Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a36365-8552-4a97-8bfa-ccaf44d41648/1/ZlBwd85_MPwGht0JNKiZl98x6Ew.mft
File: ZlBwd85_MPwGht0JNKiZl98x6Ew.mft (raw, json)
Hash identifier: xNQWhFxpaKHXzdAP4OyMnFxy1EDD/+++J7THY8pUIqE=
Subject key identifier: D5:A5:43:AE:87:04:36:06:42:3A:FD:33:47:1B:AD:54:B8:B9:D6:FA
Authority key identifier: 66:50:70:77:CE:7F:30:FC:06:86:DD:09:34:A8:99:97:DF:31:E8:4C
Certificate issuer: /CN=66507077ce7f30fc0686dd0934a89997df31e84c
Certificate serial: 019A71B78A15EE3AAA875E3C58E015394D0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZlBwd85_MPwGht0JNKiZl98x6Ew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a36365-8552-4a97-8bfa-ccaf44d41648/1/ZlBwd85_MPwGht0JNKiZl98x6Ew.mft
Manifest number: 02A1
Signing time: Tue 11 Nov 2025 07:00:44 +0000
Manifest this update: Tue 11 Nov 2025 07:00:44 +0000
Manifest next update: Wed 12 Nov 2025 07:00:44 +0000
Files and hashes: 1: CMAN4bcbFlE2ovL3BXKdvH4eTII.roa (hash: ZzFaJfQBLQmJT0k4QbFN8QUiuOCXpP8XehevhIAFTKY=)
2: ZlBwd85_MPwGht0JNKiZl98x6Ew.crl (hash: GtaglxHGsSZmfToAFjJN3Ae1QI9JyU3rQwhmpZk/zfc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a36365-8552-4a97-8bfa-ccaf44d41648/1/ZlBwd85_MPwGht0JNKiZl98x6Ew.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a36365-8552-4a97-8bfa-ccaf44d41648/1/ZlBwd85_MPwGht0JNKiZl98x6Ew.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZlBwd85_MPwGht0JNKiZl98x6Ew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:8a:15:ee:3a:aa:87:5e:3c:58:e0:15:39:4d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66507077ce7f30fc0686dd0934a89997df31e84c
Validity
Not Before: Nov 11 07:00:44 2025 GMT
Not After : Nov 12 07:00:44 2025 GMT
Subject: CN=d5a543ae87043606423afd33471bad54b8b9d6fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e8:0e:e3:66:29:e9:34:52:4a:4b:aa:be:34:
44:3a:d7:25:75:4f:da:2a:07:05:f6:6b:68:da:3e:
fa:dd:60:f8:4e:a4:7b:11:ab:ce:77:4d:1c:03:14:
9f:53:f9:dd:6d:2c:26:37:a6:74:7a:3d:1e:da:a5:
a7:1a:a4:13:f3:37:9a:bb:a3:be:c7:51:b0:07:6b:
1c:d2:65:3f:2b:01:00:50:e0:eb:2e:05:49:c3:c5:
f7:44:e4:b7:30:64:4b:02:ef:eb:13:0f:d9:5b:9c:
bd:ca:81:b3:5b:47:2a:02:93:5d:1b:74:d2:66:cd:
58:af:12:d6:1b:4b:f6:77:46:71:c3:11:95:15:12:
37:3c:b7:3c:a6:67:46:e7:12:c4:f9:ba:dc:1a:3d:
8a:55:e7:f1:2a:6a:d6:d2:2b:7a:03:bb:fc:9d:6e:
bc:2e:7c:47:b2:a4:eb:90:95:4a:1a:a5:dc:a9:2a:
81:87:3f:9a:a7:ff:f0:04:94:79:38:a9:04:1c:5e:
48:da:2d:94:c0:32:2f:fb:9c:96:ef:8e:48:fb:f8:
bf:a8:3b:28:d8:95:5f:9d:c3:2b:de:f9:cd:c3:75:
68:f0:d4:ff:bc:b9:3e:55:f7:c3:65:b0:60:49:42:
00:78:52:7f:46:be:78:af:b0:eb:14:ac:95:04:6c:
be:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:A5:43:AE:87:04:36:06:42:3A:FD:33:47:1B:AD:54:B8:B9:D6:FA
X509v3 Authority Key Identifier:
keyid:66:50:70:77:CE:7F:30:FC:06:86:DD:09:34:A8:99:97:DF:31:E8:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZlBwd85_MPwGht0JNKiZl98x6Ew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a36365-8552-4a97-8bfa-ccaf44d41648/1/ZlBwd85_MPwGht0JNKiZl98x6Ew.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a36365-8552-4a97-8bfa-ccaf44d41648/1/ZlBwd85_MPwGht0JNKiZl98x6Ew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:d1:cc:a6:e5:94:f6:fe:d9:ef:76:44:7f:a9:2b:dd:ba:b5:
9c:08:54:f8:35:98:5c:e1:67:86:d9:cf:d8:c9:eb:28:d6:74:
3d:29:4f:64:55:aa:a9:ee:d0:a7:06:7d:90:72:87:8a:00:34:
c1:23:0b:f5:6e:37:34:9e:72:4e:1f:b3:a6:6b:f8:55:a2:88:
9f:bb:5a:5b:f0:65:0c:58:76:99:9b:de:77:ac:0f:03:c6:18:
04:a1:63:b4:fb:b2:fc:fd:b5:53:77:db:70:a8:c2:c5:94:a5:
e9:eb:45:de:39:2f:33:11:5e:42:7a:3c:dd:46:6a:4e:d3:e8:
e6:5a:12:5b:7f:87:a5:a1:39:34:fb:51:de:55:f0:aa:0a:e4:
78:28:07:06:9d:ff:d9:4b:0d:70:29:40:25:a9:3b:1f:04:90:
3d:71:66:35:0a:f1:06:71:cc:09:37:a4:59:ff:f3:ee:6f:8f:
4a:ef:7c:f4:93:17:14:ad:01:2b:95:a9:05:3e:95:ea:81:cb:
4b:30:2f:91:16:d7:1a:f3:b2:c2:cd:ad:bc:70:00:d9:8f:ef:
af:8f:3c:0a:57:81:1c:27:b1:0e:90:14:1e:0f:a8:06:23:a0:
6c:0b:b9:6f:be:82:21:0b:01:f5:2d:41:03:c6:89:a5:65:77:
ce:44:82:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt4oV7jqqh148WOAVOU0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NTA3MDc3Y2U3ZjMwZmMwNjg2ZGQwOTM0YTg5OTk3ZGYz
MWU4NGMwHhcNMjUxMTExMDcwMDQ0WhcNMjUxMTEyMDcwMDQ0WjAzMTEwLwYDVQQD
EyhkNWE1NDNhZTg3MDQzNjA2NDIzYWZkMzM0NzFiYWQ1NGI4YjlkNmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOgO42Yp6TRSSkuqvjREOtcldU/a
KgcF9mto2j763WD4TqR7EavOd00cAxSfU/ndbSwmN6Z0ej0e2qWnGqQT8zeau6O+
x1GwB2sc0mU/KwEAUODrLgVJw8X3ROS3MGRLAu/rEw/ZW5y9yoGzW0cqApNdG3TS
Zs1YrxLWG0v2d0ZxwxGVFRI3PLc8pmdG5xLE+brcGj2KVefxKmrW0it6A7v8nW68
LnxHsqTrkJVKGqXcqSqBhz+ap//wBJR5OKkEHF5I2i2UwDIv+5yW745I+/i/qDso
2JVfncMr3vnNw3Vo8NT/vLk+VffDZbBgSUIAeFJ/Rr54r7DrFKyVBGy+8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNWlQ66HBDYGQjr9M0cbrVS4udb6MB8GA1UdIwQY
MBaAFGZQcHfOfzD8BobdCTSomZffMehMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmxCd2Q4NV9NUHdHaHQwSk5LaVpsOTh4NkV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMzYzNjUtODU1Mi00YTk3LThiZmEt
Y2NhZjQ0ZDQxNjQ4LzEvWmxCd2Q4NV9NUHdHaHQwSk5LaVpsOTh4NkV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMzYzNjUtODU1Mi00YTk3LThiZmEtY2NhZjQ0ZDQxNjQ4
LzEvWmxCd2Q4NV9NUHdHaHQwSk5LaVpsOTh4NkV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArNHMpuWU
9v7Z73ZEf6kr3bq1nAhU+DWYXOFnhtnP2MnrKNZ0PSlPZFWqqe7QpwZ9kHKHigA0
wSML9W43NJ5yTh+zpmv4VaKIn7taW/BlDFh2mZved6wPA8YYBKFjtPuy/P21U3fb
cKjCxZSl6etF3jkvMxFeQno83UZqTtPo5loSW3+HpaE5NPtR3lXwqgrkeCgHBp3/
2UsNcClAJak7HwSQPXFmNQrxBnHMCTekWf/z7m+PSu989JMXFK0BK5WpBT6V6oHL
SzAvkRbXGvOyws2tvHAA2Y/vr488CleBHCexDpAUHg+oBiOgbAu5b76CIQsB9S1B
A8aJpWV3zkSCuA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:32 2025 by rpki-client