Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
File: zahD6BKxbexgu3CYykEzEX24R00.mft (raw, json)
Hash identifier: Mswg4zhHNPiLnUC8J5vAcEs76KFAio/QLYAdsKU4NZc=
Subject key identifier: D8:8B:94:11:66:3D:0C:E7:62:3F:CB:57:12:25:3E:69:75:B9:DC:C0
Authority key identifier: CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
Certificate issuer: /CN=cda843e812b16dec60bb7098ca4133117db8474d
Certificate serial: 019922C3A10CC74FD8C5FBFE39E2FE90F01F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
Manifest number: 1672
Signing time: Sun 07 Sep 2025 06:01:10 +0000
Manifest this update: Sun 07 Sep 2025 06:01:10 +0000
Manifest next update: Mon 08 Sep 2025 06:01:10 +0000
Files and hashes: 1: VJUoXBS9iPEfhSdXRvzqWIAuTX8.roa (hash: Nan6DQGHyzFA7VJDUyPb17ZowHybZxaUB4pA1mJmnaY=)
2: zahD6BKxbexgu3CYykEzEX24R00.crl (hash: Qp9oLqsVrdndPowzOr5fOb0q6iBygF9AIE6AtTTvoL8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:a1:0c:c7:4f:d8:c5:fb:fe:39:e2:fe:90:f0:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cda843e812b16dec60bb7098ca4133117db8474d
Validity
Not Before: Sep 7 06:01:10 2025 GMT
Not After : Sep 8 06:01:10 2025 GMT
Subject: CN=d88b9411663d0ce7623fcb5712253e6975b9dcc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9d:de:73:2f:0f:1c:27:e9:0d:8c:02:8d:29:
db:f7:c8:55:0b:89:79:80:af:77:80:32:da:c5:8c:
87:8c:1b:af:e7:7e:37:43:dd:e1:fe:b2:4a:79:1a:
0b:a8:63:38:58:39:5f:19:27:e1:0d:8a:05:56:0b:
4a:b8:b0:15:75:7f:55:11:ae:0d:6e:8d:d5:30:35:
a9:fc:6d:d8:8c:29:c4:b5:a9:50:41:9d:33:f0:e4:
b7:d4:38:2d:45:51:cb:a2:cd:ae:02:23:a6:4b:f9:
f9:80:25:69:c6:b3:ec:05:ef:e8:43:09:07:bf:da:
11:fb:52:34:b4:45:e4:6a:89:da:42:72:65:a6:da:
8a:46:72:29:60:bc:b0:67:dc:1f:2c:c2:b8:14:e7:
89:b1:cd:d2:2c:aa:df:14:b8:12:7d:ea:da:68:e8:
63:e0:f6:7f:e6:de:e0:c3:75:d0:ca:a0:91:ac:7f:
7e:32:a8:3c:ce:64:27:b3:e4:23:92:e4:ce:e2:dc:
11:59:4c:db:c0:51:b9:fa:0c:56:d9:d2:2e:35:2a:
1d:8d:65:98:32:c4:83:17:cf:82:51:83:3b:57:d8:
e2:1a:66:14:47:1c:0e:64:17:8a:8c:71:ca:cd:49:
99:64:48:91:60:b0:50:2f:ea:52:47:1b:20:1e:f2:
7f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:8B:94:11:66:3D:0C:E7:62:3F:CB:57:12:25:3E:69:75:B9:DC:C0
X509v3 Authority Key Identifier:
keyid:CD:A8:43:E8:12:B1:6D:EC:60:BB:70:98:CA:41:33:11:7D:B8:47:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zahD6BKxbexgu3CYykEzEX24R00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/8eb32d-f7e3-4a9c-aaa4-8421d781b03b/1/zahD6BKxbexgu3CYykEzEX24R00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
01:15:9c:cc:33:58:f6:e6:dc:d2:89:2a:67:dd:01:73:70:4b:
44:8f:d3:bb:b2:f3:dd:f5:ee:c2:c3:7b:2d:88:bd:bb:3b:ae:
73:08:48:20:68:d7:2c:bb:13:2f:99:3c:d7:ec:7d:09:27:8c:
d9:c6:fd:55:0f:5f:60:a3:93:18:23:84:1d:ae:a9:39:05:9f:
18:cb:66:40:2a:a7:a0:9b:48:c5:d9:29:15:b0:60:08:7d:5c:
89:44:84:fd:f6:8e:46:e9:5a:38:80:d0:84:8b:1b:03:4a:b3:
f6:66:37:dd:28:81:67:bd:e2:ce:ca:bc:94:8f:78:1d:36:1e:
37:39:8e:07:54:7f:fe:84:d4:56:d4:46:3f:d2:d6:84:17:b6:
1b:f6:94:29:dd:8f:dc:a2:27:7a:ec:11:69:97:7c:1f:94:0f:
23:f8:6e:d8:2f:c6:54:36:35:43:e5:f8:83:25:8c:3a:ab:42:
19:92:1a:e1:07:7c:9e:8d:2c:84:84:69:4d:5d:3c:0f:69:88:
80:9c:dd:6d:d5:1f:4c:e1:f4:a1:45:12:ce:2e:98:d0:e8:4e:
17:9c:c8:ff:45:7a:62:7c:b6:0e:3c:19:7d:06:fd:f8:48:14:
30:12:03:63:a9:7a:38:d6:25:e8:3a:5f:c9:b0:8b:bc:f6:e1:
81:89:eb:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiw6EMx0/Yxfv+OeL+kPAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYTg0M2U4MTJiMTZkZWM2MGJiNzA5OGNhNDEzMzExN2Ri
ODQ3NGQwHhcNMjUwOTA3MDYwMTEwWhcNMjUwOTA4MDYwMTEwWjAzMTEwLwYDVQQD
EyhkODhiOTQxMTY2M2QwY2U3NjIzZmNiNTcxMjI1M2U2OTc1YjlkY2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp3ecy8PHCfpDYwCjSnb98hVC4l5
gK93gDLaxYyHjBuv5343Q93h/rJKeRoLqGM4WDlfGSfhDYoFVgtKuLAVdX9VEa4N
bo3VMDWp/G3YjCnEtalQQZ0z8OS31DgtRVHLos2uAiOmS/n5gCVpxrPsBe/oQwkH
v9oR+1I0tEXkaonaQnJlptqKRnIpYLywZ9wfLMK4FOeJsc3SLKrfFLgSferaaOhj
4PZ/5t7gw3XQyqCRrH9+Mqg8zmQns+QjkuTO4twRWUzbwFG5+gxW2dIuNSodjWWY
MsSDF8+CUYM7V9jiGmYURxwOZBeKjHHKzUmZZEiRYLBQL+pSRxsgHvJ/oQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNiLlBFmPQznYj/LVxIlPml1udzAMB8GA1UdIwQY
MBaAFM2oQ+gSsW3sYLtwmMpBMxF9uEdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQt
ODQyMWQ3ODFiMDNiLzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC84ZWIzMmQtZjdlMy00YTljLWFhYTQtODQyMWQ3ODFiMDNi
LzEvemFoRDZCS3hiZXhndTNDWXlrRXpFWDI0UjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARWczDNY
9ubc0okqZ90Bc3BLRI/Tu7Lz3fXuwsN7LYi9uzuucwhIIGjXLLsTL5k81+x9CSeM
2cb9VQ9fYKOTGCOEHa6pOQWfGMtmQCqnoJtIxdkpFbBgCH1ciUSE/faORulaOIDQ
hIsbA0qz9mY33SiBZ73izsq8lI94HTYeNzmOB1R//oTUVtRGP9LWhBe2G/aUKd2P
3KIneuwRaZd8H5QPI/hu2C/GVDY1Q+X4gyWMOqtCGZIa4Qd8no0shIRpTV08D2mI
gJzdbdUfTOH0oUUSzi6Y0OhOF5zI/0V6Yny2DjwZfQb9+EgUMBIDY6l6ONYl6Dpf
ybCLvPbhgYnrTQ==
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:25:22 2025 by rpki-client