Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
File: Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft (raw, json)
Hash identifier: ml1yDyzFWuVnF7hecD56Xs6hancPGlNn7zYDKzkhHNE=
Subject key identifier: 95:8C:F3:27:17:BC:4E:46:F7:2E:B4:61:11:70:95:E8:CF:3C:03:F0
Authority key identifier: 67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
Certificate issuer: /CN=6777a62846df4edbe5666b89e8420e919ab08627
Certificate serial: 019CAD22F82C216A09BB6086B6A79F75E14C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
Manifest number: 17A2
Signing time: Mon 02 Mar 2026 06:01:15 +0000
Manifest this update: Mon 02 Mar 2026 06:01:15 +0000
Manifest next update: Tue 03 Mar 2026 06:01:15 +0000
Files and hashes: 1: 3VLDvoZCO7skcLMmoqmsMLtkmQU.roa (hash: 54REseVbtlx9mAKpYatYkVRIZlL/47Cw+aylSFwZYDg=)
2: Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl (hash: /Hp4gxynrYafSX8fIxsKODa417ScnDfiVsBvD5zi53s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:22:f8:2c:21:6a:09:bb:60:86:b6:a7:9f:75:e1:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6777a62846df4edbe5666b89e8420e919ab08627
Validity
Not Before: Mar 2 06:01:15 2026 GMT
Not After : Mar 3 06:01:15 2026 GMT
Subject: CN=958cf32717bc4e46f72eb461117095e8cf3c03f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:70:c8:86:29:bc:bb:59:be:80:ea:37:4f:fd:
c5:db:98:9f:a4:9d:00:71:3d:bf:21:a6:dc:f0:88:
e7:2a:a0:4c:71:e5:76:64:ca:00:db:df:e2:18:d6:
28:cf:27:29:b7:d7:c5:45:39:9d:91:b6:70:0b:e5:
69:73:95:b1:40:bc:67:eb:c5:38:13:8f:f6:9f:c9:
57:60:e0:d3:a1:57:de:b6:30:b8:4f:08:f4:e1:fd:
06:6c:bf:70:09:18:25:df:f3:7f:dd:f4:9c:bc:fa:
7e:cc:4f:88:02:80:8e:b4:59:33:c0:df:54:df:02:
c8:d4:10:a2:24:e5:5c:78:a2:e0:53:aa:89:0b:8c:
d4:ec:4d:c1:de:ba:9a:c3:f1:5e:c5:c1:58:48:ba:
ee:0d:19:3a:7c:9a:e0:4c:7a:4a:0d:40:e5:16:07:
45:80:9e:83:43:fa:b4:51:cb:d3:5b:7a:70:01:f5:
ff:19:10:8e:76:2e:ab:52:3d:fd:23:0f:15:ae:a8:
63:e7:66:cf:a0:d4:ee:90:16:00:b2:ab:50:77:ac:
a7:54:9a:96:6c:5a:17:df:f4:55:a8:73:c7:5f:e9:
07:8b:90:91:aa:bd:83:21:85:6e:0f:b1:51:2e:a9:
ac:66:29:4c:ce:c7:a8:20:b0:36:d0:2e:39:e6:ea:
3b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8C:F3:27:17:BC:4E:46:F7:2E:B4:61:11:70:95:E8:CF:3C:03:F0
X509v3 Authority Key Identifier:
keyid:67:77:A6:28:46:DF:4E:DB:E5:66:6B:89:E8:42:0E:91:9A:B0:86:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3emKEbfTtvlZmuJ6EIOkZqwhic.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/cb373f-764d-4532-8333-62d94af801b5/1/Z3emKEbfTtvlZmuJ6EIOkZqwhic.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:57:d3:21:5f:60:8e:4c:0f:9c:92:83:13:81:d5:ea:3a:af:
98:81:ec:b7:71:15:1d:3e:25:6b:2a:da:2b:77:31:99:3d:0b:
0b:47:81:6f:58:bd:ea:82:f5:d1:4b:45:f1:2f:74:a5:8a:67:
89:0b:d8:d4:fc:a7:61:da:9a:68:f3:e6:4e:29:81:f6:37:a2:
15:ac:b3:12:ff:1b:bf:b3:31:74:16:ba:a2:2a:02:e2:b5:c6:
0d:67:ef:41:41:8b:13:8e:b4:29:d6:26:8e:1d:9c:66:91:91:
ef:08:85:22:66:4c:d8:94:59:18:72:16:92:3c:53:19:c0:7f:
85:72:66:c0:81:c4:1c:2d:55:c6:18:26:ab:f6:41:d3:c8:25:
c1:10:01:45:ae:6d:5a:73:6b:f5:12:61:2f:6c:de:ae:7f:11:
83:b9:95:cd:c6:8f:b9:6f:76:52:b5:a2:90:80:0a:3a:be:c2:
dd:0a:f7:91:fb:32:92:08:a2:d2:55:6a:59:d4:e8:a6:88:09:
cc:8c:ed:40:46:12:52:0f:f4:26:47:8d:ff:b8:da:94:4e:da:
f7:d4:da:6b:88:74:8c:2a:67:72:1d:29:7e:27:2d:34:2b:8e:
ca:58:43:3a:09:c7:fc:2a:c7:0a:12:49:3b:78:e4:92:b5:2c:
93:3a:fc:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZytIvgsIWoJu2CGtqefdeFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3NzdhNjI4NDZkZjRlZGJlNTY2NmI4OWU4NDIwZTkxOWFi
MDg2MjcwHhcNMjYwMzAyMDYwMTE1WhcNMjYwMzAzMDYwMTE1WjAzMTEwLwYDVQQD
Eyg5NThjZjMyNzE3YmM0ZTQ2ZjcyZWI0NjExMTcwOTVlOGNmM2MwM2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnDIhim8u1m+gOo3T/3F25ifpJ0A
cT2/Iabc8IjnKqBMceV2ZMoA29/iGNYozycpt9fFRTmdkbZwC+Vpc5WxQLxn68U4
E4/2n8lXYODToVfetjC4Twj04f0GbL9wCRgl3/N/3fScvPp+zE+IAoCOtFkzwN9U
3wLI1BCiJOVceKLgU6qJC4zU7E3B3rqaw/FexcFYSLruDRk6fJrgTHpKDUDlFgdF
gJ6DQ/q0UcvTW3pwAfX/GRCOdi6rUj39Iw8Vrqhj52bPoNTukBYAsqtQd6ynVJqW
bFoX3/RVqHPHX+kHi5CRqr2DIYVuD7FRLqmsZilMzseoILA20C455uo7FwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJWM8ycXvE5G9y60YRFwlejPPAPwMB8GA1UdIwQY
MBaAFGd3pihG307b5WZriehCDpGasIYnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9jYjM3M2YtNzY0ZC00NTMyLTgzMzMt
NjJkOTRhZjgwMWI1LzEvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9jYjM3M2YtNzY0ZC00NTMyLTgzMzMtNjJkOTRhZjgwMWI1
LzEvWjNlbUtFYmZUdHZsWm11SjZFSU9rWnF3aGljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi1fTIV9g
jkwPnJKDE4HV6jqvmIHst3EVHT4layraK3cxmT0LC0eBb1i96oL10UtF8S90pYpn
iQvY1PynYdqaaPPmTimB9jeiFayzEv8bv7MxdBa6oioC4rXGDWfvQUGLE460KdYm
jh2cZpGR7wiFImZM2JRZGHIWkjxTGcB/hXJmwIHEHC1Vxhgmq/ZB08glwRABRa5t
WnNr9RJhL2zern8Rg7mVzcaPuW92UrWikIAKOr7C3Qr3kfsykgii0lVqWdTopogJ
zIztQEYSUg/0JkeN/7jalE7a99Taa4h0jCpnch0pfictNCuOylhDOgnH/CrHChJJ
O3jkkrUskzr8Lw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:52:20 2026 by rpki-client