Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
File: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft (raw, json)
Hash identifier: ahgvoHrLx90dBsSUXfpODxAtFb/YMUzfOXp4cGVnYGA=
Subject key identifier: ED:EC:7B:D4:10:28:67:20:2A:30:18:0B:13:9B:81:22:18:B8:B2:11
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 0199221E2E5C5662A49B5B290E99639A30F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
Manifest number: 1677
Signing time: Sun 07 Sep 2025 03:00:27 +0000
Manifest this update: Sun 07 Sep 2025 03:00:27 +0000
Manifest next update: Mon 08 Sep 2025 03:00:27 +0000
Files and hashes: 1: Ylu4oY650LeSLzKfRWZsKd7D6d4.roa (hash: at13Jjp52CyKiekCDznMGprsJGH6Ha6O/Aegpe9S1N0=)
2: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl (hash: nZCEoApInCuB5kjh+zCJdZfI6ADjsLxy+FlpT0TJLx0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 03:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:1e:2e:5c:56:62:a4:9b:5b:29:0e:99:63:9a:30:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Sep 7 03:00:27 2025 GMT
Not After : Sep 8 03:00:27 2025 GMT
Subject: CN=edec7bd4102867202a30180b139b812218b8b211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3d:2c:ef:df:21:ca:fb:72:f2:47:c8:97:d7:
b1:a4:4b:2f:09:2c:72:67:35:12:56:4f:d3:3c:34:
c5:aa:a3:0a:92:81:cf:95:67:9d:07:92:5a:3f:81:
f4:2a:4f:c7:ae:e1:f8:d7:59:cd:0a:7f:17:85:f5:
a1:88:57:73:e0:74:2e:0e:6e:10:7b:0f:98:f2:58:
bc:81:9b:9d:fe:81:a0:f5:9f:d9:15:f6:a4:57:4a:
c9:ac:2f:4c:53:75:33:ff:0d:eb:79:4a:ce:5c:e6:
9c:4a:bc:dd:13:a9:e2:46:77:d4:da:b4:c2:c6:90:
5b:bd:65:32:38:85:db:b0:3d:ae:a7:df:33:3c:6f:
3f:b9:ba:ed:65:2a:3c:8c:a0:d4:81:da:76:3d:5e:
5e:fe:d5:e0:41:27:1e:7d:81:36:91:0d:f5:da:21:
86:65:60:f7:69:2d:06:b0:dc:d3:cb:69:2e:62:78:
7d:7f:72:90:96:5e:50:e1:3e:15:72:72:da:2f:f8:
5f:38:fb:35:30:90:25:54:7c:bd:ed:21:db:20:4a:
9a:a5:81:b5:d8:cc:ae:eb:cd:6f:f6:2b:33:c5:9a:
7a:b6:cd:c2:97:e3:a7:0f:9a:86:46:f1:bd:64:4b:
04:ab:fa:30:6b:be:bd:73:74:c7:fd:36:40:7d:14:
48:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:EC:7B:D4:10:28:67:20:2A:30:18:0B:13:9B:81:22:18:B8:B2:11
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:9d:09:fe:4b:02:f7:a0:e6:1c:fb:dc:48:49:87:14:9b:ec:
96:e6:f1:8a:c4:65:17:9a:03:39:04:4b:71:00:20:e9:72:c2:
73:84:3e:35:b4:4b:49:5a:ee:f7:6e:06:19:00:6d:79:75:95:
0c:ea:94:d8:1d:d5:6e:96:aa:79:35:b0:0e:0a:7d:b5:1e:21:
1d:3b:d2:d7:e8:aa:19:81:74:22:a5:d1:34:73:4a:cc:98:76:
28:74:0d:0e:18:c0:ff:00:c4:50:f0:13:bd:1b:31:a9:b6:e6:
a9:9f:04:fe:6a:08:d5:cf:59:4d:ee:d0:f8:9e:03:78:cb:eb:
09:99:d7:c9:89:54:05:80:99:ae:ad:3b:df:b6:df:38:cd:b1:
c4:0a:d6:26:64:51:bb:b9:6b:60:6d:74:68:7c:1b:4e:54:13:
3a:d9:23:82:58:fd:d1:f1:13:d9:0f:40:b5:67:c7:68:7b:20:
54:02:c1:b9:3e:93:82:45:04:da:cd:d3:1c:f9:cc:6b:77:c9:
c0:17:01:2d:2b:95:30:3b:c0:34:dc:c1:b7:c9:ef:db:3d:90:
6d:8b:cf:a8:f0:60:af:2a:82:1a:4f:8a:00:d9:bc:4e:ce:d0:
11:29:be:72:70:eb:3c:a2:26:ce:54:10:0f:51:8c:52:25:ad:
5b:51:9a:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiHi5cVmKkm1spDpljmjD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjUwOTA3MDMwMDI3WhcNMjUwOTA4MDMwMDI3WjAzMTEwLwYDVQQD
EyhlZGVjN2JkNDEwMjg2NzIwMmEzMDE4MGIxMzliODEyMjE4YjhiMjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j0s798hyvty8kfIl9expEsvCSxy
ZzUSVk/TPDTFqqMKkoHPlWedB5JaP4H0Kk/HruH411nNCn8XhfWhiFdz4HQuDm4Q
ew+Y8li8gZud/oGg9Z/ZFfakV0rJrC9MU3Uz/w3reUrOXOacSrzdE6niRnfU2rTC
xpBbvWUyOIXbsD2up98zPG8/ubrtZSo8jKDUgdp2PV5e/tXgQScefYE2kQ312iGG
ZWD3aS0GsNzTy2kuYnh9f3KQll5Q4T4VcnLaL/hfOPs1MJAlVHy97SHbIEqapYG1
2Myu681v9iszxZp6ts3Cl+OnD5qGRvG9ZEsEq/owa769c3TH/TZAfRRIiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3se9QQKGcgKjAYCxObgSIYuLIRMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMp0J/ksC
96DmHPvcSEmHFJvslubxisRlF5oDOQRLcQAg6XLCc4Q+NbRLSVru924GGQBteXWV
DOqU2B3VbpaqeTWwDgp9tR4hHTvS1+iqGYF0IqXRNHNKzJh2KHQNDhjA/wDEUPAT
vRsxqbbmqZ8E/moI1c9ZTe7Q+J4DeMvrCZnXyYlUBYCZrq0737bfOM2xxArWJmRR
u7lrYG10aHwbTlQTOtkjglj90fET2Q9AtWfHaHsgVALBuT6TgkUE2s3THPnMa3fJ
wBcBLSuVMDvANNzBt8nv2z2QbYvPqPBgryqCGk+KANm8Ts7QESm+cnDrPKImzlQQ
D1GMUiWtW1Gapg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 10:12:16 2025 by rpki-client