Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
File: ZAsfh3LG70hOLNLWYmPy75j6OWg.mft (raw, json)
Hash identifier: +0XidnIBGpRW9kPBdeYFUrDheelL1RQDKT6JqR6YaGQ=
Subject key identifier: C7:FA:9D:1F:D4:9B:FD:02:1A:BD:55:98:D5:84:1F:BE:45:60:FE:20
Authority key identifier: 64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
Certificate issuer: /CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Certificate serial: 019CAC7DCAF360B0A58DBE6A9A0554A59DD3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
Manifest number: 1847
Signing time: Mon 02 Mar 2026 03:00:50 +0000
Manifest this update: Mon 02 Mar 2026 03:00:50 +0000
Manifest next update: Tue 03 Mar 2026 03:00:50 +0000
Files and hashes: 1: DU8OixuQSBT4wDmFxWVtjuElegU.roa (hash: fAA3Up2hh08gKhdkTQ9YAofCRj3IfUFUPtWpnzTKD+E=)
2: ZAsfh3LG70hOLNLWYmPy75j6OWg.crl (hash: fKUdoVzYsTwpg/EcMV+trIMfp8NQ69njrjMcrqxKV7g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ac:7d:ca:f3:60:b0:a5:8d:be:6a:9a:05:54:a5:9d:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Validity
Not Before: Mar 2 03:00:50 2026 GMT
Not After : Mar 3 03:00:50 2026 GMT
Subject: CN=c7fa9d1fd49bfd021abd5598d5841fbe4560fe20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:81:ed:5d:bf:ea:44:8c:6e:06:70:46:04:b8:
32:83:8f:e3:1f:06:c8:3b:1b:30:59:ec:f6:b6:d8:
5b:13:3f:66:76:a1:7c:08:cb:ff:99:6a:e9:34:e1:
76:2e:1d:85:de:83:38:68:82:27:4a:24:90:ed:5b:
07:69:fc:96:a3:da:e5:95:65:c0:75:64:86:bc:10:
7a:81:09:0d:c8:8d:88:5c:82:52:9b:2f:29:ac:41:
42:6e:46:56:c8:d2:fb:4a:2a:e1:df:a4:17:44:03:
9e:bc:39:fe:75:24:3f:a0:76:24:c4:69:d2:6f:31:
40:0e:b0:b5:a1:0f:10:55:e3:da:3c:31:42:12:73:
3d:6f:c7:a2:e6:d4:31:52:de:8c:55:04:9b:d9:c1:
11:4e:3e:ee:0f:40:44:c1:c9:a4:8b:f0:56:0d:a7:
fb:a0:3f:cd:15:16:64:80:bf:b6:0b:84:ba:d0:e8:
18:c8:24:49:88:d0:be:92:3e:3e:28:b1:59:b2:2f:
b9:6b:fd:13:9a:6d:8f:fc:29:57:03:19:9d:39:da:
bd:bf:71:b1:5e:fa:7b:41:4e:90:30:14:3c:64:31:
cf:b9:58:9f:41:52:dc:68:e2:19:18:2f:fc:a6:a5:
a8:77:f8:1b:1b:5a:35:87:68:a6:f9:4c:68:b3:8a:
a4:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:FA:9D:1F:D4:9B:FD:02:1A:BD:55:98:D5:84:1F:BE:45:60:FE:20
X509v3 Authority Key Identifier:
keyid:64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3a:2b:16:88:df:5d:f3:8c:23:71:40:f5:26:c7:8c:6c:dc:87:
98:5b:8f:c3:7f:fc:9c:e5:85:6c:a3:41:50:92:5b:e8:db:f6:
bd:fc:bf:6e:7c:27:f2:6a:c5:4e:76:41:f1:de:1d:55:ba:35:
8d:6e:78:42:bf:c6:59:a4:5e:f6:73:a2:b1:6e:ab:7f:b2:fe:
5c:13:9a:c8:5c:d4:5f:13:4d:cb:bb:45:b9:d1:50:cf:1c:f3:
c0:3d:cf:ed:a7:66:5d:6c:7a:26:7b:59:06:a3:76:c3:b5:04:
69:27:c4:bd:d3:b1:19:24:60:41:2f:f1:9f:ca:f0:4d:8c:07:
5b:35:74:39:5d:7d:85:d8:b3:1a:3c:c5:6c:df:c8:c6:21:ff:
fa:21:91:d6:c1:84:21:3f:54:73:36:7d:4e:0b:0a:4c:44:52:
94:62:01:04:34:22:0b:5d:5c:a3:08:72:01:a5:ff:7e:c3:26:
6a:93:7f:15:b2:97:25:2e:2c:d1:39:62:22:b9:a5:85:cc:ad:
2f:a6:a9:57:43:7f:1e:f8:81:1c:76:af:a7:9d:fc:11:0b:57:
c7:39:51:80:f9:a6:28:b6:42:14:44:5f:88:a1:d9:57:23:60:
51:5a:7c:e3:cc:e4:ff:98:b6:a5:8c:6a:d7:69:bf:78:39:db:
d4:00:74:7e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZysfcrzYLCljb5qmgVUpZ3TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MGIxZjg3NzJjNmVmNDg0ZTJjZDJkNjYyNjNmMmVmOThm
YTM5NjgwHhcNMjYwMzAyMDMwMDUwWhcNMjYwMzAzMDMwMDUwWjAzMTEwLwYDVQQD
EyhjN2ZhOWQxZmQ0OWJmZDAyMWFiZDU1OThkNTg0MWZiZTQ1NjBmZTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4HtXb/qRIxuBnBGBLgyg4/jHwbI
OxswWez2tthbEz9mdqF8CMv/mWrpNOF2Lh2F3oM4aIInSiSQ7VsHafyWo9rllWXA
dWSGvBB6gQkNyI2IXIJSmy8prEFCbkZWyNL7Sirh36QXRAOevDn+dSQ/oHYkxGnS
bzFADrC1oQ8QVePaPDFCEnM9b8ei5tQxUt6MVQSb2cERTj7uD0BEwcmki/BWDaf7
oD/NFRZkgL+2C4S60OgYyCRJiNC+kj4+KLFZsi+5a/0Tmm2P/ClXAxmdOdq9v3Gx
Xvp7QU6QMBQ8ZDHPuVifQVLcaOIZGC/8pqWod/gbG1o1h2im+Uxos4qkTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMf6nR/Um/0CGr1VmNWEH75FYP4gMB8GA1UdIwQY
MBaAFGQLH4dyxu9ITizS1mJj8u+Y+jloMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQt
Mzg3YWZhMGE1MzRmLzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQtMzg3YWZhMGE1MzRm
LzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOisWiN9d
84wjcUD1JseMbNyHmFuPw3/8nOWFbKNBUJJb6Nv2vfy/bnwn8mrFTnZB8d4dVbo1
jW54Qr/GWaRe9nOisW6rf7L+XBOayFzUXxNNy7tFudFQzxzzwD3P7admXWx6JntZ
BqN2w7UEaSfEvdOxGSRgQS/xn8rwTYwHWzV0OV19hdizGjzFbN/IxiH/+iGR1sGE
IT9UczZ9TgsKTERSlGIBBDQiC11cowhyAaX/fsMmapN/FbKXJS4s0TliIrmlhcyt
L6apV0N/HviBHHavp538EQtXxzlRgPmmKLZCFERfiKHZVyNgUVp848zk/5i2pYxq
12m/eDnb1AB0fg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:16:46 2026 by rpki-client