Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
File: ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft (raw, json)
Hash identifier: jkYpO1ytj8gBFA26YR3j8Fc57Eh9mUEqyZhFyyHNBdY=
Subject key identifier: F2:0E:E2:17:7E:01:D4:F2:5F:71:B1:E2:B0:DA:F1:C4:1D:57:FC:95
Authority key identifier: 64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
Certificate issuer: /CN=64daba15d1d366cb53095412d06490e23498e170
Certificate serial: 019A71B8D6A150E20330CC5D6B13A363FD26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:02:10 +0000
Manifest this update: Tue 11 Nov 2025 07:02:10 +0000
Manifest next update: Wed 12 Nov 2025 07:02:10 +0000
Files and hashes: 1: 7vdGx51ck_YIgYpkt1SPNVfsVKE.roa (hash: Nw+uAqY1I65YKmQSbXqROB23bDhd2atga2x/5hREPHM=)
2: ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl (hash: +kYei6Ibtr9V9kmQzzoqKchitbb8Zeb7zDMkjxRgBus=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:d6:a1:50:e2:03:30:cc:5d:6b:13:a3:63:fd:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64daba15d1d366cb53095412d06490e23498e170
Validity
Not Before: Nov 11 07:02:10 2025 GMT
Not After : Nov 12 07:02:10 2025 GMT
Subject: CN=f20ee2177e01d4f25f71b1e2b0daf1c41d57fc95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f7:67:7b:c0:17:a4:60:9f:79:0a:44:3f:1a:
47:b3:f8:7b:c3:bb:0c:9f:2f:bb:62:db:e6:d7:fe:
78:e9:d0:47:00:98:45:40:4a:cd:12:72:07:d3:ef:
23:41:fe:5e:97:9f:31:3d:fc:91:1a:9a:88:2d:6c:
87:18:3b:ba:3f:b8:d0:f6:b2:bd:97:fa:42:6d:e1:
a1:73:b4:1e:1c:93:34:47:bf:27:74:cb:09:f1:de:
37:62:7e:58:71:1e:66:6f:a4:7d:1c:4d:fd:71:a3:
12:0e:2a:12:00:78:49:0f:55:ce:5a:6b:95:b8:e9:
14:53:70:4e:bb:bc:df:ea:74:0a:b2:02:1e:75:3e:
44:de:3b:8d:00:8b:53:ee:36:f4:95:41:7c:99:e6:
f4:26:39:a4:43:c2:04:06:84:4a:ad:b7:11:2d:d1:
f1:a3:6a:f8:e6:e6:de:38:68:bf:21:42:7c:a6:f3:
2d:c0:bc:91:13:06:e9:ed:57:d1:1d:a4:06:3e:f6:
9e:c8:21:92:04:fa:19:31:3f:c8:b4:5c:ff:e5:69:
0b:19:9c:d2:7b:ea:ef:cc:11:6e:d1:5b:59:ab:31:
8d:ff:17:b8:3e:3c:77:a4:b4:21:a8:4b:9b:79:c8:
24:ef:cc:e9:b9:8b:c4:95:ae:32:35:ce:b3:92:ac:
30:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:0E:E2:17:7E:01:D4:F2:5F:71:B1:E2:B0:DA:F1:C4:1D:57:FC:95
X509v3 Authority Key Identifier:
keyid:64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:bb:16:ec:00:ae:ef:9e:48:ce:b1:ac:4f:cb:ad:7a:ec:fe:
69:25:19:10:be:36:99:34:2b:45:ed:ce:1c:b9:33:8f:9f:15:
f9:36:f5:97:dd:66:9a:fa:f1:aa:12:31:0d:c9:b2:22:54:88:
64:c2:06:eb:9f:17:00:63:50:6f:04:b2:0e:72:a3:09:29:9b:
cf:aa:e6:47:5d:bc:c2:95:da:03:78:ca:bc:90:d7:70:68:90:
01:37:ca:ac:b0:f0:ed:45:6b:af:f9:6d:07:49:03:0f:5d:40:
a0:ca:62:48:3f:17:27:5d:33:db:5c:bb:d8:82:ca:c8:c9:f7:
6a:6f:f7:f5:4d:5b:91:68:9c:76:c4:62:71:0f:03:5a:26:bb:
a5:43:c3:ff:d1:13:21:0d:af:7f:87:93:98:4d:97:c9:ae:ef:
43:8c:b1:3a:ce:b8:8f:08:14:15:99:a1:c1:4d:ab:00:45:c0:
4c:82:77:98:18:bf:1c:a9:ed:9f:3b:c8:d9:c3:c6:4a:56:83:
58:28:42:e5:f4:96:df:b0:06:50:9e:73:81:2c:f0:57:3a:6e:
36:94:ae:7e:01:9d:bd:00:a8:9f:6b:4e:2a:89:e0:f9:5c:c7:
3d:dc:41:93:db:9e:7f:99:a6:51:6a:86:0f:e7:7e:10:b3:c1:
60:ae:4c:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuNahUOIDMMxdaxOjY/0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFiYTE1ZDFkMzY2Y2I1MzA5NTQxMmQwNjQ5MGUyMzQ5
OGUxNzAwHhcNMjUxMTExMDcwMjEwWhcNMjUxMTEyMDcwMjEwWjAzMTEwLwYDVQQD
EyhmMjBlZTIxNzdlMDFkNGYyNWY3MWIxZTJiMGRhZjFjNDFkNTdmYzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfdne8AXpGCfeQpEPxpHs/h7w7sM
ny+7Ytvm1/546dBHAJhFQErNEnIH0+8jQf5el58xPfyRGpqILWyHGDu6P7jQ9rK9
l/pCbeGhc7QeHJM0R78ndMsJ8d43Yn5YcR5mb6R9HE39caMSDioSAHhJD1XOWmuV
uOkUU3BOu7zf6nQKsgIedT5E3juNAItT7jb0lUF8meb0JjmkQ8IEBoRKrbcRLdHx
o2r45ubeOGi/IUJ8pvMtwLyREwbp7VfRHaQGPvaeyCGSBPoZMT/ItFz/5WkLGZzS
e+rvzBFu0VtZqzGN/xe4Pjx3pLQhqEubecgk78zpuYvEla4yNc6zkqwwmQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPIO4hd+AdTyX3Gx4rDa8cQdV/yVMB8GA1UdIwQY
MBaAFGTauhXR02bLUwlUEtBkkOI0mOFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2Et
YTk0ZGQ4Y2NhZjlmLzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2EtYTk0ZGQ4Y2NhZjlm
LzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMLsW7ACu
755IzrGsT8uteuz+aSUZEL42mTQrRe3OHLkzj58V+Tb1l91mmvrxqhIxDcmyIlSI
ZMIG658XAGNQbwSyDnKjCSmbz6rmR128wpXaA3jKvJDXcGiQATfKrLDw7UVrr/lt
B0kDD11AoMpiSD8XJ10z21y72ILKyMn3am/39U1bkWicdsRicQ8DWia7pUPD/9ET
IQ2vf4eTmE2Xya7vQ4yxOs64jwgUFZmhwU2rAEXATIJ3mBi/HKntnzvI2cPGSlaD
WChC5fSW37AGUJ5zgSzwVzpuNpSufgGdvQCon2tOKong+VzHPdxBk9uef5mmUWqG
D+d+ELPBYK5M5Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:35 2025 by rpki-client