Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
File: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft (raw, json)
Hash identifier: iUxMJNYjMdWMxS2bYN0/l5lMMXy7qf9ysNwToRjuYUc=
Subject key identifier: CA:A7:5A:A6:12:99:9C:34:46:0C:F2:56:80:AF:67:20:3E:EC:8A:09
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 019A7225B7209996933FCFA7CEC70FC87F5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
Manifest number: 1725
Signing time: Tue 11 Nov 2025 09:01:05 +0000
Manifest this update: Tue 11 Nov 2025 09:01:05 +0000
Manifest next update: Wed 12 Nov 2025 09:01:05 +0000
Files and hashes: 1: Ylu4oY650LeSLzKfRWZsKd7D6d4.roa (hash: at13Jjp52CyKiekCDznMGprsJGH6Ha6O/Aegpe9S1N0=)
2: zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl (hash: SOPD0hII5W/9ygPLLT7FtHEDLiNDgqk80NkkzOet9/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:b7:20:99:96:93:3f:cf:a7:ce:c7:0f:c8:7f:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Nov 11 09:01:05 2025 GMT
Not After : Nov 12 09:01:05 2025 GMT
Subject: CN=caa75aa612999c34460cf25680af67203eec8a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b7:84:f2:b7:da:f8:6c:79:4b:9d:14:02:b5:
03:48:d8:82:47:ff:bb:92:9d:d2:cd:ed:33:ba:f4:
5c:5f:75:44:c1:df:8d:8a:c9:02:6c:bc:4d:0c:c2:
c8:df:6b:d0:04:bd:16:72:16:99:0a:eb:c7:28:3e:
fc:7b:19:e9:b3:f8:e9:5a:f5:e7:ae:06:93:d4:5d:
7c:d5:27:53:d7:92:c8:e5:03:72:c3:90:1f:b8:97:
20:d4:6d:24:ea:53:76:12:81:ef:48:76:2c:08:44:
4b:e1:4f:c0:f0:4a:51:08:03:51:84:82:29:9b:97:
1b:fa:f0:27:c2:3d:6a:cf:11:f8:4f:89:6d:5d:df:
1b:00:74:da:58:78:d6:4e:cb:83:1b:8d:2f:90:c4:
73:83:3a:b7:02:42:1b:3c:4c:41:aa:de:fb:ec:bd:
2b:97:e1:77:1a:df:63:1b:dd:42:a8:43:70:ab:ba:
d4:fe:2d:fd:6f:02:b4:f6:9e:f2:42:76:db:dd:a1:
70:52:d9:04:d1:08:79:c7:e5:b4:74:25:e7:be:65:
40:d7:2c:7a:ad:a5:1e:ad:36:7a:ac:1a:79:11:e8:
ea:20:f8:c3:1e:f6:1b:78:24:ce:28:99:d7:d0:3c:
7f:27:2f:18:a2:c4:e2:b6:79:f5:de:dc:78:fc:8a:
6e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:A7:5A:A6:12:99:9C:34:46:0C:F2:56:80:AF:67:20:3E:EC:8A:09
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:70:24:e6:36:3a:5e:9c:81:fb:3c:da:f8:b7:2e:4b:2a:07:
c9:33:56:58:b6:1d:a9:23:47:9b:98:02:12:73:02:62:45:5d:
b9:21:cc:f4:08:9b:b3:20:8d:d8:13:05:2d:83:40:47:81:e1:
42:86:1b:f1:7e:cb:e9:c0:a3:e6:8d:f2:9f:7b:56:68:2a:5d:
5f:fc:30:9d:a7:6c:46:12:e3:0c:c5:7c:60:f0:da:0f:30:28:
e1:a8:ef:03:f1:17:91:21:e2:36:70:25:a0:cd:e2:64:01:8f:
d8:83:dc:8b:09:84:43:39:fe:55:bc:85:7f:c9:cf:00:4d:79:
29:33:35:a7:35:cb:bb:1b:81:51:71:c7:f8:d7:d3:ce:d2:97:
e5:8d:e0:1f:36:f0:11:9d:f5:83:6f:85:8c:db:18:4d:58:46:
82:3c:1f:9e:7d:ca:c9:b1:62:3b:17:bf:a1:8c:be:0e:52:81:
02:de:b3:8f:8b:b3:74:6b:00:69:1a:55:30:6a:2f:e5:c4:ff:
fb:41:7d:b9:0e:df:df:b7:ec:0b:9c:7f:e7:4e:33:12:25:83:
e6:3e:8f:62:5f:3a:52:5f:8b:fd:93:03:0d:93:7e:9a:06:d0:
66:37:a8:17:85:ba:f5:be:27:50:0e:5d:e2:c9:f2:71:b8:a0:
8d:94:00:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbcgmZaTP8+nzscPyH9aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjUxMTExMDkwMTA1WhcNMjUxMTEyMDkwMTA1WjAzMTEwLwYDVQQD
EyhjYWE3NWFhNjEyOTk5YzM0NDYwY2YyNTY4MGFmNjcyMDNlZWM4YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLeE8rfa+Gx5S50UArUDSNiCR/+7
kp3Sze0zuvRcX3VEwd+NiskCbLxNDMLI32vQBL0WchaZCuvHKD78exnps/jpWvXn
rgaT1F181SdT15LI5QNyw5AfuJcg1G0k6lN2EoHvSHYsCERL4U/A8EpRCANRhIIp
m5cb+vAnwj1qzxH4T4ltXd8bAHTaWHjWTsuDG40vkMRzgzq3AkIbPExBqt777L0r
l+F3Gt9jG91CqENwq7rU/i39bwK09p7yQnbb3aFwUtkE0Qh5x+W0dCXnvmVA1yx6
raUerTZ6rBp5EejqIPjDHvYbeCTOKJnX0Dx/Jy8YosTitnn13tx4/IpunwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMqnWqYSmZw0RgzyVoCvZyA+7IoJMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnAk5jY6
XpyB+zza+LcuSyoHyTNWWLYdqSNHm5gCEnMCYkVduSHM9AibsyCN2BMFLYNAR4Hh
QoYb8X7L6cCj5o3yn3tWaCpdX/wwnadsRhLjDMV8YPDaDzAo4ajvA/EXkSHiNnAl
oM3iZAGP2IPciwmEQzn+VbyFf8nPAE15KTM1pzXLuxuBUXHH+NfTztKX5Y3gHzbw
EZ31g2+FjNsYTVhGgjwfnn3KybFiOxe/oYy+DlKBAt6zj4uzdGsAaRpVMGov5cT/
+0F9uQ7f37fsC5x/504zEiWD5j6PYl86Ul+L/ZMDDZN+mgbQZjeoF4W69b4nUA5d
4snycbigjZQAgA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:07:58 2025 by rpki-client