Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: JnObHMut/iTmfTdC4cpeIUK9MoiApL+q70fNaawH4Uw=
Subject key identifier: 8B:57:46:BE:FD:78:0D:96:A4:E4:25:09:66:F1:6A:6A:14:D2:A4:27
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 019D2628A037CF5008ECF01CAD84A4F90123
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1887
Signing time: Wed 25 Mar 2026 18:01:29 +0000
Manifest this update: Wed 25 Mar 2026 18:01:29 +0000
Manifest next update: Thu 26 Mar 2026 18:01:29 +0000
Files and hashes: 1: 2WuQdzmfTzUsr5yT6_ElWI37EFQ.roa (hash: UEPfvyzT8876g2v5SGvEl+4/qaMtSPjm6N+hA2QZZSY=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: 6Cay+e5dh8uFGUrVIM1/Tt8E/toOobhGSIrB1H/XSiY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:a0:37:cf:50:08:ec:f0:1c:ad:84:a4:f9:01:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Mar 25 18:01:29 2026 GMT
Not After : Mar 26 18:01:29 2026 GMT
Subject: CN=8b5746befd780d96a4e4250966f16a6a14d2a427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d2:f0:b5:4e:33:58:1a:af:2a:b4:cc:ac:4c:
e1:0e:57:c3:77:e3:a2:e1:55:d4:25:df:86:db:1b:
4c:a6:69:c8:a8:58:8e:ee:ac:66:d0:d9:da:77:a0:
9b:82:f9:8f:5a:31:ac:da:66:fa:4f:5b:27:13:29:
39:4f:9f:d4:64:16:f7:33:10:ad:00:a0:04:4f:57:
92:c6:c4:58:0e:d2:88:bc:22:68:02:eb:d5:d0:9e:
fb:3d:74:77:23:77:66:94:cc:7e:a8:2a:96:65:c2:
10:47:e3:f4:94:c8:a8:14:d3:58:a8:58:32:c8:04:
60:0b:2f:a0:ba:8f:59:65:29:8a:e4:2e:79:ec:56:
53:f1:26:4b:e4:e6:15:bf:cb:10:17:bc:e8:0b:5b:
57:c0:4d:32:a4:08:e4:f9:f5:52:94:0c:77:6f:70:
7f:1c:0e:25:0d:ee:50:ed:58:32:e6:91:f8:ab:62:
58:05:62:47:a3:ee:4b:a5:35:3c:10:18:98:d0:78:
42:83:23:45:27:5e:6f:a4:cb:60:89:5a:46:07:25:
53:03:4b:cb:e6:03:a2:8e:f5:85:16:d1:a7:16:7e:
a1:0b:c0:02:d8:54:7e:27:ec:b2:00:d2:59:0a:8d:
b5:a7:d6:56:3e:b4:2b:33:f4:25:60:a8:83:54:7b:
31:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:57:46:BE:FD:78:0D:96:A4:E4:25:09:66:F1:6A:6A:14:D2:A4:27
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:39:a1:6e:8b:40:c6:a1:ea:0e:60:a4:28:3b:61:19:f6:bf:
0a:01:fa:49:c8:6b:66:d1:b1:c0:88:36:d1:7b:c9:d1:16:a0:
b9:b2:0e:71:47:55:d8:83:23:3d:b1:03:b3:46:91:c4:18:10:
c8:80:5c:c2:19:0e:0d:4c:13:6c:cb:5a:0c:41:72:e3:d2:79:
69:83:c2:5e:d7:69:7b:e5:fb:e9:30:ba:dd:7c:f1:13:bb:27:
83:3a:ca:94:d2:7d:22:2d:34:1a:65:12:42:37:5f:6d:7f:77:
ef:b7:8c:40:0d:86:3e:0c:ca:1c:ef:ec:48:9f:39:4c:c0:0e:
6e:99:7e:fb:f4:3e:2f:42:d1:ce:0c:19:56:52:f2:34:95:1f:
45:83:c2:a8:f3:37:de:a8:1c:e4:0a:1d:59:02:6c:18:ba:f3:
83:05:d3:87:6f:a2:18:a7:8e:70:bc:d1:72:cc:7b:54:0d:3f:
47:d0:b0:b8:21:d2:e0:ec:52:c6:c6:1d:19:a6:16:07:47:92:
88:dc:a1:d3:77:6c:7e:94:8f:68:21:bd:0a:2a:01:05:7f:94:
23:73:09:ad:a7:0f:45:93:5b:d2:f4:7b:4e:c4:9c:2a:5e:3b:
05:4c:2c:dd:28:fa:fa:de:a2:7f:69:b4:40:03:23:4f:0f:2b:
7c:d1:6a:42
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKKA3z1AI7PAcrYSk+QEjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjYwMzI1MTgwMTI5WhcNMjYwMzI2MTgwMTI5WjAzMTEwLwYDVQQD
Eyg4YjU3NDZiZWZkNzgwZDk2YTRlNDI1MDk2NmYxNmE2YTE0ZDJhNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9LwtU4zWBqvKrTMrEzhDlfDd+Oi
4VXUJd+G2xtMpmnIqFiO7qxm0Nnad6CbgvmPWjGs2mb6T1snEyk5T5/UZBb3MxCt
AKAET1eSxsRYDtKIvCJoAuvV0J77PXR3I3dmlMx+qCqWZcIQR+P0lMioFNNYqFgy
yARgCy+guo9ZZSmK5C557FZT8SZL5OYVv8sQF7zoC1tXwE0ypAjk+fVSlAx3b3B/
HA4lDe5Q7Vgy5pH4q2JYBWJHo+5LpTU8EBiY0HhCgyNFJ15vpMtgiVpGByVTA0vL
5gOijvWFFtGnFn6hC8AC2FR+J+yyANJZCo21p9ZWPrQrM/QlYKiDVHsxtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFItXRr79eA2WpOQlCWbxamoU0qQnMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATTmhbotA
xqHqDmCkKDthGfa/CgH6SchrZtGxwIg20XvJ0RagubIOcUdV2IMjPbEDs0aRxBgQ
yIBcwhkODUwTbMtaDEFy49J5aYPCXtdpe+X76TC63XzxE7sngzrKlNJ9Ii00GmUS
QjdfbX9377eMQA2GPgzKHO/sSJ85TMAObpl++/Q+L0LRzgwZVlLyNJUfRYPCqPM3
3qgc5AodWQJsGLrzgwXTh2+iGKeOcLzRcsx7VA0/R9CwuCHS4OxSxsYdGaYWB0eS
iNyh03dsfpSPaCG9CioBBX+UI3MJracPRZNb0vR7TsScKl47BUws3Sj6+t6if2m0
QAMjTw8rfNFqQg==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:05:02 2026 by rpki-client