Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: gGwScbqtR2I/j2N9OpL30eKXZRbOyRk2qGWCynMj3HA=
Subject key identifier: C1:FE:30:1D:E2:41:FC:1F:4F:D2:EF:FB:F2:D8:C2:5D:2F:54:4D:56
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 01974F6A86DCE28BDF2584D09985E53CC3F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1580
Signing time: Sun 08 Jun 2025 12:01:10 +0000
Manifest this update: Sun 08 Jun 2025 12:01:10 +0000
Manifest next update: Mon 09 Jun 2025 12:01:10 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: extDE7gxCAexDZjww/R9PmimBr/GBkMCatsNOBJj6ZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 11:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:6a:86:dc:e2:8b:df:25:84:d0:99:85:e5:3c:c3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Jun 8 12:01:10 2025 GMT
Not After : Jun 9 12:01:10 2025 GMT
Subject: CN=c1fe301de241fc1f4fd2effbf2d8c25d2f544d56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:a8:5c:38:1e:de:35:1b:ef:b5:eb:e7:73:4a:
bc:a0:9d:de:2a:cd:65:27:24:45:f1:a7:0d:b2:41:
06:cc:c7:58:37:b3:40:e8:11:94:bd:b8:41:4b:00:
26:88:02:30:da:c6:b3:68:75:fb:08:96:57:fb:48:
23:a0:c5:24:b3:94:d4:1c:3d:54:3f:32:07:4d:b6:
ff:ef:85:ab:00:25:46:f0:76:3c:9f:d7:ce:ff:f5:
33:df:df:a3:42:bb:f8:1d:37:bd:47:00:90:f3:cd:
e4:39:f7:7c:06:f5:c9:63:db:51:d1:c5:ea:3d:2d:
fd:a7:cd:e1:e4:80:62:8d:3e:40:7e:97:fa:37:b2:
80:bb:da:66:c4:ac:8b:55:3b:d3:0d:61:3d:82:5c:
aa:0a:fc:bc:3e:58:d4:9a:82:9a:bf:44:1c:9a:9d:
ff:46:9b:9d:58:68:cd:ab:bb:ad:19:f3:07:fa:17:
ca:95:be:d8:41:59:1a:ce:42:d0:6d:20:ad:2b:54:
bd:25:61:06:a8:66:c5:6a:97:39:96:2a:ce:58:96:
06:7f:0a:5b:42:50:bd:63:60:7d:ab:84:e0:94:d7:
af:b8:ec:72:db:1e:22:95:39:53:6d:86:5b:d3:16:
23:c4:b8:eb:a2:ac:91:70:7e:41:23:42:5b:55:4e:
f8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:FE:30:1D:E2:41:FC:1F:4F:D2:EF:FB:F2:D8:C2:5D:2F:54:4D:56
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
08:ae:4e:24:c1:44:5c:04:55:07:d5:ed:87:66:4d:22:f1:e5:
e4:0c:a8:4c:b7:bb:f6:63:1c:50:83:48:98:b6:8c:4e:1c:18:
02:ef:ab:ae:27:16:fb:9f:a9:a1:28:f5:f3:1a:39:f3:68:ef:
fc:cf:2e:3f:61:30:c0:83:6a:a2:3f:be:d7:8b:1d:6a:1f:c4:
16:d6:2c:65:37:97:0a:6e:4e:26:ad:c1:0d:a0:ce:d3:01:46:
75:2f:3f:24:e3:47:9f:54:67:6d:63:a4:a1:03:2a:77:b4:ea:
a1:c6:79:60:b9:e1:1e:90:39:22:98:23:78:c6:2c:1c:1f:83:
24:ca:2c:bc:d6:10:5d:45:a7:d6:cb:75:82:b6:8a:6c:41:38:
34:16:28:c1:28:57:0e:9d:ef:1c:2d:08:4d:f9:a2:bd:94:6d:
9e:7c:47:18:c5:f2:d3:bb:19:ab:f2:af:91:88:59:1c:aa:95:
4b:a7:71:a8:9f:e3:71:94:4b:54:bd:1c:5a:1e:1d:00:92:11:
18:21:70:80:11:a5:4c:03:26:6c:ce:f3:ca:69:34:ed:9e:3c:
ad:cf:a4:6d:b7:a5:ad:2d:e6:70:d3:a4:24:6b:e7:d5:07:57:
95:f2:92:35:7f:e6:a2:f8:df:18:ba:6d:32:cc:3a:2f:0a:ad:
9e:bb:1c:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdPaobc4ovfJYTQmYXlPMP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwNjA4MTIwMTEwWhcNMjUwNjA5MTIwMTEwWjAzMTEwLwYDVQQD
EyhjMWZlMzAxZGUyNDFmYzFmNGZkMmVmZmJmMmQ4YzI1ZDJmNTQ0ZDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4qhcOB7eNRvvtevnc0q8oJ3eKs1l
JyRF8acNskEGzMdYN7NA6BGUvbhBSwAmiAIw2sazaHX7CJZX+0gjoMUks5TUHD1U
PzIHTbb/74WrACVG8HY8n9fO//Uz39+jQrv4HTe9RwCQ883kOfd8BvXJY9tR0cXq
PS39p83h5IBijT5Afpf6N7KAu9pmxKyLVTvTDWE9glyqCvy8PljUmoKav0Qcmp3/
RpudWGjNq7utGfMH+hfKlb7YQVkazkLQbSCtK1S9JWEGqGbFapc5lirOWJYGfwpb
QlC9Y2B9q4TglNevuOxy2x4ilTlTbYZb0xYjxLjroqyRcH5BI0JbVU74AQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMH+MB3iQfwfT9Lv+/LYwl0vVE1WMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACK5OJMFE
XARVB9Xth2ZNIvHl5AyoTLe79mMcUINImLaMThwYAu+rricW+5+poSj18xo582jv
/M8uP2EwwINqoj++14sdah/EFtYsZTeXCm5OJq3BDaDO0wFGdS8/JONHn1RnbWOk
oQMqd7TqocZ5YLnhHpA5IpgjeMYsHB+DJMosvNYQXUWn1st1graKbEE4NBYowShX
Dp3vHC0ITfmivZRtnnxHGMXy07sZq/KvkYhZHKqVS6dxqJ/jcZRLVL0cWh4dAJIR
GCFwgBGlTAMmbM7zymk07Z48rc+kbbelrS3mcNOkJGvn1QdXlfKSNX/movjfGLpt
Msw6LwqtnrscGA==
-----END CERTIFICATE-----
Generated at Sun Jun 8 18:35:38 2025 by rpki-client