Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
File: ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft (raw, json)
Hash identifier: 1Mw9adCdeIhnPKrFUM//M1XlklfEWzx9NcRNCxLnrno=
Subject key identifier: 81:B5:CB:0A:CA:56:E8:00:8D:7B:CA:73:9F:4A:16:DB:09:03:22:EC
Authority key identifier: CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
Certificate issuer: /CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Certificate serial: 019A7293321E7B29FCB98718429A559C7CF1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 11:00:40 +0000
Manifest this update: Tue 11 Nov 2025 11:00:40 +0000
Manifest next update: Wed 12 Nov 2025 11:00:40 +0000
Files and hashes: 1: NJmmW764rdnW_zIUswA3g-8-n2M.roa (hash: uNbv9sZggt1kjUfoR4Ji7KAa4WT9RRySZVjN33ZdWTA=)
2: ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl (hash: FI+v65FTGT1XLI3/KW6VSt3XEo1dMXYVQFWGlukS+t8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:32:1e:7b:29:fc:b9:87:18:42:9a:55:9c:7c:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced410ea6867ef63f959bad6b21b691cadff87d4
Validity
Not Before: Nov 11 11:00:40 2025 GMT
Not After : Nov 12 11:00:40 2025 GMT
Subject: CN=81b5cb0aca56e8008d7bca739f4a16db090322ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:10:55:cd:93:40:42:f0:b9:57:a7:71:34:f8:
28:55:00:23:e0:06:35:99:19:8d:af:d1:b4:73:ca:
f9:21:12:f3:a2:18:bd:7b:2f:08:e6:44:23:1c:ad:
0c:a5:a0:0c:9e:c9:9c:1b:db:7a:cf:99:33:72:9b:
b8:06:c7:97:b8:65:a2:76:3e:9b:1b:21:35:ae:03:
14:3e:df:78:e7:90:33:b4:ba:c3:01:d5:e2:14:fe:
58:89:80:ac:c1:18:f3:45:b7:de:4b:3a:7d:b0:db:
00:90:33:d9:9b:d8:a1:42:7a:9f:49:45:8b:22:4c:
dc:c9:f3:47:84:e6:75:67:ef:ff:a9:58:c3:d1:33:
69:f1:2a:5f:62:75:e6:3f:e7:a5:50:b6:0c:1f:2a:
65:b1:20:4b:43:de:5f:f2:73:20:08:af:3c:ff:a0:
03:58:7e:ad:33:48:95:da:c7:22:c7:2e:d8:24:1f:
8d:7a:f4:84:c5:c4:4e:37:34:8a:bc:62:39:39:60:
5f:55:40:47:2a:8b:66:bd:eb:93:75:b8:7a:1e:07:
fd:1b:14:b4:0e:b3:31:99:af:63:88:fa:3e:fb:69:
58:bc:ba:ef:4a:25:68:8c:5c:b8:09:b3:7d:b1:ee:
7e:48:3b:63:0d:e5:07:76:f4:2e:d5:4f:31:65:6c:
58:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B5:CB:0A:CA:56:E8:00:8D:7B:CA:73:9F:4A:16:DB:09:03:22:EC
X509v3 Authority Key Identifier:
keyid:CE:D4:10:EA:68:67:EF:63:F9:59:BA:D6:B2:1B:69:1C:AD:FF:87:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztQQ6mhn72P5WbrWshtpHK3_h9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/12fc41-89dd-4a21-aa34-76525841dc28/1/ztQQ6mhn72P5WbrWshtpHK3_h9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:f7:38:9a:77:3e:6e:66:23:6d:c0:69:76:d2:9b:32:bc:68:
a8:60:05:3c:94:e5:57:0c:31:94:2e:e4:9b:1b:5e:6d:b1:68:
35:a6:71:cd:6e:d2:bc:27:c5:33:b1:e1:4c:6c:fd:4f:47:0d:
ff:5d:41:06:50:fa:f3:5b:3a:58:18:12:16:cf:ce:0f:a1:98:
b0:b3:52:8c:da:e3:bb:e7:6f:bc:a5:17:e0:d3:2d:94:41:73:
29:b8:3a:3f:c0:2b:27:48:43:b1:e9:b9:81:ce:78:72:bb:9e:
b5:10:b3:ef:57:fa:aa:95:98:77:03:b0:93:4b:97:35:4b:07:
e9:1d:3b:c0:2f:9a:ae:64:29:a8:4f:ed:3a:ef:9d:0d:eb:ab:
32:8b:b1:3e:6c:6f:b1:6f:0d:f1:85:c7:67:1a:11:44:7a:dd:
49:ba:de:9f:b3:91:c4:21:4b:85:57:90:53:93:d5:cf:df:eb:
5a:a1:91:06:6a:bb:fd:c1:74:00:82:00:26:8f:15:cb:72:44:
45:c8:e5:b7:f8:78:70:73:39:09:5b:93:49:d7:64:fe:8f:63:
c8:c8:e0:32:37:fd:9d:90:df:e1:a5:ce:54:be:15:37:29:3b:
16:6b:34:6a:ce:bd:00:05:07:22:6d:46:27:03:ff:df:30:b1:
5f:9b:63:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykzIeeyn8uYcYQppVnHzxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDQxMGVhNjg2N2VmNjNmOTU5YmFkNmIyMWI2OTFjYWRm
Zjg3ZDQwHhcNMjUxMTExMTEwMDQwWhcNMjUxMTEyMTEwMDQwWjAzMTEwLwYDVQQD
Eyg4MWI1Y2IwYWNhNTZlODAwOGQ3YmNhNzM5ZjRhMTZkYjA5MDMyMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhBVzZNAQvC5V6dxNPgoVQAj4AY1
mRmNr9G0c8r5IRLzohi9ey8I5kQjHK0MpaAMnsmcG9t6z5kzcpu4BseXuGWidj6b
GyE1rgMUPt9455AztLrDAdXiFP5YiYCswRjzRbfeSzp9sNsAkDPZm9ihQnqfSUWL
IkzcyfNHhOZ1Z+//qVjD0TNp8SpfYnXmP+elULYMHyplsSBLQ95f8nMgCK88/6AD
WH6tM0iV2scixy7YJB+NevSExcRONzSKvGI5OWBfVUBHKotmveuTdbh6Hgf9GxS0
DrMxma9jiPo++2lYvLrvSiVojFy4CbN9se5+SDtjDeUHdvQu1U8xZWxYjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIG1ywrKVugAjXvKc59KFtsJAyLsMB8GA1UdIwQY
MBaAFM7UEOpoZ+9j+Vm61rIbaRyt/4fUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQt
NzY1MjU4NDFkYzI4LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xMmZjNDEtODlkZC00YTIxLWFhMzQtNzY1MjU4NDFkYzI4
LzEvenRRUTZtaG43MlA1V2JyV3NodHBISzNfaDlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPc4mnc+
bmYjbcBpdtKbMrxoqGAFPJTlVwwxlC7kmxtebbFoNaZxzW7SvCfFM7HhTGz9T0cN
/11BBlD681s6WBgSFs/OD6GYsLNSjNrju+dvvKUX4NMtlEFzKbg6P8ArJ0hDsem5
gc54cruetRCz71f6qpWYdwOwk0uXNUsH6R07wC+armQpqE/tOu+dDeurMouxPmxv
sW8N8YXHZxoRRHrdSbren7ORxCFLhVeQU5PVz9/rWqGRBmq7/cF0AIIAJo8Vy3JE
Rcjlt/h4cHM5CVuTSddk/o9jyMjgMjf9nZDf4aXOVL4VNyk7Fms0as69AAUHIm1G
JwP/3zCxX5tjrw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:36:20 2025 by rpki-client