Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft
File: z1PAwqcKnguguGDSKQTbsOkrkgs.mft (raw, json)
Hash identifier: Cef6CSks5NXEww/gj+2Eg59C/ijqScu1PQTpMpDGHr4=
Subject key identifier: E9:13:C4:75:35:D9:9E:10:22:44:E7:7B:8E:F6:21:89:08:A4:78:BC
Authority key identifier: CF:53:C0:C2:A7:0A:9E:0B:A0:B8:60:D2:29:04:DB:B0:E9:2B:92:0B
Certificate issuer: /CN=cf53c0c2a70a9e0ba0b860d22904dbb0e92b920b
Certificate serial: 019E20238B4DB02C00E173D5AD7BC0755B1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1PAwqcKnguguGDSKQTbsOkrkgs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft
Manifest number: 0876
Signing time: Wed 13 May 2026 07:01:00 +0000
Manifest this update: Wed 13 May 2026 07:01:00 +0000
Manifest next update: Thu 14 May 2026 07:01:00 +0000
Files and hashes: 1: _9WbrV_lxRO9A6dqxPijQXNV-ko.roa (hash: fEUSm2PwMNP9PK5a1HcBHHCSAECUxHIXVKYYdmBQe64=)
2: z1PAwqcKnguguGDSKQTbsOkrkgs.crl (hash: dVYgQ5RM98FWae+v4ON84S4xRroSSA+WSdqSPMjndvE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft
rsync://rpki.ripe.net/repository/DEFAULT/z1PAwqcKnguguGDSKQTbsOkrkgs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:23:8b:4d:b0:2c:00:e1:73:d5:ad:7b:c0:75:5b:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf53c0c2a70a9e0ba0b860d22904dbb0e92b920b
Validity
Not Before: May 13 07:01:00 2026 GMT
Not After : May 14 07:01:00 2026 GMT
Subject: CN=e913c47535d99e102244e77b8ef6218908a478bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dc:49:3c:48:63:af:c3:9d:15:e0:86:d9:5a:
f4:9a:8c:7a:ab:1d:a4:5f:b3:2f:c4:a7:7e:3f:8b:
89:f5:2f:36:3c:07:a6:92:f3:1d:4a:cc:a3:a6:e9:
9b:a8:66:6d:6e:62:cd:7f:8c:82:42:a4:cc:b7:36:
dc:01:2c:c7:e5:54:51:d4:7f:6e:8c:23:b1:4b:eb:
9f:48:9e:8a:ca:ee:ca:2d:9f:b4:40:9d:35:40:ef:
6a:9c:a7:ee:fb:f2:84:07:39:98:f0:3a:cf:a3:2e:
09:79:ea:79:b0:5a:96:a8:14:fe:bd:85:14:57:e2:
ac:9c:5e:c5:3a:0a:1a:74:d1:ec:94:de:a9:09:0e:
0e:1a:fb:89:f1:48:73:f8:8b:e6:60:14:39:c0:04:
75:b8:3e:75:51:81:13:32:19:1a:3c:fa:03:5a:ad:
7f:7d:01:65:67:5c:63:52:6b:d6:f5:b1:f6:a4:c2:
a6:38:f0:94:db:4d:a0:b2:e0:e5:1a:1f:68:37:2c:
9c:7a:6d:45:de:f2:0b:7c:3d:f5:33:a7:d9:60:88:
bd:4d:ce:f0:90:f2:2e:64:aa:b6:3b:ba:00:b5:ec:
6b:f0:0c:fe:1f:ac:28:0f:dd:2c:59:5c:58:7f:a8:
7f:15:95:ea:04:c4:50:e2:c3:f6:89:82:94:da:38:
b8:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:13:C4:75:35:D9:9E:10:22:44:E7:7B:8E:F6:21:89:08:A4:78:BC
X509v3 Authority Key Identifier:
keyid:CF:53:C0:C2:A7:0A:9E:0B:A0:B8:60:D2:29:04:DB:B0:E9:2B:92:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1PAwqcKnguguGDSKQTbsOkrkgs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:cd:03:b0:0f:46:67:36:1e:d3:37:25:b8:37:87:11:f0:09:
53:e0:b2:98:0d:81:43:c0:3e:e6:cf:cd:e8:2a:58:10:d4:7f:
8b:4f:c9:91:6d:ea:f7:16:23:e5:86:3e:7b:13:29:2a:82:3a:
31:ba:b9:fd:d0:60:7c:96:18:9d:cc:b0:ee:29:00:5d:59:b2:
15:f8:c8:71:7c:48:4c:17:74:4f:93:2c:d7:b1:ab:fc:46:a6:
eb:7c:50:a7:c5:42:7b:56:ce:fe:91:d2:6b:d9:84:43:d9:91:
e1:c0:47:55:24:db:7c:76:b2:67:d2:f7:36:76:2b:53:88:8f:
25:b5:03:28:3d:70:76:f8:46:fa:19:56:7a:05:34:87:f1:f0:
83:45:2f:b3:47:c7:c9:e9:d5:07:07:0c:ee:a7:f9:07:3e:a7:
1a:d1:14:ca:34:78:05:d5:26:16:d4:cf:3c:12:50:bf:39:32:
96:38:3f:d8:11:7f:e1:8b:41:80:91:97:87:1f:b2:67:a3:86:
0d:24:8d:23:03:45:54:1b:71:f8:d7:b7:50:b3:34:a6:44:b5:
73:e8:5a:e1:62:b7:ab:e6:31:73:01:66:16:b1:7e:19:9b:c2:
5c:4a:0e:5e:63:0e:5f:54:5d:d6:25:80:ea:73:1a:6e:24:e7:
96:72:f8:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4gI4tNsCwA4XPVrXvAdVsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNTNjMGMyYTcwYTllMGJhMGI4NjBkMjI5MDRkYmIwZTky
YjkyMGIwHhcNMjYwNTEzMDcwMTAwWhcNMjYwNTE0MDcwMTAwWjAzMTEwLwYDVQQD
EyhlOTEzYzQ3NTM1ZDk5ZTEwMjI0NGU3N2I4ZWY2MjE4OTA4YTQ3OGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3txJPEhjr8OdFeCG2Vr0mox6qx2k
X7MvxKd+P4uJ9S82PAemkvMdSsyjpumbqGZtbmLNf4yCQqTMtzbcASzH5VRR1H9u
jCOxS+ufSJ6Kyu7KLZ+0QJ01QO9qnKfu+/KEBzmY8DrPoy4Jeep5sFqWqBT+vYUU
V+KsnF7FOgoadNHslN6pCQ4OGvuJ8Uhz+IvmYBQ5wAR1uD51UYETMhkaPPoDWq1/
fQFlZ1xjUmvW9bH2pMKmOPCU202gsuDlGh9oNyycem1F3vILfD31M6fZYIi9Tc7w
kPIuZKq2O7oAtexr8Az+H6woD90sWVxYf6h/FZXqBMRQ4sP2iYKU2ji4PQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOkTxHU12Z4QIkTne472IYkIpHi8MB8GA1UdIwQY
MBaAFM9TwMKnCp4LoLhg0ikE27DpK5ILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejFQQXdxY0tuZ3VndUdEU0tRVGJzT2tya2dzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iZGE3Y2MtNjQ1Yy00ODIxLWFkMjIt
M2U0NGZjYWMzYmM1LzEvejFQQXdxY0tuZ3VndUdEU0tRVGJzT2tya2dzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9iZGE3Y2MtNjQ1Yy00ODIxLWFkMjItM2U0NGZjYWMzYmM1
LzEvejFQQXdxY0tuZ3VndUdEU0tRVGJzT2tya2dzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF80DsA9G
ZzYe0zcluDeHEfAJU+CymA2BQ8A+5s/N6CpYENR/i0/JkW3q9xYj5YY+exMpKoI6
Mbq5/dBgfJYYncyw7ikAXVmyFfjIcXxITBd0T5Ms17Gr/Eam63xQp8VCe1bO/pHS
a9mEQ9mR4cBHVSTbfHayZ9L3NnYrU4iPJbUDKD1wdvhG+hlWegU0h/Hwg0Uvs0fH
yenVBwcM7qf5Bz6nGtEUyjR4BdUmFtTPPBJQvzkyljg/2BF/4YtBgJGXhx+yZ6OG
DSSNIwNFVBtx+Ne3ULM0pkS1c+ha4WK3q+YxcwFmFrF+GZvCXEoOXmMOX1Rd1iWA
6nMabiTnlnL4eg==
-----END CERTIFICATE-----
Generated at Wed May 13 13:36:12 2026 by rpki-client