Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
File: ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft (raw, json)
Hash identifier: diCCs5dVn3LbuPajyBmgNCJrXRqrUJd6QHp+UeEJ5wA=
Subject key identifier: 42:18:D1:F1:36:B1:D2:E6:17:28:80:8D:A8:66:4E:33:F8:2E:44:3A
Authority key identifier: 65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A
Certificate issuer: /CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a
Certificate serial: 019CA9462405486312E5B3291457D014F903
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
Manifest number: 1504
Signing time: Sun 01 Mar 2026 12:01:12 +0000
Manifest this update: Sun 01 Mar 2026 12:01:12 +0000
Manifest next update: Mon 02 Mar 2026 12:01:12 +0000
Files and hashes: 1: GZsPzmbA--FYrc4SNgLcVzZUS58.roa (hash: gCmBdutjh3s8CjQ+XZ5HjES4JuiIxCATlIX/+TCZL7A=)
2: ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl (hash: rVzQFyVWwCecnuzrXZYk0/xwNcF8F9Uh5MCWscVqXUU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a9:46:24:05:48:63:12:e5:b3:29:14:57:d0:14:f9:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a
Validity
Not Before: Mar 1 12:01:12 2026 GMT
Not After : Mar 2 12:01:12 2026 GMT
Subject: CN=4218d1f136b1d2e61728808da8664e33f82e443a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f2:42:93:e5:f4:b6:b2:d6:9b:72:5b:44:28:
c3:fe:b4:87:fc:f0:01:45:e7:dc:b9:11:40:13:bd:
5b:f6:45:a7:2f:0e:fe:85:76:91:ac:fa:8f:bc:90:
87:78:a0:2d:c2:1f:b8:29:91:4d:a7:07:aa:ef:c0:
af:dc:77:40:3a:27:c3:46:35:dc:c3:bd:fc:c4:08:
61:34:61:e8:4f:ef:c8:7c:ee:ab:05:9a:8e:ad:9e:
eb:c7:af:80:31:21:c9:b9:31:70:08:54:33:1a:77:
15:9d:fc:d6:cb:5b:95:42:7f:d0:4c:d9:9b:9b:a2:
f5:1e:84:56:b7:f5:fe:5d:d7:20:dd:2e:78:11:09:
e3:e7:79:7f:bc:8b:9e:34:18:36:43:5e:0d:57:97:
cf:b4:ad:fe:d8:2d:9b:90:07:6a:a4:3c:b0:87:af:
38:61:d2:08:56:b5:c3:13:75:b3:ea:87:d7:81:ca:
9d:7e:1e:81:a8:6b:16:f1:d1:93:76:45:10:9d:84:
e5:0f:14:a1:92:a9:dd:38:1d:7a:8a:be:d1:c2:6f:
db:80:51:3a:2f:d7:e2:f5:a3:14:65:53:2c:20:0d:
1c:06:c2:d0:28:6c:f8:20:84:9d:6d:ef:93:59:bb:
ca:82:1c:33:8f:d1:81:bd:c3:2f:10:56:66:8c:72:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:18:D1:F1:36:B1:D2:E6:17:28:80:8D:A8:66:4E:33:F8:2E:44:3A
X509v3 Authority Key Identifier:
keyid:65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:54:6b:af:d7:12:c7:71:a2:ba:3b:da:bf:f2:29:19:e1:5d:
bd:cf:8c:5d:4b:e3:7b:e4:9f:1d:19:51:02:c9:82:50:a3:d9:
1d:c6:6a:57:a2:bb:2e:51:f9:11:c8:a6:46:34:75:ec:7f:e1:
06:d3:c4:3f:d4:3c:d6:73:e3:c0:cb:70:70:7e:70:a6:ba:f9:
f0:fb:a7:a4:8f:39:a5:b5:2f:c3:36:77:36:44:06:c1:b4:f9:
47:5c:0d:c9:eb:10:8e:41:04:e0:0f:d1:20:c6:4d:f7:77:50:
7b:ef:e4:25:09:e6:2d:95:5d:80:5e:04:ca:a9:b2:5d:36:9d:
03:f0:1e:07:59:1d:6e:8a:ba:5d:a2:78:8c:8f:a2:57:dd:a7:
1f:28:c4:a9:ca:80:6f:e1:62:78:10:3f:46:aa:bc:30:72:58:
4f:2f:98:58:e3:ff:1b:07:f6:0b:81:f4:b6:96:6d:99:ae:10:
ab:f8:c6:11:72:e0:d9:cf:4f:35:ab:65:f7:06:3f:86:e3:55:
cd:6c:1b:eb:57:59:2e:36:87:82:30:0e:57:93:9e:54:db:9d:
4c:7e:f1:97:7f:83:5b:b6:63:2f:6e:47:35:fd:fb:94:b0:49:
23:69:b3:27:8f:ae:9f:8e:42:dd:3a:2a:b8:46:3b:cf:75:d8:
c7:8b:e7:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZypRiQFSGMS5bMpFFfQFPkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDY2MzI5NTc2YzljMDFiM2NkODI4NWY0YjU0YjAxNzBk
OGMzOWEwHhcNMjYwMzAxMTIwMTEyWhcNMjYwMzAyMTIwMTEyWjAzMTEwLwYDVQQD
Eyg0MjE4ZDFmMTM2YjFkMmU2MTcyODgwOGRhODY2NGUzM2Y4MmU0NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPJCk+X0trLWm3JbRCjD/rSH/PAB
RefcuRFAE71b9kWnLw7+hXaRrPqPvJCHeKAtwh+4KZFNpweq78Cv3HdAOifDRjXc
w738xAhhNGHoT+/IfO6rBZqOrZ7rx6+AMSHJuTFwCFQzGncVnfzWy1uVQn/QTNmb
m6L1HoRWt/X+Xdcg3S54EQnj53l/vIueNBg2Q14NV5fPtK3+2C2bkAdqpDywh684
YdIIVrXDE3Wz6ofXgcqdfh6BqGsW8dGTdkUQnYTlDxShkqndOB16ir7Rwm/bgFE6
L9fi9aMUZVMsIA0cBsLQKGz4IISdbe+TWbvKghwzj9GBvcMvEFZmjHKmRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEIY0fE2sdLmFyiAjahmTjP4LkQ6MB8GA1UdIwQY
MBaAFGXWYylXbJwBs82ChfS1SwFw2MOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgt
MWU2NjUwNTEzMWNhLzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgtMWU2NjUwNTEzMWNh
LzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW1Rrr9cS
x3Giujvav/IpGeFdvc+MXUvje+SfHRlRAsmCUKPZHcZqV6K7LlH5EcimRjR17H/h
BtPEP9Q81nPjwMtwcH5wprr58PunpI85pbUvwzZ3NkQGwbT5R1wNyesQjkEE4A/R
IMZN93dQe+/kJQnmLZVdgF4EyqmyXTadA/AeB1kdboq6XaJ4jI+iV92nHyjEqcqA
b+FieBA/Rqq8MHJYTy+YWOP/Gwf2C4H0tpZtma4Qq/jGEXLg2c9PNatl9wY/huNV
zWwb61dZLjaHgjAOV5OeVNudTH7xl3+DW7ZjL25HNf37lLBJI2mzJ4+un45C3Toq
uEY7z3XYx4vn6Q==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:58:48 2026 by rpki-client