Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
File: ZhBOT32fONjiKi0yvgGQMZMMGkc.mft (raw, json)
Hash identifier: a1E7+4XZE+xOmUtn2q7dv6C1jQYTslQ7XFTb+raoC6c=
Subject key identifier: 86:C7:47:5D:4D:9E:1E:6C:4D:A0:91:6D:8A:A0:7F:76:4F:73:BD:0A
Authority key identifier: 66:10:4E:4F:7D:9F:38:D8:E2:2A:2D:32:BE:01:90:31:93:0C:1A:47
Certificate issuer: /CN=66104e4f7d9f38d8e22a2d32be019031930c1a47
Certificate serial: 019A71EE8BC0FAA98A786DA9781CFEC8D704
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:00:50 +0000
Manifest this update: Tue 11 Nov 2025 08:00:50 +0000
Manifest next update: Wed 12 Nov 2025 08:00:50 +0000
Files and hashes: 1: CBx-FeJj7z4oTrZiVmY-MbHnzM4.roa (hash: 1bONPKFzyDS/3APoxZR25vqyDAsgCQifSMXpTfL4F0s=)
2: WxxzockSF-0jbEBubYwjKIfgtaw.roa (hash: uNom3cZ42KKzlsjBXTYNfCi+Ksse/PrjCfplRbo7jWE=)
3: ZhBOT32fONjiKi0yvgGQMZMMGkc.crl (hash: 7ZPV8LaVsq1ph5ubX/PPRD+p6K7mhDQ4mzIGxoTieo4=)
4: hAuohYiSHygUFUxTjuX1SWN5QDE.roa (hash: MotGMSUysnMBdzXEwoyDH1EBq/l4jrQRez7lyisrMeA=)
5: n6ANVJpjfADW-mInHpVlhLdkL5w.roa (hash: E28ZlsfhOnBkyIyOKkYfx6xyMrKE5R52d/SAANOKtIs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:8b:c0:fa:a9:8a:78:6d:a9:78:1c:fe:c8:d7:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66104e4f7d9f38d8e22a2d32be019031930c1a47
Validity
Not Before: Nov 11 08:00:50 2025 GMT
Not After : Nov 12 08:00:50 2025 GMT
Subject: CN=86c7475d4d9e1e6c4da0916d8aa07f764f73bd0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:17:e9:1d:7f:66:f9:ab:a8:43:f8:71:c9:1d:
2f:ef:c4:5a:47:c4:25:19:44:69:3d:5c:fb:33:af:
61:26:7e:c7:16:57:ed:61:26:7c:bd:a7:2b:f3:35:
6d:42:ac:96:11:bb:5d:97:76:7a:62:04:9b:41:df:
09:f7:98:53:4d:c2:33:92:ed:75:b6:06:5c:a0:d3:
ec:a9:40:0c:a3:5a:52:97:42:11:7a:6e:b0:5a:02:
8b:c1:ff:d8:05:7d:e7:ab:24:c3:ff:02:12:fc:ef:
3c:34:70:d1:09:42:71:79:85:20:87:bd:5c:7b:f3:
9d:54:22:3d:0e:fc:e3:91:53:f4:66:3f:81:32:19:
f8:e0:29:9c:2f:b4:f9:37:16:d7:a1:59:48:41:b2:
24:a6:e6:c4:c5:5a:64:00:d2:a2:e6:5e:22:0c:75:
cc:14:9b:a4:b5:16:1c:57:c0:9d:d7:e5:7f:bd:b3:
de:be:bf:12:58:6f:6d:af:f2:04:82:1a:1b:68:79:
4e:13:50:a7:19:40:1f:09:fc:b7:45:79:ec:1b:f6:
ca:e8:b0:93:50:6f:5a:25:57:da:92:8b:6f:92:19:
9d:a5:54:c8:26:0e:98:a6:f7:35:8d:c1:04:c6:ef:
1a:ec:94:f3:b0:2d:a1:ee:ec:1b:36:11:29:62:9b:
db:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C7:47:5D:4D:9E:1E:6C:4D:A0:91:6D:8A:A0:7F:76:4F:73:BD:0A
X509v3 Authority Key Identifier:
keyid:66:10:4E:4F:7D:9F:38:D8:E2:2A:2D:32:BE:01:90:31:93:0C:1A:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
07:38:b5:95:fc:8c:17:fe:47:ee:09:fe:5a:71:b4:af:74:f2:
e2:c8:57:36:74:69:e9:d5:da:c1:5e:ca:15:bb:43:e6:6e:04:
d1:c3:43:3e:15:83:8d:17:3e:c1:a0:9e:d7:58:7d:d7:f1:98:
c9:3a:7c:f9:c0:70:33:93:9e:4e:49:e3:70:ef:91:04:02:1d:
cd:f5:37:8c:d7:37:2b:44:39:42:0c:a5:a2:ed:64:4a:f2:27:
7b:8d:72:c5:e3:00:9c:8e:21:ff:02:c1:42:1c:25:80:e5:f6:
87:8b:66:bd:5e:e3:38:d2:60:cc:35:90:76:7c:32:b7:72:51:
1d:35:d0:8f:32:da:80:5a:de:85:a6:31:26:05:54:ff:df:48:
aa:92:f1:dd:76:28:0e:dd:cf:f6:e5:0c:45:8b:45:1f:86:3d:
a5:53:ec:30:77:a1:40:a0:33:0f:81:8f:81:93:08:d5:c6:df:
e7:58:b0:e9:71:40:8a:b9:3d:8e:34:05:9c:9c:0a:26:1b:b4:
f9:19:7d:37:ae:fd:13:90:b3:f2:86:2d:b4:f1:50:d2:b8:39:
71:71:54:c0:ae:ae:c0:08:38:ad:96:3a:d9:6d:0c:b8:dd:d2:
7b:63:30:0b:c0:c7:fb:71:3e:ca:af:24:e0:9c:89:c8:b5:3b:
50:3a:6a:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7ovA+qmKeG2peBz+yNcEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTA0ZTRmN2Q5ZjM4ZDhlMjJhMmQzMmJlMDE5MDMxOTMw
YzFhNDcwHhcNMjUxMTExMDgwMDUwWhcNMjUxMTEyMDgwMDUwWjAzMTEwLwYDVQQD
Eyg4NmM3NDc1ZDRkOWUxZTZjNGRhMDkxNmQ4YWEwN2Y3NjRmNzNiZDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RfpHX9m+auoQ/hxyR0v78RaR8Ql
GURpPVz7M69hJn7HFlftYSZ8vacr8zVtQqyWEbtdl3Z6YgSbQd8J95hTTcIzku11
tgZcoNPsqUAMo1pSl0IRem6wWgKLwf/YBX3nqyTD/wIS/O88NHDRCUJxeYUgh71c
e/OdVCI9DvzjkVP0Zj+BMhn44CmcL7T5NxbXoVlIQbIkpubExVpkANKi5l4iDHXM
FJuktRYcV8Cd1+V/vbPevr8SWG9tr/IEghobaHlOE1CnGUAfCfy3RXnsG/bK6LCT
UG9aJVfakotvkhmdpVTIJg6Ypvc1jcEExu8a7JTzsC2h7uwbNhEpYpvbUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIbHR11Nnh5sTaCRbYqgf3ZPc70KMB8GA1UdIwQY
MBaAFGYQTk99nzjY4iotMr4BkDGTDBpHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84MmQyMjItMjIwMi00NWYyLWI5MDQt
NDc0NzJlZDNiZWNiLzEvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84MmQyMjItMjIwMi00NWYyLWI5MDQtNDc0NzJlZDNiZWNi
LzEvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABzi1lfyM
F/5H7gn+WnG0r3Ty4shXNnRp6dXawV7KFbtD5m4E0cNDPhWDjRc+waCe11h91/GY
yTp8+cBwM5OeTknjcO+RBAIdzfU3jNc3K0Q5Qgylou1kSvIne41yxeMAnI4h/wLB
QhwlgOX2h4tmvV7jONJgzDWQdnwyt3JRHTXQjzLagFrehaYxJgVU/99IqpLx3XYo
Dt3P9uUMRYtFH4Y9pVPsMHehQKAzD4GPgZMI1cbf51iw6XFAirk9jjQFnJwKJhu0
+Rl9N679E5Cz8oYttPFQ0rg5cXFUwK6uwAg4rZY62W0MuN3Se2MwC8DH+3E+yq8k
4JyJyLU7UDpqpQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:54:35 2025 by rpki-client