Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
File: zdpbTOlfoL32BUFp53rvyCZd28Q.mft (raw, json)
Hash identifier: 89H+/E3/8BLVun3UJ6Rbm3VNlLSvNDkdPdPkGf+O30w=
Subject key identifier: BB:B6:50:31:2B:70:8D:1D:0F:91:73:C3:8A:78:CC:54:1C:B3:D4:3B
Authority key identifier: CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
Certificate issuer: /CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Certificate serial: 019D2929A435A76ECA10EAD4A9FC10C919D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
Manifest number: 181A
Signing time: Thu 26 Mar 2026 08:01:27 +0000
Manifest this update: Thu 26 Mar 2026 08:01:27 +0000
Manifest next update: Fri 27 Mar 2026 08:01:27 +0000
Files and hashes: 1: _8ZFO9ocBpb_Ph-40yN6ACd4c-s.roa (hash: nv3UD4Bh28t9KPR31Vxom/hj2bFKQ3slvDA/BYva5PI=)
2: zdpbTOlfoL32BUFp53rvyCZd28Q.crl (hash: G9I3xHT/O/OUb/1F3GiF41yHMNf/VG7xUvsfvfY15xs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:a4:35:a7:6e:ca:10:ea:d4:a9:fc:10:c9:19:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Validity
Not Before: Mar 26 08:01:27 2026 GMT
Not After : Mar 27 08:01:27 2026 GMT
Subject: CN=bbb650312b708d1d0f9173c38a78cc541cb3d43b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bd:0f:ca:40:2b:eb:53:c3:b4:c2:f8:20:14:
0b:64:1f:7d:1a:4b:79:00:f2:52:cb:1c:ff:74:98:
df:dc:33:f6:3f:ab:0f:dd:5f:c2:f0:0b:a3:81:44:
5a:9c:21:2b:ef:e3:eb:f7:c0:c1:13:c8:02:c5:b5:
e8:58:d0:0f:15:53:da:7f:c9:3c:43:00:97:c8:ee:
21:d7:77:44:63:f7:c4:a2:d6:e1:b5:da:03:06:c2:
2a:f3:79:b9:e8:30:88:05:47:64:28:1a:46:f3:0c:
35:9a:10:97:10:cb:81:7d:be:f0:ad:e7:18:6a:0b:
fc:d8:45:9b:b6:6e:8e:28:8f:99:c4:f6:76:a8:60:
da:c5:d3:7a:f9:8b:94:0f:3a:c1:0b:9c:b6:df:1d:
de:bb:21:cc:91:a0:c7:e4:1b:9a:98:b6:79:ae:c2:
94:fd:76:d1:25:de:8a:b3:80:fe:03:92:de:5d:a3:
f8:18:11:84:7b:01:88:bf:4e:79:8d:1a:ae:ab:b8:
3d:cc:b6:15:89:36:f9:dc:16:2a:12:09:f2:d3:94:
de:52:a8:80:55:22:e7:8e:9e:95:48:72:36:e5:55:
31:b6:e9:31:ab:f4:c4:58:ea:0c:fe:65:57:9e:49:
f3:1f:f8:a2:e0:a1:f4:aa:b8:1d:70:5f:ca:57:e8:
41:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:B6:50:31:2B:70:8D:1D:0F:91:73:C3:8A:78:CC:54:1C:B3:D4:3B
X509v3 Authority Key Identifier:
keyid:CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:03:0f:1b:97:fc:e3:e6:fd:d9:d6:a6:51:21:d0:d2:c7:6c:
c4:50:6d:23:cd:53:ba:cb:35:49:fa:56:be:74:00:da:21:db:
66:e9:51:d9:26:38:e7:8e:00:86:83:04:27:a5:68:23:4f:6f:
0d:7d:7c:a1:04:ca:67:07:77:98:25:3d:9d:aa:32:fe:54:28:
9b:88:3a:1f:63:1b:26:cf:92:7e:4c:d2:f0:9b:e2:af:fc:e5:
91:84:6d:93:93:af:70:35:75:8b:40:d2:67:7b:b5:7b:d5:6f:
38:1f:d4:fa:84:97:54:0d:d4:98:b1:87:0b:27:60:53:56:ee:
53:c2:d5:05:97:aa:b6:10:87:f4:50:6a:75:f4:af:b8:eb:6b:
1f:f6:17:28:47:17:d2:a0:85:6a:18:d1:93:56:62:72:25:2a:
af:86:6a:bd:f8:27:da:89:e4:cc:a8:63:64:5d:71:cb:5a:22:
f4:b2:6e:7a:82:ab:49:8e:60:c1:17:28:a9:d1:3a:06:06:8a:
77:fc:d1:07:e8:b2:72:f8:a0:3b:2e:80:88:98:49:26:c4:92:
29:97:90:40:10:7f:af:27:27:cf:89:31:07:0e:64:95:dc:2d:
aa:5c:25:f9:eb:17:7d:c3:4f:84:14:d3:a7:47:72:11:82:25:
c1:be:c7:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKaQ1p27KEOrUqfwQyRnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGE1YjRjZTk1ZmEwYmRmNjA1NDE2OWU3N2FlZmM4MjY1
ZGRiYzQwHhcNMjYwMzI2MDgwMTI3WhcNMjYwMzI3MDgwMTI3WjAzMTEwLwYDVQQD
EyhiYmI2NTAzMTJiNzA4ZDFkMGY5MTczYzM4YTc4Y2M1NDFjYjNkNDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL0PykAr61PDtML4IBQLZB99Gkt5
APJSyxz/dJjf3DP2P6sP3V/C8AujgURanCEr7+Pr98DBE8gCxbXoWNAPFVPaf8k8
QwCXyO4h13dEY/fEotbhtdoDBsIq83m56DCIBUdkKBpG8ww1mhCXEMuBfb7wrecY
agv82EWbtm6OKI+ZxPZ2qGDaxdN6+YuUDzrBC5y23x3euyHMkaDH5BuamLZ5rsKU
/XbRJd6Ks4D+A5LeXaP4GBGEewGIv055jRquq7g9zLYViTb53BYqEgny05TeUqiA
VSLnjp6VSHI25VUxtukxq/TEWOoM/mVXnknzH/ii4KH0qrgdcF/KV+hBgQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLu2UDErcI0dD5Fzw4p4zFQcs9Q7MB8GA1UdIwQY
MBaAFM3aW0zpX6C99gVBaed678gmXdvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2Yt
MmFkZDVlNzk3Yzc1LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2YtMmFkZDVlNzk3Yzc1
LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAMPG5f8
4+b92damUSHQ0sdsxFBtI81Tuss1SfpWvnQA2iHbZulR2SY4544AhoMEJ6VoI09v
DX18oQTKZwd3mCU9naoy/lQom4g6H2MbJs+SfkzS8Jvir/zlkYRtk5OvcDV1i0DS
Z3u1e9VvOB/U+oSXVA3UmLGHCydgU1buU8LVBZeqthCH9FBqdfSvuOtrH/YXKEcX
0qCFahjRk1ZiciUqr4Zqvfgn2onkzKhjZF1xy1oi9LJueoKrSY5gwRcoqdE6BgaK
d/zRB+iycvigOy6AiJhJJsSSKZeQQBB/rycnz4kxBw5kldwtqlwl+esXfcNPhBTT
p0dyEYIlwb7HQw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:59:57 2026 by rpki-client