Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
File: zK1o9-irrfRHJiM0OjJWFQciQYk.mft (raw, json)
Hash identifier: FrT3YXxsnpdXnKRYORiWCzExd4S+rnTfyZ42+0u0vfM=
Subject key identifier: 2E:23:A5:DC:6B:ED:32:3F:FE:29:4C:EA:C5:34:A4:24:EB:6D:6F:CC
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Certificate issuer: /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial: 019A0B5DAE85B2A78D6EEF858060E0674A95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
Manifest number: 085A
Signing time: Wed 22 Oct 2025 10:01:20 +0000
Manifest this update: Wed 22 Oct 2025 10:01:20 +0000
Manifest next update: Thu 23 Oct 2025 10:01:20 +0000
Files and hashes: 1: UD4cQq7SyCABLCZHHC1Ou_EeL6M.roa (hash: tfgZKXi2rZuQqy6q4ZM+ZUGFDVqdyYkcUnUVHT5tgpI=)
2: zK1o9-irrfRHJiM0OjJWFQciQYk.crl (hash: 7tWVfSaveBul1Si2IEZnLSTqPUYxJgPZ2G27L7yjdMg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:5d:ae:85:b2:a7:8d:6e:ef:85:80:60:e0:67:4a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
Validity
Not Before: Oct 22 10:01:20 2025 GMT
Not After : Oct 23 10:01:20 2025 GMT
Subject: CN=2e23a5dc6bed323ffe294ceac534a424eb6d6fcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:2f:8a:f9:d6:2e:2d:2c:4b:a1:36:67:0e:b9:
a8:7a:b7:fa:a9:77:9b:ba:1d:70:39:d6:ef:23:f9:
29:5b:0b:78:4d:fb:25:6d:7d:02:e5:fa:39:f0:78:
20:6a:4e:98:53:1d:8d:d8:a9:3c:ed:78:6d:2b:ba:
61:e7:6e:1f:79:db:d4:bc:80:a4:df:59:80:4a:43:
f1:46:75:d9:5f:cc:85:48:e5:64:87:cc:0c:ac:5e:
42:d5:dc:be:2e:ec:a5:4a:7a:58:7f:0c:20:1e:44:
9d:31:61:5d:d6:a1:f6:b7:42:c4:dd:df:e5:9a:d4:
e0:d4:91:06:75:72:b4:8a:97:bf:82:85:b1:ea:32:
0f:18:1b:10:12:84:6b:82:05:4c:bc:ed:df:eb:6b:
9f:96:12:90:89:be:6a:19:af:fc:73:6c:6b:02:af:
f1:58:b2:b3:53:23:25:31:03:ce:98:a0:80:5f:62:
e8:ea:19:4e:00:ad:17:91:b7:36:a7:e8:f6:5e:67:
cc:4b:9a:b4:23:fd:ac:79:c8:93:30:78:95:67:54:
16:5c:b2:c4:f5:28:8b:5a:36:77:b6:60:83:0a:d8:
21:d9:4c:05:f1:aa:72:03:a1:52:da:d3:fd:8e:9c:
dc:e8:1e:42:c4:55:31:3e:d6:70:77:9a:b4:40:4a:
6d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:23:A5:DC:6B:ED:32:3F:FE:29:4C:EA:C5:34:A4:24:EB:6D:6F:CC
X509v3 Authority Key Identifier:
keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:d7:6d:12:57:56:7c:6f:69:14:a3:12:2f:42:e4:de:4b:87:
94:f5:45:bb:a4:15:35:b9:a1:b4:8f:0d:ab:d4:39:bb:1c:d9:
6e:c2:bc:79:47:53:95:1d:1b:75:85:dd:bb:b4:50:3b:3e:61:
1d:df:36:2a:e0:86:87:20:5a:d8:8a:ce:94:3b:50:de:6a:48:
ad:99:44:dd:a2:0a:6b:85:36:09:64:92:a2:32:9e:86:6a:8c:
04:47:da:ae:1f:25:d6:99:af:03:35:bc:8b:f7:4c:02:b2:3e:
0e:2e:bc:fa:42:e9:a0:46:67:a7:35:64:d3:61:ad:24:c7:db:
31:e3:02:d4:a2:fe:4c:5d:ba:63:1a:7e:68:ce:3b:34:99:3b:
13:7a:bd:78:ac:ca:e9:ea:e9:90:87:ca:61:9a:64:6b:28:2b:
22:e4:35:39:6b:5c:07:fa:18:72:f6:e5:e9:1d:81:5d:6f:23:
bc:a4:97:13:63:6f:5f:61:4b:f5:72:0e:35:f9:65:f3:e9:ab:
78:2e:c9:c1:40:61:b3:cd:0e:00:d0:1f:ec:61:18:8a:08:0c:
5a:f3:dc:ca:62:97:e6:2a:27:c8:e9:8f:b5:68:c1:c3:e3:9d:
2a:be:6e:00:76:af:ef:8a:8c:b8:9f:61:26:1b:06:a9:c3:e0:
94:28:a3:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoLXa6FsqeNbu+FgGDgZ0qVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjUxMDIyMTAwMTIwWhcNMjUxMDIzMTAwMTIwWjAzMTEwLwYDVQQD
EygyZTIzYTVkYzZiZWQzMjNmZmUyOTRjZWFjNTM0YTQyNGViNmQ2ZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+C+K+dYuLSxLoTZnDrmoerf6qXeb
uh1wOdbvI/kpWwt4TfslbX0C5fo58Hggak6YUx2N2Kk87XhtK7ph524fedvUvICk
31mASkPxRnXZX8yFSOVkh8wMrF5C1dy+LuylSnpYfwwgHkSdMWFd1qH2t0LE3d/l
mtTg1JEGdXK0ipe/goWx6jIPGBsQEoRrggVMvO3f62uflhKQib5qGa/8c2xrAq/x
WLKzUyMlMQPOmKCAX2Lo6hlOAK0Xkbc2p+j2XmfMS5q0I/2seciTMHiVZ1QWXLLE
9SiLWjZ3tmCDCtgh2UwF8apyA6FS2tP9jpzc6B5CxFUxPtZwd5q0QEptfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC4jpdxr7TI//ilM6sU0pCTrbW/MMB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADtdtEldW
fG9pFKMSL0Lk3kuHlPVFu6QVNbmhtI8Nq9Q5uxzZbsK8eUdTlR0bdYXdu7RQOz5h
Hd82KuCGhyBa2IrOlDtQ3mpIrZlE3aIKa4U2CWSSojKehmqMBEfarh8l1pmvAzW8
i/dMArI+Di68+kLpoEZnpzVk02GtJMfbMeMC1KL+TF26Yxp+aM47NJk7E3q9eKzK
6erpkIfKYZpkaygrIuQ1OWtcB/oYcvbl6R2BXW8jvKSXE2NvX2FL9XIONfll8+mr
eC7JwUBhs80OANAf7GEYiggMWvPcymKX5ionyOmPtWjBw+OdKr5uAHav74qMuJ9h
JhsGqcPglCijiw==
-----END CERTIFICATE-----
Generated at Wed Oct 22 12:31:40 2025 by rpki-client