Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
File: g-ZAPPcyIcEX6km8kjT-b0oR14A.mft (raw, json)
Hash identifier: d/B65Wcv4jqfsdmWC6C+TzrxNyjdJn4RZcUyB87GUEA=
Subject key identifier: 97:67:F4:44:34:48:74:F8:80:D6:A4:74:A4:31:E9:5F:2E:75:86:DD
Authority key identifier: 83:E6:40:3C:F7:32:21:C1:17:EA:49:BC:92:34:FE:6F:4A:11:D7:80
Certificate issuer: /CN=83e6403cf73221c117ea49bc9234fe6f4a11d780
Certificate serial: 0197C49358AB0375D76BE7F96E85B10F252D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-ZAPPcyIcEX6km8kjT-b0oR14A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
Manifest number: 10AF
Signing time: Tue 01 Jul 2025 06:01:20 +0000
Manifest this update: Tue 01 Jul 2025 06:01:20 +0000
Manifest next update: Wed 02 Jul 2025 06:01:20 +0000
Files and hashes: 1: F478KPNWaWgwHEjAUDWV7KlTqQA.roa (hash: fiVEyWrn82XeJgJcuTMWEO2YQxgfDNcoh754eidkrnE=)
2: g-ZAPPcyIcEX6km8kjT-b0oR14A.crl (hash: NPhbTLlNubCD1F493JyWlYDKHtim2HQI6yZZU2FJTyI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
rsync://rpki.ripe.net/repository/DEFAULT/g-ZAPPcyIcEX6km8kjT-b0oR14A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 06:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c4:93:58:ab:03:75:d7:6b:e7:f9:6e:85:b1:0f:25:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83e6403cf73221c117ea49bc9234fe6f4a11d780
Validity
Not Before: Jul 1 06:01:20 2025 GMT
Not After : Jul 2 06:01:20 2025 GMT
Subject: CN=9767f444344874f880d6a474a431e95f2e7586dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f2:8d:69:3a:28:40:3f:de:65:75:51:6b:95:
44:47:08:f8:2c:99:60:08:cf:b6:f4:a6:f9:7e:13:
dc:9f:c5:50:b7:83:c6:7e:f3:da:99:8e:40:66:27:
23:d5:aa:96:68:4d:2f:83:ef:97:e2:7a:a5:51:fc:
58:b1:2a:bc:4d:9c:4b:72:bb:3a:8a:a1:02:70:56:
c5:0f:d6:3f:b0:0f:07:e8:53:0e:59:8a:0c:74:bb:
e2:d1:03:f6:3e:4d:71:b9:5c:cf:4a:e8:9e:ba:4b:
68:0d:bb:53:eb:44:18:b6:de:4d:ab:f7:8f:60:e7:
34:ae:db:61:53:d6:45:aa:36:4d:0f:66:9f:67:7c:
fa:15:b4:42:11:14:e2:b5:9a:81:83:ab:a6:29:6f:
eb:0e:c9:4e:69:5d:25:2d:41:8b:93:af:4a:68:a1:
3e:0b:2f:dc:41:24:7a:15:55:5d:55:04:e7:3b:99:
9e:56:31:36:09:8f:90:13:ed:08:00:4d:7c:b9:d3:
77:a1:d5:4e:61:0f:fe:6b:64:94:43:82:f4:a6:62:
54:bc:5b:01:03:56:ad:cf:57:ed:17:df:4a:8a:f2:
25:74:47:3a:61:9a:d0:fb:1e:94:07:f0:c5:9c:78:
da:08:0b:b4:71:8e:c3:c7:63:53:f7:e9:84:22:02:
61:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:67:F4:44:34:48:74:F8:80:D6:A4:74:A4:31:E9:5F:2E:75:86:DD
X509v3 Authority Key Identifier:
keyid:83:E6:40:3C:F7:32:21:C1:17:EA:49:BC:92:34:FE:6F:4A:11:D7:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-ZAPPcyIcEX6km8kjT-b0oR14A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/09c3b1-72eb-433a-96cb-48777aa961e9/1/g-ZAPPcyIcEX6km8kjT-b0oR14A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:a1:b4:f4:f0:b0:fc:2a:31:83:44:16:01:58:48:95:c0:ea:
87:b9:50:04:b9:f5:53:df:6e:9d:6e:0d:13:72:04:76:ca:80:
4e:8d:14:58:1f:aa:ff:30:84:5d:e3:db:e2:d2:26:2f:79:fa:
6e:25:b4:0a:25:f6:6a:99:35:f8:93:6b:ff:bb:0b:17:45:c9:
f9:2e:64:3c:ed:3b:5e:33:d9:20:2f:7a:f6:cc:8e:21:f7:fa:
28:f1:7b:01:12:56:a8:3b:4b:60:0e:f2:f2:12:30:80:f4:aa:
9b:db:6e:9e:5e:0f:0b:c6:cd:85:ab:e1:7c:fa:1c:e1:1d:b2:
0b:20:b5:a1:da:1c:1e:5a:ea:d1:74:b1:7b:65:25:dd:46:bd:
9d:dd:f5:af:20:49:a3:4a:92:50:a5:c7:b4:e4:5d:58:16:97:
ca:dd:83:ad:26:a7:58:b7:f5:45:9c:83:0c:43:44:8f:18:80:
12:41:5c:62:e2:d1:f7:aa:2c:66:e7:ad:58:12:97:f6:77:f5:
63:99:02:c5:05:69:ab:1b:e1:91:ab:b1:82:ca:17:ae:48:e9:
95:fb:40:35:b0:9d:a8:66:62:c4:8f:1a:0e:84:28:7a:97:09:
cb:24:33:81:11:e5:d1:d3:ae:f9:64:c8:fb:f0:b5:ef:6c:4c:
75:ef:37:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZfEk1irA3XXa+f5boWxDyUtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZTY0MDNjZjczMjIxYzExN2VhNDliYzkyMzRmZTZmNGEx
MWQ3ODAwHhcNMjUwNzAxMDYwMTIwWhcNMjUwNzAyMDYwMTIwWjAzMTEwLwYDVQQD
Eyg5NzY3ZjQ0NDM0NDg3NGY4ODBkNmE0NzRhNDMxZTk1ZjJlNzU4NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfKNaTooQD/eZXVRa5VERwj4LJlg
CM+29Kb5fhPcn8VQt4PGfvPamY5AZicj1aqWaE0vg++X4nqlUfxYsSq8TZxLcrs6
iqECcFbFD9Y/sA8H6FMOWYoMdLvi0QP2Pk1xuVzPSuieuktoDbtT60QYtt5Nq/eP
YOc0rtthU9ZFqjZND2afZ3z6FbRCERTitZqBg6umKW/rDslOaV0lLUGLk69KaKE+
Cy/cQSR6FVVdVQTnO5meVjE2CY+QE+0IAE18udN3odVOYQ/+a2SUQ4L0pmJUvFsB
A1atz1ftF99KivIldEc6YZrQ+x6UB/DFnHjaCAu0cY7Dx2NT9+mEIgJhbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJdn9EQ0SHT4gNakdKQx6V8udYbdMB8GA1UdIwQY
MBaAFIPmQDz3MiHBF+pJvJI0/m9KEdeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy1aQVBQY3lJY0VYNmttOGtqVC1iMG9SMTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8wOWMzYjEtNzJlYi00MzNhLTk2Y2It
NDg3NzdhYTk2MWU5LzEvZy1aQVBQY3lJY0VYNmttOGtqVC1iMG9SMTRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8wOWMzYjEtNzJlYi00MzNhLTk2Y2ItNDg3NzdhYTk2MWU5
LzEvZy1aQVBQY3lJY0VYNmttOGtqVC1iMG9SMTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKKG09PCw
/Coxg0QWAVhIlcDqh7lQBLn1U99unW4NE3IEdsqATo0UWB+q/zCEXePb4tImL3n6
biW0CiX2apk1+JNr/7sLF0XJ+S5kPO07XjPZIC969syOIff6KPF7ARJWqDtLYA7y
8hIwgPSqm9tunl4PC8bNhavhfPoc4R2yCyC1odocHlrq0XSxe2Ul3Ua9nd31ryBJ
o0qSUKXHtORdWBaXyt2DrSanWLf1RZyDDENEjxiAEkFcYuLR96osZuetWBKX9nf1
Y5kCxQVpqxvhkauxgsoXrkjplftANbCdqGZixI8aDoQoepcJyyQzgRHl0dOu+WTI
+/C172xMde83jg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 14:39:19 2025 by rpki-client