Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json)
Hash identifier: 7t81n4LqqAU6O4YLIpO+EwsL5K5WzIVZuS8Af7u4yG4=
Subject key identifier: F4:DC:FB:EC:BB:95:FC:A4:E0:97:3A:0C:07:B0:02:A6:A0:5D:42:8D
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 019D389BE4575246B059A36C487C1CB310A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
Manifest number: 0C28
Signing time: Sun 29 Mar 2026 08:00:33 +0000
Manifest this update: Sun 29 Mar 2026 08:00:33 +0000
Manifest next update: Mon 30 Mar 2026 08:00:33 +0000
Files and hashes: 1: Q3WmyVx2hL_ulJlmWV4wBuMv3sY.roa (hash: qNBXvE4FodOwmoHeT/8KvY1e+YtkkhFfaz/pGiYECDk=)
2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: x3l7FZiXrzRC9qk7KYrpLMLzoToLz5C5R6hzFwJZXjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 07:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:38:9b:e4:57:52:46:b0:59:a3:6c:48:7c:1c:b3:10:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: Mar 29 08:00:33 2026 GMT
Not After : Mar 30 08:00:33 2026 GMT
Subject: CN=f4dcfbecbb95fca4e0973a0c07b002a6a05d428d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a7:81:f0:be:8a:50:3c:ea:81:07:71:47:12:
d4:4c:24:91:be:88:bd:3f:82:a5:18:d3:d4:82:f9:
27:9f:17:ef:1d:0b:a2:a6:35:44:5d:8b:f9:82:ba:
74:56:64:08:60:10:ce:76:0e:0b:80:7b:5b:8c:20:
42:85:f2:1b:fd:0b:a8:e7:3f:47:39:5c:5f:bc:8f:
08:f7:36:5a:a6:f4:ef:a5:88:2b:44:e5:08:32:6e:
8e:e7:22:93:fb:76:a2:4e:7a:a2:ab:c4:38:42:11:
7b:b6:e5:a8:da:55:49:75:51:e2:b1:10:88:6a:c6:
88:7d:a7:20:d5:e4:4a:61:b9:05:de:0b:41:c1:79:
62:c6:ed:e6:cc:1d:6d:e3:b2:bf:2a:ec:a7:92:ca:
0b:f5:67:0e:14:8d:c5:9e:7f:b8:06:42:96:c8:68:
73:0c:21:b2:62:02:df:4a:f6:b6:6e:4b:f8:89:5d:
86:10:4d:18:7b:11:ca:a7:4c:14:51:73:5e:d3:91:
a8:d7:c9:a8:43:82:b8:9e:97:8e:35:75:52:73:dd:
28:87:1f:9f:54:97:1f:95:ee:f2:4d:01:1c:03:4d:
2c:f6:68:6e:81:ae:8b:17:64:63:86:12:ec:d1:3f:
2a:4c:2f:e2:e6:43:14:90:94:3a:d8:16:e9:26:f5:
9f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:DC:FB:EC:BB:95:FC:A4:E0:97:3A:0C:07:B0:02:A6:A0:5D:42:8D
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:fb:c3:1f:5a:54:cb:aa:b7:a4:f4:6e:0d:37:55:56:77:3a:
b9:61:2f:53:5e:e9:b1:07:5e:27:34:32:8b:c2:0d:c7:af:35:
d3:a6:48:0c:d7:3c:92:87:67:78:5f:68:26:e1:2a:6e:f4:1f:
da:01:7a:51:e7:92:3f:66:15:c9:3b:4a:05:4f:01:7f:ba:00:
13:cb:e2:11:ba:81:e3:b3:ee:cc:d7:cf:12:e6:8c:42:6a:57:
b2:76:42:a6:aa:80:46:1f:2f:b3:be:13:b1:c7:ff:f5:64:3e:
93:35:8c:76:f2:9f:87:27:fb:b5:78:ba:5a:92:dc:2a:89:66:
e4:e2:94:92:56:92:10:26:01:c3:fd:f5:58:0d:97:50:a1:c0:
b4:37:f8:c7:99:89:d6:5f:6b:59:10:14:6c:de:23:36:42:70:
f3:fb:73:d8:7e:f2:c7:69:c4:1b:c0:a6:0c:34:25:44:6d:88:
0f:b9:c2:8c:3e:95:23:36:47:79:3e:fb:ce:05:18:cc:87:62:
f8:c8:c8:07:5a:ac:8f:f1:97:5e:e1:15:54:2c:ea:5f:64:60:
c1:9c:c1:8d:54:05:db:20:45:30:43:f5:44:4d:ec:a7:6a:91:
98:5a:26:95:cb:8b:d5:a3:c2:96:17:9a:9d:f4:26:1e:12:c5:
eb:95:fb:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ04m+RXUkawWaNsSHwcsxClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjYwMzI5MDgwMDMzWhcNMjYwMzMwMDgwMDMzWjAzMTEwLwYDVQQD
EyhmNGRjZmJlY2JiOTVmY2E0ZTA5NzNhMGMwN2IwMDJhNmEwNWQ0MjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKeB8L6KUDzqgQdxRxLUTCSRvoi9
P4KlGNPUgvknnxfvHQuipjVEXYv5grp0VmQIYBDOdg4LgHtbjCBChfIb/Quo5z9H
OVxfvI8I9zZapvTvpYgrROUIMm6O5yKT+3aiTnqiq8Q4QhF7tuWo2lVJdVHisRCI
asaIfacg1eRKYbkF3gtBwXlixu3mzB1t47K/KuynksoL9WcOFI3Fnn+4BkKWyGhz
DCGyYgLfSva2bkv4iV2GEE0YexHKp0wUUXNe05Go18moQ4K4npeONXVSc90ohx+f
VJcfle7yTQEcA00s9mhuga6LF2RjhhLs0T8qTC/i5kMUkJQ62BbpJvWf4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPTc++y7lfyk4Jc6DAewAqagXUKNMB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL/vDH1pU
y6q3pPRuDTdVVnc6uWEvU17psQdeJzQyi8INx68106ZIDNc8kodneF9oJuEqbvQf
2gF6UeeSP2YVyTtKBU8Bf7oAE8viEbqB47PuzNfPEuaMQmpXsnZCpqqARh8vs74T
scf/9WQ+kzWMdvKfhyf7tXi6WpLcKolm5OKUklaSECYBw/31WA2XUKHAtDf4x5mJ
1l9rWRAUbN4jNkJw8/tz2H7yx2nEG8CmDDQlRG2ID7nCjD6VIzZHeT77zgUYzIdi
+MjIB1qsj/GXXuEVVCzqX2RgwZzBjVQF2yBFMEP1RE3sp2qRmFomlcuL1aPClhea
nfQmHhLF65X7ZQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 13:42:17 2026 by rpki-client