Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
File: kziECSasc-rVthh5GeiPEAMimco.mft (raw, json)
Hash identifier: MyTb7+hDA971c/1ssNlxFyPM2En5a9bpdcLYthYY8Ow=
Subject key identifier: B5:DA:CE:91:2E:7B:B9:FB:C8:B7:99:C3:F0:AA:66:32:47:EF:E0:44
Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca
Certificate serial: 019D258350EAA7A8DCFE382B4ACCA605E692
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
Manifest number: 017B
Signing time: Wed 25 Mar 2026 15:00:56 +0000
Manifest this update: Wed 25 Mar 2026 15:00:56 +0000
Manifest next update: Thu 26 Mar 2026 15:00:56 +0000
Files and hashes: 1: 1-z0Y3fH_aErOAd2Nag5ZT3JcPH4.roa (hash: ajlsAWqEGjBF2s25AsAbzW/nKPdDq6JxNB0eWlyY3OU=)
2: 6lmykGrjWlxTI-Qm8cv1Wru-ZUM.roa (hash: 3/8y+29k2Z9zB5VeslI5T+W11/MyhEBGlF4ugyZh+nA=)
3: FcXUetsC0-6bv54Z1lmHoqKMdxM.roa (hash: dFkWAsnbwOvbQKILV1fPns+xMo4goiFme2jYhULRvHk=)
4: Y4x7zeztB7lrOx01OBJN1UiLyT0.roa (hash: gs7Dc5as7DJ7oLTov6hgPGgK6t+t5Pe4B5kRBUgM7WI=)
5: _SAMOxgv34T8ZP2BEt3dVFweldA.roa (hash: bU6RDLC/fFMgRKk4b1P2ryi1ytEL97qHkSA7liSJFY0=)
6: kziECSasc-rVthh5GeiPEAMimco.crl (hash: oGtoPf819FHfYOAtDLm0vF8LZ7YnRGclmcNNS8nnIX0=)
7: nKQXbT6FciiHVvddJS0_5sOh1ms.asa (hash: 7BE1jfl/pKiooWczO/8pMkQZmIL4Zuvts1Z6qAFpwl4=)
8: nf63dpM5Md5RBRi4P-HwEK-eN_E.roa (hash: 9d7TgxCegK25CmqdbC1sGXI3mJJK7sBKT2RoRfBWFdw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:83:50:ea:a7:a8:dc:fe:38:2b:4a:cc:a6:05:e6:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca
Validity
Not Before: Mar 25 15:00:56 2026 GMT
Not After : Mar 26 15:00:56 2026 GMT
Subject: CN=b5dace912e7bb9fbc8b799c3f0aa663247efe044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:15:13:54:c9:d2:31:d1:c0:94:f9:88:06:0c:
72:5e:b8:7b:39:d1:9a:b1:d0:da:20:d8:8e:62:61:
81:17:3e:8c:db:bf:4a:2e:f0:0d:99:42:ae:1f:03:
f6:e6:34:05:b1:ac:a2:73:4a:aa:d8:04:01:0c:2c:
7d:f8:d7:05:32:1d:50:32:ef:fc:13:dc:06:0a:80:
7a:1b:85:af:38:f4:ca:73:5f:c1:d0:66:06:ed:5e:
78:14:21:db:11:b6:fe:bc:65:09:41:4b:ba:fd:ec:
f4:31:74:8e:1a:87:27:c1:61:12:d8:66:d8:7d:42:
7d:c1:76:80:72:03:e2:36:f7:35:06:8c:cd:bd:1c:
bf:79:28:86:d7:f7:41:65:37:97:91:aa:9e:9b:18:
84:35:71:d6:cd:85:46:7d:a2:99:9f:40:49:b3:8b:
5b:47:f1:d0:55:dd:e4:13:39:6f:f7:99:24:fc:89:
1d:0d:b8:83:c0:10:d9:52:e6:4f:64:ae:4f:4a:9d:
96:c0:36:5b:c7:d1:c0:3d:14:a0:22:3e:ba:d0:bc:
b4:8f:d7:b4:82:a7:3c:27:81:39:c4:5d:ba:1d:eb:
47:f5:b9:72:5e:33:ba:37:b0:23:ed:de:b6:4a:9a:
8b:aa:52:26:cb:dd:19:8c:b2:53:7e:21:ba:d1:8f:
c3:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DA:CE:91:2E:7B:B9:FB:C8:B7:99:C3:F0:AA:66:32:47:EF:E0:44
X509v3 Authority Key Identifier:
keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:a0:25:53:a4:c2:7d:6b:e2:b8:46:8c:e9:78:f3:59:98:4d:
81:07:35:b2:8b:a0:33:88:ef:28:4b:b0:13:59:da:eb:65:63:
91:9a:ad:e8:64:8e:10:82:0d:84:44:75:5d:8e:ce:f1:ba:8c:
b7:23:f2:f4:09:66:58:3b:51:94:6e:e3:b1:d0:b2:24:96:8a:
a5:5b:af:7b:90:4b:1f:48:f2:16:15:a9:2d:42:a6:51:45:84:
20:65:36:95:1d:ed:ea:7e:f8:7c:4d:a2:e0:c5:32:78:ad:1f:
62:e3:cb:71:96:d1:33:bf:eb:34:b3:f8:7e:d3:f3:cc:49:51:
c8:b9:e2:8a:07:a0:04:30:6a:74:51:83:4f:5d:93:c7:73:49:
54:bc:3c:d3:97:c8:95:ce:22:58:00:f3:3b:18:46:2b:48:94:
15:dc:29:33:a6:14:6d:94:d2:20:69:5b:a4:e4:dd:8e:e6:99:
03:05:ed:e7:c4:ee:46:4c:c8:10:6d:56:d9:c5:44:a3:48:53:
e1:09:a1:17:ef:71:db:72:54:f8:a4:6a:a3:a5:c2:40:26:fe:
b7:7a:7b:0b:56:08:18:e5:86:96:c1:3f:35:04:1e:78:1d:8f:
6c:17:e8:ff:0c:8d:3f:b9:db:e9:ee:80:3a:77:65:ba:00:6e:
c0:d7:0e:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0lg1Dqp6jc/jgrSsymBeaSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy
Mjk5Y2EwHhcNMjYwMzI1MTUwMDU2WhcNMjYwMzI2MTUwMDU2WjAzMTEwLwYDVQQD
EyhiNWRhY2U5MTJlN2JiOWZiYzhiNzk5YzNmMGFhNjYzMjQ3ZWZlMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhUTVMnSMdHAlPmIBgxyXrh7OdGa
sdDaINiOYmGBFz6M279KLvANmUKuHwP25jQFsayic0qq2AQBDCx9+NcFMh1QMu/8
E9wGCoB6G4WvOPTKc1/B0GYG7V54FCHbEbb+vGUJQUu6/ez0MXSOGocnwWES2GbY
fUJ9wXaAcgPiNvc1BozNvRy/eSiG1/dBZTeXkaqemxiENXHWzYVGfaKZn0BJs4tb
R/HQVd3kEzlv95kk/IkdDbiDwBDZUuZPZK5PSp2WwDZbx9HAPRSgIj660Ly0j9e0
gqc8J4E5xF26HetH9blyXjO6N7Aj7d62SpqLqlImy90ZjLJTfiG60Y/D8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLXazpEue7n7yLeZw/CqZjJH7+BEMB8GA1UdIwQY
MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt
ZWE3YWU3MmJkMzJkLzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk
LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlKAlU6TC
fWviuEaM6XjzWZhNgQc1sougM4jvKEuwE1na62VjkZqt6GSOEIINhER1XY7O8bqM
tyPy9AlmWDtRlG7jsdCyJJaKpVuve5BLH0jyFhWpLUKmUUWEIGU2lR3t6n74fE2i
4MUyeK0fYuPLcZbRM7/rNLP4ftPzzElRyLniigegBDBqdFGDT12Tx3NJVLw805fI
lc4iWADzOxhGK0iUFdwpM6YUbZTSIGlbpOTdjuaZAwXt58TuRkzIEG1W2cVEo0hT
4QmhF+9x23JU+KRqo6XCQCb+t3p7C1YIGOWGlsE/NQQeeB2PbBfo/wyNP7nb6e6A
OndlugBuwNcO7w==
-----END CERTIFICATE-----
Generated at Thu Mar 26 02:01:40 2026 by rpki-client