Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json)
Hash identifier: vy0xUW7qzdobOTFcM+CB0hMaueI9VA68SYLvWdX40Xk=
Subject key identifier: 8D:71:7F:9B:4F:8E:92:E3:0B:E1:1A:90:3C:24:9B:0F:65:45:2B:B2
Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Certificate serial: 019CB1A421A7188B2ED25B8CB5363B05BB5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
Manifest number: 0172
Signing time: Tue 03 Mar 2026 03:00:49 +0000
Manifest this update: Tue 03 Mar 2026 03:00:49 +0000
Manifest next update: Wed 04 Mar 2026 03:00:49 +0000
Files and hashes: 1: BCFG1E3vkLJzX3xYHBAXCR2M-Dk.roa (hash: kLXCiyzJI0lL3gfuo31f6jHCm4NoCsgw/6nrJV+kat0=)
2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: uXSqikQrJ9EjRDVOpyV8IPOv2Tjdajc2dcFB7VFJ92s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b1:a4:21:a7:18:8b:2e:d2:5b:8c:b5:36:3b:05:bb:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Validity
Not Before: Mar 3 03:00:49 2026 GMT
Not After : Mar 4 03:00:49 2026 GMT
Subject: CN=8d717f9b4f8e92e30be11a903c249b0f65452bb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8f:5b:3c:76:ef:ee:01:a7:64:67:52:b6:84:
cc:77:9f:13:67:7d:df:6a:ff:6c:e5:f8:d6:da:f6:
d9:b3:24:e7:d7:49:fb:9f:a7:29:a8:4c:e1:db:bb:
64:18:6f:e3:4c:58:2a:0b:76:8b:41:91:75:41:16:
da:5b:1f:c4:3e:d2:3e:ff:22:d8:e9:6f:07:6f:ed:
96:74:83:cf:00:c8:74:d8:56:ec:78:02:7a:15:66:
a9:22:4a:cb:55:88:b2:b0:79:7a:9b:00:60:12:76:
67:17:e7:d6:fe:84:b2:db:a4:d5:e7:74:48:28:2c:
73:68:22:9d:8a:99:0c:42:98:d1:3e:9f:ab:b7:6f:
c1:9a:39:d8:6b:79:52:d0:da:bb:6b:86:d6:5c:fb:
72:2f:64:7b:87:fe:a8:b7:38:8d:9b:6c:04:f9:7e:
07:07:f2:66:f5:05:26:08:4e:ad:27:ca:a9:fb:a6:
07:a6:03:43:e4:28:93:3b:17:f9:3f:1a:eb:ba:a3:
91:33:f4:44:6a:a9:79:86:6c:b5:8a:82:d5:de:5f:
24:bc:5d:7d:9b:aa:1a:4c:8e:ca:8f:37:9a:95:2e:
53:fe:ad:c8:36:90:32:30:c7:49:ac:30:24:e0:36:
df:1c:f8:48:1f:5c:eb:9c:6b:35:65:79:f0:2f:c5:
8c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:71:7F:9B:4F:8E:92:E3:0B:E1:1A:90:3C:24:9B:0F:65:45:2B:B2
X509v3 Authority Key Identifier:
keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:5d:e9:9e:d0:c0:1b:c0:7d:4f:fc:e7:a8:66:04:97:30:9c:
24:13:43:53:2f:f5:ae:b4:e0:89:82:2d:d2:7b:ff:0b:48:76:
43:a9:16:83:91:3b:bc:6d:58:8a:03:c3:d9:4b:50:2c:e0:a8:
ea:89:c9:e0:79:3b:c7:49:3d:96:a8:a9:18:5c:8d:28:90:33:
74:b7:86:17:ef:01:1d:49:46:26:ae:92:81:44:67:4f:3b:47:
fc:47:4b:83:f1:ac:5d:1c:ac:09:42:9e:8e:3f:23:2a:4b:9d:
dc:69:7e:77:f9:f5:e6:9d:8f:1e:eb:ed:1a:95:d6:2f:db:3a:
95:b2:27:6e:4c:c0:89:4b:5d:4f:3c:56:6c:9e:0e:8b:37:ef:
29:7c:b1:b5:92:d6:8f:12:20:92:e8:2f:3e:b7:ed:c0:20:5a:
fe:e6:3f:b9:f2:0f:d3:09:17:8c:ff:06:fe:c7:5b:42:1d:37:
1e:c5:ea:1b:64:36:c4:d6:0c:72:a6:11:43:bb:8f:53:54:f9:
a5:44:09:a3:81:16:b6:86:3e:c4:de:1c:87:55:64:30:54:6a:
75:b2:4e:fb:8b:25:3a:74:6a:31:d0:ce:90:65:41:e8:ca:e3:
34:34:af:ca:a5:73:05:24:8d:76:fd:33:24:89:f3:7f:39:fd:
57:7b:93:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyxpCGnGIsu0luMtTY7BbtdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1
ZTk2NjMwHhcNMjYwMzAzMDMwMDQ5WhcNMjYwMzA0MDMwMDQ5WjAzMTEwLwYDVQQD
Eyg4ZDcxN2Y5YjRmOGU5MmUzMGJlMTFhOTAzYzI0OWIwZjY1NDUyYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY9bPHbv7gGnZGdStoTMd58TZ33f
av9s5fjW2vbZsyTn10n7n6cpqEzh27tkGG/jTFgqC3aLQZF1QRbaWx/EPtI+/yLY
6W8Hb+2WdIPPAMh02FbseAJ6FWapIkrLVYiysHl6mwBgEnZnF+fW/oSy26TV53RI
KCxzaCKdipkMQpjRPp+rt2/BmjnYa3lS0Nq7a4bWXPtyL2R7h/6otziNm2wE+X4H
B/Jm9QUmCE6tJ8qp+6YHpgND5CiTOxf5PxrruqORM/REaql5hmy1ioLV3l8kvF19
m6oaTI7KjzealS5T/q3INpAyMMdJrDAk4DbfHPhIH1zrnGs1ZXnwL8WM7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1xf5tPjpLjC+EakDwkmw9lRSuyMB8GA1UdIwQY
MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt
MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl
LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALF3pntDA
G8B9T/znqGYElzCcJBNDUy/1rrTgiYIt0nv/C0h2Q6kWg5E7vG1YigPD2UtQLOCo
6onJ4Hk7x0k9lqipGFyNKJAzdLeGF+8BHUlGJq6SgURnTztH/EdLg/GsXRysCUKe
jj8jKkud3Gl+d/n15p2PHuvtGpXWL9s6lbInbkzAiUtdTzxWbJ4OizfvKXyxtZLW
jxIgkugvPrftwCBa/uY/ufIP0wkXjP8G/sdbQh03HsXqG2Q2xNYMcqYRQ7uPU1T5
pUQJo4EWtoY+xN4ch1VkMFRqdbJO+4slOnRqMdDOkGVB6MrjNDSvyqVzBSSNdv0z
JInzfzn9V3uTwA==
-----END CERTIFICATE-----
Generated at Tue Mar 3 07:14:25 2026 by rpki-client