Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json)
Hash identifier: rPMQ5LjydRg3yWs13RG707+8PP3fGJK/KjHh2nZtOjw=
Subject key identifier: C4:5E:60:5B:6D:60:98:3B:88:F5:3F:AF:75:D0:A6:F7:CE:D3:7B:AA
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 0199240D387793CB5CFF2B263BCC7478A8A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
Manifest number: 0FC5
Signing time: Sun 07 Sep 2025 12:01:10 +0000
Manifest this update: Sun 07 Sep 2025 12:01:10 +0000
Manifest next update: Mon 08 Sep 2025 12:01:10 +0000
Files and hashes: 1: clDd21QzHwOlwdLoUbCFlA9N4Bc.roa (hash: b4fVPg9ViPXbDXBeIAFrk3g5qdFMK0V6puBPZsjXHfs=)
2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: bbFJgexNR5ZxkffqmWHCUwf/YL1i/Og5ooOCIirur4M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:24:0d:38:77:93:cb:5c:ff:2b:26:3b:cc:74:78:a8:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Sep 7 12:01:10 2025 GMT
Not After : Sep 8 12:01:10 2025 GMT
Subject: CN=c45e605b6d60983b88f53faf75d0a6f7ced37baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:ae:3b:e6:97:b8:cf:cc:83:59:ee:4d:42:87:
c0:51:13:c4:87:97:a5:a7:84:b6:0f:37:88:14:42:
39:b1:46:5f:9b:79:95:50:db:48:43:e5:49:82:f7:
33:98:b1:56:f9:b2:a0:a5:df:18:29:45:aa:aa:b3:
e1:ad:31:fc:2a:7d:98:61:5b:5d:4a:d7:0f:27:60:
2d:74:58:6c:72:4d:3a:54:9c:b7:ae:af:7f:55:48:
39:66:84:7e:e5:40:ad:7b:52:4b:7d:92:39:94:44:
64:b2:c5:fd:9b:7d:fc:35:3e:53:2a:98:80:86:e2:
66:aa:01:9f:c2:05:d4:ea:5b:a8:11:dd:b8:2b:60:
05:17:8d:97:c8:7d:83:f5:6c:65:87:73:2a:3b:19:
cb:95:88:63:82:19:1f:cb:4d:b3:1d:ed:d5:ab:a3:
86:16:53:63:e8:a1:85:20:e2:53:b7:ad:73:84:51:
e2:3c:96:30:1e:d2:af:56:79:89:31:86:8a:e6:c3:
6b:07:97:91:1b:31:3c:e4:21:aa:19:da:d9:6e:50:
03:50:be:01:45:a8:06:02:e2:0f:53:a7:63:de:da:
44:f3:a0:0c:31:6d:9c:9b:cc:c8:10:9e:9d:78:64:
97:03:e2:9f:80:66:99:7a:b0:29:ab:6f:f0:dd:17:
55:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5E:60:5B:6D:60:98:3B:88:F5:3F:AF:75:D0:A6:F7:CE:D3:7B:AA
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:fe:aa:05:de:82:e3:1f:70:26:91:6f:0a:c6:44:4f:b3:60:
6e:9f:99:95:14:67:14:52:52:94:79:3e:5b:09:0b:b8:7c:c6:
39:68:15:70:8f:db:71:b9:56:30:b2:d5:50:3e:3b:92:2d:e3:
41:84:5c:e7:32:43:f7:64:ff:64:6f:84:fc:90:8f:e8:e6:a7:
2d:2d:64:de:6f:19:9c:46:d7:b4:c3:0e:af:97:b9:ff:6c:a9:
20:31:14:52:94:b3:5f:1d:a8:ea:35:50:8b:37:44:72:e1:08:
3a:6a:96:b4:9b:11:58:11:1f:32:41:12:dc:1d:c0:4a:63:f5:
b0:8c:ed:76:c6:21:cb:0b:72:2c:a6:8f:b1:b7:ea:e5:ba:a8:
0f:5e:91:7b:d1:f6:e4:09:4d:a4:6d:fa:38:f2:e7:52:7e:59:
05:51:73:1e:fd:82:37:3e:52:e1:2e:03:a2:0f:dd:bb:6a:d7:
0c:73:ba:9e:03:cb:3a:42:66:be:59:7a:a9:4e:f0:86:34:70:
aa:de:f6:a9:57:cc:b9:6d:bd:be:55:97:2f:f9:82:76:da:4a:
35:66:ca:d1:58:fa:7b:f5:32:38:25:42:9b:9d:dd:93:71:4b:
c0:14:d7:a5:ad:5e:9b:66:5f:3d:e3:61:7c:2c:5f:6e:93:16:
b7:cb:41:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkkDTh3k8tc/ysmO8x0eKijMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjUwOTA3MTIwMTEwWhcNMjUwOTA4MTIwMTEwWjAzMTEwLwYDVQQD
EyhjNDVlNjA1YjZkNjA5ODNiODhmNTNmYWY3NWQwYTZmN2NlZDM3YmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwa475pe4z8yDWe5NQofAURPEh5el
p4S2DzeIFEI5sUZfm3mVUNtIQ+VJgvczmLFW+bKgpd8YKUWqqrPhrTH8Kn2YYVtd
StcPJ2AtdFhsck06VJy3rq9/VUg5ZoR+5UCte1JLfZI5lERkssX9m338NT5TKpiA
huJmqgGfwgXU6luoEd24K2AFF42XyH2D9Wxlh3MqOxnLlYhjghkfy02zHe3Vq6OG
FlNj6KGFIOJTt61zhFHiPJYwHtKvVnmJMYaK5sNrB5eRGzE85CGqGdrZblADUL4B
RagGAuIPU6dj3tpE86AMMW2cm8zIEJ6deGSXA+KfgGaZerApq2/w3RdVrwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMReYFttYJg7iPU/r3XQpvfO03uqMB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlv6qBd6C
4x9wJpFvCsZET7Ngbp+ZlRRnFFJSlHk+WwkLuHzGOWgVcI/bcblWMLLVUD47ki3j
QYRc5zJD92T/ZG+E/JCP6OanLS1k3m8ZnEbXtMMOr5e5/2ypIDEUUpSzXx2o6jVQ
izdEcuEIOmqWtJsRWBEfMkES3B3ASmP1sIztdsYhywtyLKaPsbfq5bqoD16Re9H2
5AlNpG36OPLnUn5ZBVFzHv2CNz5S4S4Dog/du2rXDHO6ngPLOkJmvll6qU7whjRw
qt72qVfMuW29vlWXL/mCdtpKNWbK0Vj6e/UyOCVCm53dk3FLwBTXpa1em2ZfPeNh
fCxfbpMWt8tBQw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:49:18 2025 by rpki-client