Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
File: zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft (raw, json)
Hash identifier: 6gUINkA2ow76HK4YvIn+/Vf31ljgIvMrEA3Pqi7U+K0=
Subject key identifier: 25:F1:6B:23:D4:2F:16:45:AA:78:E9:00:CD:22:31:4D:1F:24:45:15
Authority key identifier: CC:8D:F8:80:54:06:0D:F6:85:BB:A9:73:91:23:E8:34:2D:47:9E:84
Certificate issuer: /CN=cc8df88054060df685bba9739123e8342d479e84
Certificate serial: 019930B579644B5ACBB5CBBF4CF345069186
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
Manifest number: 1612
Signing time: Tue 09 Sep 2025 23:00:23 +0000
Manifest this update: Tue 09 Sep 2025 23:00:23 +0000
Manifest next update: Wed 10 Sep 2025 23:00:23 +0000
Files and hashes: 1: Kyq8dvDQCWTM4SDI01T-WEma_xs.roa (hash: csmuD1qBTRKUBvLNGvxDwNNOARNFB8rqYka6vl5ZQvQ=)
2: zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl (hash: mPx5v95fn6mnQgShtt1qptv4L4HLn4twK3Ezgq2dtSQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:30:b5:79:64:4b:5a:cb:b5:cb:bf:4c:f3:45:06:91:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc8df88054060df685bba9739123e8342d479e84
Validity
Not Before: Sep 9 23:00:23 2025 GMT
Not After : Sep 10 23:00:23 2025 GMT
Subject: CN=25f16b23d42f1645aa78e900cd22314d1f244515
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:94:34:d0:d6:60:3d:56:e6:a5:6f:ac:d0:
62:a4:66:11:3b:f8:c1:ad:d3:1b:c1:1b:ec:a2:27:
e1:cf:2a:8c:df:67:f7:cb:04:b6:47:a7:f1:7f:aa:
f6:02:8f:9f:1f:64:de:15:e7:55:a6:0b:89:24:b3:
e0:aa:ce:ad:1d:b6:e3:ba:58:3f:14:5a:72:bf:11:
03:a8:10:c6:7a:8a:25:4d:7d:ba:df:36:e0:d3:30:
5a:09:6d:d8:d3:aa:c9:d5:0f:eb:3a:ee:8d:d4:93:
b5:87:39:3e:a0:66:b7:43:c1:4f:32:d3:53:76:0d:
23:13:98:df:84:e7:23:b4:a0:03:b7:3a:ea:6a:be:
3f:94:27:c2:90:42:c5:dc:24:8c:49:61:a9:99:71:
d2:f8:69:2d:b0:9e:7c:59:b8:3b:57:4d:1b:95:6e:
b4:bc:72:e9:8c:2c:b0:6c:bd:50:6a:66:b3:66:49:
63:e1:62:dc:72:65:dc:3a:87:5e:0c:f5:5c:2d:9e:
d7:76:49:5c:90:dc:43:3c:e0:35:f8:a3:73:9a:eb:
b2:85:e0:93:87:67:2b:ef:e1:60:cb:8c:63:bf:49:
f3:39:cc:6f:fd:6f:fa:7a:63:39:0a:75:67:34:36:
31:ee:d1:4e:bb:b9:75:d1:9b:a8:27:d7:28:6d:f6:
c6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F1:6B:23:D4:2F:16:45:AA:78:E9:00:CD:22:31:4D:1F:24:45:15
X509v3 Authority Key Identifier:
keyid:CC:8D:F8:80:54:06:0D:F6:85:BB:A9:73:91:23:E8:34:2D:47:9E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:3b:05:45:2a:03:61:78:54:18:01:ba:4a:2a:98:45:15:63:
c8:59:6c:0d:89:06:16:1b:b1:fe:dd:ff:4e:81:62:fb:18:1f:
e4:68:91:97:64:20:56:fa:49:5a:7c:c3:ec:61:00:2b:d6:a7:
8a:16:2d:25:0d:ed:62:3d:55:ba:97:9d:2c:76:bc:5f:b0:ba:
d6:54:86:34:1f:f7:b4:d7:a1:ef:2a:e4:97:2e:b1:a7:1a:d8:
79:37:6d:b7:ba:a3:f7:c9:78:aa:fb:f2:01:77:2e:01:6c:1c:
ba:43:51:ef:50:82:cc:aa:6b:dd:f3:5d:bc:c9:2c:4d:dd:2e:
7e:0f:fe:d2:44:b7:22:14:d0:fa:1e:88:d2:d3:e6:97:da:63:
ff:e0:06:93:ab:35:0c:06:fb:17:c9:8c:b5:58:b5:37:14:69:
07:6d:9d:ab:65:30:df:98:e9:73:2e:c7:ab:e9:a4:ee:c2:94:
a2:a5:24:7e:2c:99:4c:51:99:46:0b:fe:b0:6f:ad:a8:cb:df:
62:a3:18:10:cb:c0:f4:ed:1e:a8:cb:b0:7a:22:2c:82:f8:e9:
e1:ba:be:5a:ee:38:9c:e4:61:37:c4:9c:e4:8a:51:db:c2:d9:
1a:47:b5:b8:9f:f9:6d:b3:17:ee:cb:8e:3b:9e:b0:ed:ac:29:
b2:16:78:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkwtXlkS1rLtcu/TPNFBpGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOGRmODgwNTQwNjBkZjY4NWJiYTk3MzkxMjNlODM0MmQ0
NzllODQwHhcNMjUwOTA5MjMwMDIzWhcNMjUwOTEwMjMwMDIzWjAzMTEwLwYDVQQD
EygyNWYxNmIyM2Q0MmYxNjQ1YWE3OGU5MDBjZDIyMzE0ZDFmMjQ0NTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP6UNNDWYD1W5qVvrNBipGYRO/jB
rdMbwRvsoifhzyqM32f3ywS2R6fxf6r2Ao+fH2TeFedVpguJJLPgqs6tHbbjulg/
FFpyvxEDqBDGeoolTX263zbg0zBaCW3Y06rJ1Q/rOu6N1JO1hzk+oGa3Q8FPMtNT
dg0jE5jfhOcjtKADtzrqar4/lCfCkELF3CSMSWGpmXHS+GktsJ58Wbg7V00blW60
vHLpjCywbL1QamazZklj4WLccmXcOodeDPVcLZ7XdklckNxDPOA1+KNzmuuyheCT
h2cr7+Fgy4xjv0nzOcxv/W/6emM5CnVnNDYx7tFOu7l10ZuoJ9cobfbGwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXxayPULxZFqnjpAM0iMU0fJEUVMB8GA1UdIwQY
MBaAFMyN+IBUBg32hbupc5Ej6DQtR56EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kYjhkMzgtMDc3Zi00ZDc3LTkzODMt
ZGM3ODFjYzJhMjU4LzEvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kYjhkMzgtMDc3Zi00ZDc3LTkzODMtZGM3ODFjYzJhMjU4
LzEvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAITsFRSoD
YXhUGAG6SiqYRRVjyFlsDYkGFhux/t3/ToFi+xgf5GiRl2QgVvpJWnzD7GEAK9an
ihYtJQ3tYj1VupedLHa8X7C61lSGNB/3tNeh7yrkly6xpxrYeTdtt7qj98l4qvvy
AXcuAWwcukNR71CCzKpr3fNdvMksTd0ufg/+0kS3IhTQ+h6I0tPml9pj/+AGk6s1
DAb7F8mMtVi1NxRpB22dq2Uw35jpcy7Hq+mk7sKUoqUkfiyZTFGZRgv+sG+tqMvf
YqMYEMvA9O0eqMuweiIsgvjp4bq+Wu44nORhN8Sc5IpR28LZGke1uJ/5bbMX7suO
O56w7awpshZ4Dw==
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:31:52 2025 by rpki-client