Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/44cf6a-dcbf-4335-9bdf-0f82c1ba1806/1/zSC8r3ISPi2fXieIazg5t0JEELc.mft
File: zSC8r3ISPi2fXieIazg5t0JEELc.mft (raw, json)
Hash identifier: fLuKd+HhwEfP+dLHw3xSgzuwcR+/nkSsB+x9Md7BPS8=
Subject key identifier: 71:27:A4:18:34:CF:E7:AD:B8:11:37:FF:0E:C4:EB:28:7D:CE:FE:59
Authority key identifier: CD:20:BC:AF:72:12:3E:2D:9F:5E:27:88:6B:38:39:B7:42:44:10:B7
Certificate issuer: /CN=cd20bcaf72123e2d9f5e27886b3839b7424410b7
Certificate serial: 019CAAC6EF38E8081B97D9ED9DEAAA0F903B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zSC8r3ISPi2fXieIazg5t0JEELc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/44cf6a-dcbf-4335-9bdf-0f82c1ba1806/1/zSC8r3ISPi2fXieIazg5t0JEELc.mft
Manifest number: 0E34
Signing time: Sun 01 Mar 2026 19:01:29 +0000
Manifest this update: Sun 01 Mar 2026 19:01:29 +0000
Manifest next update: Mon 02 Mar 2026 19:01:29 +0000
Files and hashes: 1: MxSa_Y12ZkKW1wWb8756TfNw_Aw.roa (hash: EaKZOSwf60cJtDMMGuhN9/rV4xuZMLDks62/ENEPebA=)
2: zSC8r3ISPi2fXieIazg5t0JEELc.crl (hash: l3+gtOnlEVFlo3ia+iw199bJbHt2iedUYu3UmCK1nz4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/44cf6a-dcbf-4335-9bdf-0f82c1ba1806/1/zSC8r3ISPi2fXieIazg5t0JEELc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/44cf6a-dcbf-4335-9bdf-0f82c1ba1806/1/zSC8r3ISPi2fXieIazg5t0JEELc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zSC8r3ISPi2fXieIazg5t0JEELc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:c6:ef:38:e8:08:1b:97:d9:ed:9d:ea:aa:0f:90:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd20bcaf72123e2d9f5e27886b3839b7424410b7
Validity
Not Before: Mar 1 19:01:29 2026 GMT
Not After : Mar 2 19:01:29 2026 GMT
Subject: CN=7127a41834cfe7adb81137ff0ec4eb287dcefe59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ad:64:78:23:ee:cb:04:60:ce:e2:66:d2:04:
18:a7:0c:98:5d:60:2e:e0:d0:6d:18:3f:eb:78:1c:
3f:1d:4d:3b:c7:93:cc:a8:2a:08:61:17:73:ac:aa:
17:61:f6:4b:8c:28:3a:8d:74:a2:23:5f:35:ec:d7:
33:97:02:5f:ac:cf:82:e1:af:eb:40:fd:de:48:8d:
fc:87:b1:e9:2f:71:74:3b:fb:4f:b8:f0:79:cb:ba:
b8:72:54:f6:e4:e4:1a:55:b0:13:a3:27:ae:29:fd:
b0:5e:30:32:77:b5:60:92:a0:c4:41:87:f9:96:78:
f5:85:7b:98:a6:9c:4d:59:2b:d6:e6:22:7c:3a:5f:
38:3a:0c:90:48:e2:31:3b:35:fc:f7:ba:f3:2d:76:
87:b5:b1:54:ed:74:78:b3:32:b8:7c:0f:4e:5f:e5:
e8:b6:02:17:e3:56:03:5a:a4:32:9a:e6:78:0e:31:
6f:86:3d:b4:03:6d:33:34:91:ee:de:c5:31:68:98:
2a:e3:8e:0b:3c:a1:17:78:fa:21:9a:e7:4e:f3:7d:
0d:2c:ea:f7:92:c8:0f:b7:b5:7c:ed:ce:f6:c0:1d:
74:8b:1f:cc:f0:5a:ba:87:a7:06:42:eb:b7:9c:9a:
8c:f6:12:7c:df:55:87:0c:75:70:a0:bb:a0:cd:4e:
50:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:27:A4:18:34:CF:E7:AD:B8:11:37:FF:0E:C4:EB:28:7D:CE:FE:59
X509v3 Authority Key Identifier:
keyid:CD:20:BC:AF:72:12:3E:2D:9F:5E:27:88:6B:38:39:B7:42:44:10:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zSC8r3ISPi2fXieIazg5t0JEELc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/44cf6a-dcbf-4335-9bdf-0f82c1ba1806/1/zSC8r3ISPi2fXieIazg5t0JEELc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/44cf6a-dcbf-4335-9bdf-0f82c1ba1806/1/zSC8r3ISPi2fXieIazg5t0JEELc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:83:51:05:b3:0b:a1:3d:30:3b:ec:2f:77:b1:cd:eb:8b:06:
3f:3c:ee:89:33:8f:c7:5d:4d:ad:be:05:b0:85:d4:60:77:15:
50:b4:5f:4d:2b:26:a3:b0:19:fe:3c:91:6f:48:41:0b:47:c0:
db:28:f0:83:d0:a5:3f:bf:91:3f:f4:b5:ff:f7:3c:56:24:49:
62:15:b3:a9:0b:3e:60:e0:aa:ea:f6:c4:29:45:30:3d:ad:18:
e1:da:be:07:e9:1c:50:1d:95:48:d7:45:17:8b:3f:fc:52:1c:
47:a2:d5:27:c6:c3:5a:b8:58:17:54:4f:b3:ed:cc:62:c1:99:
54:b1:f3:1b:1d:23:af:b2:78:57:41:69:af:0d:64:53:d3:57:
28:90:ae:a9:e1:52:e4:b2:2d:46:87:c1:19:b9:9e:9b:b1:9a:
0a:64:ca:59:9a:32:d8:0e:72:7e:bd:b1:87:b9:94:59:fe:b7:
b8:7e:7c:f2:8d:87:99:36:5e:ec:17:8c:64:bd:07:06:ad:0b:
ef:81:b9:1e:31:9b:a4:aa:48:18:72:ff:d7:4a:72:3a:17:dd:
eb:3f:5e:f3:2d:83:84:a9:42:62:b0:a9:90:0f:25:b7:7a:9c:
33:88:65:af:17:b4:a5:73:ba:5f:29:99:ee:9b:65:9a:ee:66:
d0:ad:9b:d0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZyqxu846Agbl9ntneqqD5A7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMjBiY2FmNzIxMjNlMmQ5ZjVlMjc4ODZiMzgzOWI3NDI0
NDEwYjcwHhcNMjYwMzAxMTkwMTI5WhcNMjYwMzAyMTkwMTI5WjAzMTEwLwYDVQQD
Eyg3MTI3YTQxODM0Y2ZlN2FkYjgxMTM3ZmYwZWM0ZWIyODdkY2VmZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp61keCPuywRgzuJm0gQYpwyYXWAu
4NBtGD/reBw/HU07x5PMqCoIYRdzrKoXYfZLjCg6jXSiI1817NczlwJfrM+C4a/r
QP3eSI38h7HpL3F0O/tPuPB5y7q4clT25OQaVbAToyeuKf2wXjAyd7VgkqDEQYf5
lnj1hXuYppxNWSvW5iJ8Ol84OgyQSOIxOzX897rzLXaHtbFU7XR4szK4fA9OX+Xo
tgIX41YDWqQymuZ4DjFvhj20A20zNJHu3sUxaJgq444LPKEXePohmudO830NLOr3
ksgPt7V87c72wB10ix/M8Fq6h6cGQuu3nJqM9hJ831WHDHVwoLugzU5QOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHEnpBg0z+etuBE3/w7E6yh9zv5ZMB8GA1UdIwQY
MBaAFM0gvK9yEj4tn14niGs4ObdCRBC3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelNDOHIzSVNQaTJmWGllSWF6ZzV0MEpFRUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy80NGNmNmEtZGNiZi00MzM1LTliZGYt
MGY4MmMxYmExODA2LzEvelNDOHIzSVNQaTJmWGllSWF6ZzV0MEpFRUxjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy80NGNmNmEtZGNiZi00MzM1LTliZGYtMGY4MmMxYmExODA2
LzEvelNDOHIzSVNQaTJmWGllSWF6ZzV0MEpFRUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4NRBbML
oT0wO+wvd7HN64sGPzzuiTOPx11Nrb4FsIXUYHcVULRfTSsmo7AZ/jyRb0hBC0fA
2yjwg9ClP7+RP/S1//c8ViRJYhWzqQs+YOCq6vbEKUUwPa0Y4dq+B+kcUB2VSNdF
F4s//FIcR6LVJ8bDWrhYF1RPs+3MYsGZVLHzGx0jr7J4V0Fprw1kU9NXKJCuqeFS
5LItRofBGbmem7GaCmTKWZoy2A5yfr2xh7mUWf63uH588o2HmTZe7BeMZL0HBq0L
74G5HjGbpKpIGHL/10pyOhfd6z9e8y2DhKlCYrCpkA8lt3qcM4hlrxe0pXO6XymZ
7ptlmu5m0K2b0A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:44:19 2026 by rpki-client