Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
File: ZD2vEi46h6yqb9tiw1olKhmaWNk.mft (raw, json)
Hash identifier: JB8LB2xj1xxbZcuyf49xOpGIT0AARti1beS5h9v2U5o=
Subject key identifier: 8D:1F:3F:0D:C7:02:FC:3B:66:36:FC:27:FD:51:23:9A:91:E2:FE:57
Authority key identifier: 64:3D:AF:12:2E:3A:87:AC:AA:6F:DB:62:C3:5A:25:2A:19:9A:58:D9
Certificate issuer: /CN=643daf122e3a87acaa6fdb62c35a252a199a58d9
Certificate serial: 019A725C89BFFBFEB1F8FE3CD830FD414A66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
Manifest number: 0EA2
Signing time: Tue 11 Nov 2025 10:00:58 +0000
Manifest this update: Tue 11 Nov 2025 10:00:58 +0000
Manifest next update: Wed 12 Nov 2025 10:00:58 +0000
Files and hashes: 1: 5y54voFpQemaWdhJdL3R6I-ZfdY.roa (hash: 0q0hdM7ItmEN9aXgu0xUxeLxjebZjyz7UrwOiAMpRFI=)
2: ZD2vEi46h6yqb9tiw1olKhmaWNk.crl (hash: TFt34L06iyCS3mmS9HrYFFB9aYzDydyNTZ7BpNIzn1U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:89:bf:fb:fe:b1:f8:fe:3c:d8:30:fd:41:4a:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643daf122e3a87acaa6fdb62c35a252a199a58d9
Validity
Not Before: Nov 11 10:00:58 2025 GMT
Not After : Nov 12 10:00:58 2025 GMT
Subject: CN=8d1f3f0dc702fc3b6636fc27fd51239a91e2fe57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:76:29:ae:3a:b8:67:a3:c3:c4:e5:a6:dc:7a:
48:17:5d:2a:78:0f:40:ed:05:17:92:ce:d7:46:8b:
56:6a:0b:df:12:dc:a1:ea:ca:b4:b3:e4:25:40:6f:
87:fa:99:d5:8e:ec:8b:3f:6a:44:c4:9d:7d:5f:82:
55:7f:c3:48:28:a5:5e:f9:67:4f:84:ec:c5:cb:98:
ac:36:ae:5c:fa:c4:0e:31:67:f8:d1:97:ab:f2:41:
a2:63:e5:2f:83:02:dd:fd:98:c9:ce:7e:f1:08:97:
87:a7:d1:db:f3:16:a2:ab:50:8f:61:62:41:82:31:
dd:66:d7:19:ba:61:16:a6:19:06:1d:a0:96:02:ae:
4d:ec:67:f9:d4:70:a0:59:eb:ab:e0:59:38:4f:6e:
94:0d:71:d2:7d:da:5b:e3:6b:3b:0b:f0:28:25:cd:
0b:dd:1c:ce:82:76:93:21:d9:27:89:6a:2f:37:4e:
fd:7c:ba:4e:74:93:b4:72:d7:11:d7:d9:f6:87:6c:
83:87:a9:f7:23:08:8d:72:a4:bb:c0:fc:d2:03:89:
6c:4e:b2:d8:ef:28:9e:12:39:3a:36:a9:56:da:1b:
c4:d7:02:6e:de:c7:fb:c8:f3:58:e7:74:e1:28:ca:
9c:0a:f5:84:c1:11:f4:fe:5f:4b:cf:0f:2a:bc:b7:
e6:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:1F:3F:0D:C7:02:FC:3B:66:36:FC:27:FD:51:23:9A:91:E2:FE:57
X509v3 Authority Key Identifier:
keyid:64:3D:AF:12:2E:3A:87:AC:AA:6F:DB:62:C3:5A:25:2A:19:9A:58:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
73:ab:fc:39:7a:bd:1a:0b:20:e5:f8:26:38:81:6a:62:b6:83:
e0:20:e3:7b:dc:ae:94:86:04:43:7f:6e:ba:c9:09:cd:8e:60:
e8:d2:2f:e6:ee:45:6c:3f:00:f5:8e:62:ab:7f:23:28:5a:22:
b6:d0:8c:d5:8b:e3:da:42:1f:be:25:76:e6:0d:bb:53:6b:b5:
ab:45:75:47:01:5e:5a:f2:a7:c9:4c:31:1b:63:c6:d7:29:4c:
df:9e:85:c3:ba:b6:bb:b3:29:cf:fa:4b:18:8d:88:5f:d4:b9:
4d:1f:6b:0d:3a:a9:d9:46:5a:3a:af:36:3a:b2:7d:61:6d:ca:
9f:68:ba:fc:64:bc:72:70:cd:32:83:fe:51:1b:d9:16:7a:04:
28:62:31:fd:39:95:7f:91:aa:81:d8:a9:35:37:64:47:ef:b8:
46:37:d1:00:03:59:65:9c:db:ca:52:b9:3d:27:a8:21:1f:18:
aa:2c:70:d3:67:62:5b:3e:ef:fd:03:3c:60:e3:a8:b7:5e:41:
de:81:3c:c9:53:0a:2a:ae:98:da:3d:6e:e0:54:c9:df:29:b3:
fe:d0:24:a5:c7:1f:1a:4b:73:1b:44:de:f0:bb:7d:88:8d:38:
73:0e:f1:3b:52:d0:a0:a6:c5:ce:f1:81:51:13:08:65:93:8a:
e8:15:87:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXIm/+/6x+P482DD9QUpmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2RhZjEyMmUzYTg3YWNhYTZmZGI2MmMzNWEyNTJhMTk5
YTU4ZDkwHhcNMjUxMTExMTAwMDU4WhcNMjUxMTEyMTAwMDU4WjAzMTEwLwYDVQQD
Eyg4ZDFmM2YwZGM3MDJmYzNiNjYzNmZjMjdmZDUxMjM5YTkxZTJmZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnYprjq4Z6PDxOWm3HpIF10qeA9A
7QUXks7XRotWagvfEtyh6sq0s+QlQG+H+pnVjuyLP2pExJ19X4JVf8NIKKVe+WdP
hOzFy5isNq5c+sQOMWf40Zer8kGiY+UvgwLd/ZjJzn7xCJeHp9Hb8xaiq1CPYWJB
gjHdZtcZumEWphkGHaCWAq5N7Gf51HCgWeur4Fk4T26UDXHSfdpb42s7C/AoJc0L
3RzOgnaTIdkniWovN079fLpOdJO0ctcR19n2h2yDh6n3IwiNcqS7wPzSA4lsTrLY
7yieEjk6NqlW2hvE1wJu3sf7yPNY53ThKMqcCvWEwRH0/l9Lzw8qvLfmLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0fPw3HAvw7Zjb8J/1RI5qR4v5XMB8GA1UdIwQY
MBaAFGQ9rxIuOoesqm/bYsNaJSoZmljZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lZDNkNGEtNzA0Zi00YWE0LTgyMWYt
ZGNkNWU5NDc4MDg0LzEvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9lZDNkNGEtNzA0Zi00YWE0LTgyMWYtZGNkNWU5NDc4MDg0
LzEvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc6v8OXq9
Ggsg5fgmOIFqYraD4CDje9yulIYEQ39uuskJzY5g6NIv5u5FbD8A9Y5iq38jKFoi
ttCM1Yvj2kIfviV25g27U2u1q0V1RwFeWvKnyUwxG2PG1ylM356Fw7q2u7Mpz/pL
GI2IX9S5TR9rDTqp2UZaOq82OrJ9YW3Kn2i6/GS8cnDNMoP+URvZFnoEKGIx/TmV
f5GqgdipNTdkR++4RjfRAANZZZzbylK5PSeoIR8Yqixw02diWz7v/QM8YOOot15B
3oE8yVMKKq6Y2j1u4FTJ3ymz/tAkpccfGktzG0Te8Lt9iI04cw7xO1LQoKbFzvGB
URMIZZOK6BWHaA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:22 2025 by rpki-client