Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
File: z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json)
Hash identifier: CJFE+wRKnC0LaZeJDZ8U6CzneMS1RlSKSa5FETF6jxk=
Subject key identifier: 20:18:88:55:1E:5E:D3:5C:63:6B:C9:CD:69:25:26:5C:CB:5C:20:3F
Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
Certificate issuer: /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Certificate serial: 019D97E26AC22B4CEB5B675609E6DC47F437
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
Manifest number: 1221
Signing time: Thu 16 Apr 2026 20:01:31 +0000
Manifest this update: Thu 16 Apr 2026 20:01:31 +0000
Manifest next update: Fri 17 Apr 2026 20:01:31 +0000
Files and hashes: 1: UbxGuXfCPU7PaazgdUkcbZmtVZU.roa (hash: U0sRu1JWMunI3dF2aemA2TfuPLAR6kavSK8Q8KfB14s=)
2: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: onsRPW1wAqnj5v87eB5MZAsvKF1VaBrLdjbZfdjPf9U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 20:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:e2:6a:c2:2b:4c:eb:5b:67:56:09:e6:dc:47:f4:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6
Validity
Not Before: Apr 16 20:01:31 2026 GMT
Not After : Apr 17 20:01:31 2026 GMT
Subject: CN=201888551e5ed35c636bc9cd6925265ccb5c203f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:79:6a:cc:d5:37:2c:ce:ea:45:33:07:04:ba:
35:cd:9b:d0:77:d6:a9:6c:76:ba:9e:b3:03:c1:b5:
63:fc:0a:a5:81:60:21:7a:bd:f3:d0:54:98:61:c0:
84:3f:c0:02:df:00:25:b1:61:b5:58:37:8f:89:d0:
4c:04:47:8b:39:27:d7:59:40:7e:c8:cd:2f:88:89:
93:ab:01:07:10:eb:cb:4c:f3:cf:9b:b4:f6:36:c4:
00:2d:e2:d9:b1:ea:86:c2:f6:b8:93:cf:73:bc:72:
d3:fe:eb:39:73:d6:cd:42:0e:f4:2b:72:10:f9:52:
d1:e3:62:01:98:0f:bb:f4:5a:c1:c5:18:c0:e4:6a:
16:1c:15:5c:4a:15:3a:e0:c3:ed:e8:3c:5b:8d:aa:
62:bd:a0:32:9a:5e:b7:0f:0a:a5:bc:ce:c7:d0:70:
9e:30:c8:a0:28:14:5c:72:0f:fb:d5:fb:d3:af:59:
de:58:9e:44:08:25:04:20:6b:0c:d2:81:e3:a4:09:
5b:4e:4d:af:2e:e7:9c:c0:10:24:5f:14:32:8a:d9:
b6:92:f7:65:74:e2:96:43:f3:de:97:dc:b8:a1:2b:
3f:44:04:5f:11:28:2a:46:07:f5:9b:c5:35:7a:54:
a6:b8:5a:f3:51:e8:8d:25:d8:50:b5:57:ff:14:3a:
ad:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:18:88:55:1E:5E:D3:5C:63:6B:C9:CD:69:25:26:5C:CB:5C:20:3F
X509v3 Authority Key Identifier:
keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
87:e7:3e:cd:06:f7:e2:46:4b:78:b3:04:e5:5a:19:b6:0a:7b:
70:08:24:7b:f0:61:3e:47:b7:ba:42:e1:49:86:f5:82:9e:86:
5f:a8:e6:81:30:98:2d:a8:c3:ee:6e:00:78:b7:26:ea:4e:a2:
5b:13:81:89:4a:c6:15:88:09:86:38:06:b1:b1:48:23:c5:d8:
0f:94:fb:b8:a8:47:5b:67:4d:4a:3f:a5:96:28:6b:88:b5:68:
81:ca:fb:34:bf:a3:e6:85:a5:fd:e3:3e:10:4d:61:6c:2e:92:
e9:02:27:34:49:8b:d1:b9:24:1d:53:d0:b8:c8:3a:9b:1e:1c:
80:1e:8f:3b:45:15:88:d3:f4:0e:1d:ab:c2:7e:52:c3:1f:60:
07:de:1b:bf:f3:3c:34:98:6e:90:5a:f3:8d:eb:d5:c2:e2:1c:
71:a7:67:ff:83:a3:99:62:c0:4a:26:3d:78:6b:75:3e:15:08:
fc:7e:1a:15:b7:f4:8d:3b:62:3e:28:a2:41:c0:4e:1a:50:b0:
60:8e:a7:51:da:d7:b0:6a:70:0b:0a:c5:17:68:45:e8:70:87:
8e:bd:b9:9c:ae:bd:bd:4c:18:3a:61:49:45:9f:41:45:ee:09:
2e:e2:c5:a4:b1:e1:14:73:a5:e5:f6:24:99:63:fb:6e:0b:17:
60:be:79:2b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2X4mrCK0zrW2dWCebcR/Q3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2
ODBjZTYwHhcNMjYwNDE2MjAwMTMxWhcNMjYwNDE3MjAwMTMxWjAzMTEwLwYDVQQD
EygyMDE4ODg1NTFlNWVkMzVjNjM2YmM5Y2Q2OTI1MjY1Y2NiNWMyMDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHlqzNU3LM7qRTMHBLo1zZvQd9ap
bHa6nrMDwbVj/AqlgWAher3z0FSYYcCEP8AC3wAlsWG1WDePidBMBEeLOSfXWUB+
yM0viImTqwEHEOvLTPPPm7T2NsQALeLZseqGwva4k89zvHLT/us5c9bNQg70K3IQ
+VLR42IBmA+79FrBxRjA5GoWHBVcShU64MPt6DxbjapivaAyml63DwqlvM7H0HCe
MMigKBRccg/71fvTr1neWJ5ECCUEIGsM0oHjpAlbTk2vLuecwBAkXxQyitm2kvdl
dOKWQ/Pel9y4oSs/RARfESgqRgf1m8U1elSmuFrzUeiNJdhQtVf/FDqtnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCAYiFUeXtNcY2vJzWklJlzLXCA/MB8GA1UdIwQY
MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt
MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm
LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh+c+zQb3
4kZLeLME5VoZtgp7cAgke/BhPke3ukLhSYb1gp6GX6jmgTCYLajD7m4AeLcm6k6i
WxOBiUrGFYgJhjgGsbFII8XYD5T7uKhHW2dNSj+llihriLVogcr7NL+j5oWl/eM+
EE1hbC6S6QInNEmL0bkkHVPQuMg6mx4cgB6PO0UViNP0Dh2rwn5Swx9gB94bv/M8
NJhukFrzjevVwuIccadn/4OjmWLASiY9eGt1PhUI/H4aFbf0jTtiPiiiQcBOGlCw
YI6nUdrXsGpwCwrFF2hF6HCHjr25nK69vUwYOmFJRZ9BRe4JLuLFpLHhFHOl5fYk
mWP7bgsXYL55Kw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:24:34 2026 by rpki-client