Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
File: kziECSasc-rVthh5GeiPEAMimco.mft (raw, json)
Hash identifier: IPyvw7+hz5tQNjxNK4dMqVLjyynF33s37afNEyGk9+0=
Subject key identifier: 81:91:58:95:17:6A:BC:C6:EF:6D:78:14:DA:81:C7:D6:A4:1F:D5:B1
Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca
Certificate serial: 019D27728C3A15D61946116F3BB4BA6E2DD7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
Manifest number: 017C
Signing time: Thu 26 Mar 2026 00:01:51 +0000
Manifest this update: Thu 26 Mar 2026 00:01:51 +0000
Manifest next update: Fri 27 Mar 2026 00:01:51 +0000
Files and hashes: 1: 1-z0Y3fH_aErOAd2Nag5ZT3JcPH4.roa (hash: ajlsAWqEGjBF2s25AsAbzW/nKPdDq6JxNB0eWlyY3OU=)
2: 6lmykGrjWlxTI-Qm8cv1Wru-ZUM.roa (hash: 3/8y+29k2Z9zB5VeslI5T+W11/MyhEBGlF4ugyZh+nA=)
3: FcXUetsC0-6bv54Z1lmHoqKMdxM.roa (hash: dFkWAsnbwOvbQKILV1fPns+xMo4goiFme2jYhULRvHk=)
4: Y4x7zeztB7lrOx01OBJN1UiLyT0.roa (hash: gs7Dc5as7DJ7oLTov6hgPGgK6t+t5Pe4B5kRBUgM7WI=)
5: _SAMOxgv34T8ZP2BEt3dVFweldA.roa (hash: bU6RDLC/fFMgRKk4b1P2ryi1ytEL97qHkSA7liSJFY0=)
6: kziECSasc-rVthh5GeiPEAMimco.crl (hash: lhSYreTykYxrzgGCs0GGmQgOory3YYQ4TMjlUR+7kZU=)
7: nKQXbT6FciiHVvddJS0_5sOh1ms.asa (hash: 7BE1jfl/pKiooWczO/8pMkQZmIL4Zuvts1Z6qAFpwl4=)
8: nf63dpM5Md5RBRi4P-HwEK-eN_E.roa (hash: 9d7TgxCegK25CmqdbC1sGXI3mJJK7sBKT2RoRfBWFdw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:8c:3a:15:d6:19:46:11:6f:3b:b4:ba:6e:2d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca
Validity
Not Before: Mar 26 00:01:51 2026 GMT
Not After : Mar 27 00:01:51 2026 GMT
Subject: CN=81915895176abcc6ef6d7814da81c7d6a41fd5b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:1d:80:52:4e:95:36:cc:36:99:5a:84:d7:7f:
5a:c0:b7:8f:f5:d5:f6:b1:f6:a6:dd:81:c4:cf:37:
03:80:c7:ef:ab:08:5d:c7:fd:3f:15:b2:fe:b2:06:
00:fb:4a:dd:64:aa:0a:36:0b:88:1c:1c:75:e3:94:
02:79:4d:0c:73:42:0c:5d:b4:57:0c:4c:bd:7d:c7:
97:c0:ce:32:57:49:43:a1:d2:d2:b4:f2:a8:29:1b:
19:13:84:dc:c6:e2:f9:cd:54:38:54:69:32:12:3d:
03:71:3e:08:08:08:cb:6f:3f:0e:70:79:8f:42:f1:
b0:06:49:a4:e2:1e:68:83:86:20:fa:58:76:5e:0e:
e4:e7:9b:34:6f:09:99:16:3f:48:b8:d8:8e:18:b7:
73:bf:ee:d7:3e:94:f3:c2:51:cb:11:4d:ac:e7:ab:
78:a1:63:71:bf:d5:91:e0:51:cb:d2:cd:f3:4f:29:
21:de:61:74:1f:94:ca:6d:4b:28:81:a2:5d:7a:2b:
65:10:37:22:6a:47:fe:99:58:3c:ca:e8:32:80:69:
67:57:41:21:e8:a8:63:a1:58:ed:d1:d2:5a:fe:fa:
38:ee:d6:97:16:d3:ac:38:3a:22:27:76:4e:54:e4:
6f:b9:33:32:c0:b0:83:bf:0f:9b:96:68:94:cd:05:
ee:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:91:58:95:17:6A:BC:C6:EF:6D:78:14:DA:81:C7:D6:A4:1F:D5:B1
X509v3 Authority Key Identifier:
keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6b:e0:f8:40:7a:c3:59:2c:7b:3f:0d:38:27:c1:58:09:a2:37:
e9:19:e6:8d:c5:26:9f:1b:e8:7a:c9:ec:f1:29:18:73:22:43:
cc:74:6e:dd:48:b9:2d:c5:8b:74:84:35:0c:57:b3:a7:e2:3c:
5b:10:0c:fb:98:51:8d:76:0b:b5:48:32:2b:66:4e:d7:f7:6b:
1f:99:dc:7c:a1:fc:17:b7:03:8d:e3:70:0c:c8:45:cb:91:ad:
ec:07:2e:5a:66:36:82:d1:0e:93:4d:3e:d7:8b:fe:49:03:0c:
ea:de:e5:e2:84:5e:00:31:0b:a3:cf:75:a5:96:be:a9:9a:0b:
73:ed:4d:6a:66:b8:5e:79:38:c3:da:87:9e:93:29:d3:0c:2c:
f3:3f:29:be:20:31:c4:1c:27:28:6f:b0:ed:66:b6:2f:3f:57:
a3:53:ea:6a:fc:4c:19:83:46:61:88:cc:3a:9c:71:26:48:96:
a8:32:4e:65:6c:51:fd:0f:4a:ab:fe:54:40:78:5e:81:53:fb:
b2:08:61:f1:80:d6:b9:a9:1f:0c:af:7a:a8:aa:36:83:ca:d6:
fd:5b:3c:fb:c4:dd:40:41:05:17:8b:fa:db:fd:0e:42:b5:17:
be:09:e7:bb:19:84:75:8c:4e:03:c8:51:9b:82:c2:b2:51:b2:
27:ed:c1:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncow6FdYZRhFvO7S6bi3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy
Mjk5Y2EwHhcNMjYwMzI2MDAwMTUxWhcNMjYwMzI3MDAwMTUxWjAzMTEwLwYDVQQD
Eyg4MTkxNTg5NTE3NmFiY2M2ZWY2ZDc4MTRkYTgxYzdkNmE0MWZkNWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsx2AUk6VNsw2mVqE139awLeP9dX2
sfam3YHEzzcDgMfvqwhdx/0/FbL+sgYA+0rdZKoKNguIHBx145QCeU0Mc0IMXbRX
DEy9fceXwM4yV0lDodLStPKoKRsZE4TcxuL5zVQ4VGkyEj0DcT4ICAjLbz8OcHmP
QvGwBkmk4h5og4Yg+lh2Xg7k55s0bwmZFj9IuNiOGLdzv+7XPpTzwlHLEU2s56t4
oWNxv9WR4FHL0s3zTykh3mF0H5TKbUsogaJdeitlEDciakf+mVg8yugygGlnV0Eh
6KhjoVjt0dJa/vo47taXFtOsODoiJ3ZOVORvuTMywLCDvw+blmiUzQXukwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIGRWJUXarzG7214FNqBx9akH9WxMB8GA1UdIwQY
MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt
ZWE3YWU3MmJkMzJkLzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk
LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa+D4QHrD
WSx7Pw04J8FYCaI36RnmjcUmnxvoesns8SkYcyJDzHRu3Ui5LcWLdIQ1DFezp+I8
WxAM+5hRjXYLtUgyK2ZO1/drH5ncfKH8F7cDjeNwDMhFy5Gt7AcuWmY2gtEOk00+
14v+SQMM6t7l4oReADELo891pZa+qZoLc+1Nama4Xnk4w9qHnpMp0wws8z8pviAx
xBwnKG+w7Wa2Lz9Xo1PqavxMGYNGYYjMOpxxJkiWqDJOZWxR/Q9Kq/5UQHhegVP7
sghh8YDWuakfDK96qKo2g8rW/Vs8+8TdQEEFF4v62/0OQrUXvgnnuxmEdYxOA8hR
m4LCslGyJ+3BxA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:46:48 2026 by rpki-client