
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
File: pZyqKnNoBpiyyeGmyWQadPPOdug.mft (raw, json)
Hash identifier: oLJYi3yPW74UDCKF/ZHHjgSPMyvgdsHjYVjYlo4tQo0=
Subject key identifier: 58:9E:B9:B4:2F:2C:CF:BC:5E:B9:63:18:B4:69:0B:63:1F:12:7A:A2
Authority key identifier: A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
Certificate issuer: /CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Certificate serial: 019D3909C5BB3250DEF03E8DE6420A63C514
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
Manifest number: 0D25
Signing time: Sun 29 Mar 2026 10:00:34 +0000
Manifest this update: Sun 29 Mar 2026 10:00:34 +0000
Manifest next update: Mon 30 Mar 2026 10:00:34 +0000
Files and hashes: 1: pZyqKnNoBpiyyeGmyWQadPPOdug.crl (hash: kcN8Y3tg2fsXrG143HQxa5JhZsym6casdSbqugqq+9Y=)
2: rRTCZ5FyRdDiK7BZGTzqpa0QNeg.roa (hash: mji6QPUv0yUiA70EcUkHQFZ0veAkRZWxgnDOQwOKKtU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:09:c5:bb:32:50:de:f0:3e:8d:e6:42:0a:63:c5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a59caa2a73680698b2c9e1a6c9641a74f3ce76e8
Validity
Not Before: Mar 29 10:00:34 2026 GMT
Not After : Mar 30 10:00:34 2026 GMT
Subject: CN=589eb9b42f2ccfbc5eb96318b4690b631f127aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:31:4b:43:67:42:c2:33:fc:a6:ec:35:0c:d0:
51:a3:10:70:b1:b0:31:ef:6d:76:c4:ff:03:85:96:
60:7e:3e:85:f9:ed:fe:a9:93:9a:2b:8a:f4:cd:a8:
61:43:e4:da:ca:2c:f2:2c:42:91:49:79:3c:64:e1:
41:5a:3c:82:84:f9:34:a6:56:99:ca:be:f1:80:85:
1b:d1:35:03:c9:43:9a:76:5a:cb:ea:14:93:d6:fe:
05:cb:a9:29:6b:28:6c:a7:7c:bd:2c:90:b0:b5:84:
bb:f8:9e:fa:11:f2:2b:ce:45:a4:ba:a7:22:f1:f8:
e8:9b:52:fc:59:0d:b0:e8:c3:38:97:98:f1:5c:ca:
c9:d7:e1:a9:75:80:f1:15:bc:10:2a:52:9b:53:ea:
79:42:60:37:fa:cc:a2:0c:6b:fd:5a:4b:a8:dd:7a:
90:c8:fd:97:c7:50:5f:57:df:d6:7b:d8:e2:40:ec:
09:16:53:72:1f:1c:f4:d1:21:d1:90:44:60:fb:bb:
f8:d2:1a:4b:f8:e4:ed:70:74:e5:1b:19:e2:03:ea:
58:bf:46:08:f4:b9:0c:1f:24:f4:10:ff:dd:d2:bb:
80:9c:de:9b:a8:19:9a:b0:64:15:e6:2c:3b:79:58:
a0:66:ce:4a:09:c5:6c:3e:5b:8f:6f:d1:f4:c7:ed:
bd:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:9E:B9:B4:2F:2C:CF:BC:5E:B9:63:18:B4:69:0B:63:1F:12:7A:A2
X509v3 Authority Key Identifier:
keyid:A5:9C:AA:2A:73:68:06:98:B2:C9:E1:A6:C9:64:1A:74:F3:CE:76:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pZyqKnNoBpiyyeGmyWQadPPOdug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/dd672f-5336-4f35-b3ef-ae91ab342be1/1/pZyqKnNoBpiyyeGmyWQadPPOdug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:36:0c:6b:2e:0e:62:41:e8:21:87:7e:97:7c:06:56:d9:c5:
e9:57:da:37:a3:63:70:f3:f3:20:84:1b:75:86:e8:5b:d1:84:
11:2f:3a:d5:55:87:5b:51:09:d5:b0:66:f4:95:f6:e6:3d:9e:
96:6f:54:f0:a4:33:c6:95:cc:93:80:a7:31:15:99:94:1b:bd:
d2:db:ad:53:d8:bb:9e:06:72:d0:d8:7c:8b:01:2a:40:0d:bf:
2d:69:45:5e:e6:b4:de:ed:e1:29:f2:9f:7b:89:b4:56:b8:09:
8b:fe:ce:5f:08:a8:65:1f:a5:ab:f8:a5:de:6f:89:4a:2b:9c:
e7:be:31:3b:6f:eb:b4:af:6f:89:fe:74:d5:c8:10:10:7c:9d:
8e:1c:e5:aa:c1:2b:00:9b:ae:82:5d:1f:ff:0c:d2:2c:15:87:
67:0e:39:88:ce:82:92:5a:4e:63:b8:e0:21:ac:fd:fa:b0:31:
27:0b:df:d8:b2:f7:3b:1f:30:66:d4:57:24:40:ea:fe:6d:ba:
7b:69:8e:65:9c:81:c7:f6:b7:38:01:19:74:24:14:cd:bb:a8:
bc:65:aa:b7:74:c8:11:40:c6:df:37:25:90:5a:ed:b0:41:07:
67:64:35:63:5a:a4:8b:a1:5f:4d:92:93:fc:95:62:b0:00:c1:
8d:25:05:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05CcW7MlDe8D6N5kIKY8UUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1OWNhYTJhNzM2ODA2OThiMmM5ZTFhNmM5NjQxYTc0ZjNj
ZTc2ZTgwHhcNMjYwMzI5MTAwMDM0WhcNMjYwMzMwMTAwMDM0WjAzMTEwLwYDVQQD
Eyg1ODllYjliNDJmMmNjZmJjNWViOTYzMThiNDY5MGI2MzFmMTI3YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzFLQ2dCwjP8puw1DNBRoxBwsbAx
7212xP8DhZZgfj6F+e3+qZOaK4r0zahhQ+TayizyLEKRSXk8ZOFBWjyChPk0plaZ
yr7xgIUb0TUDyUOadlrL6hST1v4Fy6kpayhsp3y9LJCwtYS7+J76EfIrzkWkuqci
8fjom1L8WQ2w6MM4l5jxXMrJ1+GpdYDxFbwQKlKbU+p5QmA3+syiDGv9Wkuo3XqQ
yP2Xx1BfV9/We9jiQOwJFlNyHxz00SHRkERg+7v40hpL+OTtcHTlGxniA+pYv0YI
9LkMHyT0EP/d0ruAnN6bqBmasGQV5iw7eVigZs5KCcVsPluPb9H0x+29cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFieubQvLM+8XrljGLRpC2MfEnqiMB8GA1UdIwQY
MBaAFKWcqipzaAaYssnhpslkGnTzznboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYt
YWU5MWFiMzQyYmUxLzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9kZDY3MmYtNTMzNi00ZjM1LWIzZWYtYWU5MWFiMzQyYmUx
LzEvcFp5cUtuTm9CcGl5eWVHbXlXUWFkUFBPZHVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFzYMay4O
YkHoIYd+l3wGVtnF6VfaN6NjcPPzIIQbdYboW9GEES861VWHW1EJ1bBm9JX25j2e
lm9U8KQzxpXMk4CnMRWZlBu90tutU9i7ngZy0Nh8iwEqQA2/LWlFXua03u3hKfKf
e4m0VrgJi/7OXwioZR+lq/il3m+JSiuc574xO2/rtK9vif501cgQEHydjhzlqsEr
AJuugl0f/wzSLBWHZw45iM6CklpOY7jgIaz9+rAxJwvf2LL3Ox8wZtRXJEDq/m26
e2mOZZyBx/a3OAEZdCQUzbuovGWqt3TIEUDG3zclkFrtsEEHZ2Q1Y1qki6FfTZKT
/JVisADBjSUFnw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 20:02:12 2026 by rpki-client