Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
File: zTwRDf139XdXORwPrt7r42CGVx0.mft (raw, json)
Hash identifier: P4CKxA9WwDOHnhj88SyX8/DzfBydN8ZaKnOmYecxm2w=
Subject key identifier: 0E:A7:13:A8:DC:FF:D9:83:65:5D:BD:25:EA:2C:89:B2:CD:78:96:58
Authority key identifier: CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
Certificate issuer: /CN=cd3c110dfd77f57757391c0faedeebe36086571d
Certificate serial: 019D2628795CB85C1E69273E2D7A07577C1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
Manifest number: 10A2
Signing time: Wed 25 Mar 2026 18:01:19 +0000
Manifest this update: Wed 25 Mar 2026 18:01:19 +0000
Manifest next update: Thu 26 Mar 2026 18:01:19 +0000
Files and hashes: 1: FAnp13R7vZew86VD0yXy30rskus.roa (hash: inPyQ73AzxqgSN178lLSbPKZBhe3Io2ja2XLtWWA0uk=)
2: zTwRDf139XdXORwPrt7r42CGVx0.crl (hash: IB2ADkiW2ysZ18DnGGPiCJBLm2R3v2Svr0geuj33ZsQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:79:5c:b8:5c:1e:69:27:3e:2d:7a:07:57:7c:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3c110dfd77f57757391c0faedeebe36086571d
Validity
Not Before: Mar 25 18:01:19 2026 GMT
Not After : Mar 26 18:01:19 2026 GMT
Subject: CN=0ea713a8dcffd983655dbd25ea2c89b2cd789658
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:2a:70:19:14:29:62:3f:80:0c:e5:00:6e:30:
23:47:3b:bd:15:74:f4:38:75:0a:84:e4:33:18:2b:
ef:50:1e:99:4f:54:31:fa:df:57:e4:16:03:72:ec:
2e:90:c8:ee:0c:0b:2b:41:12:bd:1c:c7:7b:cc:f1:
d4:de:af:95:90:5d:3b:4d:fe:23:0b:cd:7e:f6:5a:
34:47:04:bb:1e:e6:01:12:66:1f:2d:7e:87:13:80:
49:b7:cc:3e:7e:28:a0:93:9f:91:e9:02:9c:5a:ff:
90:d2:37:0a:c3:ed:a6:7c:01:f3:93:28:ab:8e:75:
39:65:8e:00:6c:05:7e:1c:c1:9c:25:78:48:23:8f:
79:77:20:d0:c9:0b:57:2d:a8:eb:b7:6c:f5:ad:f8:
d1:30:27:c0:75:09:a6:42:75:72:4d:12:5c:53:91:
99:27:76:2d:c3:eb:78:d7:c2:c9:1e:d3:5d:dc:f3:
f8:08:6f:76:b6:87:71:9e:42:b1:29:bf:65:d8:b6:
80:4e:f5:84:6e:e3:79:50:af:d7:49:ab:fe:9a:f6:
80:6a:12:e5:8c:2c:bf:a9:de:26:54:7e:ad:79:cc:
56:7b:08:99:c9:a7:15:6a:2b:ab:72:6b:fe:38:f5:
41:d3:21:1e:0f:37:c7:62:93:da:f1:92:70:04:ef:
8c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:A7:13:A8:DC:FF:D9:83:65:5D:BD:25:EA:2C:89:B2:CD:78:96:58
X509v3 Authority Key Identifier:
keyid:CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:1d:8f:da:6e:73:2f:37:34:b1:33:14:80:68:df:ad:68:4b:
73:cc:ba:84:6d:49:77:2e:2d:72:ac:20:47:ca:e0:f0:4a:aa:
0a:d5:e4:79:38:22:19:03:ae:bb:80:4e:db:e2:fd:b2:63:20:
72:f1:b2:17:5b:99:df:d4:52:8b:10:ea:9f:d8:7c:0b:4d:d1:
a3:9a:44:ba:c5:ab:19:64:54:5f:0f:b1:17:f5:f1:39:3d:a7:
7c:fe:af:f6:ab:4b:a9:3e:f0:8d:84:60:c5:bb:62:47:88:f4:
04:3d:c9:0d:1e:cf:c8:d8:ff:d4:d6:7c:88:91:23:1e:f0:45:
f2:a2:7b:cb:53:54:99:f3:b5:1b:f8:8a:02:99:74:75:4d:a1:
a3:d8:b0:fa:18:ab:d2:db:16:f6:50:55:1b:e3:c0:65:09:a9:
d9:e3:df:59:c8:40:c5:cc:a9:f0:c1:56:18:e2:c0:d4:5f:6f:
97:af:5e:93:b1:f6:b1:34:f4:79:01:0d:a3:d5:0f:fb:38:62:
a0:e8:4d:c3:1d:55:06:d1:7d:b9:e5:fc:ff:29:76:b8:af:2b:
d9:bc:5c:c4:b3:60:7d:ee:09:d5:a7:6e:95:5c:6a:55:1a:91:
98:75:8c:d4:39:fa:95:ee:a6:d6:7d:a1:f9:81:9f:9c:0e:7b:
b3:c6:3e:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKHlcuFweaSc+LXoHV3wfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2MxMTBkZmQ3N2Y1Nzc1NzM5MWMwZmFlZGVlYmUzNjA4
NjU3MWQwHhcNMjYwMzI1MTgwMTE5WhcNMjYwMzI2MTgwMTE5WjAzMTEwLwYDVQQD
EygwZWE3MTNhOGRjZmZkOTgzNjU1ZGJkMjVlYTJjODliMmNkNzg5NjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ipwGRQpYj+ADOUAbjAjRzu9FXT0
OHUKhOQzGCvvUB6ZT1Qx+t9X5BYDcuwukMjuDAsrQRK9HMd7zPHU3q+VkF07Tf4j
C81+9lo0RwS7HuYBEmYfLX6HE4BJt8w+fiigk5+R6QKcWv+Q0jcKw+2mfAHzkyir
jnU5ZY4AbAV+HMGcJXhII495dyDQyQtXLajrt2z1rfjRMCfAdQmmQnVyTRJcU5GZ
J3Ytw+t418LJHtNd3PP4CG92todxnkKxKb9l2LaATvWEbuN5UK/XSav+mvaAahLl
jCy/qd4mVH6tecxWewiZyacVaiurcmv+OPVB0yEeDzfHYpPa8ZJwBO+MjQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA6nE6jc/9mDZV29JeosibLNeJZYMB8GA1UdIwQY
MBaAFM08EQ39d/V3VzkcD67e6+NghlcdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYt
NmMwMmVjMTliODA5LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYtNmMwMmVjMTliODA5
LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZx2P2m5z
Lzc0sTMUgGjfrWhLc8y6hG1Jdy4tcqwgR8rg8EqqCtXkeTgiGQOuu4BO2+L9smMg
cvGyF1uZ39RSixDqn9h8C03Ro5pEusWrGWRUXw+xF/XxOT2nfP6v9qtLqT7wjYRg
xbtiR4j0BD3JDR7PyNj/1NZ8iJEjHvBF8qJ7y1NUmfO1G/iKApl0dU2ho9iw+hir
0tsW9lBVG+PAZQmp2ePfWchAxcyp8MFWGOLA1F9vl69ek7H2sTT0eQENo9UP+zhi
oOhNwx1VBtF9ueX8/yl2uK8r2bxcxLNgfe4J1adulVxqVRqRmHWM1Dn6le6m1n2h
+YGfnA57s8Y+Qg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:36:37 2026 by rpki-client