Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft
File: zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft (raw, json)
Hash identifier: wUQnsu9qaf/GBspaf9DsIrrfYdzXjQX2XROGwqTmfwk=
Subject key identifier: 92:1A:75:88:9C:CC:75:B4:23:21:AD:CF:84:EC:D1:E9:FA:9C:3A:CF
Authority key identifier: CE:1F:59:AE:34:54:81:32:89:2F:CC:89:B1:59:5F:9B:03:60:19:8D
Certificate issuer: /CN=ce1f59ae34548132892fcc89b1595f9b0360198d
Certificate serial: 019A7225B622243B6DDDF1D295C451E42F6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft
Manifest number: 111A
Signing time: Tue 11 Nov 2025 09:01:05 +0000
Manifest this update: Tue 11 Nov 2025 09:01:05 +0000
Manifest next update: Wed 12 Nov 2025 09:01:05 +0000
Files and hashes: 1: DnTbZNQqyk7b1Kpp-h3yl2scJwY.roa (hash: TJ12NvtCptbjwY91XKfeBV5bJZ6ugQZ1nYOaUhjOlp4=)
2: zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl (hash: CG4pdeoHSJY75SP1RrbVF9mYBF/n4NZ2Tk5OJ/fLiLg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:b6:22:24:3b:6d:dd:f1:d2:95:c4:51:e4:2f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce1f59ae34548132892fcc89b1595f9b0360198d
Validity
Not Before: Nov 11 09:01:05 2025 GMT
Not After : Nov 12 09:01:05 2025 GMT
Subject: CN=921a75889ccc75b42321adcf84ecd1e9fa9c3acf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:12:c3:68:d1:fb:31:95:50:35:7e:80:53:a8:
d8:df:60:02:3f:1c:5a:20:4f:bb:28:00:91:96:b7:
5c:76:e3:da:7b:7e:a1:18:97:16:d8:26:e2:54:97:
2e:4f:12:40:e1:bc:2d:f6:23:ed:d1:ab:e9:dd:12:
7a:e9:40:7e:9d:de:09:d4:76:8a:04:2b:21:78:07:
78:2a:b4:f7:34:12:0a:2c:29:35:ed:76:35:a8:b5:
30:6a:d4:5d:7f:ba:65:fd:f4:f3:fe:e3:7a:4b:ad:
6e:d9:e3:e0:8e:8a:73:31:e5:8b:f0:78:6e:98:37:
ae:0d:86:90:f6:71:6e:04:75:d4:25:12:31:61:97:
ba:ed:57:ea:ca:ad:50:fa:89:59:2e:ad:7d:bd:4e:
85:35:9a:d7:fe:3a:92:85:c4:ab:0e:14:9d:e7:ef:
7c:84:12:d2:81:83:40:1c:6d:d9:b7:e0:7c:64:ae:
b6:25:97:13:94:11:e8:ee:b9:fc:97:16:73:e9:3c:
57:4a:d7:5d:0b:b6:03:5b:b1:33:31:f8:2a:57:3d:
38:cf:e0:d1:f2:ef:99:92:cc:6d:d3:f0:71:3d:fb:
f8:23:d7:de:71:31:42:d1:53:93:84:85:2b:2c:7d:
c2:ea:2c:47:cb:68:9d:54:3a:79:0b:d4:c6:82:76:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:1A:75:88:9C:CC:75:B4:23:21:AD:CF:84:EC:D1:E9:FA:9C:3A:CF
X509v3 Authority Key Identifier:
keyid:CE:1F:59:AE:34:54:81:32:89:2F:CC:89:B1:59:5F:9B:03:60:19:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:cf:8e:06:d9:fc:aa:a4:b4:a6:db:41:f2:44:73:78:8c:ad:
6c:2c:31:70:7c:27:45:9e:cc:6d:00:63:0e:a1:bb:98:aa:2a:
8f:5e:15:26:9a:1f:38:78:f5:1b:cf:f1:93:5b:ff:90:3c:ea:
3f:b1:50:f7:8e:1c:fa:b7:e4:69:94:8b:a1:aa:59:c0:24:bd:
95:96:8a:b7:1d:76:8f:cd:58:a1:d1:42:e9:20:76:6c:0b:9c:
f8:e3:e8:52:35:8f:ff:0b:3e:dd:97:28:06:6d:6f:cf:2a:76:
ef:c3:19:ee:f8:09:69:2f:69:04:1e:e8:cd:8f:f4:dc:52:69:
3e:3c:e2:dc:77:52:a1:ed:6b:7e:ff:d2:de:8e:c8:6c:45:16:
58:0c:41:57:5f:2e:97:b0:c5:c4:bd:ef:e6:b1:2a:47:b9:39:
71:0e:43:31:61:43:b1:7b:5f:d2:a0:3a:78:82:c3:59:ca:fe:
7b:95:25:de:9a:b9:2f:45:5e:85:68:51:33:7e:c5:ea:bf:df:
e0:e3:01:76:e6:78:d6:86:99:aa:bb:04:fc:a8:f5:6d:de:0d:
d3:82:9e:ba:01:d3:ea:57:ee:f7:71:6a:3f:35:fe:97:fe:27:
ba:63:dd:77:6a:66:ae:7d:b5:dd:fb:03:45:c7:65:d7:4d:60:
2e:c5:66:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJbYiJDtt3fHSlcRR5C9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMWY1OWFlMzQ1NDgxMzI4OTJmY2M4OWIxNTk1ZjliMDM2
MDE5OGQwHhcNMjUxMTExMDkwMTA1WhcNMjUxMTEyMDkwMTA1WjAzMTEwLwYDVQQD
Eyg5MjFhNzU4ODljY2M3NWI0MjMyMWFkY2Y4NGVjZDFlOWZhOWMzYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhLDaNH7MZVQNX6AU6jY32ACPxxa
IE+7KACRlrdcduPae36hGJcW2CbiVJcuTxJA4bwt9iPt0avp3RJ66UB+nd4J1HaK
BCsheAd4KrT3NBIKLCk17XY1qLUwatRdf7pl/fTz/uN6S61u2ePgjopzMeWL8Hhu
mDeuDYaQ9nFuBHXUJRIxYZe67Vfqyq1Q+olZLq19vU6FNZrX/jqShcSrDhSd5+98
hBLSgYNAHG3Zt+B8ZK62JZcTlBHo7rn8lxZz6TxXStddC7YDW7EzMfgqVz04z+DR
8u+Zksxt0/BxPfv4I9fecTFC0VOThIUrLH3C6ixHy2idVDp5C9TGgnbFVwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJIadYiczHW0IyGtz4Ts0en6nDrPMB8GA1UdIwQY
MBaAFM4fWa40VIEyiS/MibFZX5sDYBmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80ZmEyZDgtZDcxZC00OWIxLThlYjAt
YTM1ODlkYTE2Yzg1LzEvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni80ZmEyZDgtZDcxZC00OWIxLThlYjAtYTM1ODlkYTE2Yzg1
LzEvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATc+OBtn8
qqS0pttB8kRzeIytbCwxcHwnRZ7MbQBjDqG7mKoqj14VJpofOHj1G8/xk1v/kDzq
P7FQ944c+rfkaZSLoapZwCS9lZaKtx12j81YodFC6SB2bAuc+OPoUjWP/ws+3Zco
Bm1vzyp278MZ7vgJaS9pBB7ozY/03FJpPjzi3HdSoe1rfv/S3o7IbEUWWAxBV18u
l7DFxL3v5rEqR7k5cQ5DMWFDsXtf0qA6eILDWcr+e5Ul3pq5L0VehWhRM37F6r/f
4OMBduZ41oaZqrsE/Kj1bd4N04KeugHT6lfu93FqPzX+l/4numPdd2pmrn213fsD
Rcdl101gLsVmiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:15:04 2025 by rpki-client