Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft
File: zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft (raw, json)
Hash identifier: X4y8YVDl6ZpuVEdO/Or/8Ei/ARX49LJVs522vtmtwA8=
Subject key identifier: E4:B3:F9:A3:FC:88:F0:18:2B:85:DA:DD:9E:8A:23:1C:63:53:FC:5B
Authority key identifier: CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96
Certificate issuer: /CN=cdba6d5704fd290d0e073376eda688717564d196
Certificate serial: 0199FB7CE97BE96A7A103016C7ED51384EC5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft
Manifest number: 0D88
Signing time: Sun 19 Oct 2025 08:01:31 +0000
Manifest this update: Sun 19 Oct 2025 08:01:31 +0000
Manifest next update: Mon 20 Oct 2025 08:01:31 +0000
Files and hashes: 1: FwAUcIE-PlUBJk-lyofvjIK4_Vk.roa (hash: 7pDJDV3PAprmagYY0WEztJ7b9H5DGoPcWbYIPWhc9l8=)
2: zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl (hash: y0+phJbhqqabBjjS/lvI9x+sJHffy5kahAIcPD0vpBI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7c:e9:7b:e9:6a:7a:10:30:16:c7:ed:51:38:4e:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdba6d5704fd290d0e073376eda688717564d196
Validity
Not Before: Oct 19 08:01:31 2025 GMT
Not After : Oct 20 08:01:31 2025 GMT
Subject: CN=e4b3f9a3fc88f0182b85dadd9e8a231c6353fc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:04:c3:3a:cf:1e:30:b6:62:5e:f7:1c:48:30:
4f:e5:0c:59:92:a5:78:29:7d:e3:5c:f4:1e:99:98:
74:e0:3e:88:a9:61:15:a4:f6:9d:76:62:f3:46:1f:
43:6e:db:11:3d:bc:89:60:75:74:bd:89:fb:c0:43:
20:bb:c7:d7:f4:cf:2b:d4:82:bd:6a:6c:8a:15:f4:
df:34:ae:59:e1:88:66:bf:ee:d3:2c:95:70:a6:83:
f5:6f:fb:9e:36:ad:d7:6b:31:8f:57:9c:30:34:e6:
b8:2b:9a:71:df:b8:d7:f5:60:b7:72:f6:8c:38:c6:
2f:38:4e:82:55:7b:08:8f:fe:0d:99:88:fd:38:fd:
34:91:d5:16:e3:f1:c2:c7:8e:83:3a:80:c8:8b:af:
1b:6b:9a:09:33:88:8e:f8:09:d1:26:f7:84:69:4d:
5c:b3:8d:af:a1:d1:51:ea:7b:c0:1d:48:fa:74:50:
71:8c:ca:b7:dd:a9:6c:ce:51:87:c8:46:fe:5b:e3:
1c:fe:70:31:20:d5:9c:c1:24:9c:85:b1:d0:82:c9:
fd:08:3e:a5:53:b0:00:02:ea:ff:01:50:5b:58:ef:
18:d2:5a:67:f6:5b:fd:34:16:52:18:96:0a:4c:41:
b5:c1:c5:60:73:fb:1d:05:04:bc:72:65:0b:4d:7c:
ec:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:B3:F9:A3:FC:88:F0:18:2B:85:DA:DD:9E:8A:23:1C:63:53:FC:5B
X509v3 Authority Key Identifier:
keyid:CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:26:14:1f:75:60:b0:62:28:a0:37:e5:ab:bd:0f:a7:d5:06:
dc:ed:c8:0c:c5:d2:a0:d2:2f:3c:71:28:15:7e:fe:13:8e:93:
1c:b6:36:f7:a1:ed:66:31:ff:fe:4d:46:57:c6:f1:66:ae:fa:
d0:d9:af:fb:aa:b9:e4:5a:22:99:61:dc:c8:f8:6f:ca:38:9f:
f5:7d:e3:c0:10:06:84:33:ce:b2:a4:35:ed:31:26:52:61:8b:
05:7f:51:ac:06:b8:9e:25:27:60:57:07:bd:2e:b8:f2:12:aa:
09:78:b7:f8:1e:1e:55:70:33:b2:f5:cd:6f:56:ae:99:df:ac:
62:b3:d4:b4:a8:d2:49:1b:c0:19:29:53:28:71:9e:b7:7e:c0:
9b:cf:06:12:18:50:e0:7e:a0:95:70:30:98:c7:1e:ed:ee:44:
52:f6:54:ed:a0:03:fd:e1:1a:02:42:b9:6a:b0:37:54:8d:7a:
93:8a:24:7b:99:8e:77:93:b5:6b:74:5b:19:29:92:ec:56:24:
97:af:16:1d:03:71:81:3a:65:10:b3:99:b7:f7:a5:66:40:c7:
52:b0:9f:73:42:6f:8a:1a:e0:a3:43:5b:5d:0b:de:9a:6d:f3:
4e:ed:22:de:c0:dd:76:82:48:3c:39:85:e1:af:68:eb:4d:f8:
3f:16:ba:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fOl76Wp6EDAWx+1ROE7FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYmE2ZDU3MDRmZDI5MGQwZTA3MzM3NmVkYTY4ODcxNzU2
NGQxOTYwHhcNMjUxMDE5MDgwMTMxWhcNMjUxMDIwMDgwMTMxWjAzMTEwLwYDVQQD
EyhlNGIzZjlhM2ZjODhmMDE4MmI4NWRhZGQ5ZThhMjMxYzYzNTNmYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ATDOs8eMLZiXvccSDBP5QxZkqV4
KX3jXPQemZh04D6IqWEVpPaddmLzRh9DbtsRPbyJYHV0vYn7wEMgu8fX9M8r1IK9
amyKFfTfNK5Z4Yhmv+7TLJVwpoP1b/ueNq3XazGPV5wwNOa4K5px37jX9WC3cvaM
OMYvOE6CVXsIj/4NmYj9OP00kdUW4/HCx46DOoDIi68ba5oJM4iO+AnRJveEaU1c
s42vodFR6nvAHUj6dFBxjMq33alszlGHyEb+W+Mc/nAxINWcwSSchbHQgsn9CD6l
U7AAAur/AVBbWO8Y0lpn9lv9NBZSGJYKTEG1wcVgc/sdBQS8cmULTXzsiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOSz+aP8iPAYK4Xa3Z6KIxxjU/xbMB8GA1UdIwQY
MBaAFM26bVcE/SkNDgczdu2miHF1ZNGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTkt
YTQ2MTE2OWYxZGMyLzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTktYTQ2MTE2OWYxZGMy
LzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApCYUH3Vg
sGIooDflq70Pp9UG3O3IDMXSoNIvPHEoFX7+E46THLY296HtZjH//k1GV8bxZq76
0Nmv+6q55FoimWHcyPhvyjif9X3jwBAGhDPOsqQ17TEmUmGLBX9RrAa4niUnYFcH
vS648hKqCXi3+B4eVXAzsvXNb1aumd+sYrPUtKjSSRvAGSlTKHGet37Am88GEhhQ
4H6glXAwmMce7e5EUvZU7aAD/eEaAkK5arA3VI16k4oke5mOd5O1a3RbGSmS7FYk
l68WHQNxgTplELOZt/elZkDHUrCfc0Jvihrgo0NbXQvemm3zTu0i3sDddoJIPDmF
4a9o6034Pxa6hw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:09:53 2025 by rpki-client