Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json)
Hash identifier: uJfmWZuybbXTCcbq8KjIne8ijQEr1kRi6M7eZfjHhJQ=
Subject key identifier: 17:9E:FA:77:13:3B:5F:23:16:D7:3D:31:39:D2:7B:82:89:FE:32:C9
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 019CA9B369A253C34371C11AD097E8D45928
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
Manifest number: 0BDE
Signing time: Sun 01 Mar 2026 14:00:33 +0000
Manifest this update: Sun 01 Mar 2026 14:00:33 +0000
Manifest next update: Mon 02 Mar 2026 14:00:33 +0000
Files and hashes: 1: Q3WmyVx2hL_ulJlmWV4wBuMv3sY.roa (hash: qNBXvE4FodOwmoHeT/8KvY1e+YtkkhFfaz/pGiYECDk=)
2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: sNyP168ykO1mL+BG78YJrrJfgBkJZc+x0P1lXAoSKMU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:b3:69:a2:53:c3:43:71:c1:1a:d0:97:e8:d4:59:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: Mar 1 14:00:33 2026 GMT
Not After : Mar 2 14:00:33 2026 GMT
Subject: CN=179efa77133b5f2316d73d3139d27b8289fe32c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:65:54:bb:aa:4f:35:c2:aa:17:41:e7:23:8a:
ca:9c:5e:66:9e:ec:32:7b:53:77:72:37:0d:58:a2:
0a:df:69:cf:7b:69:f5:b2:b2:15:e5:74:d9:12:bb:
62:7f:52:e3:fa:41:43:f8:54:21:93:b0:45:18:0b:
b6:6b:57:81:09:bb:46:cc:42:40:39:71:70:68:a6:
bc:ae:1e:ed:77:de:35:21:58:fd:94:07:01:15:31:
dd:65:52:e5:88:22:27:da:bf:ce:0c:04:e6:42:12:
b5:3c:a7:af:b6:29:f5:5e:a8:b4:2b:21:59:38:b3:
4e:fc:6f:67:ba:2b:57:fb:a4:ee:32:a8:be:da:9a:
95:d3:6b:49:cb:cc:f4:4d:1c:0c:bf:27:e7:52:9f:
eb:03:ba:91:56:b7:21:cc:4f:1f:85:d7:0c:f0:a8:
51:c3:76:f2:48:86:9d:90:f8:88:73:14:eb:77:86:
49:de:ed:43:d1:c4:d9:7d:15:7f:d3:2e:0c:44:25:
70:b0:bb:23:f3:f8:5d:ac:52:9d:7c:59:d4:9e:3a:
7b:19:65:dc:59:d0:ea:c2:de:84:43:89:c1:43:47:
44:fb:a4:2b:8d:57:1f:2d:e7:74:5b:f5:7f:e6:e9:
9f:c4:24:11:da:3c:09:40:1b:09:b7:d5:0c:f6:2e:
c7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9E:FA:77:13:3B:5F:23:16:D7:3D:31:39:D2:7B:82:89:FE:32:C9
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:44:87:d4:30:7b:c3:33:48:13:b2:91:9c:d0:3f:f5:25:7d:
2a:f9:f7:e5:c3:f7:26:9d:f6:fb:f5:c3:b8:0f:ed:f5:33:99:
75:45:cc:55:a4:a4:91:80:f4:cc:b5:9c:48:e9:5e:c1:7c:cd:
59:13:26:9d:2c:c4:f0:ea:13:1d:67:ce:1b:62:fa:88:38:b6:
0b:01:c3:bd:bf:fc:18:54:06:2a:95:b2:66:95:36:e5:42:78:
18:4d:97:f2:32:68:b9:ea:7f:43:92:2f:0d:bb:88:af:75:a2:
0e:8c:4a:eb:c4:78:ba:f0:93:14:67:a9:41:93:ef:f8:a1:6b:
94:13:8c:84:e2:db:e9:96:03:0f:39:a8:d8:22:25:8f:b4:90:
21:68:26:bb:fe:27:90:42:78:73:04:51:cb:39:35:44:0c:a6:
32:96:a1:90:de:65:83:55:1a:2a:26:21:f1:5c:d1:ba:61:63:
69:8c:76:33:ba:aa:62:69:5d:26:d6:71:e2:e6:14:58:71:bd:
51:51:db:60:07:c7:bd:60:cb:d1:10:ed:33:52:2f:ac:c1:0f:
42:93:1a:44:a5:6f:08:8b:34:64:d9:d3:39:45:d4:f2:bf:88:
f1:b6:c3:3f:56:4e:05:bc:5f:c1:d4:45:17:a5:cd:46:44:0e:
13:68:08:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyps2miU8NDccEa0Jfo1FkoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjYwMzAxMTQwMDMzWhcNMjYwMzAyMTQwMDMzWjAzMTEwLwYDVQQD
EygxNzllZmE3NzEzM2I1ZjIzMTZkNzNkMzEzOWQyN2I4Mjg5ZmUzMmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWVUu6pPNcKqF0HnI4rKnF5mnuwy
e1N3cjcNWKIK32nPe2n1srIV5XTZErtif1Lj+kFD+FQhk7BFGAu2a1eBCbtGzEJA
OXFwaKa8rh7td941IVj9lAcBFTHdZVLliCIn2r/ODATmQhK1PKevtin1Xqi0KyFZ
OLNO/G9nuitX+6TuMqi+2pqV02tJy8z0TRwMvyfnUp/rA7qRVrchzE8fhdcM8KhR
w3bySIadkPiIcxTrd4ZJ3u1D0cTZfRV/0y4MRCVwsLsj8/hdrFKdfFnUnjp7GWXc
WdDqwt6EQ4nBQ0dE+6QrjVcfLed0W/V/5umfxCQR2jwJQBsJt9UM9i7H/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBee+ncTO18jFtc9MTnSe4KJ/jLJMB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ0SH1DB7
wzNIE7KRnNA/9SV9Kvn35cP3Jp32+/XDuA/t9TOZdUXMVaSkkYD0zLWcSOlewXzN
WRMmnSzE8OoTHWfOG2L6iDi2CwHDvb/8GFQGKpWyZpU25UJ4GE2X8jJouep/Q5Iv
DbuIr3WiDoxK68R4uvCTFGepQZPv+KFrlBOMhOLb6ZYDDzmo2CIlj7SQIWgmu/4n
kEJ4cwRRyzk1RAymMpahkN5lg1UaKiYh8VzRumFjaYx2M7qqYmldJtZx4uYUWHG9
UVHbYAfHvWDL0RDtM1IvrMEPQpMaRKVvCIs0ZNnTOUXU8r+I8bbDP1ZOBbxfwdRF
F6XNRkQOE2gIZg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:59:50 2026 by rpki-client