Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft
File: ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft (raw, json)
Hash identifier: oLqzPKvRxSN9JmTZZKvrEP3l8UPY5w2uQB2yFCBV/IE=
Subject key identifier: 70:01:E7:76:F1:73:62:81:62:11:A7:9D:00:C2:49:42:12:36:B8:92
Authority key identifier: 64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
Certificate issuer: /CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Certificate serial: 019D28F20DE37449DADDB483555A4CAA3712
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft
Manifest number: 188E
Signing time: Thu 26 Mar 2026 07:00:45 +0000
Manifest this update: Thu 26 Mar 2026 07:00:45 +0000
Manifest next update: Fri 27 Mar 2026 07:00:45 +0000
Files and hashes: 1: 8lyQvVkkT8cJKDB078Bw7EZ1cA4.roa (hash: gveYep3uEwHr6LaxWrdDXfeKga87B02W7vk/P3l0P/c=)
2: ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl (hash: eLmufReKXcATQ7iZtJWeJioWWGiH7KOx7WFnJyWnWA4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:f2:0d:e3:74:49:da:dd:b4:83:55:5a:4c:aa:37:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3
Validity
Not Before: Mar 26 07:00:45 2026 GMT
Not After : Mar 27 07:00:45 2026 GMT
Subject: CN=7001e776f17362816211a79d00c249421236b892
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b6:d3:66:dc:c4:ab:89:cf:94:30:28:84:8c:
63:97:3b:80:c6:c2:f2:d3:72:75:a0:9f:7d:47:4c:
42:f7:5c:56:cd:6d:8f:62:dd:31:bc:14:da:64:f5:
f7:17:55:ae:d2:ba:7f:6b:6b:d4:09:c7:03:4b:a7:
0c:c8:56:77:bd:0f:9b:5b:ee:f2:21:a6:ca:03:de:
36:dd:99:6a:e1:a7:75:33:d0:54:d5:95:56:4e:af:
38:46:f1:71:db:69:92:9c:18:9b:35:fc:de:ed:ad:
68:fc:d4:6b:b7:01:43:e0:94:b8:15:25:03:13:8e:
9e:b2:d8:d2:c2:c1:0f:4c:6d:35:e3:5d:6e:d6:0e:
fa:17:b3:5b:10:86:a5:2e:d0:23:05:58:2e:4e:ea:
70:e8:ca:14:c1:29:47:f9:a2:94:d9:08:36:30:f6:
9f:d9:1a:23:25:52:b1:fd:0a:d1:57:ee:69:7e:52:
bc:78:74:c9:f4:87:2b:72:bc:1a:b8:12:6a:a4:b9:
a7:b2:26:c3:61:0f:11:b1:e5:69:de:8c:fc:31:18:
55:6b:66:6f:90:ad:1f:46:99:c0:cc:24:a6:72:9c:
58:46:d7:21:5e:ce:73:a5:0a:23:fa:d8:ea:39:25:
36:b7:c1:ca:57:dd:09:33:b7:6e:9f:ec:be:5c:43:
ba:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:01:E7:76:F1:73:62:81:62:11:A7:9D:00:C2:49:42:12:36:B8:92
X509v3 Authority Key Identifier:
keyid:64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:59:70:76:2a:db:19:f9:05:3d:ca:ba:2a:c6:e0:60:12:a4:
90:fd:0d:fc:ad:fb:39:4a:1f:1f:0d:26:d2:b3:dc:96:b1:b1:
7e:4e:46:10:c3:f7:1e:0f:56:63:5a:73:72:78:8b:9f:68:47:
d0:aa:c7:44:99:7d:f8:68:f4:ec:4e:a3:0e:b2:e3:42:29:8b:
bb:6a:12:ff:f3:6d:2c:08:25:2c:f5:c0:7e:01:ca:54:21:84:
66:51:b7:8a:ba:4d:3d:ab:42:77:de:51:51:d4:d4:c5:41:73:
ba:33:e7:24:4c:f8:1d:68:f7:ea:13:3f:d5:90:f3:40:9e:bb:
d4:c5:a6:f4:76:e2:df:88:0d:af:c5:6c:08:92:2e:0e:0b:1d:
58:41:8d:37:2b:61:40:e6:6f:46:ec:ed:86:14:03:c7:e1:3c:
22:65:f0:38:d5:f0:18:16:e3:8d:5b:2f:c9:69:4f:7d:61:93:
3f:86:b4:fd:1e:8a:27:62:d3:fb:37:4b:eb:f6:c7:e9:8e:ec:
a6:8e:54:e7:45:04:86:d1:34:b9:c4:f3:8d:54:48:4b:8b:35:
bc:92:e5:fb:6c:42:e6:ac:c4:ca:84:7b:f9:36:31:cf:76:ef:
ab:56:16:49:9a:32:4a:0e:12:43:26:f9:6f:12:48:95:21:a4:
40:cc:df:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0o8g3jdEna3bSDVVpMqjcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZWY5OGFkYmY0MmQ1YmFjZDI0Y2FkYjBhZGYwOTJjNDU3
NmRhZjMwHhcNMjYwMzI2MDcwMDQ1WhcNMjYwMzI3MDcwMDQ1WjAzMTEwLwYDVQQD
Eyg3MDAxZTc3NmYxNzM2MjgxNjIxMWE3OWQwMGMyNDk0MjEyMzZiODkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLbTZtzEq4nPlDAohIxjlzuAxsLy
03J1oJ99R0xC91xWzW2PYt0xvBTaZPX3F1Wu0rp/a2vUCccDS6cMyFZ3vQ+bW+7y
IabKA9423Zlq4ad1M9BU1ZVWTq84RvFx22mSnBibNfze7a1o/NRrtwFD4JS4FSUD
E46estjSwsEPTG01411u1g76F7NbEIalLtAjBVguTupw6MoUwSlH+aKU2Qg2MPaf
2RojJVKx/QrRV+5pflK8eHTJ9IcrcrwauBJqpLmnsibDYQ8RseVp3oz8MRhVa2Zv
kK0fRpnAzCSmcpxYRtchXs5zpQoj+tjqOSU2t8HKV90JM7dun+y+XEO6iQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHAB53bxc2KBYhGnnQDCSUISNriSMB8GA1UdIwQY
MBaAFGTvmK2/QtW6zSTK2wrfCSxFdtrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5Yjkt
MDNjNmZlYWYxZDlmLzEvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5YjktMDNjNmZlYWYxZDlm
LzEvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARVlwdirb
GfkFPcq6KsbgYBKkkP0N/K37OUofHw0m0rPclrGxfk5GEMP3Hg9WY1pzcniLn2hH
0KrHRJl9+Gj07E6jDrLjQimLu2oS//NtLAglLPXAfgHKVCGEZlG3irpNPatCd95R
UdTUxUFzujPnJEz4HWj36hM/1ZDzQJ671MWm9Hbi34gNr8VsCJIuDgsdWEGNNyth
QOZvRuzthhQDx+E8ImXwONXwGBbjjVsvyWlPfWGTP4a0/R6KJ2LT+zdL6/bH6Y7s
po5U50UEhtE0ucTzjVRIS4s1vJLl+2xC5qzEyoR7+TYxz3bvq1YWSZoySg4SQyb5
bxJIlSGkQMzfrg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:50:20 2026 by rpki-client