Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft
File: rzkvKN7GuMzrfNcOevcdjNyqmgY.mft (raw, json)
Hash identifier: 6iqlDA2NqUUM1CxKqgP7PQjHl+0p8aov8DRJFnUUGdo=
Subject key identifier: C9:D3:66:19:AC:67:DA:72:36:42:B2:9A:F9:AE:DD:AA:94:C6:0B:CB
Authority key identifier: AF:39:2F:28:DE:C6:B8:CC:EB:7C:D7:0E:7A:F7:1D:8C:DC:AA:9A:06
Certificate issuer: /CN=af392f28dec6b8cceb7cd70e7af71d8cdcaa9a06
Certificate serial: 019CABA231BA6F62F8C94F85912C8E7DC82A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft
Manifest number: 1844
Signing time: Sun 01 Mar 2026 23:00:59 +0000
Manifest this update: Sun 01 Mar 2026 23:00:59 +0000
Manifest next update: Mon 02 Mar 2026 23:00:59 +0000
Files and hashes: 1: 7qTF0jqmrE5sqWppz2XaId92Nsg.roa (hash: BXslQtBYGdpBVanESXoQgNGnECD/ohyq+njOEg7cP8o=)
2: rzkvKN7GuMzrfNcOevcdjNyqmgY.crl (hash: O6moqmIpZSpf3ZseDJKyMN0q3kARuBNcrgLNsubYvf8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ab:a2:31:ba:6f:62:f8:c9:4f:85:91:2c:8e:7d:c8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af392f28dec6b8cceb7cd70e7af71d8cdcaa9a06
Validity
Not Before: Mar 1 23:00:59 2026 GMT
Not After : Mar 2 23:00:59 2026 GMT
Subject: CN=c9d36619ac67da723642b29af9aeddaa94c60bcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f0:c9:91:76:d9:4e:8c:60:b3:29:af:a4:b4:
f0:14:9e:dc:b4:86:3d:0d:e8:0d:18:d9:59:67:6e:
d8:ef:7e:85:6e:05:ec:f1:38:af:68:fd:fd:a0:be:
aa:6b:60:90:8f:5a:76:6f:25:93:c6:69:73:24:b2:
90:59:3e:d3:62:aa:15:2f:6b:ac:a9:b1:e6:58:cb:
d5:e0:8c:21:71:b6:86:16:3e:93:2e:ae:0c:20:ce:
36:cf:a7:4a:37:87:3c:f3:ff:83:42:fd:df:dd:78:
88:9e:44:fe:e6:01:09:68:af:cf:e7:5f:3d:2c:46:
18:c8:a6:31:63:30:e6:e6:e2:5c:eb:7c:7b:2a:ba:
15:56:8c:f0:b5:d4:52:75:88:31:60:79:9c:7d:bb:
f6:ec:c4:3c:3e:cc:be:65:06:57:a4:ec:24:0e:f4:
23:40:5d:05:80:27:aa:98:0b:39:4b:b3:df:fc:df:
a6:b6:b0:84:a7:35:ce:d6:62:f1:99:40:00:b8:58:
0a:ab:d0:90:ed:16:07:92:a9:ce:4e:01:23:2d:1c:
b1:fd:ca:6f:d7:11:ea:fe:93:b5:e5:59:99:5f:0d:
8f:c0:32:a4:64:9e:59:30:f7:ee:42:7e:4b:01:f2:
e3:15:32:c4:a9:30:d6:75:02:4e:8c:1e:c5:ec:1f:
1f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D3:66:19:AC:67:DA:72:36:42:B2:9A:F9:AE:DD:AA:94:C6:0B:CB
X509v3 Authority Key Identifier:
keyid:AF:39:2F:28:DE:C6:B8:CC:EB:7C:D7:0E:7A:F7:1D:8C:DC:AA:9A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:40:cf:9c:7f:08:17:d2:14:ae:71:46:2c:31:15:dc:f1:b3:
1b:89:f6:20:f2:a4:f3:10:ea:c4:18:81:42:00:21:26:27:40:
63:3e:17:e4:27:7f:ed:1d:37:f6:4b:a3:f2:0a:70:8e:02:c4:
30:9f:90:c1:d8:82:7d:a5:2a:22:0e:b0:a9:36:8d:42:dd:59:
fb:15:91:fd:07:79:11:9b:cb:61:12:ef:4c:11:aa:ba:fe:3b:
50:9e:f2:54:0f:2f:8d:ff:60:74:ed:d7:e8:da:ee:44:8a:f4:
19:51:5c:a8:e8:72:57:d0:8b:bf:be:9c:05:2a:53:8e:3a:2d:
fd:73:dd:ff:3a:df:21:8d:a1:27:7d:64:05:b3:f2:75:0b:9b:
df:fd:9b:89:74:d0:33:b0:c6:a2:32:a7:1e:c6:ea:61:a0:30:
a3:be:00:da:8e:db:fb:ef:41:e1:26:65:48:cf:0a:c5:c7:dd:
3f:46:5a:a5:02:53:83:c0:76:27:89:e4:3f:c7:7d:1f:47:cb:
7c:e2:14:d3:1b:02:8f:48:dd:99:29:6b:cc:d2:2b:a6:0c:e0:
01:b9:5c:91:6d:96:55:17:54:bf:6d:31:d6:e5:72:50:53:90:
c0:11:ef:fe:50:8d:1f:e1:7f:f5:88:fa:bc:8a:dc:f8:a7:4c:
02:31:e2:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyrojG6b2L4yU+FkSyOfcgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzkyZjI4ZGVjNmI4Y2NlYjdjZDcwZTdhZjcxZDhjZGNh
YTlhMDYwHhcNMjYwMzAxMjMwMDU5WhcNMjYwMzAyMjMwMDU5WjAzMTEwLwYDVQQD
EyhjOWQzNjYxOWFjNjdkYTcyMzY0MmIyOWFmOWFlZGRhYTk0YzYwYmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfDJkXbZToxgsymvpLTwFJ7ctIY9
DegNGNlZZ27Y736FbgXs8TivaP39oL6qa2CQj1p2byWTxmlzJLKQWT7TYqoVL2us
qbHmWMvV4IwhcbaGFj6TLq4MIM42z6dKN4c88/+DQv3f3XiInkT+5gEJaK/P5189
LEYYyKYxYzDm5uJc63x7KroVVozwtdRSdYgxYHmcfbv27MQ8Psy+ZQZXpOwkDvQj
QF0FgCeqmAs5S7Pf/N+mtrCEpzXO1mLxmUAAuFgKq9CQ7RYHkqnOTgEjLRyx/cpv
1xHq/pO15VmZXw2PwDKkZJ5ZMPfuQn5LAfLjFTLEqTDWdQJOjB7F7B8fLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMnTZhmsZ9pyNkKymvmu3aqUxgvLMB8GA1UdIwQY
MBaAFK85LyjexrjM63zXDnr3HYzcqpoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8yZjM2ZDQtNzJlMS00MDQ2LWI3M2Yt
YWI5ZWFkYjFkNzk3LzEvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8yZjM2ZDQtNzJlMS00MDQ2LWI3M2YtYWI5ZWFkYjFkNzk3
LzEvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALkDPnH8I
F9IUrnFGLDEV3PGzG4n2IPKk8xDqxBiBQgAhJidAYz4X5Cd/7R039kuj8gpwjgLE
MJ+QwdiCfaUqIg6wqTaNQt1Z+xWR/Qd5EZvLYRLvTBGquv47UJ7yVA8vjf9gdO3X
6NruRIr0GVFcqOhyV9CLv76cBSpTjjot/XPd/zrfIY2hJ31kBbPydQub3/2biXTQ
M7DGojKnHsbqYaAwo74A2o7b++9B4SZlSM8KxcfdP0ZapQJTg8B2J4nkP8d9H0fL
fOIU0xsCj0jdmSlrzNIrpgzgAblckW2WVRdUv20x1uVyUFOQwBHv/lCNH+F/9Yj6
vIrc+KdMAjHioQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:07:53 2026 by rpki-client