Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/0716df-341b-4a08-a451-596225031ee3/1/zyJMhK66hZuQyJNsumFn7kxE7Oc.mft
File: zyJMhK66hZuQyJNsumFn7kxE7Oc.mft (raw, json)
Hash identifier: NPvZ0Veaocey7ajalGAnkVl1Tv9tPVZaPS6HhCSTo9s=
Subject key identifier: A1:C0:59:1B:E6:54:4D:9F:BD:8B:12:82:06:3F:F8:37:77:4E:19:EC
Authority key identifier: CF:22:4C:84:AE:BA:85:9B:90:C8:93:6C:BA:61:67:EE:4C:44:EC:E7
Certificate issuer: /CN=cf224c84aeba859b90c8936cba6167ee4c44ece7
Certificate serial: 019D27A900E20084DDDB36BAB905103727D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zyJMhK66hZuQyJNsumFn7kxE7Oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/0716df-341b-4a08-a451-596225031ee3/1/zyJMhK66hZuQyJNsumFn7kxE7Oc.mft
Manifest number: 08FA
Signing time: Thu 26 Mar 2026 01:01:20 +0000
Manifest this update: Thu 26 Mar 2026 01:01:20 +0000
Manifest next update: Fri 27 Mar 2026 01:01:20 +0000
Files and hashes: 1: EeAR-0FuIgpREXK4CZj7bbiR324.roa (hash: nK35rOT9ZlV+vNlZLQE4MxQolHHOslBBZTHEZhrQ+LA=)
2: zyJMhK66hZuQyJNsumFn7kxE7Oc.crl (hash: jxkO9UaCVQyzqBbs7zEx18o9+B2HWk59uNAY7ZtQro8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/0716df-341b-4a08-a451-596225031ee3/1/zyJMhK66hZuQyJNsumFn7kxE7Oc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/0716df-341b-4a08-a451-596225031ee3/1/zyJMhK66hZuQyJNsumFn7kxE7Oc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zyJMhK66hZuQyJNsumFn7kxE7Oc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:a9:00:e2:00:84:dd:db:36:ba:b9:05:10:37:27:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf224c84aeba859b90c8936cba6167ee4c44ece7
Validity
Not Before: Mar 26 01:01:20 2026 GMT
Not After : Mar 27 01:01:20 2026 GMT
Subject: CN=a1c0591be6544d9fbd8b1282063ff837774e19ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:9c:00:21:34:21:4d:9d:b9:5f:6a:e8:9f:
98:fb:50:a2:2a:ae:20:75:a5:59:df:03:a7:25:bd:
bb:93:a7:a6:f2:0c:87:43:0a:a6:f3:88:7d:92:8d:
83:3f:7f:cb:4d:e3:97:93:3f:43:c9:57:7a:59:46:
9a:bd:ba:66:a4:8c:0a:9c:1f:42:87:a3:4c:db:74:
f9:bf:66:12:bc:9d:85:e6:a2:fe:8a:a9:6b:34:a2:
c5:d1:7c:51:fd:09:cf:76:99:b8:67:98:ef:21:cb:
2e:85:79:8d:34:a7:75:c4:52:9c:2c:5e:eb:19:02:
1d:15:d0:e8:c0:1c:e9:89:d0:eb:d5:0f:e6:7c:42:
9c:59:d5:66:62:43:d7:88:19:f9:50:f8:c2:50:bc:
3a:d4:c3:a1:0c:d4:6c:0b:94:08:a0:c5:61:66:68:
95:b2:7c:94:0f:ce:10:1e:d9:8c:58:1c:df:2a:c7:
92:7d:8d:bb:58:24:57:9f:f2:cc:68:a1:14:62:8a:
ef:15:bf:51:d2:22:c6:7d:a2:b0:56:04:03:6e:70:
e7:8f:4c:ba:40:d4:de:74:2d:14:c4:7f:2b:4e:9c:
95:58:2d:5d:64:29:60:ad:cc:13:4b:da:ad:69:41:
94:c5:8f:fb:03:ca:ae:90:f2:17:1e:60:f4:da:b1:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C0:59:1B:E6:54:4D:9F:BD:8B:12:82:06:3F:F8:37:77:4E:19:EC
X509v3 Authority Key Identifier:
keyid:CF:22:4C:84:AE:BA:85:9B:90:C8:93:6C:BA:61:67:EE:4C:44:EC:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zyJMhK66hZuQyJNsumFn7kxE7Oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0716df-341b-4a08-a451-596225031ee3/1/zyJMhK66hZuQyJNsumFn7kxE7Oc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/0716df-341b-4a08-a451-596225031ee3/1/zyJMhK66hZuQyJNsumFn7kxE7Oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:e5:6a:fa:18:6f:26:b9:1f:70:47:8f:67:47:47:60:2b:c5:
48:17:bb:5f:a8:68:fe:cc:d2:09:dc:3c:85:48:c4:c0:5c:b1:
2e:18:46:a2:ea:84:c2:13:63:2c:13:b6:eb:4a:53:d5:f6:15:
b3:e9:1b:ed:95:d5:e4:34:ce:bc:64:70:6d:6c:c1:8e:cb:88:
91:b4:34:13:10:7d:b6:a2:57:e3:07:79:60:6c:3c:be:67:46:
e1:20:28:63:11:fb:80:b3:cc:82:29:a8:05:71:6b:ea:91:5a:
f7:39:fc:11:50:22:6d:aa:71:f5:9f:00:f8:d1:7b:1d:31:dd:
52:31:ee:14:2e:92:b1:93:f3:68:7a:20:b3:9b:61:67:32:77:
da:4a:14:57:e2:c5:00:fe:41:b6:34:ef:36:a1:dd:dc:e9:06:
78:e4:98:0a:63:c7:dd:16:06:41:2b:a6:df:cb:1a:6d:29:c7:
3a:a7:a8:58:32:cd:af:40:6a:a3:90:15:89:79:23:03:69:06:
67:42:83:62:c4:8f:fa:41:29:2c:fe:6e:33:dc:71:7c:6c:24:
37:07:5b:60:55:0e:76:06:4e:fa:f3:ce:7f:4b:5a:54:de:3d:
76:e5:bd:d4:0a:1e:58:1d:83:c3:7c:f5:7d:46:5c:09:a0:9c:
fc:3c:a3:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0nqQDiAITd2za6uQUQNyfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMjI0Yzg0YWViYTg1OWI5MGM4OTM2Y2JhNjE2N2VlNGM0
NGVjZTcwHhcNMjYwMzI2MDEwMTIwWhcNMjYwMzI3MDEwMTIwWjAzMTEwLwYDVQQD
EyhhMWMwNTkxYmU2NTQ0ZDlmYmQ4YjEyODIwNjNmZjgzNzc3NGUxOWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDecACE0IU2duV9q6J+Y+1CiKq4g
daVZ3wOnJb27k6em8gyHQwqm84h9ko2DP3/LTeOXkz9DyVd6WUaavbpmpIwKnB9C
h6NM23T5v2YSvJ2F5qL+iqlrNKLF0XxR/QnPdpm4Z5jvIcsuhXmNNKd1xFKcLF7r
GQIdFdDowBzpidDr1Q/mfEKcWdVmYkPXiBn5UPjCULw61MOhDNRsC5QIoMVhZmiV
snyUD84QHtmMWBzfKseSfY27WCRXn/LMaKEUYorvFb9R0iLGfaKwVgQDbnDnj0y6
QNTedC0UxH8rTpyVWC1dZClgrcwTS9qtaUGUxY/7A8qukPIXHmD02rGA/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKHAWRvmVE2fvYsSggY/+Dd3ThnsMB8GA1UdIwQY
MBaAFM8iTISuuoWbkMiTbLphZ+5MROznMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenlKTWhLNjZoWnVReUpOc3VtRm43a3hFN09jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8wNzE2ZGYtMzQxYi00YTA4LWE0NTEt
NTk2MjI1MDMxZWUzLzEvenlKTWhLNjZoWnVReUpOc3VtRm43a3hFN09jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8wNzE2ZGYtMzQxYi00YTA4LWE0NTEtNTk2MjI1MDMxZWUz
LzEvenlKTWhLNjZoWnVReUpOc3VtRm43a3hFN09jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANeVq+hhv
JrkfcEePZ0dHYCvFSBe7X6ho/szSCdw8hUjEwFyxLhhGouqEwhNjLBO260pT1fYV
s+kb7ZXV5DTOvGRwbWzBjsuIkbQ0ExB9tqJX4wd5YGw8vmdG4SAoYxH7gLPMgimo
BXFr6pFa9zn8EVAibapx9Z8A+NF7HTHdUjHuFC6SsZPzaHogs5thZzJ32koUV+LF
AP5BtjTvNqHd3OkGeOSYCmPH3RYGQSum38sabSnHOqeoWDLNr0Bqo5AViXkjA2kG
Z0KDYsSP+kEpLP5uM9xxfGwkNwdbYFUOdgZO+vPOf0taVN49duW91AoeWB2Dw3z1
fUZcCaCc/DyjxA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:23:48 2026 by rpki-client