Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
File: g-ZAPPcyIcEX6km8kjT-b0oR14A.mft (raw, json)
Hash identifier: gniMLFPh4MVVJ1GEroh09AZV64HR9Wp1fPP9HdQk3uA=
Subject key identifier: D3:4D:DE:FE:0D:4D:E5:B7:23:52:ED:47:0C:C2:1A:09:91:B6:E7:52
Authority key identifier: 83:E6:40:3C:F7:32:21:C1:17:EA:49:BC:92:34:FE:6F:4A:11:D7:80
Certificate issuer: /CN=83e6403cf73221c117ea49bc9234fe6f4a11d780
Certificate serial: 0199FFFE5C57CCC86C23A7CE2378E0E02CAB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-ZAPPcyIcEX6km8kjT-b0oR14A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
Manifest number: 11D7
Signing time: Mon 20 Oct 2025 05:01:23 +0000
Manifest this update: Mon 20 Oct 2025 05:01:23 +0000
Manifest next update: Tue 21 Oct 2025 05:01:23 +0000
Files and hashes: 1: Z__qWjsTqKN6H6Uy48R_joDrg6A.roa (hash: hy+rnvr7Ps+zzGaNk6QHsEt8A1/U9k/JFaxCitWq0s8=)
2: g-ZAPPcyIcEX6km8kjT-b0oR14A.crl (hash: Q8eIC4VRTeRzQoehstDNBVCPhJSG2E/Ai6pf+rRzlAo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
rsync://rpki.ripe.net/repository/DEFAULT/g-ZAPPcyIcEX6km8kjT-b0oR14A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:fe:5c:57:cc:c8:6c:23:a7:ce:23:78:e0:e0:2c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83e6403cf73221c117ea49bc9234fe6f4a11d780
Validity
Not Before: Oct 20 05:01:23 2025 GMT
Not After : Oct 21 05:01:23 2025 GMT
Subject: CN=d34ddefe0d4de5b72352ed470cc21a0991b6e752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ec:a1:36:5d:e5:72:34:10:64:1a:74:bb:a9:
08:1f:3e:ae:c8:26:74:85:ab:76:4f:72:0a:6a:fa:
3b:31:5a:75:68:ae:9c:83:e8:37:f5:3a:f7:35:11:
cf:ff:f2:fa:aa:24:4c:58:4d:85:b4:52:0c:47:a6:
cf:3a:bc:e8:f5:a7:0f:23:a3:8f:54:cf:2e:9b:01:
89:c2:2e:1f:08:94:d7:cc:d4:57:bf:02:48:e7:00:
d5:c3:23:c3:94:c5:2f:da:d6:00:49:e8:60:15:70:
0b:86:2d:3b:19:3c:1e:7c:9a:a9:7b:40:41:c6:2b:
9d:d3:fc:5e:fb:55:37:f4:d5:22:fd:dd:95:9d:8b:
bb:87:e4:5a:26:e6:9f:9c:ee:b6:76:bb:99:88:22:
a9:19:b8:07:4d:e4:f9:1c:5b:ca:0b:1f:32:15:e7:
29:a8:2d:f1:ee:41:29:78:9d:26:23:26:62:d8:d5:
88:27:51:e8:8a:c3:ae:39:1c:e6:67:02:b4:5f:aa:
87:93:a4:1e:23:10:c3:e7:ae:5a:b3:a0:f2:a8:a7:
7b:7e:b6:04:87:ee:69:9d:df:6d:90:37:60:21:4a:
76:77:ea:e2:25:61:84:e7:ed:31:65:86:b8:f0:0f:
1c:c6:32:30:f4:23:e4:22:f7:87:c5:2a:5a:4e:5d:
22:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:4D:DE:FE:0D:4D:E5:B7:23:52:ED:47:0C:C2:1A:09:91:B6:E7:52
X509v3 Authority Key Identifier:
keyid:83:E6:40:3C:F7:32:21:C1:17:EA:49:BC:92:34:FE:6F:4A:11:D7:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-ZAPPcyIcEX6km8kjT-b0oR14A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:e6:0f:34:db:ed:0b:5a:8e:ac:4b:2b:03:d0:54:22:f0:30:
57:35:4e:3f:7f:cd:ad:f9:4e:1d:22:96:29:70:59:44:05:a7:
ff:03:f4:ea:2d:59:9a:5d:37:34:1f:62:36:80:85:57:fa:36:
21:84:92:5c:2e:60:cd:bb:e2:03:aa:c6:df:ec:17:23:66:34:
c7:f4:41:60:83:d4:25:bb:71:82:96:90:5d:41:57:8a:38:83:
eb:33:d9:29:cf:e9:1b:2b:23:53:e4:21:7e:ed:4b:46:29:ed:
96:f4:e5:f0:ba:ba:e2:f0:d4:c7:94:38:ab:08:4c:fa:56:56:
aa:21:b3:4a:d3:3c:f0:32:76:af:c3:44:0f:13:8b:3d:15:a9:
35:70:df:00:99:e6:39:a4:72:fc:52:d8:f8:10:e5:6d:28:15:
b6:b8:fb:b0:bb:bc:23:73:3c:dd:32:71:38:22:d4:54:12:61:
09:4a:54:db:c7:dd:41:22:bf:74:e8:0e:f9:51:43:ce:f2:13:
7c:41:10:f3:f5:c3:5a:00:26:a9:ec:29:64:e2:22:6e:60:9a:
c5:e2:fa:c4:c2:b5:01:84:09:4c:fa:af:e4:89:84:4e:74:4f:
ed:9a:8f:be:22:32:98:a9:9e:f3:56:88:5f:1e:ab:39:88:71:
ac:60:d8:9f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn//lxXzMhsI6fOI3jg4CyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZTY0MDNjZjczMjIxYzExN2VhNDliYzkyMzRmZTZmNGEx
MWQ3ODAwHhcNMjUxMDIwMDUwMTIzWhcNMjUxMDIxMDUwMTIzWjAzMTEwLwYDVQQD
EyhkMzRkZGVmZTBkNGRlNWI3MjM1MmVkNDcwY2MyMWEwOTkxYjZlNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeyhNl3lcjQQZBp0u6kIHz6uyCZ0
hat2T3IKavo7MVp1aK6cg+g39Tr3NRHP//L6qiRMWE2FtFIMR6bPOrzo9acPI6OP
VM8umwGJwi4fCJTXzNRXvwJI5wDVwyPDlMUv2tYASehgFXALhi07GTwefJqpe0BB
xiud0/xe+1U39NUi/d2VnYu7h+RaJuafnO62druZiCKpGbgHTeT5HFvKCx8yFecp
qC3x7kEpeJ0mIyZi2NWIJ1HoisOuORzmZwK0X6qHk6QeIxDD565as6DyqKd7frYE
h+5pnd9tkDdgIUp2d+riJWGE5+0xZYa48A8cxjIw9CPkIveHxSpaTl0inQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNNN3v4NTeW3I1LtRwzCGgmRtudSMB8GA1UdIwQY
MBaAFIPmQDz3MiHBF+pJvJI0/m9KEdeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy1aQVBQY3lJY0VYNmttOGtqVC1iMG9SMTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8wOWMzYjEtNzJlYi00MzNhLTk2Y2It
NDg3NzdhYTk2MWU5LzEvZy1aQVBQY3lJY0VYNmttOGtqVC1iMG9SMTRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8wOWMzYjEtNzJlYi00MzNhLTk2Y2ItNDg3NzdhYTk2MWU5
LzEvZy1aQVBQY3lJY0VYNmttOGtqVC1iMG9SMTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg+YPNNvt
C1qOrEsrA9BUIvAwVzVOP3/NrflOHSKWKXBZRAWn/wP06i1Zml03NB9iNoCFV/o2
IYSSXC5gzbviA6rG3+wXI2Y0x/RBYIPUJbtxgpaQXUFXijiD6zPZKc/pGysjU+Qh
fu1LRintlvTl8Lq64vDUx5Q4qwhM+lZWqiGzStM88DJ2r8NEDxOLPRWpNXDfAJnm
OaRy/FLY+BDlbSgVtrj7sLu8I3M83TJxOCLUVBJhCUpU28fdQSK/dOgO+VFDzvIT
fEEQ8/XDWgAmqewpZOIibmCaxeL6xMK1AYQJTPqv5ImETnRP7ZqPviIymKme81aI
Xx6rOYhxrGDYnw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:03:07 2025 by rpki-client