Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
File: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft (raw, json)
Hash identifier: R9goU0qVNDRZgD9PATBUgCGYP7COpY6JEfNw8idGq8A=
Subject key identifier: 61:50:AC:89:D5:E2:A1:FE:3A:D6:E8:7B:85:FC:4F:89:5D:E6:3A:14
Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c
Certificate serial: 019E1E6C975403251EE358C1A2C7BD68E88C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
Manifest number: 1539
Signing time: Tue 12 May 2026 23:01:33 +0000
Manifest this update: Tue 12 May 2026 23:01:33 +0000
Manifest next update: Wed 13 May 2026 23:01:33 +0000
Files and hashes: 1: EsvahZdQZVhluZsLSr98J_sMDK4.roa (hash: DNS5SQ17LOTRnwWYUw1eb+IWwNLBZu1qV/4r+8SuduY=)
2: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl (hash: J51R8aNnsDAGq1+6yIjsQQl38ga4n2s49DfNPUCjy4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1e:6c:97:54:03:25:1e:e3:58:c1:a2:c7:bd:68:e8:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c
Validity
Not Before: May 12 23:01:33 2026 GMT
Not After : May 13 23:01:33 2026 GMT
Subject: CN=6150ac89d5e2a1fe3ad6e87b85fc4f895de63a14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:51:44:f1:e9:8c:ea:a4:a0:38:7d:1a:2f:
4e:eb:f6:c1:18:8c:c9:2c:90:b6:d6:64:8c:66:3c:
e5:b8:cb:29:e3:b9:ca:c0:19:90:f2:f1:da:db:73:
2c:24:da:ef:fa:42:4a:78:c8:b6:40:f0:9e:bc:5b:
36:dc:09:60:ed:48:d4:6e:51:83:59:1f:d0:d0:ad:
d2:45:33:bc:75:90:5e:b9:0d:bf:57:d4:bd:25:62:
53:6a:25:d8:19:a5:b3:67:cd:bc:1d:5e:90:21:1c:
a4:7a:2f:47:a7:d4:ae:8a:81:81:b9:f8:c8:f5:f9:
63:fa:6b:fc:80:da:20:44:fa:e5:c4:50:2b:a5:cd:
1e:1d:e5:84:b4:0f:1f:fd:8b:94:6e:df:30:f7:ef:
c4:d1:e2:77:b7:b4:b3:43:6a:56:2c:f6:06:76:0e:
1b:42:ad:77:a8:fb:e6:aa:8f:2e:d7:1e:18:4a:18:
cf:2e:1f:d4:7c:a8:48:fa:d1:9a:9a:ca:80:3b:5c:
ab:28:b1:95:29:15:8a:da:63:88:f3:28:bf:66:09:
72:0b:6a:d0:0f:07:e6:6e:23:4c:08:22:53:9e:ab:
a2:01:bd:10:85:57:1e:0b:2f:e3:14:18:42:3e:30:
63:b5:c7:ac:16:9c:05:8d:6d:96:9c:78:95:87:9b:
cb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:50:AC:89:D5:E2:A1:FE:3A:D6:E8:7B:85:FC:4F:89:5D:E6:3A:14
X509v3 Authority Key Identifier:
keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:70:93:d1:a3:af:09:3f:7c:ad:da:6c:e6:8f:0b:a6:ff:c0:
72:ba:e5:78:43:a8:b5:53:4d:16:21:63:f4:da:c0:13:2f:47:
6e:98:e9:b9:f4:70:97:28:13:c9:0e:39:47:41:92:6b:ba:52:
d6:6b:15:37:0a:fc:9b:01:3c:57:8d:eb:77:b3:40:8c:8a:86:
9f:a7:2c:4a:c5:ec:5a:09:b5:f2:ee:86:bf:41:20:36:a4:5c:
13:67:1d:8f:db:d8:59:95:8f:2c:75:16:d0:14:b2:c2:f9:80:
fa:15:35:aa:28:6e:e2:c0:9d:e7:88:d9:b7:08:c1:3b:aa:eb:
0d:1f:20:da:08:37:f0:26:ce:05:6d:39:c2:82:41:bb:2d:82:
db:0d:d6:ca:40:87:46:ce:08:0e:de:eb:14:25:79:20:ca:8a:
d3:ea:72:5a:3c:18:56:5c:76:9e:2c:8a:c5:28:c1:b8:fb:7e:
66:bd:c6:a5:42:55:87:db:b4:1e:e2:c5:86:ae:62:a5:b9:4f:
e8:24:29:fb:f4:eb:7a:4f:52:ef:19:e8:34:21:a1:01:72:c3:
59:e7:07:ce:01:dc:e9:65:ee:7b:fa:74:ae:65:84:60:d2:e5:
4f:9d:2e:19:cc:f2:70:6e:8d:02:5a:20:d3:c4:16:82:35:72:
73:34:c6:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4ebJdUAyUe41jBose9aOiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3
NTYyMGMwHhcNMjYwNTEyMjMwMTMzWhcNMjYwNTEzMjMwMTMzWjAzMTEwLwYDVQQD
Eyg2MTUwYWM4OWQ1ZTJhMWZlM2FkNmU4N2I4NWZjNGY4OTVkZTYzYTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowRRRPHpjOqkoDh9Gi9O6/bBGIzJ
LJC21mSMZjzluMsp47nKwBmQ8vHa23MsJNrv+kJKeMi2QPCevFs23Alg7UjUblGD
WR/Q0K3SRTO8dZBeuQ2/V9S9JWJTaiXYGaWzZ828HV6QIRykei9Hp9SuioGBufjI
9flj+mv8gNogRPrlxFArpc0eHeWEtA8f/YuUbt8w9+/E0eJ3t7SzQ2pWLPYGdg4b
Qq13qPvmqo8u1x4YShjPLh/UfKhI+tGamsqAO1yrKLGVKRWK2mOI8yi/ZglyC2rQ
DwfmbiNMCCJTnquiAb0QhVceCy/jFBhCPjBjtcesFpwFjW2WnHiVh5vL6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGFQrInV4qH+Otboe4X8T4ld5joUMB8GA1UdIwQY
MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt
NmY1ZDhhNzRhMGU0LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0
LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXHCT0aOv
CT98rdps5o8Lpv/AcrrleEOotVNNFiFj9NrAEy9HbpjpufRwlygTyQ45R0GSa7pS
1msVNwr8mwE8V43rd7NAjIqGn6csSsXsWgm18u6Gv0EgNqRcE2cdj9vYWZWPLHUW
0BSywvmA+hU1qihu4sCd54jZtwjBO6rrDR8g2gg38CbOBW05woJBuy2C2w3WykCH
Rs4IDt7rFCV5IMqK0+pyWjwYVlx2niyKxSjBuPt+Zr3GpUJVh9u0HuLFhq5ipblP
6CQp+/Trek9S7xnoNCGhAXLDWecHzgHc6WXue/p0rmWEYNLlT50uGczycG6NAlog
08QWgjVyczTGbA==
-----END CERTIFICATE-----
Generated at Wed May 13 09:53:23 2026 by rpki-client