Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier: 3tV4SomvPT7xylZch2554djWyNqQlGnDYe4ii98z6NQ=
Subject key identifier: 84:93:61:EC:EC:02:43:D4:C7:5B:18:7A:74:03:B8:3E:F2:F3:17:D0
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 019A71B85C9DD654A9272257CCAE56DEBD28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 07:01:38 +0000
Manifest this update: Tue 11 Nov 2025 07:01:38 +0000
Manifest next update: Wed 12 Nov 2025 07:01:38 +0000
Files and hashes: 1: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: MBROnRRjXg/mQkgkHIJ5R+3Jf3NaR7xm3JUy5+Bd36A=)
2: zwMZXsX6Z6y_GtPEpsaBS7FPtIU.roa (hash: bi378rHsH1o9Uq16RD7qe5x44q14EkwJzXLivtK1Naw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:5c:9d:d6:54:a9:27:22:57:cc:ae:56:de:bd:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Nov 11 07:01:38 2025 GMT
Not After : Nov 12 07:01:38 2025 GMT
Subject: CN=849361ecec0243d4c75b187a7403b83ef2f317d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:18:51:82:92:c1:e6:a0:e3:9a:d2:e1:41:44:
2a:e3:95:25:61:82:5c:59:69:b6:de:6b:98:30:ad:
75:e6:3f:63:6a:28:73:6a:b0:17:ca:f1:db:c7:bc:
f8:f7:e5:5d:3f:12:c7:77:48:3c:97:72:e3:3b:d0:
ae:a0:3c:22:dc:c1:27:74:96:8e:30:8f:1f:6e:0e:
ba:c1:a6:83:bb:8e:51:99:3d:e4:2f:c3:07:c9:a2:
6a:1e:7a:94:b3:13:8f:ff:90:0c:7c:73:09:62:ad:
2f:aa:d5:11:62:a0:4c:e6:e2:4a:cb:90:ed:4e:a3:
ba:b2:dd:4e:9e:0b:02:d9:a9:23:27:58:c7:36:ad:
19:3b:52:c0:84:50:f7:d7:09:aa:22:30:65:d6:22:
3f:9a:77:0b:9e:6a:a9:73:30:84:1a:53:c8:85:20:
f4:79:64:8e:8a:93:49:fb:a3:37:48:48:a1:67:b3:
d5:42:a0:f4:da:19:35:fc:17:bc:0f:05:99:41:f0:
4c:4a:43:a5:bd:13:25:31:0a:f9:6f:5d:4f:1f:ae:
0f:03:34:02:ef:a0:8d:07:c3:e1:71:a6:b0:fd:f5:
6a:7c:31:86:2a:db:77:ca:02:19:40:83:37:b2:bd:
d9:e3:64:c6:72:e7:2f:c8:64:06:90:02:0f:2a:72:
49:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:93:61:EC:EC:02:43:D4:C7:5B:18:7A:74:03:B8:3E:F2:F3:17:D0
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:73:7c:60:d9:6f:a1:9c:9f:49:d4:38:de:12:74:8d:3d:7c:
cf:8a:ea:60:97:0c:ff:cd:59:1a:55:27:89:65:fe:fa:e7:f3:
8d:53:47:38:7f:45:2d:99:19:3d:ad:50:3e:ae:b3:3c:d4:bf:
83:07:22:d4:50:27:62:45:e3:82:7b:5a:b1:2c:c8:80:8d:8b:
8e:c1:ae:3b:bf:c0:c4:26:3a:a2:9b:85:20:03:af:97:4c:7f:
06:ef:1a:2b:15:e9:9a:2e:fe:56:da:0c:ef:ad:7f:e0:2d:86:
cc:e6:f0:03:27:f4:8d:35:08:33:da:56:86:4b:7a:81:52:2c:
75:d1:c5:79:50:b6:81:f1:4e:28:56:4d:ef:ec:76:11:75:40:
d9:96:8a:f7:39:de:01:71:04:79:0a:ec:aa:92:88:50:2d:6c:
86:2c:eb:4a:e6:cf:fa:05:4a:e3:b5:21:dc:cd:fd:2c:c9:95:
0b:0b:07:82:43:da:26:43:82:a4:e4:1f:b5:c3:b5:0d:a1:a0:
20:68:4a:ec:ca:7c:7c:8c:db:40:33:f3:e5:e4:f5:7a:de:4d:
aa:3d:34:f2:8f:59:24:60:bc:2f:fc:0e:b1:be:f9:4b:4b:9a:
04:b1:bd:d9:bc:91:c4:52:9c:b0:2a:0e:9f:6b:2c:2d:eb:c8:
ce:33:9c:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFyd1lSpJyJXzK5W3r0oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjUxMTExMDcwMTM4WhcNMjUxMTEyMDcwMTM4WjAzMTEwLwYDVQQD
Eyg4NDkzNjFlY2VjMDI0M2Q0Yzc1YjE4N2E3NDAzYjgzZWYyZjMxN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRhRgpLB5qDjmtLhQUQq45UlYYJc
WWm23muYMK115j9jaihzarAXyvHbx7z49+VdPxLHd0g8l3LjO9CuoDwi3MEndJaO
MI8fbg66waaDu45RmT3kL8MHyaJqHnqUsxOP/5AMfHMJYq0vqtURYqBM5uJKy5Dt
TqO6st1OngsC2akjJ1jHNq0ZO1LAhFD31wmqIjBl1iI/mncLnmqpczCEGlPIhSD0
eWSOipNJ+6M3SEihZ7PVQqD02hk1/Be8DwWZQfBMSkOlvRMlMQr5b11PH64PAzQC
76CNB8Phcaaw/fVqfDGGKtt3ygIZQIM3sr3Z42TGcucvyGQGkAIPKnJJ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFISTYezsAkPUx1sYenQDuD7y8xfQMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkHN8YNlv
oZyfSdQ43hJ0jT18z4rqYJcM/81ZGlUniWX++ufzjVNHOH9FLZkZPa1QPq6zPNS/
gwci1FAnYkXjgntasSzIgI2LjsGuO7/AxCY6opuFIAOvl0x/Bu8aKxXpmi7+VtoM
761/4C2GzObwAyf0jTUIM9pWhkt6gVIsddHFeVC2gfFOKFZN7+x2EXVA2ZaK9zne
AXEEeQrsqpKIUC1shizrSubP+gVK47Uh3M39LMmVCwsHgkPaJkOCpOQftcO1DaGg
IGhK7Mp8fIzbQDPz5eT1et5Nqj008o9ZJGC8L/wOsb75S0uaBLG92byRxFKcsCoO
n2ssLevIzjOc3Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:39:17 2025 by rpki-client