Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
File: ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft (raw, json)
Hash identifier: 5ZAZaJd80fUyJlKzt1GVRiOqwczUuEixugeoSldd/3A=
Subject key identifier: 16:34:90:41:3D:20:35:22:BD:17:0B:39:A6:59:D6:18:1F:14:9F:8C
Authority key identifier: 65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
Certificate issuer: /CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Certificate serial: 019A70A501E1A4E1D6FBAE255EBFF2BE6E93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 02:00:53 +0000
Manifest this update: Tue 11 Nov 2025 02:00:53 +0000
Manifest next update: Wed 12 Nov 2025 02:00:53 +0000
Files and hashes: 1: KWbEbWMWx8GsR8Asb1Hi7iVj3A8.roa (hash: w7QiyqZy99cacAStF09i7GMZP3QKH24tEZwntPEoeMs=)
2: ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl (hash: sZO9K1O8qhh8gXKX/Nb3B7ruscxTMhzPALs+t2iBUFI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:01:e1:a4:e1:d6:fb:ae:25:5e:bf:f2:be:6e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ab485af923d1b46c5a321fc7a3f856c04fb6fc
Validity
Not Before: Nov 11 02:00:53 2025 GMT
Not After : Nov 12 02:00:53 2025 GMT
Subject: CN=163490413d203522bd170b39a659d6181f149f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:33:68:e3:de:70:57:81:eb:96:28:eb:50:a4:
ff:c7:d4:e3:04:61:b4:ce:c9:4a:93:c0:09:38:86:
9f:7f:ea:37:ab:af:e0:b0:41:c8:83:62:e9:9e:1f:
06:0b:d4:4e:3e:70:ba:8c:97:56:36:5a:95:f6:d8:
59:45:8b:d0:27:b4:49:6a:a5:83:fa:94:6f:fe:8c:
b2:bf:3b:cd:aa:5f:9e:3a:66:50:c8:96:ce:d5:1f:
cf:4a:c1:a8:f7:dd:a2:d3:d3:0a:9c:d6:d1:d2:b1:
75:fe:a7:98:19:7a:33:8a:12:e3:cb:61:e7:03:7c:
dc:6a:35:01:25:65:96:2f:bd:e6:66:a2:23:3c:16:
a8:04:c5:5a:96:8a:8b:7e:e3:54:a2:3c:27:c6:1d:
60:db:1b:16:66:6c:7d:c0:3a:70:b6:5c:9d:c6:90:
d9:c5:1a:0e:ec:14:88:ca:fa:a0:2e:7d:a9:42:ff:
ce:44:64:2e:03:5c:45:20:10:12:a1:49:00:ea:0a:
89:77:9b:a5:2e:8a:05:10:65:21:34:48:2d:ac:dd:
f7:73:1b:db:f1:73:65:b9:f2:7e:3d:fa:78:b2:5d:
a1:0c:1b:92:8f:65:f3:6a:92:09:54:a9:d9:c1:7f:
d7:db:5d:be:b6:a1:05:5d:e4:99:cb:a2:b5:ab:50:
94:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:34:90:41:3D:20:35:22:BD:17:0B:39:A6:59:D6:18:1F:14:9F:8C
X509v3 Authority Key Identifier:
keyid:65:AB:48:5A:F9:23:D1:B4:6C:5A:32:1F:C7:A3:F8:56:C0:4F:B6:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZatIWvkj0bRsWjIfx6P4VsBPtvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/164d8d-41ac-4522-bb25-898634942285/1/ZatIWvkj0bRsWjIfx6P4VsBPtvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:9b:51:da:14:ae:df:29:fc:d6:1c:06:41:ca:aa:fa:c4:9a:
b5:12:65:1b:99:a9:f9:9e:88:e8:10:9a:19:83:54:d1:6b:3c:
9e:28:11:94:2c:c3:01:a9:87:af:79:ac:99:3c:4f:b3:a0:30:
6b:9c:87:e2:0a:53:cf:46:48:cf:a1:e2:57:0b:92:36:94:d2:
95:60:32:6f:16:a9:ec:1f:a0:6b:62:72:07:47:30:00:71:f9:
32:98:e6:03:70:e4:f2:61:f1:1b:d8:b5:52:34:8d:d4:2c:c2:
dd:93:b6:07:db:78:27:a9:2c:d0:3d:b3:79:c9:1f:22:b6:8a:
eb:7b:01:2c:3c:8c:b1:73:ad:ff:1e:db:59:54:bd:38:73:38:
3b:1d:d6:2c:0b:d0:52:20:4c:c7:fb:be:da:db:d1:9a:72:4b:
e7:94:d4:74:93:99:42:98:06:ac:d2:15:c3:ad:d7:40:03:13:
98:b8:a2:00:fd:c0:6f:c9:15:56:2a:ac:87:9c:02:d5:55:59:
07:a6:67:52:25:69:40:a4:b5:80:69:80:b6:7c:7d:fa:1c:7a:
cd:10:54:e7:b0:8d:0f:3f:c5:fb:ef:df:5a:4e:0a:fa:18:e8:
31:f4:f2:75:01:5d:d1:00:a3:f0:15:23:e0:31:8b:0b:85:d3:
00:e0:ad:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpQHhpOHW+64lXr/yvm6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YWI0ODVhZjkyM2QxYjQ2YzVhMzIxZmM3YTNmODU2YzA0
ZmI2ZmMwHhcNMjUxMTExMDIwMDUzWhcNMjUxMTEyMDIwMDUzWjAzMTEwLwYDVQQD
EygxNjM0OTA0MTNkMjAzNTIyYmQxNzBiMzlhNjU5ZDYxODFmMTQ5ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDNo495wV4HrlijrUKT/x9TjBGG0
zslKk8AJOIaff+o3q6/gsEHIg2Lpnh8GC9ROPnC6jJdWNlqV9thZRYvQJ7RJaqWD
+pRv/oyyvzvNql+eOmZQyJbO1R/PSsGo992i09MKnNbR0rF1/qeYGXozihLjy2Hn
A3zcajUBJWWWL73mZqIjPBaoBMValoqLfuNUojwnxh1g2xsWZmx9wDpwtlydxpDZ
xRoO7BSIyvqgLn2pQv/ORGQuA1xFIBASoUkA6gqJd5ulLooFEGUhNEgtrN33cxvb
8XNlufJ+Pfp4sl2hDBuSj2XzapIJVKnZwX/X212+tqEFXeSZy6K1q1CURwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBY0kEE9IDUivRcLOaZZ1hgfFJ+MMB8GA1UdIwQY
MBaAFGWrSFr5I9G0bFoyH8ej+FbAT7b8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUt
ODk4NjM0OTQyMjg1LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8xNjRkOGQtNDFhYy00NTIyLWJiMjUtODk4NjM0OTQyMjg1
LzEvWmF0SVd2a2owYlJzV2pJZng2UDRWc0JQdHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjZtR2hSu
3yn81hwGQcqq+sSatRJlG5mp+Z6I6BCaGYNU0Ws8nigRlCzDAamHr3msmTxPs6Aw
a5yH4gpTz0ZIz6HiVwuSNpTSlWAybxap7B+ga2JyB0cwAHH5MpjmA3Dk8mHxG9i1
UjSN1CzC3ZO2B9t4J6ks0D2zeckfIraK63sBLDyMsXOt/x7bWVS9OHM4Ox3WLAvQ
UiBMx/u+2tvRmnJL55TUdJOZQpgGrNIVw63XQAMTmLiiAP3Ab8kVViqsh5wC1VVZ
B6ZnUiVpQKS1gGmAtnx9+hx6zRBU57CNDz/F++/fWk4K+hjoMfTydQFd0QCj8BUj
4DGLC4XTAOCt3w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:55:01 2025 by rpki-client