Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
File: zUBlln3sCStfyQFS5KlTObodIok.mft (raw, json)
Hash identifier: 8L1HIldigHIRGtBvpm82/kDhcsRa5wEJUsLMJWtDqV4=
Subject key identifier: 16:E7:95:E5:DD:92:63:9A:9F:85:62:21:05:44:41:B4:C7:0D:CB:F9
Authority key identifier: CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
Certificate issuer: /CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Certificate serial: 019D2B4E15580AE15FA309EF721F9D147598
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
Manifest number: 0EDF
Signing time: Thu 26 Mar 2026 18:00:30 +0000
Manifest this update: Thu 26 Mar 2026 18:00:30 +0000
Manifest next update: Fri 27 Mar 2026 18:00:30 +0000
Files and hashes: 1: FkRKPYmdQ_5Uw6uf-qrKiu1z604.roa (hash: 7d3RQe8zUsFi/wr7V2puj4vtJZCBuk3sMl8g2gQ6BlI=)
2: zUBlln3sCStfyQFS5KlTObodIok.crl (hash: WwN1H7EjiDn5HAAP/vBGTNv3PqFbnXZWeEYHDtMxQCk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:4e:15:58:0a:e1:5f:a3:09:ef:72:1f:9d:14:75:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Validity
Not Before: Mar 26 18:00:30 2026 GMT
Not After : Mar 27 18:00:30 2026 GMT
Subject: CN=16e795e5dd92639a9f856221054441b4c70dcbf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:19:e2:41:a9:a5:d4:15:c5:ab:15:cf:1f:12:
10:7c:49:5a:db:85:98:58:ab:bf:3c:86:51:28:59:
b7:59:56:83:73:1d:33:8c:4b:0a:46:03:cd:e3:7a:
97:46:1e:17:cc:2f:50:f1:de:f4:40:4c:2e:29:f0:
fc:ce:f8:c6:fb:60:08:e8:6b:81:b5:4b:37:ad:f9:
71:9f:d5:93:48:0b:7b:c1:06:e0:a9:56:3d:dc:14:
2d:98:f7:89:e6:23:ea:3b:33:bd:f3:32:04:1b:63:
43:6b:4e:93:bf:7d:45:4f:ef:9a:cb:92:a5:1d:d5:
84:50:b2:e3:18:11:18:38:e4:e0:c0:e7:46:b4:52:
0c:b7:2b:c2:6d:9f:19:57:99:a3:7a:12:84:4c:5e:
2e:6c:2f:b6:53:f4:04:a5:8b:fd:4b:f7:a8:04:e1:
69:0f:06:5f:09:64:fa:40:94:35:47:30:24:ca:a7:
f9:cb:5c:44:b1:c3:62:9a:f8:dc:2c:01:9f:7f:2a:
fb:dd:27:63:6c:83:81:25:d7:8c:6f:62:83:12:dc:
6f:13:e0:c3:c3:b1:19:5f:2a:b1:43:ba:3a:fd:b3:
51:03:01:11:36:7e:2d:b2:8a:17:cc:3c:d6:64:a8:
c6:88:c0:a3:41:68:eb:96:f4:2b:18:91:64:0b:a9:
66:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E7:95:E5:DD:92:63:9A:9F:85:62:21:05:44:41:B4:C7:0D:CB:F9
X509v3 Authority Key Identifier:
keyid:CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:c2:3b:06:4e:82:96:f4:f8:17:a7:c8:79:24:1a:97:f1:50:
fe:15:e9:d1:37:51:92:3e:c3:36:d6:82:11:a3:12:7c:d3:ca:
86:f3:c5:63:a4:c0:84:09:6e:21:0e:72:49:72:64:0d:59:da:
78:2a:f5:e9:c9:05:1c:42:5d:61:08:d6:28:8d:c6:77:ba:05:
a0:e6:01:c9:4d:a5:8c:29:5b:8f:e9:12:84:cf:e2:72:5b:ea:
b5:ff:c3:7c:e0:90:42:ec:e5:c4:cc:27:01:0e:86:38:2c:6a:
35:50:d2:04:6a:b9:b4:66:25:ef:fc:b6:2c:71:97:eb:bb:fb:
05:51:29:00:13:f1:6e:f5:84:67:a3:2f:41:96:7d:66:87:e2:
d1:d4:8a:51:f9:46:5f:21:48:b4:75:b9:94:31:4b:56:54:49:
50:23:66:1a:f3:49:e1:7c:e5:fb:f5:e5:48:8e:61:aa:15:7b:
ed:3a:e6:0a:fb:e8:9f:16:b9:47:b6:96:61:e4:f2:1c:8a:84:
cf:54:5c:32:03:5f:4b:3a:7e:ad:f8:7d:9a:a0:cf:82:43:7a:
47:e1:a6:46:e4:9e:eb:81:57:b1:e1:10:3d:04:49:39:a1:56:
80:06:12:05:23:d7:1f:1b:cd:0d:21:52:07:a7:fd:39:eb:34:
5d:1b:a9:45
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0rThVYCuFfownvch+dFHWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNDA2NTk2N2RlYzA5MmI1ZmM5MDE1MmU0YTk1MzM5YmEx
ZDIyODkwHhcNMjYwMzI2MTgwMDMwWhcNMjYwMzI3MTgwMDMwWjAzMTEwLwYDVQQD
EygxNmU3OTVlNWRkOTI2MzlhOWY4NTYyMjEwNTQ0NDFiNGM3MGRjYmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBniQaml1BXFqxXPHxIQfEla24WY
WKu/PIZRKFm3WVaDcx0zjEsKRgPN43qXRh4XzC9Q8d70QEwuKfD8zvjG+2AI6GuB
tUs3rflxn9WTSAt7wQbgqVY93BQtmPeJ5iPqOzO98zIEG2NDa06Tv31FT++ay5Kl
HdWEULLjGBEYOOTgwOdGtFIMtyvCbZ8ZV5mjehKETF4ubC+2U/QEpYv9S/eoBOFp
DwZfCWT6QJQ1RzAkyqf5y1xEscNimvjcLAGffyr73SdjbIOBJdeMb2KDEtxvE+DD
w7EZXyqxQ7o6/bNRAwERNn4tsooXzDzWZKjGiMCjQWjrlvQrGJFkC6lmZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBbnleXdkmOan4ViIQVEQbTHDcv5MB8GA1UdIwQY
MBaAFM1AZZZ97AkrX8kBUuSpUzm6HSKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2Qt
ZWRjZWY3NDUxZWY0LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2QtZWRjZWY3NDUxZWY0
LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAacI7Bk6C
lvT4F6fIeSQal/FQ/hXp0TdRkj7DNtaCEaMSfNPKhvPFY6TAhAluIQ5ySXJkDVna
eCr16ckFHEJdYQjWKI3Gd7oFoOYByU2ljClbj+kShM/iclvqtf/DfOCQQuzlxMwn
AQ6GOCxqNVDSBGq5tGYl7/y2LHGX67v7BVEpABPxbvWEZ6MvQZZ9Zofi0dSKUflG
XyFItHW5lDFLVlRJUCNmGvNJ4Xzl+/XlSI5hqhV77TrmCvvonxa5R7aWYeTyHIqE
z1RcMgNfSzp+rfh9mqDPgkN6R+GmRuSe64FXseEQPQRJOaFWgAYSBSPXHxvNDSFS
B6f9Oes0XRupRQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:09:09 2026 by rpki-client