Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
File: ZCOaUQhPGytcaEZDysFGIXx5-NE.mft (raw, json)
Hash identifier: +1T2ip0VWHXcIfUDtDpt/nWaEba1jQWBjh1UwVlHhbY=
Subject key identifier: AF:1C:81:42:B5:2E:E5:DA:43:2D:CB:E6:93:F8:C6:33:A9:A1:8F:7E
Authority key identifier: 64:23:9A:51:08:4F:1B:2B:5C:68:46:43:CA:C1:46:21:7C:79:F8:D1
Certificate issuer: /CN=64239a51084f1b2b5c684643cac146217c79f8d1
Certificate serial: 019A7225C813F41783C91B2653100E8DD544
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
Manifest number: 0A5A
Signing time: Tue 11 Nov 2025 09:01:09 +0000
Manifest this update: Tue 11 Nov 2025 09:01:09 +0000
Manifest next update: Wed 12 Nov 2025 09:01:09 +0000
Files and hashes: 1: 1WnsILYxjGfpft24w4cU0Z9HVy0.roa (hash: mXH7nwV2vIU6tKBb8bErNfD249HtR3Br3nGu9VJRl4A=)
2: ZCOaUQhPGytcaEZDysFGIXx5-NE.crl (hash: JNmRIrIa/aBxg4kh9QgJ5m6iJa2BgX3J40+KjzIzQec=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:c8:13:f4:17:83:c9:1b:26:53:10:0e:8d:d5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64239a51084f1b2b5c684643cac146217c79f8d1
Validity
Not Before: Nov 11 09:01:09 2025 GMT
Not After : Nov 12 09:01:09 2025 GMT
Subject: CN=af1c8142b52ee5da432dcbe693f8c633a9a18f7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:c0:6e:25:99:fa:31:95:c8:87:67:e8:85:45:
73:b0:f8:5e:95:ce:6b:1a:f4:8b:e8:71:41:d1:d7:
3e:60:b8:0c:b6:12:35:c4:e1:62:f1:52:f9:30:ee:
a5:a0:5c:a9:a3:02:b2:00:a4:38:d7:ad:12:2b:6f:
37:2a:b1:fb:c9:bc:0a:92:35:92:35:02:37:63:18:
80:6a:f8:9e:ee:29:06:0f:fb:0f:df:1b:00:a5:19:
dd:7c:af:23:6a:e6:84:da:3d:a2:b0:26:57:8b:3d:
75:2b:18:24:ab:fb:dc:41:c4:e2:79:e7:80:cf:f8:
44:90:c2:65:10:4b:08:28:e4:f8:d5:b5:ea:96:f0:
a2:4d:97:ea:3e:da:9a:83:01:7f:bc:11:19:95:43:
99:95:4b:c9:84:cc:4a:bf:85:db:0a:15:de:13:bc:
7a:ed:33:af:43:6a:06:b8:81:1a:76:40:65:e8:b4:
d2:f5:ea:cb:1d:c1:ad:10:5c:10:c4:37:41:51:05:
e8:51:c8:ab:f8:6a:e0:72:b1:b7:5e:20:b4:87:1c:
56:ac:23:31:59:37:f8:cb:69:86:76:ae:1b:b5:8a:
2b:b7:80:dd:bc:71:fd:d6:6e:af:be:a9:a9:70:6e:
7b:6a:53:98:b7:5e:5b:92:65:17:7a:d1:b1:2c:53:
90:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:1C:81:42:B5:2E:E5:DA:43:2D:CB:E6:93:F8:C6:33:A9:A1:8F:7E
X509v3 Authority Key Identifier:
keyid:64:23:9A:51:08:4F:1B:2B:5C:68:46:43:CA:C1:46:21:7C:79:F8:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZCOaUQhPGytcaEZDysFGIXx5-NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/31dc10-5663-4555-a806-4e9305caf1a3/1/ZCOaUQhPGytcaEZDysFGIXx5-NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:1b:92:96:c4:ac:d7:a3:dd:e9:b1:31:0c:17:c2:bb:f3:77:
f0:bf:58:0f:b1:60:5b:25:27:b3:a6:03:6e:78:65:3f:3f:c0:
41:3e:0d:51:72:5e:c6:ec:6f:f9:04:5f:c7:0b:37:1a:9b:ad:
34:c2:ff:aa:08:7c:95:6e:e1:cd:4f:92:9b:e0:50:0e:2e:dd:
8b:0e:34:35:86:07:eb:8f:c2:f4:a0:f5:5b:a5:7b:df:2e:89:
21:b4:b4:15:95:6a:c9:78:d4:1c:8c:99:9e:a6:80:b4:47:4d:
f9:ca:20:f6:56:19:18:ca:8b:91:7d:af:c8:b2:62:10:9b:a1:
7a:3b:5a:f4:a6:0b:26:c1:e8:6a:42:9c:76:11:cd:8e:16:dd:
e0:02:2f:0c:1a:8e:84:92:44:59:c9:cd:09:57:11:8a:93:de:
25:92:30:18:27:1d:a8:6d:3f:e0:30:95:1f:b3:0a:34:7a:e3:
6b:9c:83:47:3a:92:60:5c:df:92:12:09:61:16:9f:10:f0:59:
bf:6f:d4:c0:07:13:55:7e:db:a7:b0:99:97:ae:d4:63:43:56:
f5:c9:e3:ce:61:a9:2e:ce:df:a1:a2:30:56:f9:02:39:c9:e9:
15:db:e9:2e:e7:c4:55:60:57:c3:01:1e:3a:1c:04:52:92:a4:
0c:a2:b4:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJcgT9BeDyRsmUxAOjdVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MjM5YTUxMDg0ZjFiMmI1YzY4NDY0M2NhYzE0NjIxN2M3
OWY4ZDEwHhcNMjUxMTExMDkwMTA5WhcNMjUxMTEyMDkwMTA5WjAzMTEwLwYDVQQD
EyhhZjFjODE0MmI1MmVlNWRhNDMyZGNiZTY5M2Y4YzYzM2E5YTE4ZjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucBuJZn6MZXIh2fohUVzsPhelc5r
GvSL6HFB0dc+YLgMthI1xOFi8VL5MO6loFypowKyAKQ4160SK283KrH7ybwKkjWS
NQI3YxiAavie7ikGD/sP3xsApRndfK8jauaE2j2isCZXiz11Kxgkq/vcQcTieeeA
z/hEkMJlEEsIKOT41bXqlvCiTZfqPtqagwF/vBEZlUOZlUvJhMxKv4XbChXeE7x6
7TOvQ2oGuIEadkBl6LTS9erLHcGtEFwQxDdBUQXoUcir+GrgcrG3XiC0hxxWrCMx
WTf4y2mGdq4btYort4DdvHH91m6vvqmpcG57alOYt15bkmUXetGxLFOQbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK8cgUK1LuXaQy3L5pP4xjOpoY9+MB8GA1UdIwQY
MBaAFGQjmlEITxsrXGhGQ8rBRiF8efjRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8zMWRjMTAtNTY2My00NTU1LWE4MDYt
NGU5MzA1Y2FmMWEzLzEvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8zMWRjMTAtNTY2My00NTU1LWE4MDYtNGU5MzA1Y2FmMWEz
LzEvWkNPYVVRaFBHeXRjYUVaRHlzRkdJWHg1LU5FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMxuSlsSs
16Pd6bExDBfCu/N38L9YD7FgWyUns6YDbnhlPz/AQT4NUXJexuxv+QRfxws3Gput
NML/qgh8lW7hzU+Sm+BQDi7diw40NYYH64/C9KD1W6V73y6JIbS0FZVqyXjUHIyZ
nqaAtEdN+cog9lYZGMqLkX2vyLJiEJuhejta9KYLJsHoakKcdhHNjhbd4AIvDBqO
hJJEWcnNCVcRipPeJZIwGCcdqG0/4DCVH7MKNHrja5yDRzqSYFzfkhIJYRafEPBZ
v2/UwAcTVX7bp7CZl67UY0NW9cnjzmGpLs7foaIwVvkCOcnpFdvpLufEVWBXwwEe
OhwEUpKkDKK08Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:52 2025 by rpki-client