Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
File: zRQ2kCMKRApot6iqmCefL2Xf7ig.mft (raw, json)
Hash identifier: XKlsmwCG1aV1wY7dFGClrBbFMiIzIfWLQ3I9/g7AdNw=
Subject key identifier: 81:9D:31:42:71:C8:94:7B:66:C9:70:A8:A8:B3:F0:5B:52:78:49:67
Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Certificate serial: 019D25F19DFA14EA23372840F7F61489666D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
Manifest number: 1588
Signing time: Wed 25 Mar 2026 17:01:24 +0000
Manifest this update: Wed 25 Mar 2026 17:01:24 +0000
Manifest next update: Thu 26 Mar 2026 17:01:24 +0000
Files and hashes: 1: beStaP3U9BouVtR6HKL7Bht809g.roa (hash: 9C0Yz+gtWBKD86eXJ/yNK0jQEWAJqpkTW4DLxbpVN08=)
2: zRQ2kCMKRApot6iqmCefL2Xf7ig.crl (hash: zz/QKDs7zYgEWqpzoxIGRTkBfAfKZIVYa4f+n89YjRw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:f1:9d:fa:14:ea:23:37:28:40:f7:f6:14:89:66:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Validity
Not Before: Mar 25 17:01:24 2026 GMT
Not After : Mar 26 17:01:24 2026 GMT
Subject: CN=819d314271c8947b66c970a8a8b3f05b52784967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:76:9a:91:23:e6:b6:93:53:3f:99:5e:65:ac:
9f:3f:f0:9e:44:7d:9a:3d:cf:40:a5:5e:4d:11:dc:
68:42:59:05:08:5e:60:68:90:44:16:ee:35:59:f6:
91:1c:99:75:a3:64:a9:2c:9c:0d:36:8d:f2:1f:38:
e0:6f:b0:dd:a1:e8:2a:b9:9b:0c:2c:5b:e2:05:93:
0c:bd:11:fa:ab:e1:d3:16:bb:64:57:4d:b8:cf:9d:
cd:57:c4:4e:db:7c:1c:4e:94:37:b6:1b:8c:71:a8:
12:59:dd:ec:e5:8b:f3:c3:1d:3d:f5:4c:fd:f3:a3:
0f:ac:d9:01:0e:17:d8:7d:34:32:f3:7a:4f:07:a5:
e1:a4:f2:d3:bd:db:1b:de:b0:f9:2f:76:d9:f6:73:
c7:7e:7b:dc:81:28:15:86:14:9d:5e:3e:e4:1d:86:
87:1c:8c:53:44:c8:8d:a7:80:e7:16:74:c1:c3:5c:
f6:55:8c:6e:1f:2a:7c:ab:60:f1:7d:43:0b:3b:c6:
06:fe:2f:e6:f4:a4:3b:6e:38:0c:87:04:1e:bc:de:
e0:21:cd:c8:d8:16:e5:24:a7:03:c4:7a:50:27:9d:
0e:20:6b:fd:c5:5d:fb:b4:18:c1:17:87:c1:01:ed:
3c:d0:56:56:ea:d1:85:c1:74:e3:10:d4:0d:a8:fe:
30:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:9D:31:42:71:C8:94:7B:66:C9:70:A8:A8:B3:F0:5B:52:78:49:67
X509v3 Authority Key Identifier:
keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
06:cc:80:0d:0c:48:77:cf:81:a7:36:62:5b:de:5b:6a:79:a4:
17:f3:00:b7:60:64:0d:5b:d7:c5:91:47:76:ab:2e:4c:7c:28:
c8:7b:ec:32:53:6c:46:74:fa:ce:cd:42:af:09:8d:1d:ec:8b:
29:19:cf:a7:9e:11:3d:22:93:30:c7:31:72:1b:70:e4:a5:cf:
9b:e6:bb:bb:8f:f3:29:3d:af:65:c3:5f:02:6a:39:c2:b2:bf:
98:05:17:16:a2:70:48:3d:02:c7:d3:6b:f2:93:70:af:77:c9:
c6:2a:42:45:11:ed:5a:c0:32:c0:cf:aa:5f:56:03:36:b7:56:
b6:e1:69:f3:5b:0f:5a:11:59:ae:2b:ae:23:04:af:8d:f8:03:
2e:8e:94:97:63:de:dc:e3:84:fb:d5:06:cd:f6:a5:e4:81:cf:
87:49:2d:06:c8:05:1e:f5:b2:38:0e:ec:ed:e1:55:f2:94:f7:
8b:8f:2a:ce:2e:3c:cb:a3:ac:6b:e8:6f:f5:71:4c:ec:bf:dc:
ae:26:1c:d6:93:13:9f:59:d0:dd:0e:f3:4b:6a:7a:a3:96:90:
af:4c:c6:39:16:97:bc:b4:f3:0e:0d:fe:73:ac:c0:f0:41:47:
02:ce:ab:59:9a:4c:33:33:01:42:fe:19:c1:13:4a:38:9f:65:
19:f1:78:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0l8Z36FOojNyhA9/YUiWZtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk
ZmVlMjgwHhcNMjYwMzI1MTcwMTI0WhcNMjYwMzI2MTcwMTI0WjAzMTEwLwYDVQQD
Eyg4MTlkMzE0MjcxYzg5NDdiNjZjOTcwYThhOGIzZjA1YjUyNzg0OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnaakSPmtpNTP5leZayfP/CeRH2a
Pc9ApV5NEdxoQlkFCF5gaJBEFu41WfaRHJl1o2SpLJwNNo3yHzjgb7DdoegquZsM
LFviBZMMvRH6q+HTFrtkV024z53NV8RO23wcTpQ3thuMcagSWd3s5Yvzwx099Uz9
86MPrNkBDhfYfTQy83pPB6XhpPLTvdsb3rD5L3bZ9nPHfnvcgSgVhhSdXj7kHYaH
HIxTRMiNp4DnFnTBw1z2VYxuHyp8q2DxfUMLO8YG/i/m9KQ7bjgMhwQevN7gIc3I
2BblJKcDxHpQJ50OIGv9xV37tBjBF4fBAe080FZW6tGFwXTjENQNqP4wEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGdMUJxyJR7ZslwqKiz8FtSeElnMB8GA1UdIwQY
MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt
OGVlM2Q5OGNhZDViLzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi
LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABsyADQxI
d8+BpzZiW95banmkF/MAt2BkDVvXxZFHdqsuTHwoyHvsMlNsRnT6zs1CrwmNHeyL
KRnPp54RPSKTMMcxchtw5KXPm+a7u4/zKT2vZcNfAmo5wrK/mAUXFqJwSD0Cx9Nr
8pNwr3fJxipCRRHtWsAywM+qX1YDNrdWtuFp81sPWhFZriuuIwSvjfgDLo6Ul2Pe
3OOE+9UGzfal5IHPh0ktBsgFHvWyOA7s7eFV8pT3i48qzi48y6Osa+hv9XFM7L/c
riYc1pMTn1nQ3Q7zS2p6o5aQr0zGORaXvLTzDg3+c6zA8EFHAs6rWZpMMzMBQv4Z
wRNKOJ9lGfF4ZQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:06:31 2026 by rpki-client