Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft
File: rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft (raw, json)
Hash identifier: iZiN52fYJyZZl/pNR1HUU4CvLg/ZGd/sJ+l1SKbougU=
Subject key identifier: 8A:CA:7D:CA:8E:D0:8A:88:FD:CA:1E:23:C4:D2:1C:09:94:16:54:7E
Authority key identifier: AD:94:79:AF:E3:A9:A1:8E:1C:37:4F:CA:02:2D:1F:F2:A2:55:B1:AF
Certificate issuer: /CN=ad9479afe3a9a18e1c374fca022d1ff2a255b1af
Certificate serial: 019D2929853487A82B44A77E1CD8D174C7A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft
Manifest number: 033D
Signing time: Thu 26 Mar 2026 08:01:20 +0000
Manifest this update: Thu 26 Mar 2026 08:01:20 +0000
Manifest next update: Fri 27 Mar 2026 08:01:20 +0000
Files and hashes: 1: 15iMLkZijLxFQhyhHpyZVO_Pbh0.roa (hash: 4vg9pvNIz6AeHAhcqTYuN2xhMEHA7ity8ku3fgSFNxI=)
2: rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl (hash: 5FB5sk1TGBJIZ32BmIhOjNfdUpCiFsZY+k0AShQ3aQk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:85:34:87:a8:2b:44:a7:7e:1c:d8:d1:74:c7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9479afe3a9a18e1c374fca022d1ff2a255b1af
Validity
Not Before: Mar 26 08:01:20 2026 GMT
Not After : Mar 27 08:01:20 2026 GMT
Subject: CN=8aca7dca8ed08a88fdca1e23c4d21c099416547e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:48:5a:d9:81:de:95:07:02:ad:a1:a6:b8:c8:
1d:a5:ac:1e:4d:b8:da:2a:42:e8:3d:b5:9a:6e:b2:
7a:d6:23:9d:12:86:34:e8:ff:69:a6:c9:95:a8:9c:
c0:ca:3c:8e:99:ef:19:50:38:2c:88:a7:81:5e:6a:
55:33:2c:6a:36:6e:45:90:8c:6a:65:86:e6:5e:25:
3a:b6:f1:c8:9a:19:fa:db:c4:ce:17:7e:ea:42:da:
52:88:cf:ed:83:7c:a7:cb:f1:5c:a3:dd:c8:a9:a5:
65:6d:6e:40:76:f6:6a:1b:4c:45:7c:9a:3f:c7:bb:
f2:b5:00:58:e8:db:68:74:ad:66:3a:61:1b:7e:9c:
f8:c6:17:47:01:b6:3f:31:16:89:5f:fe:63:bb:6c:
fc:f5:12:75:66:f3:85:4f:32:59:a0:85:49:86:90:
d6:67:54:db:55:82:09:8e:f3:ac:6d:3f:c4:f9:13:
ff:1b:ce:37:a8:e1:fe:e8:51:6a:ae:c1:e2:90:80:
e6:60:43:ed:45:55:93:5f:57:bf:b9:02:64:d2:dd:
ef:40:dc:d9:2e:54:14:5c:2f:c3:88:dc:33:ab:54:
49:5d:74:49:45:94:e0:47:b9:7c:a9:d9:ab:2f:4a:
4f:67:77:85:68:12:b6:8a:73:f2:af:dd:af:13:d5:
ce:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:CA:7D:CA:8E:D0:8A:88:FD:CA:1E:23:C4:D2:1C:09:94:16:54:7E
X509v3 Authority Key Identifier:
keyid:AD:94:79:AF:E3:A9:A1:8E:1C:37:4F:CA:02:2D:1F:F2:A2:55:B1:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:c8:84:9b:c1:3c:a6:e6:ac:dd:12:07:b5:b9:0f:9a:f0:a9:
62:06:44:e5:0d:a6:88:fb:2c:1a:8c:a3:fa:3d:c2:5f:b9:ad:
91:d9:4a:9b:0f:dc:57:df:15:15:26:8d:86:22:ea:d2:1b:29:
e2:69:91:c2:df:1c:ad:d6:0e:5c:a8:af:02:3f:9e:a6:77:49:
b7:a8:95:76:61:41:28:b9:93:ba:01:76:0f:b7:14:7b:05:a5:
5b:2a:27:a3:35:93:96:20:ee:4d:c1:dd:b6:0e:5f:62:55:8d:
5e:cd:42:cd:87:91:9e:e3:73:91:51:a3:a1:1b:15:4d:90:0c:
00:7a:8a:31:1a:4e:4c:07:fa:b6:0e:5e:cb:69:60:98:a6:da:
c1:51:b6:3d:e0:16:dd:64:61:90:16:c9:d6:d3:27:4a:3e:dd:
0a:2b:9c:43:03:94:1e:c4:eb:54:51:01:51:70:e3:f9:f5:b1:
96:c6:b8:9d:4c:6b:cf:f5:fc:1a:5c:02:b0:46:95:e7:e3:31:
e3:d8:a0:85:59:ab:81:8a:f1:47:24:fa:33:76:8a:0a:2d:73:
b5:2d:ab:48:9d:e5:0f:2a:42:24:57:31:0e:5e:20:58:f3:5b:
b3:54:e2:ac:14:06:3f:5e:c8:ff:9c:23:c5:28:c8:84:2c:ba:
8b:5a:4c:61
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKYU0h6grRKd+HNjRdMepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTQ3OWFmZTNhOWExOGUxYzM3NGZjYTAyMmQxZmYyYTI1
NWIxYWYwHhcNMjYwMzI2MDgwMTIwWhcNMjYwMzI3MDgwMTIwWjAzMTEwLwYDVQQD
Eyg4YWNhN2RjYThlZDA4YTg4ZmRjYTFlMjNjNGQyMWMwOTk0MTY1NDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Eha2YHelQcCraGmuMgdpaweTbja
KkLoPbWabrJ61iOdEoY06P9ppsmVqJzAyjyOme8ZUDgsiKeBXmpVMyxqNm5FkIxq
ZYbmXiU6tvHImhn628TOF37qQtpSiM/tg3yny/Fco93IqaVlbW5AdvZqG0xFfJo/
x7vytQBY6NtodK1mOmEbfpz4xhdHAbY/MRaJX/5ju2z89RJ1ZvOFTzJZoIVJhpDW
Z1TbVYIJjvOsbT/E+RP/G843qOH+6FFqrsHikIDmYEPtRVWTX1e/uQJk0t3vQNzZ
LlQUXC/DiNwzq1RJXXRJRZTgR7l8qdmrL0pPZ3eFaBK2inPyr92vE9XOiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIrKfcqO0IqI/coeI8TSHAmUFlR+MB8GA1UdIwQY
MBaAFK2Uea/jqaGOHDdPygItH/KiVbGvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9iMmY5NjMtMzkzOS00NGM1LTliOWQt
YjE2MjQyYjliZGU3LzEvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9iMmY5NjMtMzkzOS00NGM1LTliOWQtYjE2MjQyYjliZGU3
LzEvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbciEm8E8
puas3RIHtbkPmvCpYgZE5Q2miPssGoyj+j3CX7mtkdlKmw/cV98VFSaNhiLq0hsp
4mmRwt8crdYOXKivAj+epndJt6iVdmFBKLmTugF2D7cUewWlWyonozWTliDuTcHd
tg5fYlWNXs1CzYeRnuNzkVGjoRsVTZAMAHqKMRpOTAf6tg5ey2lgmKbawVG2PeAW
3WRhkBbJ1tMnSj7dCiucQwOUHsTrVFEBUXDj+fWxlsa4nUxrz/X8GlwCsEaV5+Mx
49ighVmrgYrxRyT6M3aKCi1ztS2rSJ3lDypCJFcxDl4gWPNbs1TirBQGP17I/5wj
xSjIhCy6i1pMYQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:44:45 2026 by rpki-client