Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
File: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json)
Hash identifier: bP+KWxLkZYx8OCghJJ8gIZv4i5evynEcen7ORtdgAD4=
Subject key identifier: 05:18:FA:71:82:66:14:13:6D:94:D4:78:7A:5C:ED:F0:09:52:A1:80
Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
Certificate issuer: /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Certificate serial: 019D37C02394D37FDAE6543E63233E6FEB08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
Manifest number: 0412
Signing time: Sun 29 Mar 2026 04:00:32 +0000
Manifest this update: Sun 29 Mar 2026 04:00:32 +0000
Manifest next update: Mon 30 Mar 2026 04:00:32 +0000
Files and hashes: 1: NS4bJSf8JtisPPo4E4AUvgYiJkI.roa (hash: kNAqy7sfsX/DzrejY1IHLtdhRNkU/dXjQEKN71zDd5M=)
2: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: f0GfFyjQdumpl2a8DJ9wuEEUu1KmQoowjbxmthUqAzA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:c0:23:94:d3:7f:da:e6:54:3e:63:23:3e:6f:eb:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1
Validity
Not Before: Mar 29 04:00:32 2026 GMT
Not After : Mar 30 04:00:32 2026 GMT
Subject: CN=0518fa71826614136d94d4787a5cedf00952a180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:06:f7:1a:c1:a3:18:38:ca:c4:a7:fe:85:a8:
b3:93:8d:d0:be:b1:7f:89:1b:d8:a1:90:4e:2b:45:
76:cf:e1:b9:19:bc:ce:c9:4a:18:98:11:5e:23:67:
de:4c:3d:9e:c3:fd:9a:19:35:15:b6:09:03:72:04:
78:25:dc:a2:e1:b3:4e:20:26:5d:11:f7:5f:64:28:
07:00:52:2a:22:d3:e2:8c:08:04:56:43:5a:a2:36:
40:37:ec:bf:bd:17:57:e8:48:0b:43:7b:85:39:c7:
cb:7f:92:d5:e8:5f:3f:f3:48:36:90:cb:d7:66:68:
19:eb:83:20:a3:c5:91:95:8e:1f:e8:41:0f:fe:88:
46:33:fd:9d:4b:af:29:52:da:20:1f:ba:08:98:86:
b9:b4:cc:41:18:86:f9:2a:c0:66:52:5a:19:98:13:
7d:ef:cb:6f:59:ac:75:a1:33:01:ef:d9:76:54:88:
e3:f1:b4:8f:d1:3c:e3:2a:3c:fe:31:d3:d8:df:cd:
d0:67:41:19:3c:f4:16:db:c7:64:a1:02:95:1b:1b:
ad:e1:ea:cd:7f:05:fc:20:5c:a3:ec:87:a3:82:54:
b5:81:bc:16:bf:15:3e:f6:2f:c3:bf:4f:c0:cf:3d:
27:9c:db:ab:c0:cc:c7:69:66:c1:84:3d:a9:5f:9c:
2c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:18:FA:71:82:66:14:13:6D:94:D4:78:7A:5C:ED:F0:09:52:A1:80
X509v3 Authority Key Identifier:
keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:71:11:16:fe:89:51:08:07:e8:f2:72:e9:11:a6:86:2c:77:
84:66:73:3c:5b:60:91:cf:34:a6:6a:9c:2d:17:10:c4:d2:60:
bd:9e:1b:e5:5a:51:c5:fe:a1:49:83:de:29:50:86:e2:c9:1d:
4f:b6:0d:81:ef:37:c3:a3:a8:a6:29:23:80:9a:c4:7b:fe:a4:
0b:cc:17:7f:5c:28:0e:82:e4:7a:9e:79:86:82:c7:8c:78:8b:
31:3d:a9:c8:72:c8:78:09:83:28:89:d4:2f:23:0e:02:e4:cd:
6c:28:a7:f1:43:0b:51:e1:fc:51:d0:28:ab:9f:dd:0e:03:e9:
3c:f5:0d:fb:1c:6c:eb:e8:0a:82:12:0c:20:dd:c6:73:b1:7e:
46:3d:7e:3a:6e:42:07:91:ef:b7:2d:63:90:dd:17:97:fa:e4:
96:2c:45:16:f5:34:16:b0:cf:d1:df:f8:4b:db:09:87:66:ec:
fd:31:40:cf:2b:12:c2:26:99:b6:f2:f2:bd:f0:88:10:e2:53:
94:f9:86:28:e0:4d:f9:13:b1:dd:74:41:31:35:8b:c6:4a:c9:
c1:6f:d0:9a:db:d3:8a:60:3e:d0:61:51:55:ab:5d:2c:84:78:
73:37:8d:c1:6b:f0:57:a3:24:62:c0:37:78:53:27:53:38:d6:
81:19:c8:c9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03wCOU03/a5lQ+YyM+b+sIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw
ZmM2YTEwHhcNMjYwMzI5MDQwMDMyWhcNMjYwMzMwMDQwMDMyWjAzMTEwLwYDVQQD
EygwNTE4ZmE3MTgyNjYxNDEzNmQ5NGQ0Nzg3YTVjZWRmMDA5NTJhMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwb3GsGjGDjKxKf+haizk43QvrF/
iRvYoZBOK0V2z+G5GbzOyUoYmBFeI2feTD2ew/2aGTUVtgkDcgR4Jdyi4bNOICZd
EfdfZCgHAFIqItPijAgEVkNaojZAN+y/vRdX6EgLQ3uFOcfLf5LV6F8/80g2kMvX
ZmgZ64Mgo8WRlY4f6EEP/ohGM/2dS68pUtogH7oImIa5tMxBGIb5KsBmUloZmBN9
78tvWax1oTMB79l2VIjj8bSP0TzjKjz+MdPY383QZ0EZPPQW28dkoQKVGxut4erN
fwX8IFyj7IejglS1gbwWvxU+9i/Dv0/Azz0nnNurwMzHaWbBhD2pX5wsLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUY+nGCZhQTbZTUeHpc7fAJUqGAMB8GA1UdIwQY
MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt
ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx
LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZHERFv6J
UQgH6PJy6RGmhix3hGZzPFtgkc80pmqcLRcQxNJgvZ4b5VpRxf6hSYPeKVCG4skd
T7YNge83w6OopikjgJrEe/6kC8wXf1woDoLkep55hoLHjHiLMT2pyHLIeAmDKInU
LyMOAuTNbCin8UMLUeH8UdAoq5/dDgPpPPUN+xxs6+gKghIMIN3Gc7F+Rj1+Om5C
B5Hvty1jkN0Xl/rklixFFvU0FrDP0d/4S9sJh2bs/TFAzysSwiaZtvLyvfCIEOJT
lPmGKOBN+ROx3XRBMTWLxkrJwW/QmtvTimA+0GFRVatdLIR4czeNwWvwV6MkYsA3
eFMnUzjWgRnIyQ==
-----END CERTIFICATE-----
Generated at Sun Mar 29 14:08:35 2026 by rpki-client