Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier: JDfwD/ZaDGYDrdDbI/T0BXiZVnO1XpuVy/9I3tjm+UQ=
Subject key identifier: E9:89:A2:A1:97:9A:01:91:88:3E:51:4E:B8:36:2E:2D:17:F1:88:74
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 019D99D04629684BDB15DACBDF862E0AEF1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 05:00:56 +0000
Manifest this update: Fri 17 Apr 2026 05:00:56 +0000
Manifest next update: Sat 18 Apr 2026 05:00:56 +0000
Files and hashes: 1: _NSxXKWLAT32ACYjnb_Q_v0bth4.roa (hash: jFEG3V9iSls0XRVWy4kyBvsz0M23pnXIeMtJ7lA5i08=)
2: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: tw8rOGJPiSP0XL2u8FKqfuJ6GFzKr6ilK0+96611fRA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:99:d0:46:29:68:4b:db:15:da:cb:df:86:2e:0a:ef:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Apr 17 05:00:56 2026 GMT
Not After : Apr 18 05:00:56 2026 GMT
Subject: CN=e989a2a1979a0191883e514eb8362e2d17f18874
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:0f:88:4d:2f:3f:4d:d4:3d:0c:c1:37:b7:
71:10:ec:2a:c0:85:80:36:f1:45:24:80:3c:eb:87:
6e:b0:7e:b9:a5:1e:93:ce:ad:67:c7:83:60:f6:82:
e2:92:e6:4e:0b:f7:0f:ca:fd:92:4f:b8:ed:b3:bc:
cf:39:c8:1b:06:d3:01:3a:cf:fd:0f:98:09:db:c1:
8d:db:3e:8a:47:6c:56:be:5b:1e:5c:00:ad:0b:4c:
06:dc:ba:ac:17:d8:2a:79:1c:77:bd:5f:eb:b1:c0:
3a:b7:88:bc:23:1c:f5:9f:12:d3:fe:be:d9:3e:5f:
08:35:01:7f:6e:4f:28:28:c0:cf:71:fd:04:09:33:
56:84:c4:8c:78:f5:cc:cc:3d:c2:7f:92:b8:74:56:
ed:8b:d3:70:94:d8:b7:38:f1:72:f3:7c:7f:25:ce:
ee:80:85:b5:7f:79:e0:fe:2a:41:1a:5c:55:16:88:
63:ce:0c:92:a4:af:54:cc:0f:28:fe:ad:b7:ca:cc:
c9:f4:e8:3b:91:8d:93:90:87:15:34:7d:18:81:5e:
ab:7d:48:39:ef:28:35:fa:c1:d2:17:32:2a:92:1b:
06:b7:65:39:0f:cc:e0:1d:69:d1:40:4d:41:f6:b4:
f7:df:47:24:44:5a:03:cd:16:7c:fb:50:59:f7:5b:
fb:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:89:A2:A1:97:9A:01:91:88:3E:51:4E:B8:36:2E:2D:17:F1:88:74
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
93:d8:c9:a7:b0:ba:55:48:ba:fe:9f:d0:dc:e5:34:05:99:73:
03:84:00:55:5c:d8:33:31:bb:e9:a5:69:09:6f:fc:32:bf:77:
c0:3d:69:30:a7:7b:65:8e:dd:65:40:a6:78:ce:c3:f0:5e:4f:
3f:7d:b8:18:21:cf:7f:49:e2:0c:bf:a2:d5:aa:fa:b6:99:c0:
e9:5f:91:6d:3b:66:88:0b:c9:83:ae:75:c8:97:94:dd:14:ba:
e3:4f:47:29:3b:45:0a:cc:18:d5:0d:e3:ac:58:4e:48:cf:a2:
1d:c4:f8:e9:cb:08:f4:27:2d:12:36:2a:b9:99:1c:23:90:f1:
7a:f1:14:99:b1:89:99:f1:01:d9:48:0b:ff:f9:38:bc:3f:44:
14:0f:b0:c2:19:ab:86:a8:b1:01:9d:98:6e:59:d3:20:2f:13:
42:1c:5b:61:44:28:31:f4:3e:d2:4c:df:5a:8d:99:c2:de:25:
ae:e5:10:23:5f:d1:6b:ec:ca:67:02:80:a4:cb:97:6e:5a:50:
09:63:30:bc:14:a9:ee:6b:b4:a4:c9:c6:4a:4b:5e:62:73:79:
40:3a:08:6a:64:30:6a:b9:de:f6:99:85:cb:10:24:c8:72:6c:
07:21:bc:90:43:f5:09:d1:63:ff:6b:ab:48:4e:76:27:66:a7:
11:92:b6:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2Z0EYpaEvbFdrL34YuCu8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjYwNDE3MDUwMDU2WhcNMjYwNDE4MDUwMDU2WjAzMTEwLwYDVQQD
EyhlOTg5YTJhMTk3OWEwMTkxODgzZTUxNGViODM2MmUyZDE3ZjE4ODc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov4PiE0vP03UPQzBN7dxEOwqwIWA
NvFFJIA864dusH65pR6Tzq1nx4Ng9oLikuZOC/cPyv2ST7jts7zPOcgbBtMBOs/9
D5gJ28GN2z6KR2xWvlseXACtC0wG3LqsF9gqeRx3vV/rscA6t4i8Ixz1nxLT/r7Z
Pl8INQF/bk8oKMDPcf0ECTNWhMSMePXMzD3Cf5K4dFbti9NwlNi3OPFy83x/Jc7u
gIW1f3ng/ipBGlxVFohjzgySpK9UzA8o/q23yszJ9Og7kY2TkIcVNH0YgV6rfUg5
7yg1+sHSFzIqkhsGt2U5D8zgHWnRQE1B9rT330ckRFoDzRZ8+1BZ91v77wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOmJoqGXmgGRiD5RTrg2Li0X8Yh0MB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk9jJp7C6
VUi6/p/Q3OU0BZlzA4QAVVzYMzG76aVpCW/8Mr93wD1pMKd7ZY7dZUCmeM7D8F5P
P324GCHPf0niDL+i1ar6tpnA6V+RbTtmiAvJg651yJeU3RS6409HKTtFCswY1Q3j
rFhOSM+iHcT46csI9CctEjYquZkcI5DxevEUmbGJmfEB2UgL//k4vD9EFA+wwhmr
hqixAZ2YblnTIC8TQhxbYUQoMfQ+0kzfWo2Zwt4lruUQI1/Ra+zKZwKApMuXblpQ
CWMwvBSp7mu0pMnGSkteYnN5QDoIamQwarne9pmFyxAkyHJsByG8kEP1CdFj/2ur
SE52J2anEZK27g==
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:47:22 2026 by rpki-client