Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
File: ZhBOT32fONjiKi0yvgGQMZMMGkc.mft (raw, json)
Hash identifier: 5JT5FHpBbWzNOs9elp4i9jbG0mb8diPlJ8PxvJJNND0=
Subject key identifier: 42:9A:7F:20:D9:9F:5E:62:23:3E:65:F2:7E:3E:04:47:71:8E:F8:42
Authority key identifier: 66:10:4E:4F:7D:9F:38:D8:E2:2A:2D:32:BE:01:90:31:93:0C:1A:47
Certificate issuer: /CN=66104e4f7d9f38d8e22a2d32be019031930c1a47
Certificate serial: 0199FC214BAA465A398944B029789D4DDEC9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 11:01:04 +0000
Manifest this update: Sun 19 Oct 2025 11:01:04 +0000
Manifest next update: Mon 20 Oct 2025 11:01:04 +0000
Files and hashes: 1: CBx-FeJj7z4oTrZiVmY-MbHnzM4.roa (hash: 1bONPKFzyDS/3APoxZR25vqyDAsgCQifSMXpTfL4F0s=)
2: WxxzockSF-0jbEBubYwjKIfgtaw.roa (hash: uNom3cZ42KKzlsjBXTYNfCi+Ksse/PrjCfplRbo7jWE=)
3: ZhBOT32fONjiKi0yvgGQMZMMGkc.crl (hash: i5Zl8JPuUv25P5H7dQUdctg5eKrIEtgzzkL3dKHYLRo=)
4: hAuohYiSHygUFUxTjuX1SWN5QDE.roa (hash: MotGMSUysnMBdzXEwoyDH1EBq/l4jrQRez7lyisrMeA=)
5: n6ANVJpjfADW-mInHpVlhLdkL5w.roa (hash: E28ZlsfhOnBkyIyOKkYfx6xyMrKE5R52d/SAANOKtIs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:4b:aa:46:5a:39:89:44:b0:29:78:9d:4d:de:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66104e4f7d9f38d8e22a2d32be019031930c1a47
Validity
Not Before: Oct 19 11:01:04 2025 GMT
Not After : Oct 20 11:01:04 2025 GMT
Subject: CN=429a7f20d99f5e62233e65f27e3e0447718ef842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:2b:2f:8c:fd:49:bb:fd:32:77:de:89:88:b1:
33:1d:67:c5:08:4c:c7:10:25:a7:12:ac:09:8c:6f:
d5:d8:a9:ef:02:65:1f:3b:fd:11:87:23:48:3a:d5:
2d:62:71:6e:c7:cb:da:04:b3:54:77:7d:33:42:2d:
07:2c:af:6d:d2:d8:75:5a:5f:ac:b6:bb:71:c6:70:
40:a1:1d:ed:af:47:89:ce:a8:5a:cb:76:cb:32:45:
b0:b2:ce:d4:99:ca:f5:ea:e1:ae:bb:73:21:71:21:
bd:50:d7:bf:9c:0b:76:8b:48:17:19:b7:de:50:52:
39:e1:1a:5c:c9:1c:a2:fb:75:94:0c:c1:69:ff:b4:
32:e5:8c:8f:05:e7:c1:05:18:06:9c:e7:9d:2e:26:
63:78:63:6b:85:3b:59:91:6a:56:76:a5:f2:53:15:
c7:57:8c:bc:6e:58:12:b8:5d:dd:17:5a:a5:c5:49:
5e:6e:a1:e1:e2:9e:4e:bb:1c:8a:62:a0:de:e2:76:
77:9b:47:20:86:c9:67:fe:84:3d:ea:0f:70:a3:a6:
e9:89:e6:98:92:85:90:c9:f1:b9:a8:e5:04:8e:6b:
df:18:5e:46:69:59:e3:83:a3:19:1c:8d:41:36:82:
34:74:01:2c:37:1b:07:8f:63:25:e0:e1:1b:a2:42:
54:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:9A:7F:20:D9:9F:5E:62:23:3E:65:F2:7E:3E:04:47:71:8E:F8:42
X509v3 Authority Key Identifier:
keyid:66:10:4E:4F:7D:9F:38:D8:E2:2A:2D:32:BE:01:90:31:93:0C:1A:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhBOT32fONjiKi0yvgGQMZMMGkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/82d222-2202-45f2-b904-47472ed3becb/1/ZhBOT32fONjiKi0yvgGQMZMMGkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:21:3a:65:42:98:02:93:3d:be:68:25:f0:28:62:16:ec:41:
57:fb:6a:f0:c9:a4:5e:4a:88:b5:08:93:2e:9d:4f:3c:9a:ab:
05:de:d5:0c:08:b5:77:01:c1:2f:a9:85:3f:8c:8a:9a:1a:c1:
d1:8d:81:5b:de:47:81:11:12:43:b9:c1:6e:78:5c:78:83:ef:
64:d9:8d:99:49:0e:5f:09:1a:5e:71:1b:9c:89:8f:5e:7a:c1:
64:58:85:2f:73:98:a9:e6:37:ad:cc:03:66:97:63:93:c8:0a:
7b:8f:13:e3:69:de:8c:27:55:e3:a3:66:60:74:ab:2f:07:3e:
3b:92:8f:b2:33:a5:fa:16:15:2c:03:da:8d:82:6c:f6:34:d1:
5f:0f:35:cb:ed:ea:70:49:84:21:3e:e6:15:30:92:25:a3:61:
2d:54:ed:f0:7e:84:4f:b9:0b:08:f8:b0:e1:51:d6:e1:cb:d5:
07:d9:44:d4:d1:39:0a:72:08:af:8b:c9:10:a1:1b:91:e4:df:
8b:7d:a1:e2:b2:2a:93:83:f2:55:15:91:6a:b3:53:81:7c:c8:
25:45:8e:2f:92:f7:1d:bd:8f:18:e7:60:1d:6a:e9:ba:06:a1:
97:9b:99:38:cb:0e:75:6f:48:63:79:0e:e9:3e:54:a9:f2:59:
1a:6c:b2:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IUuqRlo5iUSwKXidTd7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MTA0ZTRmN2Q5ZjM4ZDhlMjJhMmQzMmJlMDE5MDMxOTMw
YzFhNDcwHhcNMjUxMDE5MTEwMTA0WhcNMjUxMDIwMTEwMTA0WjAzMTEwLwYDVQQD
Eyg0MjlhN2YyMGQ5OWY1ZTYyMjMzZTY1ZjI3ZTNlMDQ0NzcxOGVmODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSsvjP1Ju/0yd96JiLEzHWfFCEzH
ECWnEqwJjG/V2KnvAmUfO/0RhyNIOtUtYnFux8vaBLNUd30zQi0HLK9t0th1Wl+s
trtxxnBAoR3tr0eJzqhay3bLMkWwss7Umcr16uGuu3MhcSG9UNe/nAt2i0gXGbfe
UFI54RpcyRyi+3WUDMFp/7Qy5YyPBefBBRgGnOedLiZjeGNrhTtZkWpWdqXyUxXH
V4y8blgSuF3dF1qlxUlebqHh4p5OuxyKYqDe4nZ3m0cghsln/oQ96g9wo6bpieaY
koWQyfG5qOUEjmvfGF5GaVnjg6MZHI1BNoI0dAEsNxsHj2Ml4OEbokJUJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKafyDZn15iIz5l8n4+BEdxjvhCMB8GA1UdIwQY
MBaAFGYQTk99nzjY4iotMr4BkDGTDBpHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84MmQyMjItMjIwMi00NWYyLWI5MDQt
NDc0NzJlZDNiZWNiLzEvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84MmQyMjItMjIwMi00NWYyLWI5MDQtNDc0NzJlZDNiZWNi
LzEvWmhCT1QzMmZPTmppS2kweXZnR1FNWk1NR2tjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADyE6ZUKY
ApM9vmgl8ChiFuxBV/tq8MmkXkqItQiTLp1PPJqrBd7VDAi1dwHBL6mFP4yKmhrB
0Y2BW95HgRESQ7nBbnhceIPvZNmNmUkOXwkaXnEbnImPXnrBZFiFL3OYqeY3rcwD
Zpdjk8gKe48T42nejCdV46NmYHSrLwc+O5KPsjOl+hYVLAPajYJs9jTRXw81y+3q
cEmEIT7mFTCSJaNhLVTt8H6ET7kLCPiw4VHW4cvVB9lE1NE5CnIIr4vJEKEbkeTf
i32h4rIqk4PyVRWRarNTgXzIJUWOL5L3Hb2PGOdgHWrpugahl5uZOMsOdW9IY3kO
6T5UqfJZGmyyjg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:31:52 2025 by rpki-client