Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
File: PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft (raw, json)
Hash identifier: WF4FiL6nJUmCxhl3E9OaY6YtJvFlZbRtpO+V/3YUom4=
Subject key identifier: 40:3C:9C:05:2E:8B:36:7C:DD:E3:CC:2D:FF:75:C2:B9:D4:F9:56:E0
Authority key identifier: 3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7
Certificate issuer: /CN=3d94df65a3bdddfb55609f1850e149f82bea78f7
Certificate serial: 019D333EADC4CF8AF8DF4F68B37E6CA0584C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
Manifest number: 0DA9
Signing time: Sat 28 Mar 2026 07:00:38 +0000
Manifest this update: Sat 28 Mar 2026 07:00:38 +0000
Manifest next update: Sun 29 Mar 2026 07:00:38 +0000
Files and hashes: 1: PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl (hash: ZUC6qwss+pn0delBUBoiigWMxk4GmaM3TXUa6Wv/xBk=)
2: TLFiEoQRGLVMCGc46Mn0G99fC5U.roa (hash: gDFtNWXwzA45vosk76KSuCgqR0QSeN+bVcyur4756BI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:3e:ad:c4:cf:8a:f8:df:4f:68:b3:7e:6c:a0:58:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d94df65a3bdddfb55609f1850e149f82bea78f7
Validity
Not Before: Mar 28 07:00:38 2026 GMT
Not After : Mar 29 07:00:38 2026 GMT
Subject: CN=403c9c052e8b367cdde3cc2dff75c2b9d4f956e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:83:59:04:96:9d:ea:d6:5c:d8:0a:3d:cc:0c:
b9:99:26:69:ed:12:8d:4d:58:7f:0b:6d:ea:cf:73:
ea:d7:15:df:7f:18:87:7c:f4:b6:4b:4d:2e:8b:4f:
35:f2:6e:78:aa:96:75:09:04:c8:26:cd:52:41:fc:
24:40:ed:a6:6e:d9:32:c7:33:5c:ea:75:8b:c7:44:
93:74:60:e4:9c:91:49:df:d0:a8:26:bc:01:27:2e:
e2:fe:3f:ac:9a:0b:44:60:6a:ef:6b:7a:5d:ec:65:
ba:75:3e:73:c7:c6:cb:79:65:c0:16:5a:bb:80:79:
4c:c1:7a:9c:91:dd:a7:67:86:29:55:7d:94:70:c6:
9d:7a:28:ad:d6:44:27:b3:ec:5d:49:6f:97:c6:21:
4d:c1:09:2b:64:2f:e0:45:69:e3:10:56:fd:62:90:
40:94:5d:f5:ef:15:95:2e:e3:7a:56:e3:73:50:eb:
7b:78:30:9c:48:92:24:b9:ed:f8:28:c1:4f:79:38:
7b:2a:a6:5d:6b:4f:ef:28:b3:a8:35:d3:f5:81:0f:
02:c4:05:ea:fb:be:ed:15:7c:1d:eb:8f:7b:0b:1e:
87:53:61:4f:93:47:98:9e:b0:eb:79:8b:4e:80:81:
44:80:51:8f:47:02:e8:eb:e5:d4:bd:10:ab:33:b9:
cb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:3C:9C:05:2E:8B:36:7C:DD:E3:CC:2D:FF:75:C2:B9:D4:F9:56:E0
X509v3 Authority Key Identifier:
keyid:3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
e0:03:cd:38:b4:ea:76:39:02:e6:03:6f:2c:1a:74:64:f5:58:
b2:49:14:ff:71:51:e4:ea:14:0c:fc:c6:ad:88:31:2b:0a:78:
03:1a:84:20:7c:10:dc:2a:4a:c3:cf:68:75:03:c2:53:3f:8c:
04:b7:f5:0b:ae:59:41:59:63:51:0e:fa:c8:49:bf:92:31:cc:
30:1e:f9:8e:d1:1b:d9:1d:f6:48:93:45:a4:fa:75:1f:48:8d:
11:ad:d1:69:2a:a3:fd:6b:9f:ce:e3:f6:e8:0c:53:80:cd:ee:
88:8a:d3:38:d5:e9:09:da:0e:75:b8:35:02:f7:5c:16:13:9f:
16:0f:a2:a9:02:5d:76:f6:eb:fb:ae:18:25:80:60:b4:6c:be:
2a:05:80:75:d2:33:4a:ab:e3:77:7c:de:97:5b:a6:42:bf:aa:
ba:ec:df:39:ea:3b:b9:c2:e4:f9:bb:cf:c3:0d:1f:f6:e6:d7:
8b:ac:ae:23:42:ea:b8:18:9a:a0:c4:a8:6b:5f:25:74:18:c8:
93:34:24:00:0d:3c:48:d7:c7:8e:c3:2d:b8:3e:bc:d0:1c:8d:
dd:5f:36:e3:ce:4f:e8:a2:3d:51:dc:0d:f8:6c:f8:ac:9b:40:
66:94:e8:6f:ad:03:03:04:8f:31:03:bb:c0:72:e6:53:a1:d3:
36:26:5a:01
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0zPq3Ez4r4309os35soFhMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOTRkZjY1YTNiZGRkZmI1NTYwOWYxODUwZTE0OWY4MmJl
YTc4ZjcwHhcNMjYwMzI4MDcwMDM4WhcNMjYwMzI5MDcwMDM4WjAzMTEwLwYDVQQD
Eyg0MDNjOWMwNTJlOGIzNjdjZGRlM2NjMmRmZjc1YzJiOWQ0Zjk1NmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoNZBJad6tZc2Ao9zAy5mSZp7RKN
TVh/C23qz3Pq1xXffxiHfPS2S00ui0818m54qpZ1CQTIJs1SQfwkQO2mbtkyxzNc
6nWLx0STdGDknJFJ39CoJrwBJy7i/j+smgtEYGrva3pd7GW6dT5zx8bLeWXAFlq7
gHlMwXqckd2nZ4YpVX2UcMadeiit1kQns+xdSW+XxiFNwQkrZC/gRWnjEFb9YpBA
lF317xWVLuN6VuNzUOt7eDCcSJIkue34KMFPeTh7KqZda0/vKLOoNdP1gQ8CxAXq
+77tFXwd6497Cx6HU2FPk0eYnrDreYtOgIFEgFGPRwLo6+XUvRCrM7nLlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEA8nAUuizZ83ePMLf91wrnU+VbgMB8GA1UdIwQY
MBaAFD2U32Wjvd37VWCfGFDhSfgr6nj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmIt
MDZiOWVkOTlmMTZjLzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmItMDZiOWVkOTlmMTZj
LzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA4APNOLTq
djkC5gNvLBp0ZPVYskkU/3FR5OoUDPzGrYgxKwp4AxqEIHwQ3CpKw89odQPCUz+M
BLf1C65ZQVljUQ76yEm/kjHMMB75jtEb2R32SJNFpPp1H0iNEa3RaSqj/WufzuP2
6AxTgM3uiIrTONXpCdoOdbg1AvdcFhOfFg+iqQJddvbr+64YJYBgtGy+KgWAddIz
Sqvjd3zel1umQr+quuzfOeo7ucLk+bvPww0f9ubXi6yuI0LquBiaoMSoa18ldBjI
kzQkAA08SNfHjsMtuD680ByN3V82485P6KI9UdwN+Gz4rJtAZpTob60DAwSPMQO7
wHLmU6HTNiZaAQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:44:25 2026 by rpki-client