Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
File: zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json)
Hash identifier: qmywnLnYp91bfnFZM2c7QnrKwnS5HUuAOESZ0lv+NPI=
Subject key identifier: 44:0C:BB:0D:C1:4E:32:FC:89:F5:30:55:3D:4F:AA:2F:33:82:15:C7
Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
Certificate issuer: /CN=ce42b4385e5772f51d588e2bb7219a122399587a
Certificate serial: 019D2B4ED7461E8146F63D8EE64BD1D9ED98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
Manifest number: 0CAC
Signing time: Thu 26 Mar 2026 18:01:20 +0000
Manifest this update: Thu 26 Mar 2026 18:01:20 +0000
Manifest next update: Fri 27 Mar 2026 18:01:20 +0000
Files and hashes: 1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: 80r1dbFj0R8ah9KRjR4XkVlsW6CgzGjafUfHaKg1/gU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4e:d7:46:1e:81:46:f6:3d:8e:e6:4b:d1:d9:ed:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a
Validity
Not Before: Mar 26 18:01:20 2026 GMT
Not After : Mar 27 18:01:20 2026 GMT
Subject: CN=440cbb0dc14e32fc89f530553d4faa2f338215c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:73:96:7a:ec:21:ae:0b:d1:d7:18:19:63:2b:
5e:59:b9:29:f0:55:4c:21:9e:fb:a2:be:6b:7a:98:
b3:cf:b0:ac:b5:5f:85:c9:b4:93:3d:be:96:2b:16:
f7:48:8d:e5:b3:13:88:39:27:f1:ae:8b:d2:6b:fd:
c5:b2:1e:8a:a3:26:c4:8c:e1:ec:39:bb:72:05:89:
75:ef:d6:23:f7:d9:6f:66:80:18:f6:d0:8d:be:fc:
5d:f4:34:41:4b:c5:61:9a:e7:04:dd:b5:52:f7:7d:
1b:2a:4c:3a:e5:e3:0d:af:54:9e:b5:3f:3a:98:93:
a0:d0:6a:5b:47:46:ba:8f:be:56:56:dd:50:a3:e2:
68:4f:88:3a:07:47:59:8c:bc:aa:de:82:48:40:12:
3b:b7:8f:2a:8b:45:6e:f5:9b:47:7e:e3:06:95:da:
e2:c0:56:5d:80:d4:bd:de:31:ed:9b:37:34:c3:82:
af:ab:8b:05:bc:61:4d:53:6f:74:3b:13:b7:d5:d3:
c2:07:63:ab:a8:13:68:7f:93:80:23:0b:ef:40:f0:
6d:29:5d:55:00:d0:b0:4a:c6:74:2c:72:e9:97:7e:
e9:79:21:61:9c:23:c2:20:01:c5:49:50:21:80:6e:
45:c5:e8:71:73:51:68:4c:38:46:ea:84:8c:be:22:
58:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:0C:BB:0D:C1:4E:32:FC:89:F5:30:55:3D:4F:AA:2F:33:82:15:C7
X509v3 Authority Key Identifier:
keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:85:ba:74:ac:b8:3e:60:6f:6e:89:72:fb:59:1c:00:6f:1e:
cb:dd:c5:6b:6f:ca:14:b7:b9:07:52:48:3c:83:32:ea:26:85:
bb:73:76:b2:ea:c9:8c:1a:e9:62:c3:55:be:d6:94:80:23:b3:
e6:54:61:25:4b:99:69:27:69:36:44:29:85:89:4a:3b:e3:20:
f9:63:31:e1:04:50:48:c3:45:df:a9:f8:a7:f4:cf:66:a2:6e:
2c:26:42:21:1f:89:58:14:9f:78:b4:61:8b:6e:58:6a:98:0e:
f3:ae:ea:5b:ae:0b:56:65:02:ae:8d:a5:88:06:de:6d:15:b6:
06:b9:a7:f9:56:f6:e6:59:72:2c:37:ae:01:f7:e1:f8:78:69:
82:20:e8:a1:e7:83:d5:f9:ae:19:db:d3:4e:70:51:c5:fc:f1:
23:a2:3a:3b:2d:62:1b:04:7b:8d:14:e3:5f:49:0c:d8:e2:c6:
c1:07:a3:79:d2:0c:e1:c7:59:0b:ea:8f:07:b3:c5:e4:e5:b3:
fc:58:f3:63:73:3e:3e:ef:a4:1c:a0:dd:84:55:c8:f6:dd:cb:
25:bd:be:24:26:11:9c:3b:a8:18:83:67:6c:ef:91:9e:a8:27:
b9:0d:9e:d4:36:a7:6c:57:9a:16:38:58:6f:0f:be:dc:39:d3:
d8:32:8b:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rTtdGHoFG9j2O5kvR2e2YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5
OTU4N2EwHhcNMjYwMzI2MTgwMTIwWhcNMjYwMzI3MTgwMTIwWjAzMTEwLwYDVQQD
Eyg0NDBjYmIwZGMxNGUzMmZjODlmNTMwNTUzZDRmYWEyZjMzODIxNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHOWeuwhrgvR1xgZYyteWbkp8FVM
IZ77or5repizz7CstV+FybSTPb6WKxb3SI3lsxOIOSfxrovSa/3Fsh6KoybEjOHs
ObtyBYl179Yj99lvZoAY9tCNvvxd9DRBS8VhmucE3bVS930bKkw65eMNr1SetT86
mJOg0GpbR0a6j75WVt1Qo+JoT4g6B0dZjLyq3oJIQBI7t48qi0Vu9ZtHfuMGldri
wFZdgNS93jHtmzc0w4Kvq4sFvGFNU290OxO31dPCB2OrqBNof5OAIwvvQPBtKV1V
ANCwSsZ0LHLpl37peSFhnCPCIAHFSVAhgG5Fxehxc1FoTDhG6oSMviJYoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQMuw3BTjL8ifUwVT1Pqi8zghXHMB8GA1UdIwQY
MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt
Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3
LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALYW6dKy4
PmBvboly+1kcAG8ey93Fa2/KFLe5B1JIPIMy6iaFu3N2surJjBrpYsNVvtaUgCOz
5lRhJUuZaSdpNkQphYlKO+Mg+WMx4QRQSMNF36n4p/TPZqJuLCZCIR+JWBSfeLRh
i25YapgO867qW64LVmUCro2liAbebRW2Brmn+Vb25llyLDeuAffh+HhpgiDooeeD
1fmuGdvTTnBRxfzxI6I6Oy1iGwR7jRTjX0kM2OLGwQejedIM4cdZC+qPB7PF5OWz
/FjzY3M+Pu+kHKDdhFXI9t3LJb2+JCYRnDuoGINnbO+RnqgnuQ2e1DanbFeaFjhY
bw++3DnT2DKLNQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:14:57 2026 by rpki-client