Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
File: Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft (raw, json)
Hash identifier: fQOQHmsbKb8vSeWs+LHbIdYaTIOAtbpDxItVIXZiXXY=
Subject key identifier: 45:83:46:72:7A:63:87:AD:2F:96:EF:4D:1C:EE:8B:C5:1E:84:5D:62
Authority key identifier: 67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
Certificate issuer: /CN=6777a62846df4edbe5666b89e8420e919ab08627
Certificate serial: 019D26CD1458CB30B2E6F360CBC7D301411D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
Manifest number: 17E1
Signing time: Wed 25 Mar 2026 21:01:07 +0000
Manifest this update: Wed 25 Mar 2026 21:01:07 +0000
Manifest next update: Thu 26 Mar 2026 21:01:07 +0000
Files and hashes: 1: 3VLDvoZCO7skcLMmoqmsMLtkmQU.roa (hash: 54REseVbtlx9mAKpYatYkVRIZlL/47Cw+aylSFwZYDg=)
2: Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl (hash: KGobMOb7FZg2XBWeOVV8IluYSQAyOhSNct7z4tlKEic=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:cd:14:58:cb:30:b2:e6:f3:60:cb:c7:d3:01:41:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6777a62846df4edbe5666b89e8420e919ab08627
Validity
Not Before: Mar 25 21:01:07 2026 GMT
Not After : Mar 26 21:01:07 2026 GMT
Subject: CN=458346727a6387ad2f96ef4d1cee8bc51e845d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ae:21:e2:71:64:ec:d2:41:8c:cb:c8:37:63:
74:a6:f4:6f:92:2f:ad:47:4a:9a:ce:a3:e5:81:bd:
37:79:2c:07:41:cb:8c:f9:bd:63:3a:6c:33:a8:ed:
6d:bc:0b:9b:56:7c:5d:db:89:95:ca:4d:ff:26:c5:
dc:8b:ce:6b:42:a7:37:8b:8d:69:4e:ab:1d:70:4c:
d4:eb:38:fa:42:22:54:60:2c:61:54:90:70:b3:34:
0a:0e:ce:bd:af:63:e7:02:a5:69:5d:c7:cc:77:21:
cb:60:cd:bb:18:6a:99:1d:3d:e3:ff:b8:a4:8a:e0:
b0:51:76:a2:80:83:c6:ae:5c:37:cc:0b:a9:6c:4d:
ca:84:be:18:74:f7:23:a2:b7:38:9c:c5:ea:bc:12:
a7:6d:06:39:ca:ab:80:0b:cb:ae:38:5e:a2:f8:e2:
3b:c7:92:62:6c:2b:ab:b6:ee:c1:b7:01:8c:db:fa:
e8:1f:08:fd:b8:ce:c2:9b:2b:75:1c:d2:1a:4c:a6:
d3:f4:9b:62:4f:ee:7a:c6:74:af:98:5a:8f:c4:59:
a3:e2:63:cb:52:4d:26:f4:91:33:7a:68:76:18:db:
b6:b1:40:d0:5f:7e:be:93:61:02:6f:6c:f3:dd:88:
20:f4:41:7f:30:2b:19:16:ae:c7:a2:02:e8:b0:5c:
6b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:83:46:72:7A:63:87:AD:2F:96:EF:4D:1C:EE:8B:C5:1E:84:5D:62
X509v3 Authority Key Identifier:
keyid:67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:6f:f5:e5:25:d3:9d:5d:78:f6:6b:04:2d:62:38:f9:51:0e:
32:e9:27:c7:8c:19:f3:54:ea:ae:9f:22:4b:3e:e6:27:06:e5:
be:d1:0a:2d:49:00:9f:b9:d3:7a:ec:b9:8b:79:e1:5e:28:70:
50:73:57:5a:00:7e:d5:19:3b:79:86:7a:44:e6:d3:da:bb:93:
69:f2:ae:dd:75:ee:9a:ae:df:60:6c:6c:27:94:18:22:bf:4a:
49:af:47:34:89:0c:37:d7:19:28:dc:a2:8e:49:a2:b5:3b:bb:
ca:1b:8d:9c:ac:68:eb:9b:5d:10:79:74:24:fd:bb:27:25:d1:
10:9f:2c:19:ea:f8:06:a7:22:e4:6a:d1:e0:6b:dc:e3:c5:e0:
61:5c:d7:08:15:55:37:93:4a:b5:04:40:c3:dc:5c:a9:a4:11:
7e:3c:df:c5:c2:3f:3a:1f:b0:75:5d:ee:df:b9:87:ea:e2:03:
dc:f2:d7:69:75:f2:9d:70:85:4f:65:e1:cb:39:89:db:81:44:
94:c0:e1:e5:f5:5b:1b:49:55:aa:94:31:c8:1a:59:da:f2:75:
38:65:cf:c0:76:02:8c:ad:19:bd:67:00:fb:fa:c7:24:52:e5:
31:ac:a4:43:00:e3:6c:a7:d2:fe:7e:08:17:16:14:51:bd:da:
a9:2e:34:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mzRRYyzCy5vNgy8fTAUEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzdhNjI4NDZkZjRlZGJlNTY2NmI4OWU4NDIwZTkxOWFi
MDg2MjcwHhcNMjYwMzI1MjEwMTA3WhcNMjYwMzI2MjEwMTA3WjAzMTEwLwYDVQQD
Eyg0NTgzNDY3MjdhNjM4N2FkMmY5NmVmNGQxY2VlOGJjNTFlODQ1ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm64h4nFk7NJBjMvIN2N0pvRvki+t
R0qazqPlgb03eSwHQcuM+b1jOmwzqO1tvAubVnxd24mVyk3/JsXci85rQqc3i41p
TqsdcEzU6zj6QiJUYCxhVJBwszQKDs69r2PnAqVpXcfMdyHLYM27GGqZHT3j/7ik
iuCwUXaigIPGrlw3zAupbE3KhL4YdPcjorc4nMXqvBKnbQY5yquAC8uuOF6i+OI7
x5JibCurtu7BtwGM2/roHwj9uM7Cmyt1HNIaTKbT9JtiT+56xnSvmFqPxFmj4mPL
Uk0m9JEzemh2GNu2sUDQX36+k2ECb2zz3Ygg9EF/MCsZFq7HogLosFxr7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEWDRnJ6Y4etL5bvTRzui8UehF1iMB8GA1UdIwQY
MBaAFGd3pihG307b5WZriehCDpGasIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjM3M2YtNzY0ZC00NTMyLTgzMzMt
NjJkOTRhZjgwMWI1LzEvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjM3M2YtNzY0ZC00NTMyLTgzMzMtNjJkOTRhZjgwMWI1
LzEvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2/15SXT
nV149msELWI4+VEOMuknx4wZ81Tqrp8iSz7mJwblvtEKLUkAn7nTeuy5i3nhXihw
UHNXWgB+1Rk7eYZ6RObT2ruTafKu3XXumq7fYGxsJ5QYIr9KSa9HNIkMN9cZKNyi
jkmitTu7yhuNnKxo65tdEHl0JP27JyXREJ8sGer4Bqci5GrR4Gvc48XgYVzXCBVV
N5NKtQRAw9xcqaQRfjzfxcI/Oh+wdV3u37mH6uID3PLXaXXynXCFT2XhyzmJ24FE
lMDh5fVbG0lVqpQxyBpZ2vJ1OGXPwHYCjK0ZvWcA+/rHJFLlMaykQwDjbKfS/n4I
FxYUUb3aqS40lw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:11:12 2026 by rpki-client