Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier: pN7+hXjwQ5DUP+G/5MP+9H/j3QVPWHlev+Z4XXgURQA=
Subject key identifier: C2:B3:BA:FE:47:DC:FA:BF:F1:7C:C6:10:58:CF:A1:C6:A4:AC:AC:A1
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 019CAA58A4CF481C6EAD78030ED3D5EBA3B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number: 1847
Signing time: Sun 01 Mar 2026 17:01:01 +0000
Manifest this update: Sun 01 Mar 2026 17:01:01 +0000
Manifest next update: Mon 02 Mar 2026 17:01:01 +0000
Files and hashes: 1: _NSxXKWLAT32ACYjnb_Q_v0bth4.roa (hash: jFEG3V9iSls0XRVWy4kyBvsz0M23pnXIeMtJ7lA5i08=)
2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: MxmhpNblYUWDz2m5HM31rimpyKdjsdVlErehnJjnxbQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:58:a4:cf:48:1c:6e:ad:78:03:0e:d3:d5:eb:a3:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Mar 1 17:01:01 2026 GMT
Not After : Mar 2 17:01:01 2026 GMT
Subject: CN=c2b3bafe47dcfabff17cc61058cfa1c6a4acaca1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:09:89:3c:dc:cf:c4:59:cb:7e:2f:f6:b7:92:
55:57:09:c1:c2:bd:74:25:61:5c:36:2b:cd:93:4e:
b9:6e:3f:f8:84:5a:0f:d2:66:59:4e:be:68:bf:12:
a2:7e:5f:4a:8b:d3:10:0a:62:44:40:57:e4:d7:90:
70:e7:4d:06:b2:a4:80:14:55:55:e1:59:21:df:2e:
ce:f3:83:59:01:a4:f3:dd:b1:cd:c7:69:5f:38:49:
eb:10:52:80:f3:e8:27:e3:8c:35:d9:b7:e0:fa:a7:
c1:1b:1d:66:09:14:3c:3a:d0:a9:33:70:33:a3:34:
ee:c8:61:12:be:4c:92:91:08:5e:f3:f6:6c:8e:e3:
61:28:26:4e:a9:b5:b2:fb:aa:9d:00:c0:9a:f1:17:
fc:36:50:0b:9a:1b:34:f9:19:8b:ba:5c:fe:7b:e0:
1d:d0:65:5f:6e:bd:44:f9:a6:55:ec:b0:10:69:f4:
ff:2a:8a:a2:80:6b:79:f2:63:f7:09:8f:73:2c:98:
30:8b:77:cd:17:8e:25:6d:91:99:15:58:de:ab:bd:
20:78:6a:e4:04:2a:08:72:c5:89:dc:0b:a0:f6:ac:
00:88:00:1c:f2:95:c4:8b:95:9f:27:2c:ce:e5:b7:
e9:56:1a:3f:5c:0f:cd:df:27:4f:bd:f4:fe:c7:76:
d1:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:B3:BA:FE:47:DC:FA:BF:F1:7C:C6:10:58:CF:A1:C6:A4:AC:AC:A1
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:38:82:d9:1d:02:0d:a3:8f:84:34:e9:c6:08:7c:b2:a9:d3:
64:d9:d7:52:ae:c6:66:6a:e1:6c:93:34:a8:ff:a7:ec:8b:02:
a6:00:61:98:6e:fb:05:5f:76:dd:9c:c6:38:b3:58:ea:d1:10:
2b:62:52:48:18:68:d2:df:90:e1:1d:c3:7f:96:4c:47:ae:6f:
37:94:3d:8c:3b:bc:d8:49:61:ce:72:4d:fc:ca:60:72:de:c0:
e6:38:79:c8:4f:37:bc:5e:34:c6:91:9d:da:96:1e:dd:77:b2:
c2:ad:d6:66:bb:a7:7c:12:53:31:26:b6:20:58:fa:42:75:1a:
6b:b9:67:30:98:66:df:21:28:e7:90:f7:9c:f7:1a:da:46:ce:
ab:21:ed:8a:7d:ba:9f:e6:a2:de:00:6a:c3:41:d6:ff:3e:a4:
6a:ff:0e:45:3a:24:9f:a2:30:e6:9b:29:be:b9:ea:6c:81:8c:
0d:2a:8d:c1:fa:ec:39:98:80:44:20:b8:db:c8:9f:26:23:c6:
e6:33:52:e1:5c:51:d1:86:58:25:68:09:e7:72:f9:0d:92:da:
d2:bc:c9:50:64:d5:bf:a1:63:3e:60:5e:15:9a:7a:8c:80:dc:
4d:a6:1d:01:53:4f:bf:b2:52:f0:7d:2e:f9:2c:35:9d:4a:ef:
90:f2:38:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqWKTPSBxurXgDDtPV66O5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjYwMzAxMTcwMTAxWhcNMjYwMzAyMTcwMTAxWjAzMTEwLwYDVQQD
EyhjMmIzYmFmZTQ3ZGNmYWJmZjE3Y2M2MTA1OGNmYTFjNmE0YWNhY2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwmJPNzPxFnLfi/2t5JVVwnBwr10
JWFcNivNk065bj/4hFoP0mZZTr5ovxKifl9Ki9MQCmJEQFfk15Bw500GsqSAFFVV
4Vkh3y7O84NZAaTz3bHNx2lfOEnrEFKA8+gn44w12bfg+qfBGx1mCRQ8OtCpM3Az
ozTuyGESvkySkQhe8/ZsjuNhKCZOqbWy+6qdAMCa8Rf8NlALmhs0+RmLulz+e+Ad
0GVfbr1E+aZV7LAQafT/KoqigGt58mP3CY9zLJgwi3fNF44lbZGZFVjeq70geGrk
BCoIcsWJ3Aug9qwAiAAc8pXEi5WfJyzO5bfpVho/XA/N3ydPvfT+x3bR0QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMKzuv5H3Pq/8XzGEFjPocakrKyhMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArDiC2R0C
DaOPhDTpxgh8sqnTZNnXUq7GZmrhbJM0qP+n7IsCpgBhmG77BV923ZzGOLNY6tEQ
K2JSSBho0t+Q4R3Df5ZMR65vN5Q9jDu82ElhznJN/Mpgct7A5jh5yE83vF40xpGd
2pYe3Xeywq3WZrunfBJTMSa2IFj6QnUaa7lnMJhm3yEo55D3nPca2kbOqyHtin26
n+ai3gBqw0HW/z6kav8ORTokn6Iw5pspvrnqbIGMDSqNwfrsOZiARCC428ifJiPG
5jNS4VxR0YZYJWgJ53L5DZLa0rzJUGTVv6FjPmBeFZp6jIDcTaYdAVNPv7JS8H0u
+Sw1nUrvkPI4sA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:37:12 2026 by rpki-client