Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: OL//UNlhUX5DMntJ/IvXbppOHwEpPd/Q3Yftwe1ZrCs=
Subject key identifier: B4:58:42:E6:75:94:70:43:F2:F0:8C:47:4B:49:B7:6A:E3:EC:02:30
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 019CAE6C7C1721F733CB4A789B55DA2344A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1849
Signing time: Mon 02 Mar 2026 12:01:10 +0000
Manifest this update: Mon 02 Mar 2026 12:01:10 +0000
Manifest next update: Tue 03 Mar 2026 12:01:10 +0000
Files and hashes: 1: 2WuQdzmfTzUsr5yT6_ElWI37EFQ.roa (hash: UEPfvyzT8876g2v5SGvEl+4/qaMtSPjm6N+hA2QZZSY=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: t5vOAdAtIxsf6CG038v3jbYQOC391bw+g7ScHQ0qOlI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:6c:7c:17:21:f7:33:cb:4a:78:9b:55:da:23:44:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Mar 2 12:01:10 2026 GMT
Not After : Mar 3 12:01:10 2026 GMT
Subject: CN=b45842e675947043f2f08c474b49b76ae3ec0230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d4:d7:ef:53:18:25:de:bc:1a:cf:b2:9e:56:
e6:af:6c:9b:6c:f6:cf:b7:d2:eb:3e:0c:d7:50:90:
6c:a8:30:de:5c:5b:65:2d:9b:27:4c:da:5b:cb:a2:
a3:a5:34:04:dd:93:a0:8d:21:6e:3c:95:13:c9:df:
b9:58:e5:aa:37:00:a4:92:69:ed:ed:f7:ea:e1:89:
2d:f2:f0:b4:e6:1d:a5:dc:d9:41:41:f2:c8:ed:51:
66:d2:ac:30:27:4a:dd:d5:2d:51:a7:28:43:4d:76:
4b:a7:a7:ec:0b:6b:93:ca:87:98:b1:f9:da:5e:d9:
11:08:f1:17:39:76:33:a6:14:0f:7a:0d:92:2e:e6:
21:d9:96:70:73:4e:e4:e1:68:3e:05:46:f2:66:06:
7b:27:3d:0d:a1:2d:da:65:a6:76:e8:d0:02:b1:28:
44:f1:46:fd:d8:d4:16:54:6c:3e:f0:44:31:66:30:
2b:78:af:6e:04:d4:42:d6:e1:40:7e:35:58:cc:16:
53:fa:8a:44:77:97:17:91:8e:dd:f2:b7:8b:2c:a5:
6e:11:08:c8:ea:5d:d8:8f:73:ef:25:ce:e7:3c:33:
16:9f:72:1f:35:e7:bf:3c:34:01:12:72:5c:de:c9:
a6:cb:68:ed:97:c4:87:3e:b2:2a:8b:29:bf:cb:00:
f7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:58:42:E6:75:94:70:43:F2:F0:8C:47:4B:49:B7:6A:E3:EC:02:30
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:ba:8c:19:8c:de:3d:b5:90:89:65:0f:a1:92:26:32:69:21:
70:09:1c:6b:02:86:8f:5b:34:5b:e4:34:ee:22:a0:a6:0f:46:
a3:e1:27:f4:5e:16:f3:ff:4a:d3:95:29:6a:64:05:18:2d:05:
9d:08:a6:5f:5a:46:23:3c:3f:88:25:de:ea:4d:9d:07:f9:44:
3f:ca:85:8d:5b:24:4c:18:70:4e:bc:1e:d0:53:90:c6:f4:39:
27:79:ed:38:b4:e6:2e:a6:bd:35:69:49:33:e9:4e:93:39:12:
c8:6b:f1:82:f3:6e:6a:bd:37:fc:26:cf:a6:61:6c:1d:36:68:
0f:58:83:b2:3a:ad:8e:0e:74:a5:03:cc:1b:8e:90:f8:e9:9b:
46:9d:fd:7e:e9:ec:16:8d:e3:77:ed:e6:d8:47:5a:62:47:cc:
e2:7d:a6:d6:21:fd:c4:22:7b:0d:84:ed:ff:4b:aa:cf:2f:cb:
c0:4e:a8:5e:ab:d4:4d:36:f1:a1:87:b3:be:00:d4:d9:a3:7f:
17:81:d6:82:1c:99:7f:38:10:6d:d7:8a:58:c5:b0:a7:d9:d3:
2e:8b:b5:1f:2d:75:47:b6:e5:3c:0f:7a:a6:85:cb:b3:85:98:
6b:f7:85:62:4c:f2:1f:fe:bc:79:86:94:16:a9:b8:76:c6:f7:
84:f4:9f:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyubHwXIfczy0p4m1XaI0SlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjYwMzAyMTIwMTEwWhcNMjYwMzAzMTIwMTEwWjAzMTEwLwYDVQQD
EyhiNDU4NDJlNjc1OTQ3MDQzZjJmMDhjNDc0YjQ5Yjc2YWUzZWMwMjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidTX71MYJd68Gs+ynlbmr2ybbPbP
t9LrPgzXUJBsqDDeXFtlLZsnTNpby6KjpTQE3ZOgjSFuPJUTyd+5WOWqNwCkkmnt
7ffq4Ykt8vC05h2l3NlBQfLI7VFm0qwwJ0rd1S1RpyhDTXZLp6fsC2uTyoeYsfna
XtkRCPEXOXYzphQPeg2SLuYh2ZZwc07k4Wg+BUbyZgZ7Jz0NoS3aZaZ26NACsShE
8Ub92NQWVGw+8EQxZjAreK9uBNRC1uFAfjVYzBZT+opEd5cXkY7d8reLLKVuEQjI
6l3Yj3PvJc7nPDMWn3IfNee/PDQBEnJc3smmy2jtl8SHPrIqiym/ywD3WQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLRYQuZ1lHBD8vCMR0tJt2rj7AIwMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnrqMGYze
PbWQiWUPoZImMmkhcAkcawKGj1s0W+Q07iKgpg9Go+En9F4W8/9K05UpamQFGC0F
nQimX1pGIzw/iCXe6k2dB/lEP8qFjVskTBhwTrwe0FOQxvQ5J3ntOLTmLqa9NWlJ
M+lOkzkSyGvxgvNuar03/CbPpmFsHTZoD1iDsjqtjg50pQPMG46Q+OmbRp39funs
Fo3jd+3m2EdaYkfM4n2m1iH9xCJ7DYTt/0uqzy/LwE6oXqvUTTbxoYezvgDU2aN/
F4HWghyZfzgQbdeKWMWwp9nTLou1Hy11R7blPA96poXLs4WYa/eFYkzyH/68eYaU
Fqm4dsb3hPSfoQ==
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:28:22 2026 by rpki-client