Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
File: zahD6BKxbexgu3CYykEzEX24R00.mft (raw, json)
Hash identifier: Y94hzgjtnwZs1DNNJQdy/Ivoxq3QiyvDfz3rdIMhe6U=
Subject key identifier: 87:0D:7B:BF:07:C3:A4:5F:98:0F:C7:AD:94:FE:46:7C:53:AB:51:74
Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
Certificate issuer: /CN=cda843e812b16dec60bb7098ca4133117db8474d
Certificate serial: 019A72CA7012F676BD3BD1DFA878407E91E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 12:01:00 +0000
Manifest this update: Tue 11 Nov 2025 12:01:00 +0000
Manifest next update: Wed 12 Nov 2025 12:01:00 +0000
Files and hashes: 1: VJUoXBS9iPEfhSdXRvzqWIAuTX8.roa (hash: Nan6DQGHyzFA7VJDUyPb17ZowHybZxaUB4pA1mJmnaY=)
2: zahD6BKxbexgu3CYykEzEX24R00.crl (hash: ZRzKXaUHpGxFkPqe8ISrlT4T4XTxaIlUesPtI2MEH8Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:70:12:f6:76:bd:3b:d1:df:a8:78:40:7e:91:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d
Validity
Not Before: Nov 11 12:01:00 2025 GMT
Not After : Nov 12 12:01:00 2025 GMT
Subject: CN=870d7bbf07c3a45f980fc7ad94fe467c53ab5174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:0c:af:bd:6f:71:80:b1:a6:bb:1a:dc:f3:
b0:c7:5a:14:9c:19:8b:4b:ba:12:8f:c6:73:33:60:
b2:53:ad:85:38:40:4d:c0:19:92:c8:07:50:ca:01:
93:7b:84:8a:aa:be:26:92:00:fa:d8:f0:b8:c8:ea:
88:6b:7b:2f:7e:7a:0e:ad:e8:09:ab:31:59:c0:2b:
6f:ce:d0:25:47:ce:d9:99:2e:ee:86:54:54:5e:d7:
a1:1b:af:3c:fa:98:f3:bd:c4:75:a3:01:2f:34:19:
75:ce:99:d8:0b:92:c0:4a:2c:48:d7:39:9e:14:01:
01:40:4b:8b:e1:ad:89:14:ec:39:a5:d3:60:fb:54:
55:40:66:7d:d4:bc:de:e0:8b:a9:f1:00:59:0a:51:
f9:7f:6f:a7:bc:9a:20:c4:57:db:9c:91:93:fb:52:
c6:be:66:ea:1d:5f:4a:2d:3f:41:41:71:aa:71:e0:
6a:bd:71:12:d0:bb:e6:c1:62:73:89:c3:8d:6a:4e:
ff:f1:48:b7:60:f5:cd:71:1d:76:72:b0:26:5a:c6:
d9:e3:ec:e3:66:91:09:34:6a:b3:53:af:e6:cb:f1:
93:19:b8:16:fa:29:1a:53:f5:c3:09:40:c7:a0:00:
ae:69:c8:44:da:c1:f0:7f:e9:85:36:80:6a:40:4f:
3e:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:0D:7B:BF:07:C3:A4:5F:98:0F:C7:AD:94:FE:46:7C:53:AB:51:74
X509v3 Authority Key Identifier:
keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:35:57:b8:39:ea:72:29:c4:43:09:8e:81:c5:d6:d3:91:55:
5b:2c:1b:7c:e7:d4:d7:0d:28:c7:4b:c3:88:1d:ef:53:48:29:
af:67:3d:f1:0f:2c:d1:23:63:55:59:45:8f:16:19:a4:5e:13:
6d:9e:ad:0d:da:06:3d:3b:11:ba:22:ba:d8:d5:29:12:87:64:
8c:bd:13:03:ad:dc:d0:f2:75:99:ed:3c:49:7a:a9:62:78:0e:
19:ae:97:12:02:dc:6b:3f:e8:df:3c:a7:83:33:54:2c:7e:bb:
3a:c9:cd:9d:76:af:b6:58:26:44:ad:bc:1f:3f:31:07:37:35:
62:e1:18:dc:2c:f1:9d:1b:88:0d:82:27:72:7c:18:7d:fc:e7:
07:e5:3a:5f:d4:cb:c0:8c:92:cc:f6:3e:bc:5d:c5:5e:2e:b9:
f7:7f:88:44:ee:c9:9a:c8:9f:b4:29:18:99:5e:29:02:21:8e:
e7:c9:dd:8f:b5:d3:ba:bf:aa:64:e9:67:b6:76:d5:15:bd:0b:
7f:91:6a:f7:ef:74:d2:81:22:bb:a8:b2:8f:56:d2:d2:e9:82:
66:c7:11:46:a3:f2:73:06:85:3a:f3:a9:8d:33:dd:e6:1a:4c:
92:44:ee:1a:51:d5:15:af:de:c8:2c:92:e1:77:19:f9:2b:a3:
75:65:51:71
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyynAS9na9O9HfqHhAfpHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTg0M2U4MTJiMTZkZWM2MGJiNzA5OGNhNDEzMzExN2Ri
ODQ3NGQwHhcNMjUxMTExMTIwMTAwWhcNMjUxMTEyMTIwMTAwWjAzMTEwLwYDVQQD
Eyg4NzBkN2JiZjA3YzNhNDVmOTgwZmM3YWQ5NGZlNDY3YzUzYWI1MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/gMr71vcYCxprsa3POwx1oUnBmL
S7oSj8ZzM2CyU62FOEBNwBmSyAdQygGTe4SKqr4mkgD62PC4yOqIa3svfnoOregJ
qzFZwCtvztAlR87ZmS7uhlRUXtehG688+pjzvcR1owEvNBl1zpnYC5LASixI1zme
FAEBQEuL4a2JFOw5pdNg+1RVQGZ91Lze4Iup8QBZClH5f2+nvJogxFfbnJGT+1LG
vmbqHV9KLT9BQXGqceBqvXES0LvmwWJzicONak7/8Ui3YPXNcR12crAmWsbZ4+zj
ZpEJNGqzU6/my/GTGbgW+ikaU/XDCUDHoACuachE2sHwf+mFNoBqQE8+lQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIcNe78Hw6RfmA/HrZT+RnxTq1F0MB8GA1UdIwQY
MBaAFM2oQ+gSsW3sYLtwmMpBMxF9uEdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQt
ODQyMWQ3ODFiMDNiLzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQtODQyMWQ3ODFiMDNi
LzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnTVXuDnq
cinEQwmOgcXW05FVWywbfOfU1w0ox0vDiB3vU0gpr2c98Q8s0SNjVVlFjxYZpF4T
bZ6tDdoGPTsRuiK62NUpEodkjL0TA63c0PJ1me08SXqpYngOGa6XEgLcaz/o3zyn
gzNULH67OsnNnXavtlgmRK28Hz8xBzc1YuEY3CzxnRuIDYIncnwYffznB+U6X9TL
wIySzPY+vF3FXi6593+IRO7JmsiftCkYmV4pAiGO58ndj7XTur+qZOlntnbVFb0L
f5Fq9+900oEiu6iyj1bS0umCZscRRqPycwaFOvOpjTPd5hpMkkTuGlHVFa/eyCyS
4XcZ+SujdWVRcQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:11:23 2025 by rpki-client