3fNka6MaQV7ms3lKX21EtqSS0qS53S1HxmEl6hbfG/nIJ
iRZ8LsLzVUCyedReR4MGM39buV9B4LbdP1c6fuvBJGaHAaEjHMVYK1NW84Bi9KzL
NakkzGcJ2hpT6evyIzmDxXcr+QyKpFzE/4znbBK2G/cATM6/jFjpVJTgHXui/bGC
yjqaAKWVtaBpEFBvrhoBc3d/MkRHW+ReXNhUNSE/U0/6bj3OSUupA8ApaGi4hllr
mU1eat/UR9vLBrN5+FIW0EybDgH608E1SuXP3kIJSbDx242xjizUTFKYZ2YrY2mR
2VtnksWpu1ereA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 11:17:08 2026 by rpki-client