Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: id9xqQkUSmR2PXyvDR3V32Dr/0e/DMVdeQA5HZ2dI5Y=
Subject key identifier: AB:98:7B:DA:64:DD:73:DE:F2:9E:7C:7E:CE:18:F1:1F:EE:B7:DD:70
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 019922C32FB691E0EB646AFBFC2825259797
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1672
Signing time: Sun 07 Sep 2025 06:00:41 +0000
Manifest this update: Sun 07 Sep 2025 06:00:41 +0000
Manifest next update: Mon 08 Sep 2025 06:00:41 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: 4uIjoh25S6xdXNeL2s+8suq/ZYSvh/X9XewyknYzvJY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:c3:2f:b6:91:e0:eb:64:6a:fb:fc:28:25:25:97:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Sep 7 06:00:41 2025 GMT
Not After : Sep 8 06:00:41 2025 GMT
Subject: CN=ab987bda64dd73def29e7c7ece18f11feeb7dd70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fb:e1:b1:f0:fa:5a:83:3c:06:6e:cd:dd:83:
0c:81:fe:86:7b:2e:7f:66:72:b3:ba:c1:94:46:12:
f0:40:d7:f8:30:21:4b:2b:f5:57:81:9a:b9:70:18:
07:b0:79:7d:3c:b1:16:58:f7:1a:1e:56:a7:fc:6f:
99:48:18:b7:90:db:aa:a0:ce:6d:48:11:45:2d:51:
ff:99:41:93:b9:08:de:6d:3a:65:20:21:a2:71:a5:
08:e4:4a:32:72:ba:91:18:75:6e:db:6e:72:f4:f4:
d6:7b:da:25:ec:94:8d:79:c2:96:38:4e:55:17:e6:
96:ae:7d:1a:40:b3:e4:f4:62:e2:71:d5:4d:fe:74:
ec:85:5e:39:d8:bb:a3:ad:72:09:a9:db:95:f8:2a:
cb:c2:4b:b3:c9:4d:c9:51:0c:d1:09:58:fc:a1:f2:
d1:05:e4:13:bb:f1:00:5d:85:22:8a:56:58:7c:ef:
9f:e4:60:ad:19:8c:16:c2:f2:22:30:6c:12:05:60:
6a:6a:89:d5:44:c5:02:b6:ac:28:93:af:c9:3c:c8:
37:4d:32:1b:11:5a:4a:0a:38:ec:1e:c9:20:d0:3a:
54:a3:ed:09:6a:61:07:95:2c:5e:2a:43:cd:43:6c:
ab:d5:6a:7a:e6:9f:42:34:12:1a:34:7d:cf:28:35:
6f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:98:7B:DA:64:DD:73:DE:F2:9E:7C:7E:CE:18:F1:1F:EE:B7:DD:70
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:89:7f:0e:0e:25:01:ad:45:5b:c7:1e:73:49:41:f8:a2:a9:
3e:9f:a1:84:9e:e0:c2:c0:d6:1d:ee:94:66:b9:4f:9d:d0:e6:
2d:85:6d:ca:6a:2e:34:5a:b8:42:4c:c9:53:31:45:ea:16:71:
a5:73:b8:f1:c7:f7:22:1e:78:73:6a:e7:64:48:df:61:69:c8:
f8:bc:bf:93:6d:52:1b:69:62:b0:87:f9:71:28:c7:0f:8c:f5:
70:2f:a2:15:7d:56:47:ac:8c:63:d5:c5:31:6d:45:50:64:15:
05:4b:a0:dd:c9:47:de:1a:c1:0c:4a:87:8f:f8:fe:ce:09:7b:
26:14:65:2d:0c:83:e4:ea:4f:6d:ea:72:64:61:aa:40:f6:f7:
3b:12:16:9f:69:97:51:3f:21:c6:e4:85:0b:67:3a:e8:fb:8f:
cb:85:d9:02:c2:87:0e:1e:db:a3:d2:40:a5:1b:f2:ac:dc:63:
84:77:8c:ca:29:21:8e:5d:43:45:02:ef:7b:10:66:d0:98:01:
4d:72:fe:3b:42:25:08:9d:ed:73:c8:39:89:87:b4:3c:aa:34:
fe:08:83:a5:40:7c:f9:32:0b:83:4e:62:9e:27:b7:9c:b3:fe:
2e:b4:d5:74:7a:3b:cf:f2:a3:17:ec:2b:9c:b6:e7:6b:4e:7b:
23:1b:76:b3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiwy+2keDrZGr7/CglJZeXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwOTA3MDYwMDQxWhcNMjUwOTA4MDYwMDQxWjAzMTEwLwYDVQQD
EyhhYjk4N2JkYTY0ZGQ3M2RlZjI5ZTdjN2VjZTE4ZjExZmVlYjdkZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PvhsfD6WoM8Bm7N3YMMgf6Gey5/
ZnKzusGURhLwQNf4MCFLK/VXgZq5cBgHsHl9PLEWWPcaHlan/G+ZSBi3kNuqoM5t
SBFFLVH/mUGTuQjebTplICGicaUI5EoycrqRGHVu225y9PTWe9ol7JSNecKWOE5V
F+aWrn0aQLPk9GLicdVN/nTshV452LujrXIJqduV+CrLwkuzyU3JUQzRCVj8ofLR
BeQTu/EAXYUiilZYfO+f5GCtGYwWwvIiMGwSBWBqaonVRMUCtqwok6/JPMg3TTIb
EVpKCjjsHskg0DpUo+0JamEHlSxeKkPNQ2yr1Wp65p9CNBIaNH3PKDVvlQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKuYe9pk3XPe8p58fs4Y8R/ut91wMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIYl/Dg4l
Aa1FW8cec0lB+KKpPp+hhJ7gwsDWHe6UZrlPndDmLYVtymouNFq4QkzJUzFF6hZx
pXO48cf3Ih54c2rnZEjfYWnI+Ly/k21SG2lisIf5cSjHD4z1cC+iFX1WR6yMY9XF
MW1FUGQVBUug3clH3hrBDEqHj/j+zgl7JhRlLQyD5OpPbepyZGGqQPb3OxIWn2mX
UT8hxuSFC2c66PuPy4XZAsKHDh7bo9JApRvyrNxjhHeMyikhjl1DRQLvexBm0JgB
TXL+O0IlCJ3tc8g5iYe0PKo0/giDpUB8+TILg05inie3nLP+LrTVdHo7z/KjF+wr
nLbna057Ixt2sw==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:38:37 2025 by rpki-client