Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
File: pz1kDZC_PWfySYE4zDcfZUZH3a0.mft (raw, json)
Hash identifier: IEX41nRu/ZbE6S/3CrzlKCGPThWFRHXaGSMEmhZhdrs=
Subject key identifier: 81:05:63:77:05:34:BA:9E:FC:06:21:5D:74:34:85:CC:93:B5:8A:B4
Authority key identifier: A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD
Certificate issuer: /CN=a73d640d90bf3d67f2498138cc371f654647ddad
Certificate serial: 019D292990A9B6C898A4A85E326AD0DAEF60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
Manifest number: 1283
Signing time: Thu 26 Mar 2026 08:01:22 +0000
Manifest this update: Thu 26 Mar 2026 08:01:22 +0000
Manifest next update: Fri 27 Mar 2026 08:01:22 +0000
Files and hashes: 1: 9Iq_uFn7lRh-tQAiHIkLmewE_1E.roa (hash: OJCXmXG7WwlTCrAqRIAIwma12baEae1VhFyXFu0RHaY=)
2: pz1kDZC_PWfySYE4zDcfZUZH3a0.crl (hash: 92dG2Ei+MnZ+R3x0kUUuLhaEQlbg0YCr9ZjojSOlWhQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:29:90:a9:b6:c8:98:a4:a8:5e:32:6a:d0:da:ef:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a73d640d90bf3d67f2498138cc371f654647ddad
Validity
Not Before: Mar 26 08:01:22 2026 GMT
Not After : Mar 27 08:01:22 2026 GMT
Subject: CN=810563770534ba9efc06215d743485cc93b58ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c9:a5:fd:06:fb:19:0d:fa:30:f5:68:6a:66:
08:02:08:dd:41:91:b9:d3:2a:b0:fb:64:e4:da:17:
93:e7:a3:0e:b4:ba:f2:48:0f:dd:c9:96:bb:c3:9f:
66:3c:dd:95:66:07:17:46:23:d0:5f:f7:a9:4d:50:
50:9f:cc:65:e4:e1:0c:78:a6:1b:c5:50:53:8c:3b:
1c:1c:b8:d7:36:4d:e7:ee:91:27:da:2b:18:ff:f8:
73:de:10:ce:66:01:f4:de:49:17:49:b6:d5:35:69:
99:17:8d:bd:ae:e5:dc:c1:91:40:c5:9a:40:15:7a:
d0:de:dd:05:b1:31:90:a1:37:e1:dc:a8:3a:28:40:
d2:e4:2b:aa:67:f9:63:e7:bb:28:9b:ee:78:ff:71:
f7:63:54:e3:36:37:ac:74:0f:33:26:dc:55:f9:22:
bc:1c:66:d0:63:2e:64:2a:c8:e3:5e:2d:ac:34:c5:
bf:0c:d6:13:d7:42:d1:58:a8:23:d0:b7:1a:28:b1:
ce:a2:bc:79:f3:dc:fd:a6:d0:fb:5e:d5:5e:9e:f7:
9b:de:3e:c5:3f:0f:54:47:e3:71:ca:b5:91:b7:00:
c4:c0:c6:bb:11:17:31:f0:53:08:d4:de:bd:7a:93:
48:83:8c:0e:4b:28:5b:66:fc:59:33:1b:dc:90:83:
9b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:05:63:77:05:34:BA:9E:FC:06:21:5D:74:34:85:CC:93:B5:8A:B4
X509v3 Authority Key Identifier:
keyid:A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:63:e3:fc:71:c0:17:17:8e:cd:f9:a7:94:62:67:fc:60:54:
9b:5b:da:6a:11:eb:e2:54:af:69:3e:9c:78:c1:6a:e2:6b:df:
d9:5d:2b:ec:92:c5:d0:2d:eb:fd:5b:78:25:61:64:3d:4e:3d:
9a:c5:0c:fd:33:fb:bd:14:f1:ca:c6:a1:81:47:ea:c6:2c:e8:
24:45:32:7c:09:d2:00:76:8b:8c:10:a1:79:73:d4:41:c3:62:
3a:95:46:e6:5b:53:ca:a0:d1:85:1b:64:fb:1c:42:41:a8:7d:
e7:ad:39:69:ab:8e:58:f6:11:5d:70:88:e2:b7:48:61:55:ee:
ca:de:91:d9:50:7d:4a:21:65:a5:36:20:8f:f0:7f:a5:cf:31:
05:65:53:fc:7d:da:e7:0d:91:d7:02:0d:34:a5:ca:b4:60:09:
c9:9e:84:89:f9:91:24:4b:a5:a9:79:64:56:b9:c9:cd:32:ad:
c3:23:92:50:a8:5f:3a:e5:48:e9:85:9c:95:35:4a:56:17:b3:
e9:33:39:03:f0:f9:69:ba:cf:c2:3e:71:2a:87:c0:0e:5a:9f:
ae:c6:b0:79:28:b5:75:56:15:cd:42:97:62:8c:e2:47:d3:bc:
d3:36:cc:69:f0:0b:84:e1:19:2c:3f:c1:20:80:57:a3:e2:93:
5e:1a:1f:31
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0pKZCptsiYpKheMmrQ2u9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3M2Q2NDBkOTBiZjNkNjdmMjQ5ODEzOGNjMzcxZjY1NDY0
N2RkYWQwHhcNMjYwMzI2MDgwMTIyWhcNMjYwMzI3MDgwMTIyWjAzMTEwLwYDVQQD
Eyg4MTA1NjM3NzA1MzRiYTllZmMwNjIxNWQ3NDM0ODVjYzkzYjU4YWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksml/Qb7GQ36MPVoamYIAgjdQZG5
0yqw+2Tk2heT56MOtLrySA/dyZa7w59mPN2VZgcXRiPQX/epTVBQn8xl5OEMeKYb
xVBTjDscHLjXNk3n7pEn2isY//hz3hDOZgH03kkXSbbVNWmZF429ruXcwZFAxZpA
FXrQ3t0FsTGQoTfh3Kg6KEDS5CuqZ/lj57som+54/3H3Y1TjNjesdA8zJtxV+SK8
HGbQYy5kKsjjXi2sNMW/DNYT10LRWKgj0LcaKLHOorx589z9ptD7XtVenveb3j7F
Pw9UR+NxyrWRtwDEwMa7ERcx8FMI1N69epNIg4wOSyhbZvxZMxvckIObuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIEFY3cFNLqe/AYhXXQ0hcyTtYq0MB8GA1UdIwQY
MBaAFKc9ZA2Qvz1n8kmBOMw3H2VGR92tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWIt
NzUwMzk3NTBiZDY4LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWItNzUwMzk3NTBiZDY4
LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQWPj/HHA
FxeOzfmnlGJn/GBUm1vaahHr4lSvaT6ceMFq4mvf2V0r7JLF0C3r/Vt4JWFkPU49
msUM/TP7vRTxysahgUfqxizoJEUyfAnSAHaLjBCheXPUQcNiOpVG5ltTyqDRhRtk
+xxCQah95605aauOWPYRXXCI4rdIYVXuyt6R2VB9SiFlpTYgj/B/pc8xBWVT/H3a
5w2R1wINNKXKtGAJyZ6EifmRJEulqXlkVrnJzTKtwyOSUKhfOuVI6YWclTVKVhez
6TM5A/D5abrPwj5xKofADlqfrsaweSi1dVYVzUKXYoziR9O80zbMafALhOEZLD/B
IIBXo+KTXhofMQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:03:26 2026 by rpki-client