Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.mft
File: zk3a_Cz1ZY0C5WgowskTU1Ke3o4.mft (raw, json)
Hash identifier: xeLd/rcI3DxVJPC2SsvngexaPS1oj2jKd0cLNKdLgc8=
Subject key identifier: 54:1E:F3:38:59:13:83:85:44:57:01:33:76:A7:A6:31:29:21:A9:16
Authority key identifier: CE:4D:DA:FC:2C:F5:65:8D:02:E5:68:28:C2:C9:13:53:52:9E:DE:8E
Certificate issuer: /CN=ce4ddafc2cf5658d02e56828c2c91353529ede8e
Certificate serial: 019A73388674A53756A9D3A16F137EAA7481
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.mft
Manifest number: 04E0
Signing time: Tue 11 Nov 2025 14:01:15 +0000
Manifest this update: Tue 11 Nov 2025 14:01:15 +0000
Manifest next update: Wed 12 Nov 2025 14:01:15 +0000
Files and hashes: 1: Kj9VfdUCgMk4aGgFNgZJ64WvAz4.roa (hash: B1YIPHashB6NFlEh7qNPbd/2OLMoFdhR39F9O5/IGts=)
2: zk3a_Cz1ZY0C5WgowskTU1Ke3o4.crl (hash: mMLceMRbUAKb4zhKCeLtxjwMd72E76NejCKIdTSUeuc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:86:74:a5:37:56:a9:d3:a1:6f:13:7e:aa:74:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce4ddafc2cf5658d02e56828c2c91353529ede8e
Validity
Not Before: Nov 11 14:01:15 2025 GMT
Not After : Nov 12 14:01:15 2025 GMT
Subject: CN=541ef338591383854457013376a7a6312921a916
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d7:c4:a1:e4:23:2e:39:57:0d:9b:13:c1:20:
6d:6d:73:29:f7:5d:8f:77:80:b0:c4:a5:62:7b:fc:
f4:d0:35:fd:75:b0:53:49:0a:2c:df:96:78:c3:6f:
72:27:70:32:29:6a:7b:a5:bd:1d:cc:03:57:9f:5f:
11:e2:65:69:29:25:51:38:d1:ef:99:a9:68:37:fa:
5e:f4:64:e1:fd:10:0e:60:01:a4:53:b5:67:6d:67:
2f:15:9a:c5:dc:b1:07:4a:2e:7a:58:16:81:e9:53:
0f:ed:50:be:bc:fa:9c:46:31:1b:62:fe:a5:5a:00:
b1:0b:a8:70:6e:91:ed:7f:4d:30:53:f7:cb:67:d7:
f5:49:67:4b:5f:84:14:e9:71:d8:38:65:30:6b:60:
8f:42:48:e8:c9:0d:d1:7b:f2:d0:f8:75:90:90:99:
16:2b:96:52:06:41:f1:68:8e:08:e5:bb:2c:8d:51:
93:c5:9b:5f:d8:0e:f8:80:28:72:75:c4:bb:b5:83:
05:a1:79:04:21:7c:96:d6:ca:64:38:98:64:10:7c:
fb:22:12:08:d5:bd:5c:34:d7:61:43:3c:67:f3:03:
ee:e1:89:89:75:fc:12:3c:f9:27:1f:ec:a5:87:ff:
54:05:f0:30:97:ca:27:28:f6:0b:96:3a:53:89:74:
38:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:1E:F3:38:59:13:83:85:44:57:01:33:76:A7:A6:31:29:21:A9:16
X509v3 Authority Key Identifier:
keyid:CE:4D:DA:FC:2C:F5:65:8D:02:E5:68:28:C2:C9:13:53:52:9E:DE:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2397fb-0dd0-41c3-bc6e-ba87439b7da9/1/zk3a_Cz1ZY0C5WgowskTU1Ke3o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
77:01:00:d4:e3:9a:1b:55:a1:a9:57:a0:a4:87:56:74:38:a0:
92:b5:e0:15:c9:9c:e0:b2:dd:68:05:f2:d1:e5:4b:c2:41:cb:
cd:c5:aa:68:82:0c:b3:16:44:1e:d1:36:d4:75:f3:1e:ed:d0:
e4:d6:45:87:e7:6f:db:19:83:92:c7:84:35:4c:97:62:ad:55:
84:f7:5f:ef:34:33:8a:37:1d:fb:8f:76:0f:df:4a:0c:7c:7d:
8a:48:c7:4b:ea:92:84:3f:f9:46:18:6b:9c:47:85:f3:91:57:
c2:d4:69:4b:7e:c8:11:57:6c:f5:c7:00:a3:95:66:a7:8b:38:
20:63:7b:7d:3d:fc:de:74:77:a6:83:1f:25:77:8f:48:9d:c8:
c8:06:d6:e9:bf:12:e7:5d:2c:f4:af:16:24:6e:f6:51:08:ab:
09:65:48:c1:b1:52:ba:3e:a0:15:2d:0b:86:d6:45:61:fb:25:
11:67:65:a4:4f:03:3d:14:93:14:74:d3:46:c0:98:6b:ee:f9:
2a:08:2e:9f:8c:22:b2:2e:4a:27:5e:ab:0a:d7:39:2c:54:f0:
f9:07:4e:c3:0a:b5:40:a8:6f:88:50:0b:1e:3f:23:2b:51:b3:
e1:69:6b:31:50:f3:92:16:02:7c:9b:41:8c:fa:ed:cc:25:fa:
d9:ad:23:41
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOIZ0pTdWqdOhbxN+qnSBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGRkYWZjMmNmNTY1OGQwMmU1NjgyOGMyYzkxMzUzNTI5
ZWRlOGUwHhcNMjUxMTExMTQwMTE1WhcNMjUxMTEyMTQwMTE1WjAzMTEwLwYDVQQD
Eyg1NDFlZjMzODU5MTM4Mzg1NDQ1NzAxMzM3NmE3YTYzMTI5MjFhOTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dfEoeQjLjlXDZsTwSBtbXMp912P
d4CwxKVie/z00DX9dbBTSQos35Z4w29yJ3AyKWp7pb0dzANXn18R4mVpKSVRONHv
maloN/pe9GTh/RAOYAGkU7VnbWcvFZrF3LEHSi56WBaB6VMP7VC+vPqcRjEbYv6l
WgCxC6hwbpHtf00wU/fLZ9f1SWdLX4QU6XHYOGUwa2CPQkjoyQ3Re/LQ+HWQkJkW
K5ZSBkHxaI4I5bssjVGTxZtf2A74gChydcS7tYMFoXkEIXyW1spkOJhkEHz7IhII
1b1cNNdhQzxn8wPu4YmJdfwSPPknH+ylh/9UBfAwl8onKPYLljpTiXQ4ZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFQe8zhZE4OFRFcBM3anpjEpIakWMB8GA1UdIwQY
MBaAFM5N2vws9WWNAuVoKMLJE1NSnt6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemszYV9DejFaWTBDNVdnb3dza1RVMUtlM280LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yMzk3ZmItMGRkMC00MWMzLWJjNmUt
YmE4NzQzOWI3ZGE5LzEvemszYV9DejFaWTBDNVdnb3dza1RVMUtlM280Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yMzk3ZmItMGRkMC00MWMzLWJjNmUtYmE4NzQzOWI3ZGE5
LzEvemszYV9DejFaWTBDNVdnb3dza1RVMUtlM280LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdwEA1OOa
G1WhqVegpIdWdDigkrXgFcmc4LLdaAXy0eVLwkHLzcWqaIIMsxZEHtE21HXzHu3Q
5NZFh+dv2xmDkseENUyXYq1VhPdf7zQzijcd+492D99KDHx9ikjHS+qShD/5Rhhr
nEeF85FXwtRpS37IEVds9ccAo5Vmp4s4IGN7fT383nR3poMfJXePSJ3IyAbW6b8S
510s9K8WJG72UQirCWVIwbFSuj6gFS0LhtZFYfslEWdlpE8DPRSTFHTTRsCYa+75
Kggun4wisi5KJ16rCtc5LFTw+QdOwwq1QKhviFALHj8jK1Gz4WlrMVDzkhYCfJtB
jPrtzCX62a0jQQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:43:05 2025 by rpki-client