Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft
File: z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft (raw, json)
Hash identifier: Jg0GQ0GzKuku1KsqfMLFkiJQ93CnYx0Qskjn4raIvrY=
Subject key identifier: 3E:11:C8:FF:D2:2F:A4:D2:CF:BB:BD:4F:61:91:46:77:F1:D0:95:0A
Authority key identifier: CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C
Certificate issuer: /CN=cf40e25606651a075484c709fa766d80dad52d9c
Certificate serial: 019CAE357ED926E0286BB64E6748169FBC95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft
Manifest number: 0654
Signing time: Mon 02 Mar 2026 11:01:07 +0000
Manifest this update: Mon 02 Mar 2026 11:01:07 +0000
Manifest next update: Tue 03 Mar 2026 11:01:07 +0000
Files and hashes: 1: QdHInLlgS5JRpnU_JucTtPY8VJk.roa (hash: QfoNmRCKJigBgYRu4CBAAOqEk87PTUk4h7GOHN5KHOs=)
2: z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl (hash: OBF6B90AuRQSpe5d6Wo+dE+WsiLZdDoyKdvsUCdDTRQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft
rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 11:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:35:7e:d9:26:e0:28:6b:b6:4e:67:48:16:9f:bc:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf40e25606651a075484c709fa766d80dad52d9c
Validity
Not Before: Mar 2 11:01:07 2026 GMT
Not After : Mar 3 11:01:07 2026 GMT
Subject: CN=3e11c8ffd22fa4d2cfbbbd4f61914677f1d0950a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:5f:3b:82:6b:42:01:e4:25:62:e6:a3:15:92:
8e:52:8a:ef:85:b7:aa:24:81:04:46:8d:e2:4f:b1:
b1:80:73:3d:d9:f4:c3:97:f8:95:fb:18:84:ab:7b:
9a:88:de:22:d8:0b:43:45:81:70:e5:39:60:eb:b6:
eb:9f:85:33:5e:c2:d9:c6:0a:0f:cc:5d:0b:c8:e8:
ba:c8:aa:f0:35:91:49:42:4b:1e:25:eb:26:e3:d3:
8d:4a:77:6a:bb:2e:d2:29:71:fb:5d:1b:21:30:d2:
39:38:2c:22:90:f0:08:9d:92:53:7e:d8:ad:af:63:
0a:93:3a:48:0d:7c:ac:91:49:c2:e1:fc:65:d8:02:
d2:8d:66:31:bb:56:0a:e5:4d:0f:6c:07:8b:30:ea:
1c:27:e2:a3:37:4a:2b:2f:e5:99:76:ff:7e:f8:2f:
d0:7f:74:c9:19:b4:2a:39:d0:54:c6:34:d4:d8:34:
0a:14:53:d2:69:ed:5e:70:62:02:78:7a:66:89:31:
2d:cd:2c:c2:fc:bb:56:e1:79:87:a3:4a:b3:ca:cd:
f7:76:ec:d3:54:ca:15:cd:0d:33:34:6f:5b:41:95:
3a:34:1b:9b:27:78:e8:dd:90:18:57:d1:46:89:fd:
dd:f2:d0:aa:5c:25:7c:1a:19:42:8a:84:b1:59:16:
e0:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:11:C8:FF:D2:2F:A4:D2:CF:BB:BD:4F:61:91:46:77:F1:D0:95:0A
X509v3 Authority Key Identifier:
keyid:CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:3c:9c:d1:1f:b2:81:ec:1e:ec:ad:fb:2e:04:3a:d8:95:a5:
b6:c3:55:eb:e3:cc:74:62:4c:14:87:7c:eb:24:9f:ce:3d:c9:
b3:03:63:f5:4c:18:c2:3f:db:cf:bb:60:ab:c1:e8:f5:bd:5a:
e8:4d:7c:b7:a1:18:4f:0a:ab:90:98:81:82:5d:44:e2:19:d0:
39:d8:16:fb:e8:2c:e4:a8:6a:f0:2f:fe:4d:fe:7e:50:ee:82:
46:47:f3:1b:35:15:35:ba:4f:bf:ec:4c:2c:b6:7f:1d:18:c3:
98:94:4e:c5:c7:f0:76:50:95:fd:8b:c1:8a:a0:3b:51:83:c7:
93:62:03:8c:4e:83:a0:21:7e:8c:35:c3:91:ef:63:59:95:ae:
2e:ae:ba:13:4d:4e:67:f9:e2:0f:af:64:b9:c3:08:73:c3:e0:
a6:11:d3:5a:7d:66:e8:d0:52:6c:60:0d:2d:b4:a4:a0:ba:ce:
d1:40:10:89:59:6f:70:24:46:a8:5c:ac:40:22:88:66:f2:31:
20:c3:fd:bc:e7:0d:ad:00:6b:94:e7:dd:d1:d2:f1:9e:14:a5:
9b:6f:27:30:0c:26:5b:77:cf:d3:35:e2:88:7f:97:a1:3f:bf:
ae:b9:69:ab:a2:e3:4c:8a:18:af:1a:e5:fe:01:4a:f0:e9:e1:
02:43:ff:30
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyuNX7ZJuAoa7ZOZ0gWn7yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNDBlMjU2MDY2NTFhMDc1NDg0YzcwOWZhNzY2ZDgwZGFk
NTJkOWMwHhcNMjYwMzAyMTEwMTA3WhcNMjYwMzAzMTEwMTA3WjAzMTEwLwYDVQQD
EygzZTExYzhmZmQyMmZhNGQyY2ZiYmJkNGY2MTkxNDY3N2YxZDA5NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz187gmtCAeQlYuajFZKOUorvhbeq
JIEERo3iT7GxgHM92fTDl/iV+xiEq3uaiN4i2AtDRYFw5Tlg67brn4UzXsLZxgoP
zF0LyOi6yKrwNZFJQkseJesm49ONSndquy7SKXH7XRshMNI5OCwikPAInZJTftit
r2MKkzpIDXyskUnC4fxl2ALSjWYxu1YK5U0PbAeLMOocJ+KjN0orL+WZdv9++C/Q
f3TJGbQqOdBUxjTU2DQKFFPSae1ecGICeHpmiTEtzSzC/LtW4XmHo0qzys33duzT
VMoVzQ0zNG9bQZU6NBubJ3jo3ZAYV9FGif3d8tCqXCV8GhlCioSxWRbg9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD4RyP/SL6TSz7u9T2GRRnfx0JUKMB8GA1UdIwQY
MBaAFM9A4lYGZRoHVITHCfp2bYDa1S2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAt
ZTk5N2U1NThkNzNhLzEvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAtZTk5N2U1NThkNzNh
LzEvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFjyc0R+y
gewe7K37LgQ62JWltsNV6+PMdGJMFId86ySfzj3JswNj9UwYwj/bz7tgq8Ho9b1a
6E18t6EYTwqrkJiBgl1E4hnQOdgW++gs5Khq8C/+Tf5+UO6CRkfzGzUVNbpPv+xM
LLZ/HRjDmJROxcfwdlCV/YvBiqA7UYPHk2IDjE6DoCF+jDXDke9jWZWuLq66E01O
Z/niD69kucMIc8PgphHTWn1m6NBSbGANLbSkoLrO0UAQiVlvcCRGqFysQCKIZvIx
IMP9vOcNrQBrlOfd0dLxnhSlm28nMAwmW3fP0zXiiH+XoT+/rrlpq6LjTIoYrxrl
/gFK8OnhAkP/MA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:52:54 2026 by rpki-client