Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/3d18dc-73c6-4c6f-8c28-5a57234ddb76/1/zUNP2FkiOudujXhkipNylejs15o.mft
File: zUNP2FkiOudujXhkipNylejs15o.mft (raw, json)
Hash identifier: 9gGsJsCuwAFjjGOQmVsK1oQ/V7L9ks729P7ORiaQEf0=
Subject key identifier: 3A:D7:05:1A:1C:93:82:B6:2A:CD:79:6E:D6:1A:C7:4A:44:5B:59:92
Authority key identifier: CD:43:4F:D8:59:22:3A:E7:6E:8D:78:64:8A:93:72:95:E8:EC:D7:9A
Certificate issuer: /CN=cd434fd859223ae76e8d78648a937295e8ecd79a
Certificate serial: 019A71B83E7B478237FD17856DDEDD672D0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUNP2FkiOudujXhkipNylejs15o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/3d18dc-73c6-4c6f-8c28-5a57234ddb76/1/zUNP2FkiOudujXhkipNylejs15o.mft
Manifest number: 06CC
Signing time: Tue 11 Nov 2025 07:01:31 +0000
Manifest this update: Tue 11 Nov 2025 07:01:31 +0000
Manifest next update: Wed 12 Nov 2025 07:01:31 +0000
Files and hashes: 1: R9FIW-YXitjJpX1Q3jcy6-oEIFI.roa (hash: UPbldeCj6tFYKOIutM8BR+cGGez6vIB0/3ZKKmpjUZo=)
2: zUNP2FkiOudujXhkipNylejs15o.crl (hash: fe+fqoHmL+IFcOLWHCmBfPfVdTirzYVOZt0gmGw1OaI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/3d18dc-73c6-4c6f-8c28-5a57234ddb76/1/zUNP2FkiOudujXhkipNylejs15o.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/3d18dc-73c6-4c6f-8c28-5a57234ddb76/1/zUNP2FkiOudujXhkipNylejs15o.mft
rsync://rpki.ripe.net/repository/DEFAULT/zUNP2FkiOudujXhkipNylejs15o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:3e:7b:47:82:37:fd:17:85:6d:de:dd:67:2d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd434fd859223ae76e8d78648a937295e8ecd79a
Validity
Not Before: Nov 11 07:01:31 2025 GMT
Not After : Nov 12 07:01:31 2025 GMT
Subject: CN=3ad7051a1c9382b62acd796ed61ac74a445b5992
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:82:00:fb:5f:e8:a0:fa:00:2f:9d:a4:1a:ac:
b4:58:a0:bf:93:cd:3c:97:bd:a6:59:6f:f6:54:0e:
9e:c3:67:58:ca:1a:cf:08:54:dd:34:ef:1c:bd:7f:
22:d2:77:cb:f6:1e:77:4f:15:9a:bc:33:6b:31:76:
46:db:b2:5d:af:a0:41:c0:fd:40:75:fd:c2:04:0f:
a3:fa:47:25:c8:41:0b:40:bb:65:df:df:73:f9:50:
b9:fd:5f:2c:04:71:d5:28:63:d2:4c:d0:de:44:5b:
16:cc:96:65:5e:e3:55:f9:26:85:e5:28:a5:f9:b6:
08:f7:f3:0c:ff:23:e4:d4:bb:d0:43:c2:38:f9:23:
4d:9b:98:91:64:81:47:84:a7:7e:36:42:4d:55:fa:
13:b9:fe:35:8b:af:00:da:0c:07:00:0d:a2:44:52:
c8:2f:80:a4:cc:62:5e:00:ca:6e:8b:1d:dc:8b:dc:
98:44:03:97:ee:05:f6:1a:de:49:da:6c:89:00:49:
6a:21:c5:35:37:dc:55:e3:34:58:2e:a4:8a:7f:da:
32:b5:e7:a4:98:ca:76:36:3f:44:66:92:04:b6:ff:
4f:ce:9e:d3:3b:67:db:60:c0:6b:b0:36:bc:1f:35:
09:50:5c:7c:39:b6:cf:da:1f:85:9e:45:95:99:09:
21:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D7:05:1A:1C:93:82:B6:2A:CD:79:6E:D6:1A:C7:4A:44:5B:59:92
X509v3 Authority Key Identifier:
keyid:CD:43:4F:D8:59:22:3A:E7:6E:8D:78:64:8A:93:72:95:E8:EC:D7:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUNP2FkiOudujXhkipNylejs15o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3d18dc-73c6-4c6f-8c28-5a57234ddb76/1/zUNP2FkiOudujXhkipNylejs15o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/3d18dc-73c6-4c6f-8c28-5a57234ddb76/1/zUNP2FkiOudujXhkipNylejs15o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:16:81:28:d2:9b:3a:30:14:2a:35:79:a7:03:e8:cf:8e:7a:
77:7e:25:37:e7:38:63:7e:7a:af:99:b1:5a:57:2f:42:15:b8:
01:a0:2a:56:8c:d0:57:84:88:68:df:04:00:12:35:e4:b1:1e:
5d:12:47:54:9d:ea:7f:59:eb:8c:63:51:00:68:64:b2:10:6d:
c6:9d:e1:f6:73:f9:9a:bc:52:d5:78:f9:ea:d8:53:64:8c:68:
92:7e:6e:ef:f9:24:53:1b:2d:c7:8a:e5:c1:0d:ec:2f:7d:45:
20:69:92:8b:18:c6:ae:ed:31:61:d7:56:93:73:21:7a:de:a0:
87:72:b6:ad:8b:55:12:91:7a:b7:c4:e3:a3:87:20:9d:c1:a9:
f9:51:ce:c1:9c:06:89:9c:d2:88:7f:5d:f1:ec:ae:66:d5:fb:
c9:c2:3b:51:5d:6d:51:84:0b:20:17:1a:4c:51:95:e6:de:78:
06:cb:93:cf:38:15:06:3d:4c:e7:4a:5a:3e:65:e5:58:d0:41:
29:db:85:9d:71:5c:11:e1:27:31:bb:e0:32:59:8e:38:84:47:
84:b7:0c:ed:84:91:3a:63:f8:c4:14:22:3c:ad:73:d8:6e:06:
60:0d:83:8d:d2:d5:ca:bc:65:12:db:d7:67:2f:40:be:fa:db:
8b:22:db:6e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuD57R4I3/ReFbd7dZy0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNDM0ZmQ4NTkyMjNhZTc2ZThkNzg2NDhhOTM3Mjk1ZThl
Y2Q3OWEwHhcNMjUxMTExMDcwMTMxWhcNMjUxMTEyMDcwMTMxWjAzMTEwLwYDVQQD
EygzYWQ3MDUxYTFjOTM4MmI2MmFjZDc5NmVkNjFhYzc0YTQ0NWI1OTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oIA+1/ooPoAL52kGqy0WKC/k808
l72mWW/2VA6ew2dYyhrPCFTdNO8cvX8i0nfL9h53TxWavDNrMXZG27Jdr6BBwP1A
df3CBA+j+kclyEELQLtl399z+VC5/V8sBHHVKGPSTNDeRFsWzJZlXuNV+SaF5Sil
+bYI9/MM/yPk1LvQQ8I4+SNNm5iRZIFHhKd+NkJNVfoTuf41i68A2gwHAA2iRFLI
L4CkzGJeAMpuix3ci9yYRAOX7gX2Gt5J2myJAElqIcU1N9xV4zRYLqSKf9oyteek
mMp2Nj9EZpIEtv9Pzp7TO2fbYMBrsDa8HzUJUFx8ObbP2h+FnkWVmQkhOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrXBRock4K2Ks15btYax0pEW1mSMB8GA1UdIwQY
MBaAFM1DT9hZIjrnbo14ZIqTcpXo7NeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelVOUDJGa2lPdWR1alhoa2lwTnlsZWpzMTVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zZDE4ZGMtNzNjNi00YzZmLThjMjgt
NWE1NzIzNGRkYjc2LzEvelVOUDJGa2lPdWR1alhoa2lwTnlsZWpzMTVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zZDE4ZGMtNzNjNi00YzZmLThjMjgtNWE1NzIzNGRkYjc2
LzEvelVOUDJGa2lPdWR1alhoa2lwTnlsZWpzMTVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAihaBKNKb
OjAUKjV5pwPoz456d34lN+c4Y356r5mxWlcvQhW4AaAqVozQV4SIaN8EABI15LEe
XRJHVJ3qf1nrjGNRAGhkshBtxp3h9nP5mrxS1Xj56thTZIxokn5u7/kkUxstx4rl
wQ3sL31FIGmSixjGru0xYddWk3Mhet6gh3K2rYtVEpF6t8Tjo4cgncGp+VHOwZwG
iZzSiH9d8eyuZtX7ycI7UV1tUYQLIBcaTFGV5t54BsuTzzgVBj1M50paPmXlWNBB
KduFnXFcEeEnMbvgMlmOOIRHhLcM7YSROmP4xBQiPK1z2G4GYA2DjdLVyrxlEtvX
Zy9AvvrbiyLbbg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:20:24 2025 by rpki-client