Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
File: ZKDbECcDCCx8pVSrtbInYAGNVj8.mft (raw, json)
Hash identifier: nyDC4N77RW9XWi6os6gDBKaE8SbYF2g3gOKCWEZsXE0=
Subject key identifier: 7F:01:5A:66:97:E5:DF:5D:CB:A5:4E:25:EF:56:AF:F5:FA:8D:10:57
Authority key identifier: 64:A0:DB:10:27:03:08:2C:7C:A5:54:AB:B5:B2:27:60:01:8D:56:3F
Certificate issuer: /CN=64a0db102703082c7ca554abb5b22760018d563f
Certificate serial: 019A71EEBC1A5F3DAC4156478DB7FEF13543
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:01:02 +0000
Manifest this update: Tue 11 Nov 2025 08:01:02 +0000
Manifest next update: Wed 12 Nov 2025 08:01:02 +0000
Files and hashes: 1: ZKDbECcDCCx8pVSrtbInYAGNVj8.crl (hash: tVJZslrgC3cJ+RTUBMHoPMvNe1e5GnJAVIXpBzHZMYc=)
2: tClIzpB8AXYvJfeCisA8HxpOd74.roa (hash: sXbqNinLjTETFbK42QOaktsLVCyYHDlotZvPtCRaxBU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:bc:1a:5f:3d:ac:41:56:47:8d:b7:fe:f1:35:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64a0db102703082c7ca554abb5b22760018d563f
Validity
Not Before: Nov 11 08:01:02 2025 GMT
Not After : Nov 12 08:01:02 2025 GMT
Subject: CN=7f015a6697e5df5dcba54e25ef56aff5fa8d1057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ff:6a:83:8d:0d:42:8a:a2:f7:13:49:64:bb:
a5:61:87:2c:15:9f:11:14:75:65:ae:56:8a:83:a7:
74:a0:f3:74:78:3c:59:ef:79:ec:4a:3c:2b:c4:42:
26:f2:16:07:7c:3e:88:7e:1b:b0:91:58:2f:0c:52:
c8:22:08:b6:3f:d4:9b:5b:3e:00:0f:72:6e:24:87:
27:a1:62:bd:2e:16:e3:5c:0e:c8:e9:4d:a4:b6:df:
2a:59:70:22:20:92:9c:ed:4f:b3:f5:6d:3a:49:55:
66:eb:c2:c2:32:d4:ed:30:33:2e:a1:c0:2c:db:fa:
83:bc:65:fd:c4:c4:3e:42:80:8a:41:a8:2b:0a:d0:
fd:f1:60:09:a9:4f:46:ce:4d:0a:49:da:1c:da:66:
83:20:9a:71:86:7e:b9:86:b3:fc:07:8e:19:8d:d9:
3c:3e:6d:33:f1:3e:13:eb:5a:a2:70:77:b4:19:be:
ad:3a:2e:24:37:cd:77:9d:c6:fe:19:8d:75:d7:d3:
05:b8:92:9d:2d:75:24:4c:8f:c1:c6:2f:d8:c3:3d:
49:0d:2a:8e:70:13:a9:c8:8e:b6:f0:ef:be:47:bd:
82:5a:02:08:f4:24:8e:01:ba:b2:8c:0d:ae:ce:ab:
d0:2c:47:87:61:24:ca:26:c2:c2:f1:ae:7c:9f:b1:
04:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:01:5A:66:97:E5:DF:5D:CB:A5:4E:25:EF:56:AF:F5:FA:8D:10:57
X509v3 Authority Key Identifier:
keyid:64:A0:DB:10:27:03:08:2C:7C:A5:54:AB:B5:B2:27:60:01:8D:56:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKDbECcDCCx8pVSrtbInYAGNVj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/f9a00a-84ee-47a0-9ea1-f179db5f04b6/1/ZKDbECcDCCx8pVSrtbInYAGNVj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:ec:1d:3b:36:d3:05:6c:a0:a7:db:3d:9b:50:f8:37:78:91:
22:20:9c:24:ef:49:74:0d:67:9f:13:c5:5f:80:19:bc:e8:fe:
d8:5f:98:ca:b8:3a:42:3f:3b:ec:77:91:98:8c:18:28:1f:04:
35:c1:12:08:c1:29:30:ee:32:81:ba:3f:17:67:44:ca:b6:b4:
5d:89:a0:0f:97:fa:57:e2:0e:e2:6c:d1:b3:a1:f0:bb:9c:0f:
3b:f6:b1:de:30:8d:84:0d:13:9e:05:9a:95:45:23:01:cc:15:
ac:e3:c0:73:90:27:4d:48:fc:0c:0b:c4:a1:48:18:c7:db:00:
ec:a0:eb:d1:98:3e:95:2f:67:9f:44:c8:30:6d:1d:70:ef:bf:
3b:5a:bc:cb:64:b3:05:75:54:39:52:81:97:16:b0:ea:66:65:
21:f0:f2:1b:dd:a6:35:9c:69:fa:e7:64:af:ea:88:64:99:a3:
4e:37:10:53:bc:4f:22:2a:58:3b:f3:96:86:56:87:58:c3:5e:
9a:40:19:86:26:e5:95:85:60:93:ed:06:53:4c:0a:bf:d3:8a:
7f:a0:25:f7:d4:4f:b3:6c:32:e2:78:7b:03:59:81:c1:6f:bf:
46:9c:91:de:28:bd:57:02:ae:bc:b5:00:dd:ef:20:0b:e5:11:
34:91:0c:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rwaXz2sQVZHjbf+8TVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0YTBkYjEwMjcwMzA4MmM3Y2E1NTRhYmI1YjIyNzYwMDE4
ZDU2M2YwHhcNMjUxMTExMDgwMTAyWhcNMjUxMTEyMDgwMTAyWjAzMTEwLwYDVQQD
Eyg3ZjAxNWE2Njk3ZTVkZjVkY2JhNTRlMjVlZjU2YWZmNWZhOGQxMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv9qg40NQoqi9xNJZLulYYcsFZ8R
FHVlrlaKg6d0oPN0eDxZ73nsSjwrxEIm8hYHfD6IfhuwkVgvDFLIIgi2P9SbWz4A
D3JuJIcnoWK9LhbjXA7I6U2ktt8qWXAiIJKc7U+z9W06SVVm68LCMtTtMDMuocAs
2/qDvGX9xMQ+QoCKQagrCtD98WAJqU9Gzk0KSdoc2maDIJpxhn65hrP8B44Zjdk8
Pm0z8T4T61qicHe0Gb6tOi4kN813ncb+GY1119MFuJKdLXUkTI/Bxi/Ywz1JDSqO
cBOpyI628O++R72CWgII9CSOAbqyjA2uzqvQLEeHYSTKJsLC8a58n7EExQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH8BWmaX5d9dy6VOJe9Wr/X6jRBXMB8GA1UdIwQY
MBaAFGSg2xAnAwgsfKVUq7WyJ2ABjVY/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9mOWEwMGEtODRlZS00N2EwLTllYTEt
ZjE3OWRiNWYwNGI2LzEvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9mOWEwMGEtODRlZS00N2EwLTllYTEtZjE3OWRiNWYwNGI2
LzEvWktEYkVDY0RDQ3g4cFZTcnRiSW5ZQUdOVmo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN+wdOzbT
BWygp9s9m1D4N3iRIiCcJO9JdA1nnxPFX4AZvOj+2F+Yyrg6Qj877HeRmIwYKB8E
NcESCMEpMO4ygbo/F2dEyra0XYmgD5f6V+IO4mzRs6Hwu5wPO/ax3jCNhA0TngWa
lUUjAcwVrOPAc5AnTUj8DAvEoUgYx9sA7KDr0Zg+lS9nn0TIMG0dcO+/O1q8y2Sz
BXVUOVKBlxaw6mZlIfDyG92mNZxp+udkr+qIZJmjTjcQU7xPIipYO/OWhlaHWMNe
mkAZhibllYVgk+0GU0wKv9OKf6Al99RPs2wy4nh7A1mBwW+/RpyR3ii9VwKuvLUA
3e8gC+URNJEMhA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:40 2025 by rpki-client