Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.mft
File: ZSJu5eoEBlkt-XXG9MhPEPFNFcs.mft (raw, json)
Hash identifier: 0BmWRsxBApvmNIffLNC1fl9iu71URwheHY6uLUlXfzg=
Subject key identifier: 6E:9A:0F:58:F4:5E:7B:C5:9D:8F:F8:0A:38:9C:36:68:B0:D4:01:20
Authority key identifier: 65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
Certificate issuer: /CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Certificate serial: 019D38D2D922FE9F4AFEE92C3E6C7FB4E02C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.mft
Manifest number: 17D0
Signing time: Sun 29 Mar 2026 09:00:35 +0000
Manifest this update: Sun 29 Mar 2026 09:00:35 +0000
Manifest next update: Mon 30 Mar 2026 09:00:35 +0000
Files and hashes: 1: USooHDGW_QeqYRyqa6kck-Wwdw8.roa (hash: VauOA3CJ0j4kbwlbCKNmu8qN0LtwGSRo+52ifzBfLcs=)
2: ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl (hash: qQ+APehqLaR9Gihptou8lAqhTPZ1WEe4QMw559uCYNI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:d2:d9:22:fe:9f:4a:fe:e9:2c:3e:6c:7f:b4:e0:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65226ee5ea0406592df975c6f4c84f10f14d15cb
Validity
Not Before: Mar 29 09:00:35 2026 GMT
Not After : Mar 30 09:00:35 2026 GMT
Subject: CN=6e9a0f58f45e7bc59d8ff80a389c3668b0d40120
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:71:a6:8b:f9:24:1f:bf:02:73:a5:5c:23:c6:
a3:62:60:08:76:21:2e:cd:7c:31:73:18:13:4c:5a:
b3:ec:27:9e:84:b2:7b:d4:1d:da:84:d6:72:34:b3:
08:01:69:86:25:58:f5:9f:fa:46:57:fa:fb:d9:28:
65:92:c5:26:5b:7c:a6:86:c5:a5:bd:48:d0:87:ca:
cd:45:fe:b6:69:be:5b:76:08:b2:65:b4:7e:59:66:
ba:44:b4:c8:95:f5:3a:7c:84:5c:09:66:89:c0:ae:
b5:d9:d5:0e:f7:38:a6:b0:64:38:20:02:49:96:5f:
e1:96:5e:ad:2e:4d:8a:9c:e0:e5:f3:da:70:c0:a2:
15:5d:a9:26:a1:9e:c1:c9:9f:22:9f:db:77:cc:99:
d2:d1:fa:47:91:49:15:44:a6:b2:96:86:e1:b2:a3:
a4:9b:8e:2b:a1:2f:db:c0:21:0d:5f:4a:31:e1:e9:
29:81:07:99:e5:5c:56:bb:9b:78:d0:20:9c:26:d2:
32:8e:6a:63:8f:00:90:64:b4:28:22:0e:e8:66:12:
36:69:d3:27:d4:5a:e1:42:54:6a:0c:41:86:a2:aa:
e0:8a:a6:ac:93:43:d7:9b:1e:a0:74:3c:e2:bd:21:
62:22:2e:0b:ba:c0:31:fb:d1:89:f5:f0:ce:c2:e9:
98:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:9A:0F:58:F4:5E:7B:C5:9D:8F:F8:0A:38:9C:36:68:B0:D4:01:20
X509v3 Authority Key Identifier:
keyid:65:22:6E:E5:EA:04:06:59:2D:F9:75:C6:F4:C8:4F:10:F1:4D:15:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/594fa8-d315-4a38-a631-dec02488c37c/1/ZSJu5eoEBlkt-XXG9MhPEPFNFcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:c4:e9:45:2e:1c:3e:9a:fd:33:0e:e3:82:26:75:59:06:92:
7a:66:19:98:93:76:3e:2e:3d:34:04:5d:04:08:82:01:94:8d:
59:fe:b8:cc:4e:61:8b:a1:42:29:a8:12:ac:5e:38:97:af:32:
56:dd:33:56:84:d4:93:70:6e:20:6a:b0:70:33:a8:98:a5:74:
15:47:29:b5:a5:83:d4:8f:e8:f9:2e:1d:16:c4:56:61:37:f3:
d2:5d:28:b2:d0:ea:64:29:9b:0f:38:65:8c:3a:b1:63:ab:66:
93:12:83:92:55:af:9f:82:71:74:ff:90:2a:03:50:8b:01:5f:
93:4f:2e:cf:9f:de:5d:90:86:5f:f7:8d:56:88:4c:68:20:2d:
e9:41:6c:88:c8:f7:57:33:65:53:d3:25:86:24:e6:08:3a:10:
75:53:d4:59:93:46:db:84:2e:a1:43:d6:da:8b:70:b6:e5:69:
3a:2d:6c:4c:3c:66:0e:04:f7:14:b9:b6:d8:09:f5:48:46:04:
7d:3e:dc:2b:cb:48:b7:9b:bd:cd:84:e7:07:76:77:b1:c7:88:
f2:6f:3d:4c:ce:ae:2c:89:c4:55:fc:84:08:fd:cf:2b:e5:68:
f6:22:f4:bc:6c:ef:65:47:1d:50:c7:64:82:ca:b4:72:8d:c5:
b9:3d:56:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ040tki/p9K/uksPmx/tOAsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjI2ZWU1ZWEwNDA2NTkyZGY5NzVjNmY0Yzg0ZjEwZjE0
ZDE1Y2IwHhcNMjYwMzI5MDkwMDM1WhcNMjYwMzMwMDkwMDM1WjAzMTEwLwYDVQQD
Eyg2ZTlhMGY1OGY0NWU3YmM1OWQ4ZmY4MGEzODljMzY2OGIwZDQwMTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXGmi/kkH78Cc6VcI8ajYmAIdiEu
zXwxcxgTTFqz7CeehLJ71B3ahNZyNLMIAWmGJVj1n/pGV/r72ShlksUmW3ymhsWl
vUjQh8rNRf62ab5bdgiyZbR+WWa6RLTIlfU6fIRcCWaJwK612dUO9zimsGQ4IAJJ
ll/hll6tLk2KnODl89pwwKIVXakmoZ7ByZ8in9t3zJnS0fpHkUkVRKaylobhsqOk
m44roS/bwCENX0ox4ekpgQeZ5VxWu5t40CCcJtIyjmpjjwCQZLQoIg7oZhI2adMn
1FrhQlRqDEGGoqrgiqask0PXmx6gdDzivSFiIi4LusAx+9GJ9fDOwumYUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG6aD1j0XnvFnY/4CjicNmiw1AEgMB8GA1UdIwQY
MBaAFGUibuXqBAZZLfl1xvTITxDxTRXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEt
ZGVjMDI0ODhjMzdjLzEvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81OTRmYTgtZDMxNS00YTM4LWE2MzEtZGVjMDI0ODhjMzdj
LzEvWlNKdTVlb0VCbGt0LVhYRzlNaFBFUEZORmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASsTpRS4c
Ppr9Mw7jgiZ1WQaSemYZmJN2Pi49NARdBAiCAZSNWf64zE5hi6FCKagSrF44l68y
Vt0zVoTUk3BuIGqwcDOomKV0FUcptaWD1I/o+S4dFsRWYTfz0l0ostDqZCmbDzhl
jDqxY6tmkxKDklWvn4JxdP+QKgNQiwFfk08uz5/eXZCGX/eNVohMaCAt6UFsiMj3
VzNlU9MlhiTmCDoQdVPUWZNG24QuoUPW2otwtuVpOi1sTDxmDgT3FLm22An1SEYE
fT7cK8tIt5u9zYTnB3Z3sceI8m89TM6uLInEVfyECP3PK+Vo9iL0vGzvZUcdUMdk
gsq0co3FuT1WJg==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:44:21 2026 by rpki-client