Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
File: ZAsfh3LG70hOLNLWYmPy75j6OWg.mft (raw, json)
Hash identifier: cLiRfU5tvCRhjaC/urwke4+Dl9Kg+Koli7+iSpbbqEc=
Subject key identifier: FB:41:91:B5:B0:CE:3A:37:3D:BF:5B:01:BC:C6:D5:8B:26:6D:F7:9E
Authority key identifier: 64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
Certificate issuer: /CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Certificate serial: 019D26280F98BB8676756334AB27510FB2AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
Manifest number: 1886
Signing time: Wed 25 Mar 2026 18:00:52 +0000
Manifest this update: Wed 25 Mar 2026 18:00:52 +0000
Manifest next update: Thu 26 Mar 2026 18:00:52 +0000
Files and hashes: 1: DU8OixuQSBT4wDmFxWVtjuElegU.roa (hash: fAA3Up2hh08gKhdkTQ9YAofCRj3IfUFUPtWpnzTKD+E=)
2: ZAsfh3LG70hOLNLWYmPy75j6OWg.crl (hash: /C9xk5KhObq4E4bTShzAWYaeUvJ557sFqEk46J/FLj0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 18:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:28:0f:98:bb:86:76:75:63:34:ab:27:51:0f:b2:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Validity
Not Before: Mar 25 18:00:52 2026 GMT
Not After : Mar 26 18:00:52 2026 GMT
Subject: CN=fb4191b5b0ce3a373dbf5b01bcc6d58b266df79e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a5:52:47:bb:fd:1a:8e:e7:4e:c5:8b:8e:23:
38:29:42:e7:eb:2c:02:f1:31:4f:b0:38:98:1d:68:
f6:93:94:5f:da:74:61:37:23:f0:7e:e7:f1:eb:5e:
16:25:9a:3c:b3:f3:29:2c:8a:7c:b9:f8:90:1f:84:
e6:67:0e:60:81:8f:78:09:8b:72:26:f3:c3:a0:bc:
49:fd:98:20:d9:f2:51:64:d2:bb:c3:1b:54:3d:13:
00:ff:0c:0b:c2:a2:af:d9:e6:a7:29:27:b8:53:08:
c1:9d:24:d5:90:5b:0c:cb:96:c0:b6:e5:9b:c5:c2:
92:51:31:80:a0:ff:e5:bf:2f:28:ad:46:e5:54:a9:
de:36:4d:b0:22:c4:7d:21:6e:5e:71:1c:58:a0:b2:
68:14:14:bf:b8:b2:b4:e0:3b:5c:da:b4:4e:36:d1:
66:c9:3a:2b:a9:78:64:b2:70:75:8e:2a:44:aa:7b:
fc:04:c6:a0:66:b1:4c:95:a7:f0:a8:98:0a:ed:c7:
66:fb:ee:58:8d:2b:89:29:69:0d:35:59:be:c1:4d:
be:00:2f:41:24:cd:2b:44:db:18:d7:ee:75:26:e5:
af:85:5b:30:b2:9b:e7:34:62:b6:57:de:2b:f0:c9:
3f:ff:03:a2:4e:8e:89:be:65:6e:09:09:02:ad:34:
5d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:41:91:B5:B0:CE:3A:37:3D:BF:5B:01:BC:C6:D5:8B:26:6D:F7:9E
X509v3 Authority Key Identifier:
keyid:64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:e1:99:7a:8d:b1:e3:6b:69:ee:96:4f:e8:e6:d3:02:5f:85:
6b:d7:fa:ca:3b:2e:32:0b:ee:c3:3d:75:6d:20:b8:26:d4:cb:
b1:b2:35:ad:3c:46:6e:3d:e5:cb:25:bf:a5:ea:d0:9b:10:e1:
67:74:19:cc:ac:48:ee:c4:90:60:96:86:11:64:73:e0:a7:f8:
f6:b9:15:41:56:56:d4:e8:97:41:1b:a1:cc:5b:81:3d:38:5f:
7d:03:bc:5c:c5:af:33:2c:5f:be:9a:c8:f0:5b:30:4d:9c:33:
22:06:aa:97:35:be:a4:eb:67:86:de:2b:da:05:2e:fa:a3:28:
6d:e7:14:91:df:d4:9d:ee:a7:0c:78:26:a1:20:31:2a:a9:15:
8e:a0:67:42:a5:fb:89:fa:13:6b:98:23:e7:e7:4c:39:87:63:
c7:0d:e7:e2:c3:3e:70:e4:a5:6f:7a:06:10:95:ef:6b:91:ed:
c1:a6:4d:9b:92:80:e1:c5:24:39:ef:c4:11:a0:5d:20:2c:9f:
1b:f8:08:27:d2:9a:21:c0:0d:72:24:24:5d:bb:1b:a0:57:0d:
5d:76:a0:c3:ec:94:e8:50:b5:c4:e5:3a:38:67:37:be:28:a4:
17:5a:67:b2:9f:48:d2:a8:82:41:77:2a:07:7b:49:ac:33:ce:
f7:58:8a:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0mKA+Yu4Z2dWM0qydRD7KuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MGIxZjg3NzJjNmVmNDg0ZTJjZDJkNjYyNjNmMmVmOThm
YTM5NjgwHhcNMjYwMzI1MTgwMDUyWhcNMjYwMzI2MTgwMDUyWjAzMTEwLwYDVQQD
EyhmYjQxOTFiNWIwY2UzYTM3M2RiZjViMDFiY2M2ZDU4YjI2NmRmNzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6VSR7v9Go7nTsWLjiM4KULn6ywC
8TFPsDiYHWj2k5Rf2nRhNyPwfufx614WJZo8s/MpLIp8ufiQH4TmZw5ggY94CYty
JvPDoLxJ/Zgg2fJRZNK7wxtUPRMA/wwLwqKv2eanKSe4UwjBnSTVkFsMy5bAtuWb
xcKSUTGAoP/lvy8orUblVKneNk2wIsR9IW5ecRxYoLJoFBS/uLK04Dtc2rRONtFm
yTorqXhksnB1jipEqnv8BMagZrFMlafwqJgK7cdm++5YjSuJKWkNNVm+wU2+AC9B
JM0rRNsY1+51JuWvhVswspvnNGK2V94r8Mk//wOiTo6JvmVuCQkCrTRdOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPtBkbWwzjo3Pb9bAbzG1YsmbfeeMB8GA1UdIwQY
MBaAFGQLH4dyxu9ITizS1mJj8u+Y+jloMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQt
Mzg3YWZhMGE1MzRmLzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQtMzg3YWZhMGE1MzRm
LzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQeGZeo2x
42tp7pZP6ObTAl+Fa9f6yjsuMgvuwz11bSC4JtTLsbI1rTxGbj3lyyW/perQmxDh
Z3QZzKxI7sSQYJaGEWRz4Kf49rkVQVZW1OiXQRuhzFuBPThffQO8XMWvMyxfvprI
8FswTZwzIgaqlzW+pOtnht4r2gUu+qMobecUkd/Une6nDHgmoSAxKqkVjqBnQqX7
ifoTa5gj5+dMOYdjxw3n4sM+cOSlb3oGEJXva5HtwaZNm5KA4cUkOe/EEaBdICyf
G/gIJ9KaIcANciQkXbsboFcNXXagw+yU6FC1xOU6OGc3viikF1pnsp9I0qiCQXcq
B3tJrDPO91iKJQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:05:23 2026 by rpki-client