Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft
File: zsY7h6iuwJPb5H3MqShg6oQSKOA.mft (raw, json)
Hash identifier: Z6S7YYgUGtqpQHqaeJYJZjVPF6yXlIpMvLxXas5LGsw=
Subject key identifier: B6:84:36:ED:73:C7:49:81:EA:66:64:9A:83:24:D2:9F:CC:AE:4B:0E
Authority key identifier: CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
Certificate issuer: /CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Certificate serial: 019D3AC10F338CAAB5D5D39ACCD7C1454F45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft
Manifest number: 0D99
Signing time: Sun 29 Mar 2026 18:00:24 +0000
Manifest this update: Sun 29 Mar 2026 18:00:24 +0000
Manifest next update: Mon 30 Mar 2026 18:00:24 +0000
Files and hashes: 1: hl2ItpSJbgNc8RoWoL4bCpNDXxw.roa (hash: ThfYHLL+zFBLeQn7rt4aKrE2rh3ZM5jimecJ6acAoR4=)
2: zsY7h6iuwJPb5H3MqShg6oQSKOA.crl (hash: 8XY+VyEqLFlN47C6gPx+zmjs7VPP2OYpF5lXzskmT7o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 16:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3a:c1:0f:33:8c:aa:b5:d5:d3:9a:cc:d7:c1:45:4f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec63b87a8aec093dbe47dcca92860ea841228e0
Validity
Not Before: Mar 29 18:00:24 2026 GMT
Not After : Mar 30 18:00:24 2026 GMT
Subject: CN=b68436ed73c74981ea66649a8324d29fccae4b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:97:90:a6:8c:89:5b:57:16:83:b5:ba:f3:fe:
77:7a:73:13:95:e4:ad:d7:15:8c:17:f2:07:85:e3:
bc:8b:37:fd:f2:2b:1d:6d:54:a4:fd:5d:ec:f9:e0:
4b:6e:fc:fc:e3:c7:8b:06:51:91:d4:bd:ce:f2:c1:
35:c7:21:33:90:5c:4b:ab:a4:01:a1:4f:57:fc:ef:
7d:b0:e1:0a:bc:29:d0:b8:32:ad:1a:a8:c9:26:b0:
f2:33:e7:94:e7:fc:25:42:24:da:97:25:f7:90:83:
d0:ec:de:73:07:17:31:87:95:51:b2:1c:bc:49:5c:
96:51:1a:f5:23:f6:76:25:67:25:62:d9:7b:14:48:
b4:6b:05:bb:0a:74:21:b4:1c:f3:cb:c8:6b:05:2b:
fc:42:2d:66:ec:20:13:41:91:3a:c1:e5:9b:b6:c6:
e0:94:82:8c:52:bf:78:e5:f8:40:cc:8f:1c:0f:df:
77:24:36:8d:c3:40:dd:a7:af:46:81:ff:db:eb:56:
20:72:68:99:ec:3b:5f:e1:19:ed:70:3b:b3:24:08:
8d:eb:a3:b6:db:f5:ce:78:9c:95:45:15:1a:e5:b5:
6b:74:98:db:c0:e5:69:0a:ca:35:d5:ca:12:f8:2a:
4d:9b:9f:65:bf:dd:aa:44:8f:62:98:7e:ba:71:a6:
3f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:84:36:ED:73:C7:49:81:EA:66:64:9A:83:24:D2:9F:CC:AE:4B:0E
X509v3 Authority Key Identifier:
keyid:CE:C6:3B:87:A8:AE:C0:93:DB:E4:7D:CC:A9:28:60:EA:84:12:28:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsY7h6iuwJPb5H3MqShg6oQSKOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a82f43-502b-42fb-88eb-83bd66f4e6f6/1/zsY7h6iuwJPb5H3MqShg6oQSKOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:f5:71:1a:9f:47:de:72:85:f9:3e:22:d0:9c:11:e3:1f:90:
e3:67:e7:9f:65:8a:6b:7e:a7:8a:1a:f3:a9:e3:e3:92:a4:c2:
dd:da:a2:84:45:5a:b3:b0:f3:14:5b:e9:e7:92:f5:13:7e:22:
b2:59:af:ba:cb:a2:4a:83:d1:08:50:ed:e2:e3:45:ef:43:18:
fe:3a:73:dc:52:b8:70:7e:1a:80:06:e5:6a:0d:d8:c8:64:e5:
21:55:61:3e:d8:07:23:a6:b7:14:dd:d3:c0:f9:21:cf:50:b2:
74:08:c2:13:e3:2e:22:99:63:c5:93:87:cc:95:1d:16:cb:cc:
cd:bc:1f:d3:4b:89:ba:4e:0d:5d:94:c7:b5:16:46:e0:cc:01:
9d:ba:e6:e0:56:82:8a:21:48:44:0e:f8:08:c0:b1:8e:8d:55:
84:62:91:ac:3c:42:dd:94:5b:ed:6f:16:67:4e:59:f5:12:5f:
14:fb:b2:bb:63:43:dc:db:57:1d:2b:c2:8a:83:e4:2c:b5:7e:
8d:d4:16:0f:5c:41:c6:a6:5b:34:bf:f5:8e:64:16:e7:38:92:
67:fd:a4:38:a4:f6:95:62:26:72:19:55:9b:21:b5:92:ba:36:
db:e8:15:78:84:62:4a:9b:bf:76:b0:47:1b:12:fe:fc:5d:15:
76:b8:b4:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ06wQ8zjKq11dOazNfBRU9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYzYzYjg3YThhZWMwOTNkYmU0N2RjY2E5Mjg2MGVhODQx
MjI4ZTAwHhcNMjYwMzI5MTgwMDI0WhcNMjYwMzMwMTgwMDI0WjAzMTEwLwYDVQQD
EyhiNjg0MzZlZDczYzc0OTgxZWE2NjY0OWE4MzI0ZDI5ZmNjYWU0YjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5eQpoyJW1cWg7W68/53enMTleSt
1xWMF/IHheO8izf98isdbVSk/V3s+eBLbvz848eLBlGR1L3O8sE1xyEzkFxLq6QB
oU9X/O99sOEKvCnQuDKtGqjJJrDyM+eU5/wlQiTalyX3kIPQ7N5zBxcxh5VRshy8
SVyWURr1I/Z2JWclYtl7FEi0awW7CnQhtBzzy8hrBSv8Qi1m7CATQZE6weWbtsbg
lIKMUr945fhAzI8cD993JDaNw0Ddp69Ggf/b61YgcmiZ7Dtf4RntcDuzJAiN66O2
2/XOeJyVRRUa5bVrdJjbwOVpCso11coS+CpNm59lv92qRI9imH66caY/qwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLaENu1zx0mB6mZkmoMk0p/MrksOMB8GA1UdIwQY
MBaAFM7GO4eorsCT2+R9zKkoYOqEEijgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWIt
ODNiZDY2ZjRlNmY2LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hODJmNDMtNTAyYi00MmZiLTg4ZWItODNiZDY2ZjRlNmY2
LzEvenNZN2g2aXV3SlBiNUgzTXFTaGc2b1FTS09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJvVxGp9H
3nKF+T4i0JwR4x+Q42fnn2WKa36nihrzqePjkqTC3dqihEVas7DzFFvp55L1E34i
slmvusuiSoPRCFDt4uNF70MY/jpz3FK4cH4agAblag3YyGTlIVVhPtgHI6a3FN3T
wPkhz1CydAjCE+MuIpljxZOHzJUdFsvMzbwf00uJuk4NXZTHtRZG4MwBnbrm4FaC
iiFIRA74CMCxjo1VhGKRrDxC3ZRb7W8WZ05Z9RJfFPuyu2ND3NtXHSvCioPkLLV+
jdQWD1xBxqZbNL/1jmQW5ziSZ/2kOKT2lWImchlVmyG1kro22+gVeIRiSpu/drBH
GxL+/F0Vdri0Kw==
-----END CERTIFICATE-----
Generated at Sun Mar 29 19:53:49 2026 by rpki-client