Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
File: z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft (raw, json)
Hash identifier: xkwupI+L9w2TaYhFovAympDS/ZuAXo8kxBlN4LAOVAs=
Subject key identifier: 46:8A:CD:B1:0C:F5:9B:44:94:E9:07:53:E3:54:07:75:64:B9:A6:94
Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
Certificate issuer: /CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Certificate serial: 019A70A5517E07E2D52CC59981C2D81F19FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 02:01:13 +0000
Manifest this update: Tue 11 Nov 2025 02:01:13 +0000
Manifest next update: Wed 12 Nov 2025 02:01:13 +0000
Files and hashes: 1: hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa (hash: c9xr2QPdOJHBS76dYaN+BTyMMmlA60SbcteFKaCmJMA=)
2: z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl (hash: AdkWJZ+vqGPKKZzDKM5bh5lhqOs5gI2q5uqZLt93wqE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:51:7e:07:e2:d5:2c:c5:99:81:c2:d8:1f:19:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611
Validity
Not Before: Nov 11 02:01:13 2025 GMT
Not After : Nov 12 02:01:13 2025 GMT
Subject: CN=468acdb10cf59b4494e90753e354077564b9a694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fb:50:6f:20:1d:df:46:cd:c3:d8:fc:a7:ed:
d7:bf:d5:6b:c2:71:d2:d2:bc:18:6a:bd:56:96:89:
0c:48:07:a2:d5:71:4e:bd:2b:2c:09:e1:33:79:13:
b8:03:f2:6f:bf:3f:62:5a:1a:61:1e:10:b1:89:23:
23:8e:96:6e:02:ff:39:81:49:e5:29:a3:f3:bf:43:
ef:eb:be:d4:20:d9:f6:87:c1:c9:16:80:82:6a:95:
4b:23:8a:bb:7f:44:44:c0:d6:dc:1a:6d:50:18:6d:
e6:65:5b:a6:b0:fe:da:4b:83:c4:26:9e:19:eb:c2:
b7:0d:2a:76:84:14:e7:56:8b:c5:fe:4b:34:97:09:
96:c4:d5:ee:71:b8:3a:54:85:a1:03:ec:be:0c:5d:
fb:2a:21:a1:b7:ff:a6:76:df:ca:41:61:75:a0:e3:
bf:e0:ec:76:91:2c:07:fb:71:28:27:81:66:41:ec:
88:f4:15:9b:84:c7:28:27:e8:dd:76:06:a3:48:84:
bc:0d:5a:22:c8:f7:60:7a:ea:a8:da:48:20:21:e7:
df:80:17:82:c4:b0:a4:40:19:f7:dc:80:cf:23:86:
53:3e:27:bb:13:9d:f9:45:37:0f:29:fd:31:2b:41:
5b:87:f2:18:2d:c0:9f:f4:d4:89:1c:66:1d:96:26:
bd:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:8A:CD:B1:0C:F5:9B:44:94:E9:07:53:E3:54:07:75:64:B9:A6:94
X509v3 Authority Key Identifier:
keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:71:e0:7c:42:95:c6:91:88:dc:fd:e5:bf:1e:42:06:62:7f:
b5:27:37:5e:53:ce:46:e9:34:e9:c8:2e:94:8b:81:86:42:fe:
7d:e2:cd:58:44:97:d3:9b:3d:9f:b7:d4:0e:1d:54:52:98:d4:
86:1b:e3:31:2a:98:13:46:d8:89:b2:ae:8e:d5:8d:25:9b:35:
b4:a4:4b:b8:a5:5f:2d:56:9f:d9:9d:0a:e3:ff:f1:aa:ef:c5:
45:87:b8:8a:4f:4f:f2:7d:df:ee:c8:df:69:1d:ae:5a:16:08:
97:19:94:b8:58:f8:60:5c:4b:b6:e2:4a:ae:94:f7:2e:4d:0a:
a2:ca:c5:33:a7:bf:2d:0d:7a:7e:5f:f4:29:69:fe:11:65:8f:
2f:c7:8c:3d:4d:6c:e3:f5:8f:68:ba:d2:36:ed:66:2a:a1:cf:
5c:65:04:dd:55:0d:3b:97:16:4b:37:04:9c:82:25:64:df:0f:
97:97:48:6d:d6:36:87:7a:e2:b1:c8:a4:ec:ed:26:be:eb:aa:
19:c5:c2:43:5a:75:38:7d:84:88:d1:b8:03:19:4f:fd:d3:8c:
47:c3:82:db:af:5e:d4:af:92:cb:e6:f2:02:1a:87:f6:ff:01:
ca:d1:7c:82:ef:fa:24:0a:b8:cc:64:f4:c8:94:d8:34:86:66:
0b:cc:28:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpVF+B+LVLMWZgcLYHxn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5
NzQ2MTEwHhcNMjUxMTExMDIwMTEzWhcNMjUxMTEyMDIwMTEzWjAzMTEwLwYDVQQD
Eyg0NjhhY2RiMTBjZjU5YjQ0OTRlOTA3NTNlMzU0MDc3NTY0YjlhNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPtQbyAd30bNw9j8p+3Xv9VrwnHS
0rwYar1WlokMSAei1XFOvSssCeEzeRO4A/Jvvz9iWhphHhCxiSMjjpZuAv85gUnl
KaPzv0Pv677UINn2h8HJFoCCapVLI4q7f0REwNbcGm1QGG3mZVumsP7aS4PEJp4Z
68K3DSp2hBTnVovF/ks0lwmWxNXucbg6VIWhA+y+DF37KiGht/+mdt/KQWF1oOO/
4Ox2kSwH+3EoJ4FmQeyI9BWbhMcoJ+jddgajSIS8DVoiyPdgeuqo2kggIeffgBeC
xLCkQBn33IDPI4ZTPie7E535RTcPKf0xK0Fbh/IYLcCf9NSJHGYdlia9BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEaKzbEM9ZtElOkHU+NUB3VkuaaUMB8GA1UdIwQY
MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt
Yjk1NGM1MGZkYmIwLzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw
LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARHHgfEKV
xpGI3P3lvx5CBmJ/tSc3XlPORuk06cgulIuBhkL+feLNWESX05s9n7fUDh1UUpjU
hhvjMSqYE0bYibKujtWNJZs1tKRLuKVfLVaf2Z0K4//xqu/FRYe4ik9P8n3f7sjf
aR2uWhYIlxmUuFj4YFxLtuJKrpT3Lk0KosrFM6e/LQ16fl/0KWn+EWWPL8eMPU1s
4/WPaLrSNu1mKqHPXGUE3VUNO5cWSzcEnIIlZN8Pl5dIbdY2h3riscik7O0mvuuq
GcXCQ1p1OH2EiNG4AxlP/dOMR8OC269e1K+Sy+byAhqH9v8BytF8gu/6JAq4zGT0
yJTYNIZmC8wo1g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:46 2025 by rpki-client