Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
File: z431Kt_i_Oaulvb-BdFAieAkfO4.mft (raw, json)
Hash identifier: DrglHoAdCdpxZWYthUpcGcoZ9EuCOBmnqhLxF+a2Jvw=
Subject key identifier: E0:17:A9:B3:B2:A6:E8:EA:B7:7A:13:F6:2B:2E:4F:4F:B1:7C:86:CF
Authority key identifier: CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
Certificate issuer: /CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Certificate serial: 019CAD59DFBAAB3E9010AEF679C355724F75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
Manifest number: 0FFC
Signing time: Mon 02 Mar 2026 07:01:14 +0000
Manifest this update: Mon 02 Mar 2026 07:01:14 +0000
Manifest next update: Tue 03 Mar 2026 07:01:14 +0000
Files and hashes: 1: OL0stDkX2i4iSRwxjMZs3BrE1SE.roa (hash: vvxqzVvoF7+NWvZaa2Ph3MfeFjAEA8fO1sH/RieX6t4=)
2: z431Kt_i_Oaulvb-BdFAieAkfO4.crl (hash: d/WPl4gvtJ/wMUmWcj2dvqWrR9m/R8xO9j9wlgpq9kg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:59:df:ba:ab:3e:90:10:ae:f6:79:c3:55:72:4f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Validity
Not Before: Mar 2 07:01:14 2026 GMT
Not After : Mar 3 07:01:14 2026 GMT
Subject: CN=e017a9b3b2a6e8eab77a13f62b2e4f4fb17c86cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0a:cd:3e:c7:6b:5e:87:18:1c:61:26:c1:cf:
ad:37:7b:b8:20:24:62:cd:3e:3e:32:4c:d9:e6:29:
ca:22:2b:81:b7:47:b2:4c:d3:69:c6:8b:61:28:14:
77:d1:d0:9a:e5:a7:4e:79:b7:b1:66:4a:89:ac:34:
7d:80:ab:5c:df:80:4b:54:ad:f5:95:f5:63:ff:c4:
16:cb:df:c3:29:b8:72:88:1b:49:1d:53:a5:df:2f:
bf:72:92:99:58:48:7e:f7:b1:53:83:54:92:02:2e:
38:12:a9:02:13:3f:53:f2:0e:42:41:9e:34:99:fa:
5b:6d:74:62:53:7a:c8:d1:4f:07:01:8c:ea:7d:8c:
3f:05:c1:fd:50:87:42:68:4a:be:00:f8:07:ee:60:
10:01:22:bc:1b:79:ec:cb:d0:31:97:7c:36:80:98:
9c:15:2e:6c:83:91:71:e3:2a:d8:fd:1f:97:7e:ce:
1d:9d:bb:91:98:eb:5f:53:71:3a:3e:01:ca:33:37:
19:f8:54:fa:ca:3f:71:cc:67:fc:fd:69:2e:b4:9b:
60:8c:4c:f1:c7:a6:af:ec:18:09:6b:c9:53:15:cd:
45:2e:0f:ce:79:52:9b:ef:32:b0:4b:92:03:0a:72:
27:b4:ff:0c:05:20:ab:f2:6b:17:c2:ac:06:cb:51:
2e:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:17:A9:B3:B2:A6:E8:EA:B7:7A:13:F6:2B:2E:4F:4F:B1:7C:86:CF
X509v3 Authority Key Identifier:
keyid:CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
10:4e:dd:2d:5b:95:ec:24:09:0d:33:c6:67:eb:fa:39:4e:1e:
74:c1:c4:28:75:d2:a1:9a:23:ef:d0:d0:6d:65:19:cb:e2:59:
fe:ce:ec:04:01:28:a6:df:6f:7c:99:bc:a9:8e:20:53:ef:89:
f2:8b:9d:04:95:70:e4:f3:5d:3c:19:c1:4a:9b:e7:3f:32:e9:
93:61:f8:74:10:e0:4d:17:4c:f2:14:2b:b3:e4:2a:07:2b:6a:
e2:65:4c:2a:3b:98:d7:c4:d9:bb:b0:e6:07:a5:84:cb:9a:c6:
20:5b:77:81:e9:84:48:c4:d7:42:84:0e:0f:11:c2:f4:d4:cd:
e3:1b:52:d7:eb:c2:3d:70:4a:00:4f:65:d2:d1:4a:f0:93:de:
d0:fd:d5:ed:e1:4d:4b:d0:01:79:cc:c0:53:3a:87:58:bf:4e:
e6:a3:fc:96:e1:31:57:2a:66:6d:e1:25:fc:84:64:8b:cc:03:
a8:60:63:af:c7:77:28:f3:27:5f:4d:8d:4e:3d:59:f0:15:b7:
2d:87:34:00:3e:ec:a8:94:4f:08:92:93:21:08:f1:2d:ce:2e:
62:67:67:35:b7:ec:88:4a:b4:ef:ff:26:07:f1:52:9b:93:c5:
55:cf:86:3d:15:4c:82:5e:b7:2c:e4:64:24:bf:66:37:8f:50:
4b:8c:2e:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytWd+6qz6QEK72ecNVck91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOGRmNTJhZGZlMmZjZTZhZTk2ZjZmZTA1ZDE0MDg5ZTAy
NDdjZWUwHhcNMjYwMzAyMDcwMTE0WhcNMjYwMzAzMDcwMTE0WjAzMTEwLwYDVQQD
EyhlMDE3YTliM2IyYTZlOGVhYjc3YTEzZjYyYjJlNGY0ZmIxN2M4NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ArNPsdrXocYHGEmwc+tN3u4ICRi
zT4+MkzZ5inKIiuBt0eyTNNpxothKBR30dCa5adOebexZkqJrDR9gKtc34BLVK31
lfVj/8QWy9/DKbhyiBtJHVOl3y+/cpKZWEh+97FTg1SSAi44EqkCEz9T8g5CQZ40
mfpbbXRiU3rI0U8HAYzqfYw/BcH9UIdCaEq+APgH7mAQASK8G3nsy9Axl3w2gJic
FS5sg5Fx4yrY/R+Xfs4dnbuRmOtfU3E6PgHKMzcZ+FT6yj9xzGf8/WkutJtgjEzx
x6av7BgJa8lTFc1FLg/OeVKb7zKwS5IDCnIntP8MBSCr8msXwqwGy1EuzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOAXqbOypujqt3oT9isuT0+xfIbPMB8GA1UdIwQY
MBaAFM+N9Srf4vzmrpb2/gXRQIngJHzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTIt
Zjc5N2UxZjU0NGQ5LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTItZjc5N2UxZjU0NGQ5
LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEE7dLVuV
7CQJDTPGZ+v6OU4edMHEKHXSoZoj79DQbWUZy+JZ/s7sBAEopt9vfJm8qY4gU++J
8oudBJVw5PNdPBnBSpvnPzLpk2H4dBDgTRdM8hQrs+QqBytq4mVMKjuY18TZu7Dm
B6WEy5rGIFt3gemESMTXQoQODxHC9NTN4xtS1+vCPXBKAE9l0tFK8JPe0P3V7eFN
S9ABeczAUzqHWL9O5qP8luExVypmbeEl/IRki8wDqGBjr8d3KPMnX02NTj1Z8BW3
LYc0AD7sqJRPCJKTIQjxLc4uYmdnNbfsiEq07/8mB/FSm5PFVc+GPRVMgl63LORk
JL9mN49QS4wuug==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:01:55 2026 by rpki-client