Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
File: ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft (raw, json)
Hash identifier: q31w6Hkd2asTgn/bevXG9MuAk9tOsqxFox6xivGWslo=
Subject key identifier: 98:65:44:DB:FC:84:74:B8:8A:DB:CD:4F:1E:03:99:C7:54:08:14:F5
Authority key identifier: 66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
Certificate issuer: /CN=66ba8d64e901b39b501ed3693ec27430713886e3
Certificate serial: 019A72CAAC500AF691F9985F7CACAE77E78F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
Manifest number: 108D
Signing time: Tue 11 Nov 2025 12:01:16 +0000
Manifest this update: Tue 11 Nov 2025 12:01:16 +0000
Manifest next update: Wed 12 Nov 2025 12:01:16 +0000
Files and hashes: 1: Fg0QsDS_oIn0AHFloFbOWLXLPYw.roa (hash: PCZ0sNE5BS8dEXbU+ksvDG3w1iOi7xIBrn9yDW7TZ/U=)
2: ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl (hash: t0uYL0pylCh0FX7JaJIh257lbhbngHWSnivy7o8zGEM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:ac:50:0a:f6:91:f9:98:5f:7c:ac:ae:77:e7:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ba8d64e901b39b501ed3693ec27430713886e3
Validity
Not Before: Nov 11 12:01:16 2025 GMT
Not After : Nov 12 12:01:16 2025 GMT
Subject: CN=986544dbfc8474b88adbcd4f1e0399c7540814f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:78:1c:60:3f:fa:95:1e:f2:bc:e3:c0:c2:71:
5f:62:4d:26:f1:9b:2e:45:27:ed:4f:10:3b:97:1a:
91:65:05:50:ef:3e:a8:2c:7c:e2:82:1a:24:63:b5:
11:82:be:32:e3:50:8b:9e:1b:c8:ae:0f:c3:61:55:
ab:0e:48:08:f2:66:67:ee:7c:71:57:9e:cf:c6:ec:
c7:8a:28:19:d9:61:5b:8d:85:b1:00:63:71:e7:99:
05:a4:26:f2:6a:f8:38:9a:c4:cf:95:2a:58:73:c6:
59:b6:f0:e6:e5:97:f3:9a:98:73:e0:22:a7:0d:c8:
69:28:7d:48:61:e9:56:b2:2d:83:ea:4a:d6:ad:e4:
83:69:20:71:74:8c:32:38:95:c3:1f:91:15:54:d7:
71:ba:77:ca:1a:8a:51:13:cd:41:8a:cf:72:d3:2d:
56:34:29:da:7c:5f:c3:65:6f:53:37:ad:a5:88:b0:
b9:7f:cf:96:0d:61:1f:35:36:ca:58:59:5f:d8:48:
9f:7f:5d:02:65:c3:a7:f8:db:43:57:91:1f:83:95:
04:69:f8:a2:d6:70:48:c1:4f:2e:8d:ba:d3:58:20:
6b:a9:ca:96:dd:58:54:71:40:19:73:46:de:63:07:
fd:51:e8:5b:a7:9f:9e:e1:b9:a8:3a:0b:0b:dc:d3:
55:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:65:44:DB:FC:84:74:B8:8A:DB:CD:4F:1E:03:99:C7:54:08:14:F5
X509v3 Authority Key Identifier:
keyid:66:BA:8D:64:E9:01:B3:9B:50:1E:D3:69:3E:C2:74:30:71:38:86:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/aa7e53-490f-4177-8b11-0b3e7ebe4ac2/1/ZrqNZOkBs5tQHtNpPsJ0MHE4huM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:0a:6f:20:dc:dc:12:cd:ce:e0:cd:45:e4:23:a5:7b:ba:80:
a9:97:48:5e:3d:93:77:b7:c4:3c:16:03:0d:36:96:89:76:43:
22:6d:93:f4:ed:73:93:72:90:da:c2:23:7f:4d:68:2f:b5:2b:
79:5b:79:21:6b:b8:d6:e9:c0:b1:e6:b3:4f:fc:2d:ac:76:71:
9f:eb:f6:4d:92:14:6d:cd:9a:b3:0b:41:a2:25:0a:28:a8:61:
32:3b:87:4c:7b:f8:3b:82:3c:15:3e:70:81:0b:42:2f:35:08:
90:02:fb:62:d7:bb:32:ae:40:60:98:1f:aa:12:89:af:0c:ab:
be:4e:6e:4c:d3:33:65:75:e0:55:04:8a:9b:7e:c8:3a:cc:e4:
0c:ca:f1:ce:ca:54:e4:61:9e:e0:38:0a:dc:db:ec:35:a5:89:
27:a8:12:5c:e7:c8:dc:73:04:9c:74:a7:84:27:03:98:33:85:
b9:2a:af:72:bf:ae:5d:cc:aa:82:d5:82:58:1e:12:98:c0:40:
72:45:10:b9:fe:1c:89:57:fa:bd:93:20:18:a7:97:93:b5:f4:
fc:b6:0d:ca:58:17:2e:75:cc:01:bb:a8:9e:c4:7c:57:fb:e3:
53:90:4f:9b:59:18:0b:aa:a3:9c:92:dd:a9:82:0d:93:fa:bd:
51:0e:77:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyqxQCvaR+ZhffKyud+ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2YmE4ZDY0ZTkwMWIzOWI1MDFlZDM2OTNlYzI3NDMwNzEz
ODg2ZTMwHhcNMjUxMTExMTIwMTE2WhcNMjUxMTEyMTIwMTE2WjAzMTEwLwYDVQQD
Eyg5ODY1NDRkYmZjODQ3NGI4OGFkYmNkNGYxZTAzOTljNzU0MDgxNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHgcYD/6lR7yvOPAwnFfYk0m8Zsu
RSftTxA7lxqRZQVQ7z6oLHzighokY7URgr4y41CLnhvIrg/DYVWrDkgI8mZn7nxx
V57PxuzHiigZ2WFbjYWxAGNx55kFpCbyavg4msTPlSpYc8ZZtvDm5Zfzmphz4CKn
DchpKH1IYelWsi2D6krWreSDaSBxdIwyOJXDH5EVVNdxunfKGopRE81Bis9y0y1W
NCnafF/DZW9TN62liLC5f8+WDWEfNTbKWFlf2Eiff10CZcOn+NtDV5Efg5UEafii
1nBIwU8ujbrTWCBrqcqW3VhUcUAZc0beYwf9Uehbp5+e4bmoOgsL3NNVDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhlRNv8hHS4itvNTx4DmcdUCBT1MB8GA1UdIwQY
MBaAFGa6jWTpAbObUB7TaT7CdDBxOIbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEt
MGIzZTdlYmU0YWMyLzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9hYTdlNTMtNDkwZi00MTc3LThiMTEtMGIzZTdlYmU0YWMy
LzEvWnJxTlpPa0JzNXRRSHROcFBzSjBNSEU0aHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAowpvINzc
Es3O4M1F5COle7qAqZdIXj2Td7fEPBYDDTaWiXZDIm2T9O1zk3KQ2sIjf01oL7Ur
eVt5IWu41unAseazT/wtrHZxn+v2TZIUbc2aswtBoiUKKKhhMjuHTHv4O4I8FT5w
gQtCLzUIkAL7Yte7Mq5AYJgfqhKJrwyrvk5uTNMzZXXgVQSKm37IOszkDMrxzspU
5GGe4DgK3NvsNaWJJ6gSXOfI3HMEnHSnhCcDmDOFuSqvcr+uXcyqgtWCWB4SmMBA
ckUQuf4ciVf6vZMgGKeXk7X0/LYNylgXLnXMAbuonsR8V/vjU5BPm1kYC6qjnJLd
qYINk/q9UQ53xA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:47:57 2025 by rpki-client