Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft
File: vzrHIKEXt01NE8Jj95R3kp7btLw.mft (raw, json)
Hash identifier: kI38UFc55g/vab0N+02larmVi0MnwR6p+HDYxI2dOUA=
Subject key identifier: 5D:07:86:6E:9E:B8:EE:9F:F6:15:57:1D:1E:DD:4A:F2:F5:55:BD:22
Authority key identifier: BF:3A:C7:20:A1:17:B7:4D:4D:13:C2:63:F7:94:77:92:9E:DB:B4:BC
Certificate issuer: /CN=bf3ac720a117b74d4d13c263f79477929edbb4bc
Certificate serial: 019CABA228D7C96D9F4F33D44241F2701CDA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft
Manifest number: 0630
Signing time: Sun 01 Mar 2026 23:00:56 +0000
Manifest this update: Sun 01 Mar 2026 23:00:56 +0000
Manifest next update: Mon 02 Mar 2026 23:00:56 +0000
Files and hashes: 1: jshUcB9xo_4UjMSMpv_Atyyty9w.roa (hash: An++hrgldtP3cS4PiEwsT48K4V8iq3LI6SDvvL0nHOE=)
2: vzrHIKEXt01NE8Jj95R3kp7btLw.crl (hash: 0z5bJezIX+l45ZKR3o6xJd12myYtHUXIhqa4IuYAd68=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:28:d7:c9:6d:9f:4f:33:d4:42:41:f2:70:1c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf3ac720a117b74d4d13c263f79477929edbb4bc
Validity
Not Before: Mar 1 23:00:56 2026 GMT
Not After : Mar 2 23:00:56 2026 GMT
Subject: CN=5d07866e9eb8ee9ff615571d1edd4af2f555bd22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:32:4f:c2:f6:50:50:87:de:06:0e:a7:0c:
1f:f7:70:5c:1f:65:2f:e5:40:cc:bb:7a:8c:b7:8b:
0b:02:11:25:0c:ae:be:cf:16:04:5f:30:51:0c:a7:
34:35:59:82:be:ea:f3:fc:2f:b2:85:ee:4b:42:bf:
53:77:72:39:18:30:42:0b:1c:98:6b:00:70:bb:a0:
75:f4:28:69:d6:f6:91:55:a7:96:47:ce:c1:b1:09:
ed:95:b4:48:98:0c:46:eb:e4:d9:8f:ff:71:7b:f9:
c1:29:7a:16:af:fe:6a:61:23:24:4e:69:82:71:eb:
aa:a1:07:af:52:f0:73:0f:f6:12:96:43:34:5a:9b:
7e:45:e8:93:54:47:40:f7:7e:04:63:7b:e0:94:2f:
0a:58:69:84:6b:17:bf:ee:ad:0c:51:d8:0b:80:b1:
3d:d2:c0:dc:0c:03:30:e2:34:70:c3:b4:84:4b:85:
0b:78:4d:7f:8c:7c:b5:ca:cc:af:f0:4e:62:d6:79:
fc:bd:e3:90:9b:1c:23:f0:64:c6:53:a2:18:3e:94:
f5:1b:1d:5e:2a:57:3d:72:e8:96:a3:fd:7e:47:48:
38:00:1e:4f:2f:7d:9e:1e:d9:ff:a4:4e:6f:61:36:
d3:45:c5:54:ac:ca:98:57:34:be:8b:6f:05:81:ba:
8b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:07:86:6E:9E:B8:EE:9F:F6:15:57:1D:1E:DD:4A:F2:F5:55:BD:22
X509v3 Authority Key Identifier:
keyid:BF:3A:C7:20:A1:17:B7:4D:4D:13:C2:63:F7:94:77:92:9E:DB:B4:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:fe:a9:f7:67:84:f9:fc:13:d4:5d:75:ce:28:eb:a8:be:9d:
7a:a6:b8:ed:18:ba:9f:b7:98:d2:ee:53:6d:03:af:1e:55:c4:
88:a6:87:a3:13:aa:2b:06:47:d5:e4:56:00:a9:85:fb:ef:ca:
8a:cf:16:3e:9d:f3:d6:7a:05:da:7c:e1:08:34:1d:8a:b3:3c:
36:b1:39:9b:8c:ff:62:78:a7:81:89:34:d0:15:6c:ee:b6:ed:
34:7c:34:17:a5:b8:50:8e:2a:aa:84:cf:68:70:02:aa:af:36:
b2:32:07:31:4d:bc:17:b4:31:a8:b6:5d:2a:0c:60:b8:9b:b0:
50:a0:3d:fe:3c:d0:76:b3:5e:51:c5:24:c9:94:8f:f0:99:64:
c7:74:d4:50:9a:28:fa:22:87:c9:0b:c8:01:74:4b:0e:0a:02:
8e:2f:12:dd:77:f5:e9:a1:ad:b4:49:36:10:b9:12:6b:ba:53:
f8:b2:24:9a:c9:a8:52:f1:12:b8:49:16:9f:62:c8:d4:17:d3:
63:28:c5:eb:25:97:b4:5e:38:59:d8:62:45:be:09:b2:66:95:
0f:60:8d:d3:eb:cb:97:d7:c0:65:8d:8d:da:16:40:2c:74:44:
90:31:b9:77:56:4d:6d:14:24:95:04:55:24:4b:de:8b:1f:f5:
6e:e3:c5:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyroijXyW2fTzPUQkHycBzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmM2FjNzIwYTExN2I3NGQ0ZDEzYzI2M2Y3OTQ3NzkyOWVk
YmI0YmMwHhcNMjYwMzAxMjMwMDU2WhcNMjYwMzAyMjMwMDU2WjAzMTEwLwYDVQQD
Eyg1ZDA3ODY2ZTllYjhlZTlmZjYxNTU3MWQxZWRkNGFmMmY1NTViZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruAyT8L2UFCH3gYOpwwf93BcH2Uv
5UDMu3qMt4sLAhElDK6+zxYEXzBRDKc0NVmCvurz/C+yhe5LQr9Td3I5GDBCCxyY
awBwu6B19Chp1vaRVaeWR87BsQntlbRImAxG6+TZj/9xe/nBKXoWr/5qYSMkTmmC
ceuqoQevUvBzD/YSlkM0Wpt+ReiTVEdA934EY3vglC8KWGmEaxe/7q0MUdgLgLE9
0sDcDAMw4jRww7SES4ULeE1/jHy1ysyv8E5i1nn8veOQmxwj8GTGU6IYPpT1Gx1e
Klc9cuiWo/1+R0g4AB5PL32eHtn/pE5vYTbTRcVUrMqYVzS+i28FgbqLdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF0Hhm6euO6f9hVXHR7dSvL1Vb0iMB8GA1UdIwQY
MBaAFL86xyChF7dNTRPCY/eUd5Ke27S8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjVmNWUtN2I3ZC00YjI4LWE5YjMt
MGFjMWJiZDQzNGQwLzEvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjVmNWUtN2I3ZC00YjI4LWE5YjMtMGFjMWJiZDQzNGQw
LzEvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKP6p92eE
+fwT1F11zijrqL6deqa47Ri6n7eY0u5TbQOvHlXEiKaHoxOqKwZH1eRWAKmF++/K
is8WPp3z1noF2nzhCDQdirM8NrE5m4z/YningYk00BVs7rbtNHw0F6W4UI4qqoTP
aHACqq82sjIHMU28F7QxqLZdKgxguJuwUKA9/jzQdrNeUcUkyZSP8Jlkx3TUUJoo
+iKHyQvIAXRLDgoCji8S3Xf16aGttEk2ELkSa7pT+LIkmsmoUvESuEkWn2LI1BfT
YyjF6yWXtF44WdhiRb4JsmaVD2CN0+vLl9fAZY2N2hZALHREkDG5d1ZNbRQklQRV
JEveix/1buPF7Q==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:04:37 2026 by rpki-client