Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
File: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft (raw, json)
Hash identifier: i/u/dczLpVbrA8BxFotQsfiN/2uuL/BXuv/Gm5Rq2sc=
Subject key identifier: 2B:5C:FC:15:F9:BD:46:A7:B3:AE:5E:01:16:12:D8:5F:BC:DC:A2:DC
Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c
Certificate serial: 019DB246BF50D2BA8728E00AB5A6E01DCD68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
Manifest number: 1501
Signing time: Tue 21 Apr 2026 23:01:13 +0000
Manifest this update: Tue 21 Apr 2026 23:01:13 +0000
Manifest next update: Wed 22 Apr 2026 23:01:13 +0000
Files and hashes: 1: EsvahZdQZVhluZsLSr98J_sMDK4.roa (hash: DNS5SQ17LOTRnwWYUw1eb+IWwNLBZu1qV/4r+8SuduY=)
2: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl (hash: X0AIVbCCgCXG3ifuialdUgPeUgwgwhLNtJmAMeWTcKA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 21:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b2:46:bf:50:d2:ba:87:28:e0:0a:b5:a6:e0:1d:cd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c
Validity
Not Before: Apr 21 23:01:13 2026 GMT
Not After : Apr 22 23:01:13 2026 GMT
Subject: CN=2b5cfc15f9bd46a7b3ae5e011612d85fbcdca2dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:8d:e2:24:1b:2d:96:93:59:80:1c:cd:fd:0c:
6f:5a:78:90:b7:4a:3a:4a:b3:11:5a:28:c2:76:d2:
6d:03:1e:29:c3:0c:b1:c0:aa:4d:2f:6c:06:47:87:
9a:7d:69:ce:ef:2d:b8:b1:55:fb:f4:0d:52:85:9d:
5a:f2:6f:bc:7e:80:0d:3e:e1:3b:a4:18:81:c9:2c:
03:63:f7:53:93:6e:84:b3:73:51:aa:a6:18:72:b6:
a9:ba:cd:c5:4e:76:85:d7:35:da:88:68:95:57:84:
50:41:f2:08:b9:1c:16:60:35:93:39:7f:55:28:e5:
47:57:26:f7:2c:be:a7:9b:fc:f2:6b:37:22:1f:24:
fe:bf:4f:4b:c4:5a:de:81:93:bb:42:1b:01:64:57:
c2:0b:89:89:64:49:a1:77:40:8f:15:75:3c:d8:aa:
8d:5e:9e:15:fa:01:ab:21:cf:12:49:ef:8e:cd:81:
09:d8:90:54:a7:c0:53:32:0c:1e:e7:63:ef:f6:86:
c8:56:3a:27:67:f6:ec:db:ad:d2:cc:d4:83:1b:b3:
d3:2c:c9:e4:14:48:32:e8:7d:76:1d:bd:ed:31:fc:
3f:94:fa:e0:7e:2f:93:4f:e7:bd:af:be:55:47:cc:
cf:22:c4:7a:26:4a:07:55:73:b1:10:f2:6a:9b:11:
f3:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:5C:FC:15:F9:BD:46:A7:B3:AE:5E:01:16:12:D8:5F:BC:DC:A2:DC
X509v3 Authority Key Identifier:
keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:53:e1:53:7e:35:b1:71:01:e5:2a:99:71:74:f7:b7:26:00:
39:2e:2b:b4:35:8a:08:f0:00:df:26:4c:09:c1:f3:75:38:be:
b5:d6:8d:bc:93:0f:d3:c7:b9:f5:47:f2:b6:76:9d:af:80:ee:
a4:0e:30:55:f2:ee:43:20:f8:d7:4b:de:67:54:d2:82:85:48:
7f:6d:27:af:c2:d4:5d:bf:95:b5:00:f9:59:ad:d8:53:67:55:
7c:80:38:a5:36:7e:f9:94:ba:87:93:3f:54:92:b1:d2:a0:f0:
c5:06:c3:68:d8:7a:e5:d6:10:f5:1a:41:ae:76:17:b1:1c:8f:
d0:a1:27:52:84:2e:0e:1c:8c:04:c4:dc:7a:d2:c0:30:a4:2a:
b7:ee:d9:25:ea:ce:bc:10:a9:01:2e:a0:e3:44:08:c0:08:7b:
e9:5c:0d:f7:68:fa:82:46:0c:5e:c2:8b:b3:55:9d:95:f7:85:
c0:56:5a:6f:d7:3e:8c:90:67:a0:e9:0b:4f:b5:d7:5a:59:bd:
a2:f7:4f:eb:76:1b:e6:82:14:fd:90:79:4b:0b:d6:f9:eb:1e:
29:1e:8f:e8:53:f1:96:6b:90:21:ce:8a:11:69:25:d3:87:b3:
ff:3d:b6:fa:86:12:f7:ff:3b:c5:99:00:01:be:37:fe:89:e9:
45:4d:86:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2yRr9Q0rqHKOAKtabgHc1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3
NTYyMGMwHhcNMjYwNDIxMjMwMTEzWhcNMjYwNDIyMjMwMTEzWjAzMTEwLwYDVQQD
EygyYjVjZmMxNWY5YmQ0NmE3YjNhZTVlMDExNjEyZDg1ZmJjZGNhMmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Y3iJBstlpNZgBzN/QxvWniQt0o6
SrMRWijCdtJtAx4pwwyxwKpNL2wGR4eafWnO7y24sVX79A1ShZ1a8m+8foANPuE7
pBiBySwDY/dTk26Es3NRqqYYcrapus3FTnaF1zXaiGiVV4RQQfIIuRwWYDWTOX9V
KOVHVyb3LL6nm/zyazciHyT+v09LxFregZO7QhsBZFfCC4mJZEmhd0CPFXU82KqN
Xp4V+gGrIc8SSe+OzYEJ2JBUp8BTMgwe52Pv9obIVjonZ/bs263SzNSDG7PTLMnk
FEgy6H12Hb3tMfw/lPrgfi+TT+e9r75VR8zPIsR6JkoHVXOxEPJqmxHzeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCtc/BX5vUans65eARYS2F+83KLcMB8GA1UdIwQY
MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt
NmY1ZDhhNzRhMGU0LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0
LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtlPhU341
sXEB5SqZcXT3tyYAOS4rtDWKCPAA3yZMCcHzdTi+tdaNvJMP08e59Ufytnadr4Du
pA4wVfLuQyD410veZ1TSgoVIf20nr8LUXb+VtQD5Wa3YU2dVfIA4pTZ++ZS6h5M/
VJKx0qDwxQbDaNh65dYQ9RpBrnYXsRyP0KEnUoQuDhyMBMTcetLAMKQqt+7ZJerO
vBCpAS6g40QIwAh76VwN92j6gkYMXsKLs1WdlfeFwFZab9c+jJBnoOkLT7XXWlm9
ovdP63Yb5oIU/ZB5SwvW+eseKR6P6FPxlmuQIc6KEWkl04ez/z22+oYS9/87xZkA
Ab43/onpRU2GTA==
-----END CERTIFICATE-----
Generated at Wed Apr 22 02:33:43 2026 by rpki-client