Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
File: CE964F98379F0320A7191E6D6788800535885928.mft (raw, json)
Hash identifier: A0Nm9BsebudySL4qWMsbuLL2zkuiiq/RGUFos1JsyyY=
Subject key identifier: C8:7D:04:D8:F2:26:5E:BE:BE:F1:CE:77:78:0C:D9:C1:A7:EC:18:55
Authority key identifier: CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28
Certificate issuer: /CN=ce964f98379f0320a7191e6d6788800535885928
Certificate serial: 4E08784620740608460D873C8EE132D8FF30D802
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
Manifest number: 0110
Signing time: Sun 01 Mar 2026 13:51:59 +0000
Manifest this update: Sun 01 Mar 2026 13:46:59 +0000
Manifest next update: Mon 02 Mar 2026 15:40:59 +0000
Files and hashes: 1: CE964F98379F0320A7191E6D6788800535885928.crl (hash: gn7JZ7qQ9GONuBJBZYj+lcoZDCDUhMVqUeJcVQQrrPI=)
2: AS214955.asa (hash: 9BTc33tzJ3o9p7u2GITVOlVxirs0irbQ8mfVzNdUJgc=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl
rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:08:78:46:20:74:06:08:46:0d:87:3c:8e:e1:32:d8:ff:30:d8:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce964f98379f0320a7191e6d6788800535885928
Validity
Not Before: Mar 1 13:46:59 2026 GMT
Not After : Mar 2 15:40:59 2026 GMT
Subject: CN=C87D04D8F2265EBEBEF1CE77780CD9C1A7EC1855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:66:51:90:42:be:7e:9c:23:1c:5f:84:33:02:
25:a9:42:1c:61:79:8b:86:a8:ea:95:18:cb:12:f5:
f1:81:bb:38:31:6c:ae:65:fe:31:be:27:7c:99:ad:
53:a5:b7:be:9c:bc:8b:cb:64:6f:d5:1e:86:db:d2:
da:f9:7c:41:8c:6f:4b:69:32:70:08:26:e9:10:17:
52:8a:e8:2d:c9:0c:a6:ef:3c:f1:2e:95:b8:e5:53:
7c:bb:53:0e:4a:ae:dc:44:63:3e:5a:45:2b:1b:67:
77:69:e7:60:4e:2f:d9:7a:51:c9:7f:de:1c:93:6e:
95:3b:f3:a7:c2:d0:38:a8:c8:28:26:4b:2a:f9:b3:
90:6d:9d:13:1b:5a:e0:52:61:28:5f:1a:3c:42:11:
c3:55:45:9f:c1:e2:6f:98:01:34:a4:e0:ee:2c:cb:
0f:ce:00:40:a9:cc:f8:6b:ea:c3:40:8d:4a:c9:9e:
a4:74:a3:c7:60:b8:20:36:6e:89:e3:c5:a8:cd:d0:
2d:11:5a:4e:48:17:10:3b:7d:58:80:c8:0c:17:89:
64:9c:d1:39:e3:35:73:01:8a:1f:22:4a:15:9c:20:
da:ce:79:6a:a2:2d:d2:bd:18:5b:13:fc:f2:bf:db:
d6:b6:f8:5d:13:51:96:c4:f3:d7:ca:1d:30:0a:a1:
4b:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:7D:04:D8:F2:26:5E:BE:BE:F1:CE:77:78:0C:D9:C1:A7:EC:18:55
X509v3 Authority Key Identifier:
keyid:CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:c0:6a:de:08:c7:a8:17:ad:df:fa:7e:bd:33:06:89:83:18:
cc:e1:84:65:6b:f2:39:f8:30:31:13:64:f1:da:9f:aa:ff:9f:
8e:4a:6a:f4:ba:37:61:5c:01:1d:ee:19:29:7f:5b:41:81:93:
1a:3c:79:b4:00:7e:5c:ee:ca:0a:9f:e7:5f:fe:6f:5e:d0:63:
5f:93:56:c4:f8:b9:1d:9c:ed:16:ae:61:3d:ac:1d:9b:6c:89:
81:94:a9:da:7d:9d:f3:4c:ef:5e:a7:fc:a6:c2:31:4e:25:28:
d4:59:ea:53:d8:9b:a0:fe:bf:d2:7b:f8:3a:65:ad:cc:6f:5e:
d7:05:53:c4:89:f8:69:9c:ba:b8:f1:f1:f3:2b:8b:97:91:6c:
fa:e5:ce:d5:93:5e:79:38:fe:4e:01:fe:c5:01:75:c8:68:9a:
85:f4:90:49:46:9b:f5:34:3a:d7:ad:f8:97:e6:13:f1:d0:b1:
f3:61:22:17:e5:57:83:01:c1:40:bd:48:3e:36:4b:a3:e1:0f:
01:bd:3c:fe:d2:ee:e7:61:e1:59:2f:6d:c6:23:d0:d7:d5:82:
4d:75:04:49:89:3d:4b:60:c9:69:d3:23:c5:f1:84:d7:d7:03:
37:3e:4b:65:60:7f:53:dc:53:0d:eb:a2:40:ac:61:2e:50:9f:
49:c5:e5:c1
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIUTgh4RiB0BghGDYc8juEy2P8w2AIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2U5NjRmOTgzNzlmMDMyMGE3MTkxZTZkNjc4ODgwMDUz
NTg4NTkyODAeFw0yNjAzMDExMzQ2NTlaFw0yNjAzMDIxNTQwNTlaMDMxMTAvBgNV
BAMTKEM4N0QwNEQ4RjIyNjVFQkVCRUYxQ0U3Nzc4MENEOUMxQTdFQzE4NTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXZlGQQr5+nCMcX4QzAiWpQhxh
eYuGqOqVGMsS9fGBuzgxbK5l/jG+J3yZrVOlt76cvIvLZG/VHobb0tr5fEGMb0tp
MnAIJukQF1KK6C3JDKbvPPEulbjlU3y7Uw5KrtxEYz5aRSsbZ3dp52BOL9l6Ucl/
3hyTbpU786fC0DioyCgmSyr5s5BtnRMbWuBSYShfGjxCEcNVRZ/B4m+YATSk4O4s
yw/OAECpzPhr6sNAjUrJnqR0o8dguCA2bonjxajN0C0RWk5IFxA7fViAyAwXiWSc
0TnjNXMBih8iShWcINrOeWqiLdK9GFsT/PK/29a2+F0TUZbE89fKHTAKoUvpAgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUyH0E2PImXr6+8c53eAzZwafsGFUwHwYDVR0j
BBgwFoAUzpZPmDefAyCnGR5tZ4iABTWIWSgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2Y5OWU2NmQtNGM3Yi00MTMwLTkxZDUtNGZiZDg0MzU3
NzkyLzAvQ0U5NjRGOTgzNzlGMDMyMEE3MTkxRTZENjc4ODgwMDUzNTg4NTkyOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3pwWlBtRGVmQXlDbkdSNXRaNGlBQlRX
SVdTZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zZjk5ZTY2ZC00
YzdiLTQxMzAtOTFkNS00ZmJkODQzNTc3OTIvMC9DRTk2NEY5ODM3OUYwMzIwQTcx
OTFFNkQ2Nzg4ODAwNTM1ODg1OTI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYsBq3gjHqBet3/p+vTMG
iYMYzOGEZWvyOfgwMRNk8dqfqv+fjkpq9Lo3YVwBHe4ZKX9bQYGTGjx5tAB+XO7K
Cp/nX/5vXtBjX5NWxPi5HZztFq5hPawdm2yJgZSp2n2d80zvXqf8psIxTiUo1Fnq
U9iboP6/0nv4OmWtzG9e1wVTxIn4aZy6uPHx8yuLl5Fs+uXO1ZNeeTj+TgH+xQF1
yGiahfSQSUab9TQ61634l+YT8dCx82EiF+VXgwHBQL1IPjZLo+EPAb08/tLu52Hh
WS9txiPQ19WCTXUESYk9S2DJadMjxfGE19cDNz5LZWB/U9xTDeuiQKxhLlCfScXl
wQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:25:01 2026 by rpki-client