Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
File: zZEXAvST1u3htuhyvKzcuFQoK60.mft (raw, json)
Hash identifier: 6y+agwayK/wlZoe+Np193u+JgOhhTJ6oRrmGP7PTJKg=
Subject key identifier: C2:F5:61:1B:90:DE:2B:63:2D:2D:22:52:F4:8E:94:62:A5:8D:25:AE
Authority key identifier: CD:91:17:02:F4:93:D6:ED:E1:B6:E8:72:BC:AC:DC:B8:54:28:2B:AD
Certificate issuer: /CN=cd911702f493d6ede1b6e872bcacdcb854282bad
Certificate serial: 019D33E3774B27D0503DB5A26463E8FB7530
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
Manifest number: 0EF2
Signing time: Sat 28 Mar 2026 10:00:38 +0000
Manifest this update: Sat 28 Mar 2026 10:00:38 +0000
Manifest next update: Sun 29 Mar 2026 10:00:38 +0000
Files and hashes: 1: Yac91t2eogvz5cwAb2fKP1E4ctw.roa (hash: GRCEipXvu/z6v8Q0987NE/jFkhe0wRikv0AvdJFVTDI=)
2: zZEXAvST1u3htuhyvKzcuFQoK60.crl (hash: uh860M9/5E3i4Pew18kAGYFEGa3YtK2dB72r3s+q97I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:e3:77:4b:27:d0:50:3d:b5:a2:64:63:e8:fb:75:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd911702f493d6ede1b6e872bcacdcb854282bad
Validity
Not Before: Mar 28 10:00:38 2026 GMT
Not After : Mar 29 10:00:38 2026 GMT
Subject: CN=c2f5611b90de2b632d2d2252f48e9462a58d25ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ac:94:3f:5f:be:af:25:a2:6b:1f:33:70:b5:
f7:46:d5:a3:81:33:10:0d:72:9a:5c:75:ac:e5:49:
de:c3:bf:09:9b:ad:97:52:03:cc:c7:6f:4c:9b:09:
cb:2c:17:80:22:f7:6c:17:56:59:de:1e:f0:fe:ae:
32:65:3c:ad:86:bb:ac:f6:16:1a:35:22:23:d9:d4:
78:49:1f:8c:02:1b:a3:d5:11:c7:c5:a3:88:46:0a:
b8:f0:aa:6a:fd:17:4a:96:89:f7:30:1e:a7:63:59:
0c:f8:70:55:33:a7:6b:07:67:9f:4f:81:13:5d:19:
d8:e8:b6:c0:c5:21:4d:82:31:34:b6:4c:22:3a:bb:
bc:f9:ea:53:90:b6:97:73:ff:3d:56:fc:f7:e9:30:
b8:74:87:82:ab:32:15:ce:ed:8d:51:62:23:76:e2:
ef:e0:19:65:92:7e:57:e1:41:c7:95:31:9f:9b:84:
6d:8b:d6:72:43:1e:0f:8e:e7:b3:df:f5:e2:91:9b:
91:7b:81:36:d6:1b:51:88:b7:c7:7a:ae:c6:44:1d:
a4:14:37:1d:75:5f:f2:4d:e0:46:50:ec:f0:ba:a5:
2f:ed:4b:ec:96:04:62:58:99:dd:18:c9:ef:06:96:
f5:1e:cb:dc:2f:a4:a4:23:e8:10:05:58:63:15:48:
2e:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F5:61:1B:90:DE:2B:63:2D:2D:22:52:F4:8E:94:62:A5:8D:25:AE
X509v3 Authority Key Identifier:
keyid:CD:91:17:02:F4:93:D6:ED:E1:B6:E8:72:BC:AC:DC:B8:54:28:2B:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:43:d3:57:e2:25:3a:66:11:aa:2a:1a:b1:26:b6:53:36:46:
ed:86:76:53:6e:f9:3f:38:86:59:93:30:26:29:0e:7a:fd:2f:
58:39:92:38:b5:36:60:32:01:8f:fc:9c:ed:b0:df:e7:48:25:
ba:49:21:13:d3:7e:63:4e:cf:b4:8d:fa:72:10:9a:6f:c8:6b:
91:33:47:f7:8f:4b:99:c0:3c:9d:f1:d1:c7:41:0b:e6:0f:d8:
7c:22:4b:1a:87:10:18:9d:aa:b8:9a:65:80:75:85:aa:63:8b:
e7:44:e7:f8:0f:b8:bd:ee:b5:e1:2a:ed:28:da:d9:5d:11:d2:
65:e3:fd:6a:1f:62:59:57:24:67:6b:65:7f:65:74:31:39:df:
41:97:de:08:f2:14:17:83:2e:af:54:ec:a1:c6:51:0a:98:43:
4a:ff:be:61:fc:bd:7b:93:06:6b:7f:5a:a0:81:dc:16:98:35:
49:35:5f:98:5a:0c:cf:b9:61:78:6e:a0:d3:73:cf:de:5d:6a:
1f:9a:cf:8a:c8:f1:6e:a4:21:e3:1e:a9:80:70:83:ad:28:6c:
15:bd:be:af:87:2a:84:c5:fb:52:6b:6a:e2:ac:f4:b8:b7:2c:
95:e7:2c:eb:fd:29:11:d0:fc:dc:4a:fb:88:fb:1d:10:36:57:
a3:08:99:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0z43dLJ9BQPbWiZGPo+3UwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTExNzAyZjQ5M2Q2ZWRlMWI2ZTg3MmJjYWNkY2I4NTQy
ODJiYWQwHhcNMjYwMzI4MTAwMDM4WhcNMjYwMzI5MTAwMDM4WjAzMTEwLwYDVQQD
EyhjMmY1NjExYjkwZGUyYjYzMmQyZDIyNTJmNDhlOTQ2MmE1OGQyNWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqyUP1++ryWiax8zcLX3RtWjgTMQ
DXKaXHWs5Unew78Jm62XUgPMx29MmwnLLBeAIvdsF1ZZ3h7w/q4yZTythrus9hYa
NSIj2dR4SR+MAhuj1RHHxaOIRgq48Kpq/RdKlon3MB6nY1kM+HBVM6drB2efT4ET
XRnY6LbAxSFNgjE0tkwiOru8+epTkLaXc/89Vvz36TC4dIeCqzIVzu2NUWIjduLv
4Bllkn5X4UHHlTGfm4Rti9ZyQx4Pjuez3/XikZuRe4E21htRiLfHeq7GRB2kFDcd
dV/yTeBGUOzwuqUv7UvslgRiWJndGMnvBpb1HsvcL6SkI+gQBVhjFUgunQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFML1YRuQ3itjLS0iUvSOlGKljSWuMB8GA1UdIwQY
MBaAFM2RFwL0k9bt4bbocrys3LhUKCutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iNzQyMDctMzg1My00MzVkLWFiZGUt
MjJiNzc4MjE2MmNhLzEvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iNzQyMDctMzg1My00MzVkLWFiZGUtMjJiNzc4MjE2MmNh
LzEvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApUPTV+Il
OmYRqioasSa2UzZG7YZ2U275PziGWZMwJikOev0vWDmSOLU2YDIBj/yc7bDf50gl
ukkhE9N+Y07PtI36chCab8hrkTNH949LmcA8nfHRx0EL5g/YfCJLGocQGJ2quJpl
gHWFqmOL50Tn+A+4ve614SrtKNrZXRHSZeP9ah9iWVckZ2tlf2V0MTnfQZfeCPIU
F4Mur1TsocZRCphDSv++Yfy9e5MGa39aoIHcFpg1STVfmFoMz7lheG6g03PP3l1q
H5rPisjxbqQh4x6pgHCDrShsFb2+r4cqhMX7Umtq4qz0uLcslecs6/0pEdD83Er7
iPsdEDZXowiZOQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 13:16:32 2026 by rpki-client