Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
File: 8zk0PMbVHduONjgpmhu0lfRYCSE.mft (raw, json)
Hash identifier: QEhkMdaa9TG86sVpmzTVdfuGUR1ADxwdq4G0Yg7P3yQ=
Subject key identifier: 3B:1C:72:7E:16:05:7A:FA:00:D0:0E:49:FC:7B:A7:62:69:44:6C:67
Authority key identifier: F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
Certificate issuer: /CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Certificate serial: 019CAA8F7D864481428B79694DB2D1BF18B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
Manifest number: 1845
Signing time: Sun 01 Mar 2026 18:00:56 +0000
Manifest this update: Sun 01 Mar 2026 18:00:56 +0000
Manifest next update: Mon 02 Mar 2026 18:00:56 +0000
Files and hashes: 1: 3ZbP8D4oyhCe4u5mlugxkhUP_G4.roa (hash: mYQ4ggMgVLrFbz01ZBuOhgHTwYfwTmz0/Kv0k+37TBo=)
2: 8zk0PMbVHduONjgpmhu0lfRYCSE.crl (hash: lAOAiHUnh5CZig2EN0dsoBzXb9IihbcPgcG4ZeFyOhQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:8f:7d:86:44:81:42:8b:79:69:4d:b2:d1:bf:18:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f339343cc6d51ddb8e3638299a1bb495f4580921
Validity
Not Before: Mar 1 18:00:56 2026 GMT
Not After : Mar 2 18:00:56 2026 GMT
Subject: CN=3b1c727e16057afa00d00e49fc7ba76269446c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:08:bb:0c:aa:bd:02:fb:fc:58:fc:aa:b0:ec:
53:ea:d6:52:a6:fa:2b:b1:23:1c:ca:21:e5:0d:a0:
ff:86:55:1c:2b:a1:3b:71:da:5e:07:44:a6:02:3a:
a3:1a:2a:ff:56:39:96:b8:c2:6c:cd:85:49:ef:a6:
c3:13:ab:c6:fe:54:10:ba:21:bd:ef:f1:c9:00:3e:
87:55:5d:eb:0f:03:32:89:3d:5a:45:fc:bb:64:3c:
da:59:20:b1:c4:f1:59:30:cb:ee:77:74:44:5c:48:
76:07:d3:ef:21:63:f5:06:0b:7b:21:f8:31:f5:aa:
86:64:10:a2:6f:3f:9d:1f:04:2d:9a:9d:02:e2:01:
8c:8e:d3:6e:6a:c1:ac:d4:f5:2d:4b:40:8b:5c:4d:
23:fb:43:72:3a:f8:2b:ca:c8:3e:93:d5:1a:82:38:
10:83:c6:9a:2f:fe:1d:f4:05:7d:e5:a8:4a:59:b3:
ae:44:08:cd:7b:db:20:41:43:9d:13:3d:a2:a2:7a:
c6:80:84:01:b3:66:a4:97:ed:62:ba:c9:b6:cb:c9:
f6:7c:5b:71:1b:50:0e:72:7a:d2:35:6b:49:f6:ca:
5f:95:ae:2b:d8:2f:ab:dd:e4:1d:bc:0d:a8:c8:b9:
e1:f1:1d:c4:3b:02:52:9c:cd:50:a7:92:94:f4:b1:
ba:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:1C:72:7E:16:05:7A:FA:00:D0:0E:49:FC:7B:A7:62:69:44:6C:67
X509v3 Authority Key Identifier:
keyid:F3:39:34:3C:C6:D5:1D:DB:8E:36:38:29:9A:1B:B4:95:F4:58:09:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8zk0PMbVHduONjgpmhu0lfRYCSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/5de6df-ce4f-4b09-82d2-377d25be594d/1/8zk0PMbVHduONjgpmhu0lfRYCSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:40:1a:98:f5:4b:5f:ba:fe:bd:a4:61:5e:a4:e0:4b:4e:4e:
8e:75:95:6e:62:37:ed:c6:fe:f3:d1:c1:51:eb:ce:bb:e6:ed:
25:4f:e3:11:46:be:01:f4:2c:6a:9c:18:26:94:1b:03:a1:e6:
8a:89:6c:96:9d:0c:d2:74:7e:88:36:87:ba:be:fa:c5:5c:71:
09:e3:fb:ab:09:9d:1b:fd:b3:aa:9f:c3:18:e8:09:84:3e:8c:
2c:3c:05:fe:71:fe:72:98:bc:e5:5e:73:94:f7:2e:93:08:53:
f0:f1:4d:fa:1f:c9:59:c0:fc:32:47:63:0e:65:4d:c6:f0:c2:
cf:ce:75:0b:53:57:d4:72:d5:c7:c0:63:d4:ca:43:6d:af:88:
96:ab:8e:ad:3f:5d:62:b2:42:2b:43:1f:96:28:d6:2a:44:ab:
59:c4:d3:ab:00:a8:ad:2c:31:1b:f0:92:bd:6c:9c:00:66:aa:
3e:cc:91:6c:89:cb:76:d3:5d:be:b7:f9:97:92:87:fc:58:f2:
6e:fd:cd:25:0e:80:52:30:2b:1e:be:e9:c4:b3:4e:3a:e1:c9:
ba:18:85:3c:a7:8a:24:6c:da:a3:e4:38:08:9f:75:8e:45:ca:
ae:1b:2a:fb:e7:b2:ab:62:49:1f:18:6e:11:f6:7f:45:f1:9e:
1d:bb:bf:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqj32GRIFCi3lpTbLRvxi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMzkzNDNjYzZkNTFkZGI4ZTM2MzgyOTlhMWJiNDk1ZjQ1
ODA5MjEwHhcNMjYwMzAxMTgwMDU2WhcNMjYwMzAyMTgwMDU2WjAzMTEwLwYDVQQD
EygzYjFjNzI3ZTE2MDU3YWZhMDBkMDBlNDlmYzdiYTc2MjY5NDQ2YzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwi7DKq9Avv8WPyqsOxT6tZSpvor
sSMcyiHlDaD/hlUcK6E7cdpeB0SmAjqjGir/VjmWuMJszYVJ76bDE6vG/lQQuiG9
7/HJAD6HVV3rDwMyiT1aRfy7ZDzaWSCxxPFZMMvud3REXEh2B9PvIWP1Bgt7Ifgx
9aqGZBCibz+dHwQtmp0C4gGMjtNuasGs1PUtS0CLXE0j+0NyOvgrysg+k9UagjgQ
g8aaL/4d9AV95ahKWbOuRAjNe9sgQUOdEz2ionrGgIQBs2akl+1iusm2y8n2fFtx
G1AOcnrSNWtJ9spfla4r2C+r3eQdvA2oyLnh8R3EOwJSnM1Qp5KU9LG6FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDsccn4WBXr6ANAOSfx7p2JpRGxnMB8GA1UdIwQY
MBaAFPM5NDzG1R3bjjY4KZobtJX0WAkhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDIt
Mzc3ZDI1YmU1OTRkLzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81ZGU2ZGYtY2U0Zi00YjA5LTgyZDItMzc3ZDI1YmU1OTRk
LzEvOHprMFBNYlZIZHVPTmpncG1odTBsZlJZQ1NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUEAamPVL
X7r+vaRhXqTgS05OjnWVbmI37cb+89HBUevOu+btJU/jEUa+AfQsapwYJpQbA6Hm
iolslp0M0nR+iDaHur76xVxxCeP7qwmdG/2zqp/DGOgJhD6MLDwF/nH+cpi85V5z
lPcukwhT8PFN+h/JWcD8MkdjDmVNxvDCz851C1NX1HLVx8Bj1MpDba+IlquOrT9d
YrJCK0MflijWKkSrWcTTqwCorSwxG/CSvWycAGaqPsyRbInLdtNdvrf5l5KH/Fjy
bv3NJQ6AUjArHr7pxLNOOuHJuhiFPKeKJGzao+Q4CJ91jkXKrhsq++eyq2JJHxhu
EfZ/RfGeHbu/zQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:08:03 2026 by rpki-client