Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
File: zCdbIX3x3piMohkqg64R3fQjpE8.mft (raw, json)
Hash identifier: HFDnPEOsYGaFv8CTpQmZcEQKghgim4I7Ow738FSz450=
Subject key identifier: 67:69:10:D6:B6:FD:75:C8:8D:6E:62:3D:18:7A:FD:A6:97:D3:F6:9E
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 019D3A544BC819BD5E61BC0161B4E58EB5CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
Manifest number: 0D48
Signing time: Sun 29 Mar 2026 16:01:36 +0000
Manifest this update: Sun 29 Mar 2026 16:01:36 +0000
Manifest next update: Mon 30 Mar 2026 16:01:36 +0000
Files and hashes: 1: GmtyRSwv03uFUm7JE5DndaUS8N0.roa (hash: zwVMLkSXFGqtFNoiz9XRyBWDIur2kpQPUKFiNSBy9R0=)
2: zCdbIX3x3piMohkqg64R3fQjpE8.crl (hash: f0zCiRpG4MlJOupYWge63inJqoln/igPwgStLtw/F0Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:54:4b:c8:19:bd:5e:61:bc:01:61:b4:e5:8e:b5:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Mar 29 16:01:36 2026 GMT
Not After : Mar 30 16:01:36 2026 GMT
Subject: CN=676910d6b6fd75c88d6e623d187afda697d3f69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:12:c9:80:a0:c3:fd:53:b3:48:82:b4:8d:
92:17:6e:13:44:d0:3d:fe:75:6e:17:25:2e:29:24:
15:e2:08:0d:90:a6:7c:70:27:eb:00:e9:f3:44:db:
86:ee:30:53:7a:fe:60:b7:42:fb:e6:9e:72:0d:87:
57:6c:3b:72:62:cd:fa:20:bd:b9:b1:e9:7f:5a:cd:
c8:0c:77:f2:55:bb:75:6c:32:c5:f8:2d:29:48:3f:
05:6d:f7:dd:e3:b8:c9:c7:15:9c:3b:d8:cc:70:11:
d7:f6:28:cc:ae:c0:7f:f4:f2:be:f8:f3:26:a4:b3:
7d:81:26:71:fd:d9:1b:b8:a8:5e:34:cf:56:83:25:
82:9d:32:2d:57:0e:37:45:5f:40:10:ac:c6:11:5f:
77:fa:0d:bb:04:d9:9e:0c:ed:fe:96:8e:05:36:84:
94:7d:fa:db:fd:95:12:44:47:1d:41:66:64:5b:88:
ad:3c:85:73:7b:6b:51:27:46:63:04:22:c0:46:88:
59:d0:43:02:9d:3f:00:49:50:6e:80:ef:ec:ac:2b:
50:df:3d:a3:95:a0:fb:4c:cf:67:64:0b:0a:a0:c0:
ba:62:55:94:fe:e8:a7:ee:c9:98:29:bd:fb:87:a6:
5f:a4:96:d9:ad:f5:e9:ae:58:d3:80:e1:8d:cb:af:
4d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:69:10:D6:B6:FD:75:C8:8D:6E:62:3D:18:7A:FD:A6:97:D3:F6:9E
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4c:20:b0:17:7f:e9:23:8f:24:e9:22:e1:ed:0d:53:5f:e1:7b:
60:fc:40:15:5c:b8:09:4f:e0:fc:e7:49:d4:b1:1c:52:6d:d6:
70:98:ce:60:83:ff:23:ca:6b:7b:34:bd:bd:b0:4f:ca:2c:6f:
fc:a9:84:74:e2:0b:92:b9:34:bf:80:c1:e9:e3:4b:a7:b2:a4:
84:8c:17:4a:40:da:1b:84:f8:82:7e:a3:f8:c0:86:d4:af:e4:
b5:1d:51:fa:b2:e4:7a:b1:c2:92:e2:bf:16:20:1b:73:fd:57:
52:4e:f4:cb:ce:32:9a:4e:f0:48:a7:16:7a:e3:55:49:4f:de:
ea:67:40:11:0d:8c:27:11:b4:78:e8:54:d7:05:de:87:72:21:
9e:d5:b7:bf:ba:63:50:0a:4a:8c:cb:13:33:9b:4b:ef:66:8e:
9a:38:22:c1:a7:6b:b8:96:82:c7:28:76:8f:e3:1b:3b:c5:9d:
0c:68:4c:cb:be:7d:9d:89:9c:1d:9e:23:41:30:e7:1f:86:b1:
04:2c:4b:68:09:b2:18:f6:00:3a:6d:cd:32:93:63:c1:87:1c:
33:e8:d0:39:ec:3a:0c:ea:af:67:2f:55:42:1c:91:45:b1:e0:
d5:5d:13:b2:40:f7:1f:ae:bc:51:26:64:c4:5c:82:8c:44:00:
70:ed:1c:4b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06VEvIGb1eYbwBYbTljrXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjYwMzI5MTYwMTM2WhcNMjYwMzMwMTYwMTM2WjAzMTEwLwYDVQQD
Eyg2NzY5MTBkNmI2ZmQ3NWM4OGQ2ZTYyM2QxODdhZmRhNjk3ZDNmNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwcSyYCgw/1Ts0iCtI2SF24TRNA9
/nVuFyUuKSQV4ggNkKZ8cCfrAOnzRNuG7jBTev5gt0L75p5yDYdXbDtyYs36IL25
sel/Ws3IDHfyVbt1bDLF+C0pSD8Fbffd47jJxxWcO9jMcBHX9ijMrsB/9PK++PMm
pLN9gSZx/dkbuKheNM9WgyWCnTItVw43RV9AEKzGEV93+g27BNmeDO3+lo4FNoSU
ffrb/ZUSREcdQWZkW4itPIVze2tRJ0ZjBCLARohZ0EMCnT8ASVBugO/srCtQ3z2j
laD7TM9nZAsKoMC6YlWU/uin7smYKb37h6ZfpJbZrfXprljTgOGNy69N/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGdpENa2/XXIjW5iPRh6/aaX0/aeMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATCCwF3/p
I48k6SLh7Q1TX+F7YPxAFVy4CU/g/OdJ1LEcUm3WcJjOYIP/I8prezS9vbBPyixv
/KmEdOILkrk0v4DB6eNLp7KkhIwXSkDaG4T4gn6j+MCG1K/ktR1R+rLkerHCkuK/
FiAbc/1XUk70y84ymk7wSKcWeuNVSU/e6mdAEQ2MJxG0eOhU1wXeh3IhntW3v7pj
UApKjMsTM5tL72aOmjgiwadruJaCxyh2j+MbO8WdDGhMy759nYmcHZ4jQTDnH4ax
BCxLaAmyGPYAOm3NMpNjwYccM+jQOew6DOqvZy9VQhyRRbHg1V0TskD3H668USZk
xFyCjEQAcO0cSw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:23:17 2026 by rpki-client