Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json)
Hash identifier: 0Q8vJs1umdAtvckzSXjqcJqLr6Q0zsopv38zJxPPA/4=
Subject key identifier: 0A:91:D9:AF:20:B7:9E:AA:F4:11:BC:74:96:8B:5E:18:C2:DE:30:75
Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Certificate serial: 019D277282E91248267C3416971C0FF3E02B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
Manifest number: 01AF
Signing time: Thu 26 Mar 2026 00:01:49 +0000
Manifest this update: Thu 26 Mar 2026 00:01:49 +0000
Manifest next update: Fri 27 Mar 2026 00:01:49 +0000
Files and hashes: 1: BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa (hash: kLXCiyzJI0lL3gfuo31f6jHCm4NoCsgw/6nrJV+kat0=)
2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: ezSlSEuWvb8weYRydopk8rTfdu7t3v9wu9idD//cJx0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:27:72:82:e9:12:48:26:7c:34:16:97:1c:0f:f3:e0:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Validity
Not Before: Mar 26 00:01:49 2026 GMT
Not After : Mar 27 00:01:49 2026 GMT
Subject: CN=0a91d9af20b79eaaf411bc74968b5e18c2de3075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8d:3c:73:78:c8:a2:d2:6d:8c:a1:f5:b1:61:
9f:cc:bc:39:d1:50:46:8f:0a:14:08:9d:a6:97:76:
41:37:06:54:27:9c:53:48:64:e9:26:d0:7d:a3:64:
34:56:fe:91:b5:21:2a:83:c3:4e:65:eb:2a:b0:7b:
64:d3:a1:c9:bb:fb:b6:44:28:3f:fe:fd:cd:f0:9e:
47:36:e2:2e:20:d4:2d:f0:63:28:25:09:6c:6a:24:
8e:26:47:80:f9:7e:70:0a:c6:a8:dc:71:20:4d:e5:
3a:f2:7e:56:c8:f0:25:02:4f:95:6b:de:5e:7c:73:
36:be:ec:4a:ee:2e:f4:be:d2:21:17:a3:79:a3:7a:
8a:18:42:17:5c:76:68:05:c9:aa:ea:8d:85:15:4b:
40:b9:09:0f:51:08:83:f2:d1:9a:de:4d:93:ad:7a:
42:f6:cc:43:ed:33:72:ab:7d:ea:c8:b7:0a:00:dd:
bc:07:83:6d:ed:05:73:d4:64:90:f0:b1:48:85:9f:
1f:d5:a0:4b:26:f6:14:78:be:c1:11:77:7c:90:37:
de:1d:b4:a6:dc:41:f0:40:ae:c9:35:bc:0c:2d:a8:
1b:dc:2c:ee:66:4f:a5:ae:0a:3d:56:81:a9:4c:40:
a8:9d:70:78:85:8c:a8:8c:b8:c7:73:fd:e8:95:b8:
92:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:91:D9:AF:20:B7:9E:AA:F4:11:BC:74:96:8B:5E:18:C2:DE:30:75
X509v3 Authority Key Identifier:
keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:38:27:52:52:61:02:47:0d:e8:b6:04:36:76:22:97:de:e5:
a2:00:b0:fa:fc:37:e3:ef:11:ea:e9:af:90:07:66:4a:66:a5:
a5:9d:26:ed:0d:de:75:66:00:b1:c3:1a:69:71:91:fc:af:41:
c0:83:3c:ae:2f:03:9a:d2:ac:1e:47:0d:fc:60:19:4f:b4:c2:
d9:8d:50:da:f2:5d:23:8e:83:a7:b7:7f:60:78:16:01:bd:04:
42:23:07:6f:3e:d6:74:db:0b:ad:16:01:a5:e6:f4:3b:3f:be:
2d:ff:73:ad:99:96:02:19:cd:43:3d:33:27:9d:eb:52:f2:49:
11:55:04:5b:fd:9f:59:cd:87:42:25:96:e8:b0:36:13:f7:84:
bc:20:42:10:5d:1b:63:22:ca:6c:28:8a:cd:4f:ed:25:e0:c2:
28:e8:34:58:ca:5e:b3:f6:f2:c4:9c:d3:3a:f3:84:4f:4b:98:
9a:0f:70:d8:76:8c:7c:83:a7:ed:cf:93:80:56:49:f9:22:aa:
5d:8a:92:d7:10:15:1d:e9:7d:19:2d:36:5b:56:9e:0a:5a:20:
bd:13:2b:a7:5e:96:54:de:e6:f2:04:e1:72:f3:e1:82:e0:27:
c0:68:1a:07:9f:97:12:99:bf:a6:0b:df:76:74:9d:37:00:ce:
1f:18:3c:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ncoLpEkgmfDQWlxwP8+ArMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1
ZTk2NjMwHhcNMjYwMzI2MDAwMTQ5WhcNMjYwMzI3MDAwMTQ5WjAzMTEwLwYDVQQD
EygwYTkxZDlhZjIwYjc5ZWFhZjQxMWJjNzQ5NjhiNWUxOGMyZGUzMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo08c3jIotJtjKH1sWGfzLw50VBG
jwoUCJ2ml3ZBNwZUJ5xTSGTpJtB9o2Q0Vv6RtSEqg8NOZesqsHtk06HJu/u2RCg/
/v3N8J5HNuIuINQt8GMoJQlsaiSOJkeA+X5wCsao3HEgTeU68n5WyPAlAk+Va95e
fHM2vuxK7i70vtIhF6N5o3qKGEIXXHZoBcmq6o2FFUtAuQkPUQiD8tGa3k2TrXpC
9sxD7TNyq33qyLcKAN28B4Nt7QVz1GSQ8LFIhZ8f1aBLJvYUeL7BEXd8kDfeHbSm
3EHwQK7JNbwMLagb3CzuZk+lrgo9VoGpTEConXB4hYyojLjHc/3olbiSVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAqR2a8gt56q9BG8dJaLXhjC3jB1MB8GA1UdIwQY
MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt
MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl
LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAATgnUlJh
AkcN6LYENnYil97logCw+vw34+8R6umvkAdmSmalpZ0m7Q3edWYAscMaaXGR/K9B
wIM8ri8DmtKsHkcN/GAZT7TC2Y1Q2vJdI46Dp7d/YHgWAb0EQiMHbz7WdNsLrRYB
peb0Oz++Lf9zrZmWAhnNQz0zJ53rUvJJEVUEW/2fWc2HQiWW6LA2E/eEvCBCEF0b
YyLKbCiKzU/tJeDCKOg0WMpes/byxJzTOvOET0uYmg9w2HaMfIOn7c+TgFZJ+SKq
XYqS1xAVHel9GS02W1aeClogvRMrp16WVN7m8gThcvPhguAnwGgaB5+XEpm/pgvf
dnSdNwDOHxg8sQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 06:52:36 2026 by rpki-client