Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json)
Hash identifier: WctT7HVQ7AokoAgGG/r0m7isv6iHmHP6U2c8tMoRAGI=
Subject key identifier: A3:63:34:B6:61:61:8D:16:F1:76:EF:9D:DF:C7:6C:57:30:E9:3E:18
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 019E205A28CFAE5A6ABF70112092C8B04AFE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
Manifest number: 0CA0
Signing time: Wed 13 May 2026 08:00:39 +0000
Manifest this update: Wed 13 May 2026 08:00:39 +0000
Manifest next update: Thu 14 May 2026 08:00:39 +0000
Files and hashes: 1: Q3WmyVx2hL_ulJlmWV4wBuMv3sY.roa (hash: qNBXvE4FodOwmoHeT/8KvY1e+YtkkhFfaz/pGiYECDk=)
2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: N3zri3KEqaixD3k4ou4Ijtj/O35qPdGFX+nyJvvw50A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:5a:28:cf:ae:5a:6a:bf:70:11:20:92:c8:b0:4a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: May 13 08:00:39 2026 GMT
Not After : May 14 08:00:39 2026 GMT
Subject: CN=a36334b661618d16f176ef9ddfc76c5730e93e18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:4c:3e:0f:4e:6f:af:d5:b7:d8:df:59:e8:e0:
3c:3d:12:21:08:1b:01:69:4d:a1:8a:ce:64:d4:32:
15:a8:26:fe:d9:e8:91:28:3d:e7:ac:58:7b:ec:f5:
e4:20:10:6b:5f:5e:75:fb:86:7d:3c:fc:b1:5d:da:
ff:18:fc:3e:b9:81:05:45:82:89:b6:d9:d7:aa:7d:
2b:1e:3d:c9:e1:7f:28:6b:f7:3d:ae:f8:0a:b2:b0:
aa:22:78:b2:92:cb:7a:6c:7a:bb:f9:b2:b8:ac:b1:
82:64:b5:5f:45:0f:d4:0b:67:ed:46:93:3d:d3:66:
47:8a:dd:67:55:e7:d7:e5:02:82:bd:ff:67:5c:1e:
bf:7d:8e:a4:9b:3f:39:36:21:93:ca:6e:62:bd:f2:
a3:01:7e:96:76:12:00:7c:73:49:b1:e0:51:09:96:
7c:9d:62:85:be:de:4a:51:f4:66:a3:13:f3:db:c1:
06:6f:26:8d:af:ce:fa:2c:fc:4e:85:92:6b:65:8b:
87:91:08:e6:46:fd:2c:6a:a5:1d:d8:ce:f7:ca:fd:
94:15:15:e1:5e:25:7f:3f:88:84:82:be:5e:1d:c6:
ca:37:85:3a:09:cc:b8:77:2e:fa:ab:bf:40:7b:1a:
c5:54:55:c0:52:81:df:0e:41:24:15:49:60:e5:61:
5e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:63:34:B6:61:61:8D:16:F1:76:EF:9D:DF:C7:6C:57:30:E9:3E:18
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:88:49:2c:d4:f1:b8:d8:51:fa:81:74:24:01:93:be:b9:cd:
6b:dc:e2:16:75:30:64:b4:7d:ff:2c:b8:16:24:1b:cd:8e:28:
4f:2a:8a:0f:68:bf:4a:3e:f7:a7:e4:9a:46:f8:cc:99:03:85:
1d:1e:ad:f8:7f:53:8c:df:03:88:46:70:d8:19:d5:1f:7a:4a:
a0:1d:8d:00:c8:15:e8:d5:62:93:44:d8:b1:6d:6a:0d:91:4a:
50:b1:e7:c9:05:29:d5:45:38:d7:28:08:5a:98:af:0e:e5:c6:
98:01:12:3a:4d:0a:a3:12:cc:61:e5:41:6d:c4:8f:f9:02:4c:
4c:36:c7:c9:53:82:b9:c4:72:84:f8:69:41:2f:76:e5:61:d8:
75:45:94:c9:98:ae:56:93:a0:a4:f0:79:8f:9a:32:0b:99:9a:
e8:a2:e0:a8:85:13:ee:ef:b2:8c:8f:27:1f:8b:db:94:d9:68:
ca:71:fc:60:c0:f4:c9:5e:b9:c3:b5:66:f0:f6:dd:60:c4:9f:
26:ca:03:81:1d:57:d1:32:47:1a:d3:52:7f:92:21:fc:19:97:
cf:b4:9e:48:35:5f:0d:45:c2:6a:8d:06:bf:1a:8c:2e:50:bf:
d7:fd:1d:31:45:a7:b7:08:bd:8b:f1:34:80:a0:65:0b:fb:ca:
14:29:39:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4gWijPrlpqv3ARIJLIsEr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjYwNTEzMDgwMDM5WhcNMjYwNTE0MDgwMDM5WjAzMTEwLwYDVQQD
EyhhMzYzMzRiNjYxNjE4ZDE2ZjE3NmVmOWRkZmM3NmM1NzMwZTkzZTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7kw+D05vr9W32N9Z6OA8PRIhCBsB
aU2his5k1DIVqCb+2eiRKD3nrFh77PXkIBBrX151+4Z9PPyxXdr/GPw+uYEFRYKJ
ttnXqn0rHj3J4X8oa/c9rvgKsrCqIniykst6bHq7+bK4rLGCZLVfRQ/UC2ftRpM9
02ZHit1nVefX5QKCvf9nXB6/fY6kmz85NiGTym5ivfKjAX6WdhIAfHNJseBRCZZ8
nWKFvt5KUfRmoxPz28EGbyaNr876LPxOhZJrZYuHkQjmRv0saqUd2M73yv2UFRXh
XiV/P4iEgr5eHcbKN4U6Ccy4dy76q79AexrFVFXAUoHfDkEkFUlg5WFeDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNjNLZhYY0W8Xbvnd/HbFcw6T4YMB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARIhJLNTx
uNhR+oF0JAGTvrnNa9ziFnUwZLR9/yy4FiQbzY4oTyqKD2i/Sj73p+SaRvjMmQOF
HR6t+H9TjN8DiEZw2BnVH3pKoB2NAMgV6NVik0TYsW1qDZFKULHnyQUp1UU41ygI
WpivDuXGmAESOk0KoxLMYeVBbcSP+QJMTDbHyVOCucRyhPhpQS925WHYdUWUyZiu
VpOgpPB5j5oyC5ma6KLgqIUT7u+yjI8nH4vblNloynH8YMD0yV65w7Vm8PbdYMSf
JsoDgR1X0TJHGtNSf5Ih/BmXz7SeSDVfDUXCao0GvxqMLlC/1/0dMUWntwi9i/E0
gKBlC/vKFCk5NQ==
-----END CERTIFICATE-----
Generated at Wed May 13 15:12:05 2026 by rpki-client