Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: /F0F617n+xrSBEusqlZSOkwtXjocRuzxxTECm3vXeYA=
Subject key identifier: D2:2C:C7:59:80:85:A7:46:4E:87:49:EB:C5:61:81:ED:98:39:89:95
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 019D3977686574FCE1969FEBBE526C23030B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1891
Signing time: Sun 29 Mar 2026 12:00:19 +0000
Manifest this update: Sun 29 Mar 2026 12:00:19 +0000
Manifest next update: Mon 30 Mar 2026 12:00:19 +0000
Files and hashes: 1: 2WuQdzmfTzUsr5yT6_ElWI37EFQ.roa (hash: UEPfvyzT8876g2v5SGvEl+4/qaMtSPjm6N+hA2QZZSY=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: Hd/BwZM6cNk+BbFg4Cqe1DczNKOe2rGA4VlZn90oqYg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 08:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:39:77:68:65:74:fc:e1:96:9f:eb:be:52:6c:23:03:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Mar 29 12:00:19 2026 GMT
Not After : Mar 30 12:00:19 2026 GMT
Subject: CN=d22cc7598085a7464e8749ebc56181ed98398995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:70:bd:b6:8e:ae:b6:e5:88:86:b5:9d:89:
90:b8:20:dd:28:38:46:a7:65:02:98:39:aa:0a:e0:
4e:e7:ea:7d:47:23:9f:09:2b:03:ef:f4:22:06:a1:
c2:93:f0:65:2e:c6:89:b6:56:f0:ab:ae:91:bb:22:
e7:c7:15:cb:e5:8a:31:fe:56:ca:97:d1:57:8b:ee:
4a:d7:d4:9b:3e:4b:49:55:58:1b:b4:7d:1f:57:cc:
28:78:f4:35:81:d1:1e:71:47:7e:54:f5:bf:cf:5c:
c9:c9:9a:f0:e3:63:18:37:61:e8:73:d0:40:8a:24:
f6:c5:08:8b:b2:dc:e1:20:31:b0:b6:56:e6:7f:86:
90:32:51:21:01:53:f7:f4:06:56:12:f5:ec:22:cf:
6e:9f:d5:b4:92:ca:45:df:44:c4:62:7a:1a:a4:f0:
47:56:64:0a:5f:be:f7:18:57:95:31:ff:f6:97:bc:
71:0f:bf:f4:b6:b7:00:34:bb:a3:10:65:3b:52:96:
ac:36:e4:d2:5a:9e:67:0d:cb:69:6c:cb:df:23:9e:
27:b5:f6:cc:e8:80:53:93:b8:ef:5a:ae:04:f4:59:
e9:06:45:0c:df:1d:fb:43:30:4d:c5:6b:1f:d2:76:
17:8a:86:f5:87:df:7d:0a:17:df:22:0d:de:0b:a2:
34:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:2C:C7:59:80:85:A7:46:4E:87:49:EB:C5:61:81:ED:98:39:89:95
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:9d:6c:9c:81:32:a9:58:4f:00:5e:4e:a0:30:74:3a:96:2b:
7f:70:06:46:2b:c8:4c:e2:2c:70:8e:de:fb:f8:08:f9:5b:d6:
11:18:80:56:02:0c:f0:49:95:3a:0e:ea:67:94:b6:8f:68:b3:
3a:b1:fe:31:c6:5b:ac:c2:06:77:f7:54:23:8f:9a:6d:fc:4e:
5e:81:e6:01:6e:6c:b3:1d:e9:6e:ae:d9:43:19:62:cc:ab:07:
fe:c4:6e:c6:0e:d2:75:6b:43:71:a5:d6:ac:19:ba:10:90:7b:
83:5b:19:93:08:ee:05:74:01:09:10:41:9f:c5:c8:99:26:3b:
bb:51:8f:9a:1f:64:43:93:15:09:7c:b3:e1:18:64:80:48:c5:
dc:b9:cd:06:0a:bb:c6:f8:ec:1e:b2:ee:4a:38:f7:1e:61:fe:
de:d4:c2:f8:f9:f1:67:a0:4e:e0:2e:8a:75:05:82:db:fe:a2:
f6:08:97:7e:77:9a:2b:c1:c4:97:83:0f:54:e6:05:50:45:da:
9e:c1:41:20:c2:10:0b:36:eb:2e:3d:13:e5:d3:55:ba:80:97:
b7:93:eb:f4:36:ea:e2:be:48:be:1f:bd:77:40:85:42:ee:d4:
1a:c2:35:21:8a:d8:76:90:44:13:17:cb:ea:4b:f4:77:35:4b:
f7:f7:35:f8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ05d2hldPzhlp/rvlJsIwMLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjYwMzI5MTIwMDE5WhcNMjYwMzMwMTIwMDE5WjAzMTEwLwYDVQQD
EyhkMjJjYzc1OTgwODVhNzQ2NGU4NzQ5ZWJjNTYxODFlZDk4Mzk4OTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzNwvbaOrrbliIa1nYmQuCDdKDhG
p2UCmDmqCuBO5+p9RyOfCSsD7/QiBqHCk/BlLsaJtlbwq66RuyLnxxXL5Yox/lbK
l9FXi+5K19SbPktJVVgbtH0fV8woePQ1gdEecUd+VPW/z1zJyZrw42MYN2Hoc9BA
iiT2xQiLstzhIDGwtlbmf4aQMlEhAVP39AZWEvXsIs9un9W0kspF30TEYnoapPBH
VmQKX773GFeVMf/2l7xxD7/0trcANLujEGU7UpasNuTSWp5nDctpbMvfI54ntfbM
6IBTk7jvWq4E9FnpBkUM3x37QzBNxWsf0nYXiob1h999ChffIg3eC6I00QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIsx1mAhadGTodJ68Vhge2YOYmVMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFZ1snIEy
qVhPAF5OoDB0OpYrf3AGRivITOIscI7e+/gI+VvWERiAVgIM8EmVOg7qZ5S2j2iz
OrH+McZbrMIGd/dUI4+abfxOXoHmAW5ssx3pbq7ZQxlizKsH/sRuxg7SdWtDcaXW
rBm6EJB7g1sZkwjuBXQBCRBBn8XImSY7u1GPmh9kQ5MVCXyz4RhkgEjF3LnNBgq7
xvjsHrLuSjj3HmH+3tTC+PnxZ6BO4C6KdQWC2/6i9giXfneaK8HEl4MPVOYFUEXa
nsFBIMIQCzbrLj0T5dNVuoCXt5Pr9Dbq4r5Ivh+9d0CFQu7UGsI1IYrYdpBEExfL
6kv0dzVL9/c1+A==
-----END CERTIFICATE-----
Generated at Sun Mar 29 18:39:13 2026 by rpki-client