Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/b30c04-eefa-4531-90d0-0144fd77ebe4/1/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.mft
File: Z7qXndCNvgPBdIoCL6ZlTTYRlA8.mft (raw, json)
Hash identifier: adpDI8FrbB2sQ0LjPsii54AcrxEbYB3amfb/FylRxtM=
Subject key identifier: 02:F3:8F:5E:93:48:48:A0:2C:80:03:60:31:32:50:3D:FD:8C:7C:33
Authority key identifier: 67:BA:97:9D:D0:8D:BE:03:C1:74:8A:02:2F:A6:65:4D:36:11:94:0F
Certificate issuer: /CN=67ba979dd08dbe03c1748a022fa6654d3611940f
Certificate serial: 019D397769E221809195607A7DEA9CB192ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/b30c04-eefa-4531-90d0-0144fd77ebe4/1/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.mft
Manifest number: 25
Signing time: Sun 29 Mar 2026 12:00:20 +0000
Manifest this update: Sun 29 Mar 2026 12:00:20 +0000
Manifest next update: Mon 30 Mar 2026 12:00:20 +0000
Files and hashes: 1: CuP-Ha4tOWBJT0pI4E4cOyq4rrs.roa (hash: PnhyGfN8Xq/cQidLwJYXET+Yc1KaRnRUtuvyvf2jYVs=)
2: Z7qXndCNvgPBdIoCL6ZlTTYRlA8.crl (hash: 8fVt438H5K62yJxbOOvPknrNFWmkA0aHpkuk3RlFiR4=)
3: Z_qYOE4e2l4gEvD0IWAegIDMPig.asa (hash: eWA5Ad2XFQpR/DOWcwIfkGbSUhBVracuKwSeTKFgw50=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/b30c04-eefa-4531-90d0-0144fd77ebe4/1/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/b30c04-eefa-4531-90d0-0144fd77ebe4/1/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 12:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:69:e2:21:80:91:95:60:7a:7d:ea:9c:b1:92:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67ba979dd08dbe03c1748a022fa6654d3611940f
Validity
Not Before: Mar 29 12:00:20 2026 GMT
Not After : Mar 30 12:00:20 2026 GMT
Subject: CN=02f38f5e934848a02c8003603132503dfd8c7c33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:af:4f:df:6b:bb:3d:9e:09:9e:0e:1d:4a:16:
0e:d7:d7:cd:15:b0:f9:37:5c:bd:5d:28:f3:e0:45:
bc:71:ed:ae:32:7f:72:29:9f:1b:97:ee:42:7b:44:
17:18:21:6b:be:87:47:62:e6:d5:d8:65:0d:9a:3f:
d5:bf:8a:d9:37:b3:dd:15:70:95:25:94:5d:0b:77:
dc:54:67:57:be:bb:31:40:28:5b:c4:70:37:9d:24:
9b:8b:51:71:ae:f0:41:ee:da:a9:1b:1a:7a:51:58:
bf:fd:aa:11:4a:5f:87:8b:1e:81:8d:54:d6:94:e9:
aa:1c:e0:12:90:b2:9e:f8:0b:94:98:f7:fc:59:b1:
49:a8:c3:bf:30:6e:b4:07:a7:b6:ca:32:a2:4c:19:
b0:74:96:0c:bb:95:c3:d1:46:ee:e3:8e:31:14:6c:
60:43:cd:a1:c8:49:92:e8:c4:1a:a2:42:e2:26:5e:
83:63:ef:b4:da:e0:ad:9c:6e:82:b0:80:58:9a:f5:
06:22:b9:a1:86:3d:9f:bc:29:a7:79:46:4a:2a:e1:
98:ea:dd:90:93:91:77:8e:84:6d:7e:ca:2e:dd:cf:
78:b4:ae:71:7b:60:b7:ce:f0:dd:f3:53:e8:ba:38:
e1:e3:c0:c1:24:21:19:f5:c0:96:25:57:4a:bf:6d:
75:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:F3:8F:5E:93:48:48:A0:2C:80:03:60:31:32:50:3D:FD:8C:7C:33
X509v3 Authority Key Identifier:
keyid:67:BA:97:9D:D0:8D:BE:03:C1:74:8A:02:2F:A6:65:4D:36:11:94:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b30c04-eefa-4531-90d0-0144fd77ebe4/1/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/b30c04-eefa-4531-90d0-0144fd77ebe4/1/Z7qXndCNvgPBdIoCL6ZlTTYRlA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:68:2d:dd:c3:69:1d:44:3f:26:01:5c:f8:d7:72:3b:6b:66:
68:4d:44:07:df:fe:03:ef:91:46:02:2d:0b:3e:39:26:19:67:
89:a5:15:d2:51:84:71:ac:c2:5b:e3:58:32:b0:44:ce:06:f0:
9c:6a:b3:eb:60:9b:3c:96:94:b2:b3:6a:cb:f8:c9:20:3a:50:
35:70:9d:d2:c1:81:11:77:d3:ad:bb:f6:38:45:81:0a:28:68:
e7:67:44:eb:cd:1b:90:50:25:46:51:e9:e1:e8:3a:59:e0:37:
d0:13:21:79:9a:5f:78:5f:27:05:af:5c:55:b9:6a:a0:92:77:
04:13:13:a7:77:47:8c:f2:9d:bc:60:a3:44:20:10:cb:fb:dc:
8c:ab:53:ae:10:d0:76:6b:74:3d:f9:95:41:a3:69:f5:73:40:
28:2b:a4:f8:dc:14:fd:1e:20:da:03:03:d9:3d:41:83:96:65:
bd:4a:11:7a:08:a0:9c:91:e8:fa:3b:45:f8:84:fb:51:b4:50:
cb:b6:3a:49:ce:61:5d:0b:55:0e:20:75:f2:9a:b3:93:3e:c0:
00:59:fb:73:54:42:29:1f:27:52:b9:fb:09:ed:d9:e5:0d:d3:
1e:e5:4b:ab:ef:20:a8:9f:64:de:a6:71:60:a8:ab:c7:0b:2b:
3f:e8:10:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d2niIYCRlWB6feqcsZLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YmE5NzlkZDA4ZGJlMDNjMTc0OGEwMjJmYTY2NTRkMzYx
MTk0MGYwHhcNMjYwMzI5MTIwMDIwWhcNMjYwMzMwMTIwMDIwWjAzMTEwLwYDVQQD
EygwMmYzOGY1ZTkzNDg0OGEwMmM4MDAzNjAzMTMyNTAzZGZkOGM3YzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq9P32u7PZ4Jng4dShYO19fNFbD5
N1y9XSjz4EW8ce2uMn9yKZ8bl+5Ce0QXGCFrvodHYubV2GUNmj/Vv4rZN7PdFXCV
JZRdC3fcVGdXvrsxQChbxHA3nSSbi1FxrvBB7tqpGxp6UVi//aoRSl+Hix6BjVTW
lOmqHOASkLKe+AuUmPf8WbFJqMO/MG60B6e2yjKiTBmwdJYMu5XD0Ubu444xFGxg
Q82hyEmS6MQaokLiJl6DY++02uCtnG6CsIBYmvUGIrmhhj2fvCmneUZKKuGY6t2Q
k5F3joRtfsou3c94tK5xe2C3zvDd81Poujjh48DBJCEZ9cCWJVdKv211ZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFALzj16TSEigLIADYDEyUD39jHwzMB8GA1UdIwQY
MBaAFGe6l53Qjb4DwXSKAi+mZU02EZQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdxWG5kQ052Z1BCZElvQ0w2WmxUVFlSbEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9iMzBjMDQtZWVmYS00NTMxLTkwZDAt
MDE0NGZkNzdlYmU0LzEvWjdxWG5kQ052Z1BCZElvQ0w2WmxUVFlSbEE4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9iMzBjMDQtZWVmYS00NTMxLTkwZDAtMDE0NGZkNzdlYmU0
LzEvWjdxWG5kQ052Z1BCZElvQ0w2WmxUVFlSbEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbGgt3cNp
HUQ/JgFc+NdyO2tmaE1EB9/+A++RRgItCz45JhlniaUV0lGEcazCW+NYMrBEzgbw
nGqz62CbPJaUsrNqy/jJIDpQNXCd0sGBEXfTrbv2OEWBCiho52dE680bkFAlRlHp
4eg6WeA30BMheZpfeF8nBa9cVblqoJJ3BBMTp3dHjPKdvGCjRCAQy/vcjKtTrhDQ
dmt0PfmVQaNp9XNAKCuk+NwU/R4g2gMD2T1Bg5ZlvUoRegignJHo+jtF+IT7UbRQ
y7Y6Sc5hXQtVDiB18pqzkz7AAFn7c1RCKR8nUrn7Ce3Z5Q3THuVLq+8gqJ9k3qZx
YKirxwsrP+gQEA==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:11:44 2026 by rpki-client