Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json)
Hash identifier: VL4NBf0XUFlvv3cKALNq3Gxf9mbRZiM9NZmPfaw95KA=
Subject key identifier: DD:DF:A8:94:EE:46:0A:91:D6:62:D2:E6:1B:79:88:01:D3:CF:C9:8E
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 019D299706B2AC47FB97CD4F4E391EAABAAA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
Manifest number: 11DB
Signing time: Thu 26 Mar 2026 10:00:56 +0000
Manifest this update: Thu 26 Mar 2026 10:00:56 +0000
Manifest next update: Fri 27 Mar 2026 10:00:56 +0000
Files and hashes: 1: yzXrrRWPDYOcOLI4hGG7vstnVp8.roa (hash: mQQO4fQDtO1e6Al8h5oGh/1/PVcaNjkE6edpjjJBzJM=)
2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: 8TRIH1w4cAJCz5aF6j6z8tmlKbuUTd4R1N/b6Rvu5Q8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:97:06:b2:ac:47:fb:97:cd:4f:4e:39:1e:aa:ba:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Mar 26 10:00:56 2026 GMT
Not After : Mar 27 10:00:56 2026 GMT
Subject: CN=dddfa894ee460a91d662d2e61b798801d3cfc98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:fb:6c:a5:96:11:b3:d3:60:ad:c9:4d:e8:
c5:fc:3b:ec:9f:58:bb:99:42:b4:f3:a5:ba:06:22:
0d:7f:de:86:f3:53:2f:f3:ab:c3:2e:cd:58:74:82:
e9:8a:75:35:93:2f:b1:41:07:9a:db:88:2a:22:22:
1a:c5:2b:4e:ad:4c:99:cd:7f:d6:e9:cb:97:d8:2f:
13:bd:5f:33:43:ad:e0:83:ee:71:54:c3:de:b2:65:
93:fd:ba:70:70:37:e4:30:c0:72:b8:af:63:d1:ca:
de:65:6e:7c:62:82:51:87:7a:02:fa:82:7d:41:07:
e7:e0:c6:84:af:6a:12:f0:ea:99:d2:05:75:ce:9d:
e7:7e:a5:3c:a3:65:39:9e:9d:3d:ea:80:ad:88:f6:
63:d9:e6:d0:d3:35:e5:3a:55:44:65:79:9a:98:04:
81:f9:c6:bb:12:3d:8f:29:f7:5d:e8:15:2f:86:b4:
78:a5:c4:ce:dc:1a:97:20:9f:b0:b7:1f:fc:08:04:
b5:fa:5a:8a:d2:25:61:ac:66:40:2f:93:de:2d:bc:
1d:4c:1c:40:f7:11:da:d0:c3:50:6f:dc:1f:5d:bd:
d3:f1:68:f9:b6:3c:6d:42:5f:b0:aa:88:c2:42:bc:
22:5c:ac:79:12:ea:b6:e2:75:6a:ee:b8:de:e1:67:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:DF:A8:94:EE:46:0A:91:D6:62:D2:E6:1B:79:88:01:D3:CF:C9:8E
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:e2:27:25:0b:db:35:81:4d:3e:c7:16:32:d1:7e:3f:36:99:
bb:47:85:94:fb:89:d8:0f:90:8d:c4:06:9f:f3:61:cf:cd:4d:
e1:75:16:f4:16:65:c9:61:f8:85:66:94:f3:b8:bb:0c:c8:fe:
1d:cc:f4:c3:01:a8:aa:a4:e8:9b:8f:9b:14:42:83:fd:17:df:
4b:85:cd:14:f5:a5:b6:c8:b1:6e:4b:f7:ce:21:6f:b5:09:46:
c8:75:c8:8e:c4:1a:fb:db:44:1a:b8:d3:38:87:c8:b1:3e:29:
1a:0b:11:d5:c4:dd:d4:51:7f:1f:2d:45:9e:1a:a3:b7:0a:b1:
3a:78:6d:8f:10:05:a1:fd:1f:93:cd:82:a1:64:ff:d1:4f:44:
02:4f:7d:95:2b:b7:c7:f6:a0:72:40:01:b0:1c:7d:58:e3:a9:
e6:a0:ba:2a:62:74:c2:a7:5f:77:2b:e5:c1:f8:d1:bc:71:6d:
0f:60:3c:da:1f:38:76:c7:47:c3:34:c4:6c:5f:60:8c:b3:c2:
cc:a8:44:0b:0b:16:23:03:fc:8d:98:80:a7:00:8f:1f:85:55:
eb:78:10:01:26:00:db:4c:7d:dc:58:da:bf:c3:8e:9c:c5:73:
29:4d:b8:de:42:68:dd:dc:31:82:68:8e:dc:1d:a4:84:e9:bc:
62:50:d1:56
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0plwayrEf7l81PTjkeqrqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjYwMzI2MTAwMDU2WhcNMjYwMzI3MTAwMDU2WjAzMTEwLwYDVQQD
EyhkZGRmYTg5NGVlNDYwYTkxZDY2MmQyZTYxYjc5ODgwMWQzY2ZjOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6v7bKWWEbPTYK3JTejF/Dvsn1i7
mUK086W6BiINf96G81Mv86vDLs1YdILpinU1ky+xQQea24gqIiIaxStOrUyZzX/W
6cuX2C8TvV8zQ63gg+5xVMPesmWT/bpwcDfkMMByuK9j0creZW58YoJRh3oC+oJ9
QQfn4MaEr2oS8OqZ0gV1zp3nfqU8o2U5np096oCtiPZj2ebQ0zXlOlVEZXmamASB
+ca7Ej2PKfdd6BUvhrR4pcTO3BqXIJ+wtx/8CAS1+lqK0iVhrGZAL5PeLbwdTBxA
9xHa0MNQb9wfXb3T8Wj5tjxtQl+wqojCQrwiXKx5Euq24nVq7rje4Wc6hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3fqJTuRgqR1mLS5ht5iAHTz8mOMB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACuInJQvb
NYFNPscWMtF+PzaZu0eFlPuJ2A+QjcQGn/Nhz81N4XUW9BZlyWH4hWaU87i7DMj+
Hcz0wwGoqqTom4+bFEKD/RffS4XNFPWltsixbkv3ziFvtQlGyHXIjsQa+9tEGrjT
OIfIsT4pGgsR1cTd1FF/Hy1FnhqjtwqxOnhtjxAFof0fk82CoWT/0U9EAk99lSu3
x/agckABsBx9WOOp5qC6KmJ0wqdfdyvlwfjRvHFtD2A82h84dsdHwzTEbF9gjLPC
zKhECwsWIwP8jZiApwCPH4VV63gQASYA20x93Fjav8OOnMVzKU243kJo3dwxgmiO
3B2khOm8YlDRVg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:43:07 2026 by rpki-client