Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: 5dWiBlLCNliCPP6oEJsnJlLNT77k/KXIhFTB6DGOFCY=
Subject key identifier: 6B:46:22:44:FF:A6:D6:C4:8E:3A:E3:69:43:D2:D3:B5:89:AE:07:24
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 019D9A0740A28F93844CA6A5F0C3BC0C8B39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 18C3
Signing time: Fri 17 Apr 2026 06:00:59 +0000
Manifest this update: Fri 17 Apr 2026 06:00:59 +0000
Manifest next update: Sat 18 Apr 2026 06:00:59 +0000
Files and hashes: 1: 2WuQdzmfTzUsr5yT6_ElWI37EFQ.roa (hash: UEPfvyzT8876g2v5SGvEl+4/qaMtSPjm6N+hA2QZZSY=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: fTCPJY1L1zEzAPfbj5c44GfBkyfeIU5Y9voR40FRSZ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:07:40:a2:8f:93:84:4c:a6:a5:f0:c3:bc:0c:8b:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Apr 17 06:00:59 2026 GMT
Not After : Apr 18 06:00:59 2026 GMT
Subject: CN=6b462244ffa6d6c48e3ae36943d2d3b589ae0724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:19:83:f9:d6:90:68:03:70:14:6d:6a:85:8a:
e4:de:1e:f7:cc:3a:98:b2:14:d6:fb:cd:0c:5f:a0:
fc:7c:3e:0d:61:e7:37:75:18:51:5b:01:e2:1d:13:
23:72:ba:73:fc:99:cd:b6:3d:39:47:d6:0c:ed:bd:
a6:7d:ff:65:9f:5f:a9:60:aa:36:2c:72:7d:88:63:
cd:a4:a0:54:a0:dd:9e:6a:6a:36:93:99:30:86:ff:
72:e1:f1:ba:2b:b6:d1:49:ac:ab:7c:67:aa:29:a7:
3a:82:b3:40:aa:37:bf:7b:7f:f6:2e:19:f8:54:f8:
0e:40:1a:59:1c:aa:c1:b0:68:7d:53:7d:d4:f3:5e:
63:41:5b:79:bf:b4:6a:b6:41:2e:26:d0:65:f4:12:
e4:e0:e4:36:50:dd:a8:92:f2:ce:78:1b:08:04:1a:
50:e5:b1:af:39:98:a2:35:8b:b0:7b:e4:ac:16:cb:
4f:dd:ff:0c:b0:97:4b:73:b0:0e:3f:33:ac:76:66:
5e:0b:37:fc:45:1d:ec:c5:fa:f9:44:b2:f3:ae:1d:
64:d4:ab:20:69:ff:bf:5a:22:d8:ee:63:70:85:33:
7d:b8:b9:3c:5c:d6:34:f3:e1:37:71:ea:ab:31:93:
c8:9a:79:14:8b:86:33:0b:33:dd:21:51:55:3a:00:
c4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:46:22:44:FF:A6:D6:C4:8E:3A:E3:69:43:D2:D3:B5:89:AE:07:24
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9f:60:5b:b6:ac:55:fa:b0:bd:14:00:74:ab:f1:55:74:b4:65:
61:9a:8a:98:a2:c8:20:a3:16:19:59:4d:a8:af:b4:b0:cc:f2:
bb:f7:f0:2e:d5:0f:0b:be:a2:f5:54:d2:d5:51:a7:2a:44:12:
0b:11:27:ad:aa:8c:2e:b9:73:ff:2a:9e:c4:30:b6:16:b9:29:
e1:79:88:45:11:af:cb:7d:a2:9b:2a:48:bd:0f:fd:64:c8:e0:
dc:b6:bc:82:e8:1f:89:15:51:f5:1b:2c:a1:88:40:84:26:c9:
9b:0f:13:fb:1c:95:1c:a9:20:4b:e9:fe:19:f4:69:20:87:b9:
73:cb:31:16:da:82:df:45:91:18:bd:dc:11:76:46:35:b7:8d:
fa:44:ea:78:24:79:d1:ea:d7:89:db:cb:b8:3c:f6:68:db:37:
dd:55:5b:72:ad:1d:b1:ef:26:c0:06:90:05:95:0c:56:42:f5:
75:75:b5:d1:a6:db:45:b3:69:ce:c6:4e:c2:5b:27:60:11:94:
0e:02:e3:81:3b:74:4a:a4:7e:e7:9e:43:ea:5f:36:80:4e:ee:
57:8d:8f:92:47:80:ff:6d:63:d0:0c:40:2c:f7:eb:08:76:6f:
69:74:3f:71:8c:1a:7a:08:47:d6:47:51:7e:37:6b:c6:4f:fa:
cd:91:7c:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2aB0Cij5OETKal8MO8DIs5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjYwNDE3MDYwMDU5WhcNMjYwNDE4MDYwMDU5WjAzMTEwLwYDVQQD
Eyg2YjQ2MjI0NGZmYTZkNmM0OGUzYWUzNjk0M2QyZDNiNTg5YWUwNzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxmD+daQaANwFG1qhYrk3h73zDqY
shTW+80MX6D8fD4NYec3dRhRWwHiHRMjcrpz/JnNtj05R9YM7b2mff9ln1+pYKo2
LHJ9iGPNpKBUoN2eamo2k5kwhv9y4fG6K7bRSayrfGeqKac6grNAqje/e3/2Lhn4
VPgOQBpZHKrBsGh9U33U815jQVt5v7RqtkEuJtBl9BLk4OQ2UN2okvLOeBsIBBpQ
5bGvOZiiNYuwe+SsFstP3f8MsJdLc7AOPzOsdmZeCzf8RR3sxfr5RLLzrh1k1Ksg
af+/WiLY7mNwhTN9uLk8XNY08+E3ceqrMZPImnkUi4YzCzPdIVFVOgDECQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGtGIkT/ptbEjjrjaUPS07WJrgckMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2BbtqxV
+rC9FAB0q/FVdLRlYZqKmKLIIKMWGVlNqK+0sMzyu/fwLtUPC76i9VTS1VGnKkQS
CxEnraqMLrlz/yqexDC2Frkp4XmIRRGvy32imypIvQ/9ZMjg3La8gugfiRVR9Rss
oYhAhCbJmw8T+xyVHKkgS+n+GfRpIIe5c8sxFtqC30WRGL3cEXZGNbeN+kTqeCR5
0erXidvLuDz2aNs33VVbcq0dse8mwAaQBZUMVkL1dXW10abbRbNpzsZOwlsnYBGU
DgLjgTt0SqR+555D6l82gE7uV42PkkeA/21j0AxALPfrCHZvaXQ/cYwaeghH1kdR
fjdrxk/6zZF8Vw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:54:38 2026 by rpki-client