Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
File: zK1o9-irrfRHJiM0OjJWFQciQYk.mft (raw, json)
Hash identifier: ZT4oT0kIB50uURX8K2FN8eZgFzfdDF5RPyTWWwjnyPM=
Subject key identifier: D2:C9:C2:29:83:99:A0:0A:23:8A:DD:8D:6B:BA:B8:70:41:E3:22:7E
Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
Certificate issuer: /CN=ccad68f7e8abadf4472623343a32561507224189
Certificate serial: 0197B8908B4452F20AE0CB45EB50B93235B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
Manifest number: 0726
Signing time: Sat 28 Jun 2025 22:02:49 +0000
Manifest this update: Sat 28 Jun 2025 22:02:49 +0000
Manifest next update: Sun 29 Jun 2025 22:02:49 +0000
Files and hashes: 1: UD4cQq7SyCABLCZHHC1Ou_EeL6M.roa (hash: tfgZKXi2rZuQqy6q4ZM+ZUGFDVqdyYkcUnUVHT5tgpI=)
2: zK1o9-irrfRHJiM0OjJWFQciQYk.crl (hash: DhMuSx3gVB7qUNw6nwk7W8V4iYxHlb9x6r6Iw3pSQ8I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b8:90:8b:44:52:f2:0a:e0:cb:45:eb:50:b9:32:35:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccad68f7e8abadf4472623343a32561507224189
Validity
Not Before: Jun 28 22:02:49 2025 GMT
Not After : Jun 29 22:02:49 2025 GMT
Subject: CN=d2c9c2298399a00a238add8d6bbab87041e3227e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:5f:b9:1f:1a:4e:e9:cc:c2:6c:bb:c2:c1:1b:
b3:32:4e:2c:e4:60:93:00:0d:3b:cd:4b:37:4e:e4:
af:2b:99:84:03:57:70:a9:b7:6a:8d:24:c6:5f:61:
77:d7:76:b8:db:c5:9b:9d:f6:86:fd:ac:e4:44:91:
05:66:b7:ac:94:4c:ea:c5:c9:ae:52:cf:70:4e:67:
f2:e9:53:df:9e:ba:5a:43:f0:69:57:35:d5:0a:4a:
4e:3d:8a:08:29:4c:95:ed:a0:5a:cc:16:4d:19:1d:
75:e0:33:4e:1d:3c:c3:62:ed:44:1f:c0:d9:fd:03:
2c:c9:74:41:3f:14:56:95:df:25:0d:ea:72:db:a1:
75:df:a0:26:aa:1b:30:93:8a:e9:30:9a:7a:66:1b:
ab:59:84:32:c3:e4:38:95:d7:6a:e5:e1:e5:c5:fb:
3c:d3:bf:14:5a:82:90:5a:27:20:91:cd:69:25:74:
62:2c:75:57:fe:56:98:42:29:41:76:86:39:5e:2f:
48:a7:b8:5c:dc:0e:90:ed:fd:e3:e5:93:1f:76:d9:
36:66:f0:0f:6f:c7:aa:1d:69:1e:35:7c:5a:ea:ac:
a8:d6:bc:4a:e6:d8:4b:c5:02:98:4f:df:02:3a:54:
9f:28:5a:ba:97:46:6d:fd:01:e1:ed:44:e5:84:73:
99:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C9:C2:29:83:99:A0:0A:23:8A:DD:8D:6B:BA:B8:70:41:E3:22:7E
X509v3 Authority Key Identifier:
keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:d0:9a:e3:33:50:24:09:b4:ef:55:c8:48:05:52:2e:76:34:
41:92:5a:54:fe:40:94:9a:76:10:0c:89:7d:4f:fc:20:67:20:
80:8d:56:b9:01:71:82:07:8a:4c:6f:af:01:3e:10:a3:6c:65:
07:9c:be:f2:58:5d:fc:93:d9:aa:7b:33:d3:ad:b7:7d:e5:53:
e8:7a:0d:4e:21:66:5f:14:8d:d5:e1:bd:b3:82:c6:69:7b:6c:
3f:34:ea:b9:cf:62:4d:f1:30:2b:51:ee:3f:12:9e:93:c8:0e:
88:3f:8c:6b:ea:00:54:90:18:be:cb:23:f3:3b:01:28:bb:aa:
4e:a6:3e:93:dd:d4:cd:c9:38:b0:f8:0c:8a:4f:8a:bd:01:82:
a2:c0:9b:f5:ff:e2:bc:27:5e:cd:af:95:3d:06:74:99:de:92:
b1:fe:e9:d3:22:c1:39:f0:01:3b:6b:6f:22:df:64:5c:d9:85:
64:77:40:84:fd:c1:a1:6c:7b:42:fb:c3:3a:06:0f:62:60:a9:
57:aa:00:2c:76:1a:46:9d:47:90:22:19:ba:06:f9:43:61:5b:
9f:a6:6b:69:57:eb:d3:e3:8b:47:4b:ba:38:d7:af:10:0f:c1:
8f:3e:28:61:d9:0c:e2:72:88:6f:06:78:bc:53:e2:08:1a:92:
e1:d3:bc:c5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe4kItEUvIK4MtF61C5MjWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy
MjQxODkwHhcNMjUwNjI4MjIwMjQ5WhcNMjUwNjI5MjIwMjQ5WjAzMTEwLwYDVQQD
EyhkMmM5YzIyOTgzOTlhMDBhMjM4YWRkOGQ2YmJhYjg3MDQxZTMyMjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvl+5HxpO6czCbLvCwRuzMk4s5GCT
AA07zUs3TuSvK5mEA1dwqbdqjSTGX2F313a428WbnfaG/azkRJEFZreslEzqxcmu
Us9wTmfy6VPfnrpaQ/BpVzXVCkpOPYoIKUyV7aBazBZNGR114DNOHTzDYu1EH8DZ
/QMsyXRBPxRWld8lDepy26F136Amqhswk4rpMJp6ZhurWYQyw+Q4lddq5eHlxfs8
078UWoKQWicgkc1pJXRiLHVX/laYQilBdoY5Xi9Ip7hc3A6Q7f3j5ZMfdtk2ZvAP
b8eqHWkeNXxa6qyo1rxK5thLxQKYT98COlSfKFq6l0Zt/QHh7UTlhHOZTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLJwimDmaAKI4rdjWu6uHBB4yJ+MB8GA1UdIwQY
MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt
NjM1OWY5MmUxZDJmLzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm
LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtCa4zNQ
JAm071XISAVSLnY0QZJaVP5AlJp2EAyJfU/8IGcggI1WuQFxggeKTG+vAT4Qo2xl
B5y+8lhd/JPZqnsz0623feVT6HoNTiFmXxSN1eG9s4LGaXtsPzTquc9iTfEwK1Hu
PxKek8gOiD+Ma+oAVJAYvssj8zsBKLuqTqY+k93Uzck4sPgMik+KvQGCosCb9f/i
vCdeza+VPQZ0md6Ssf7p0yLBOfABO2tvIt9kXNmFZHdAhP3BoWx7QvvDOgYPYmCp
V6oALHYaRp1HkCIZugb5Q2Fbn6ZraVfr0+OLR0u6ONevEA/Bjz4oYdkM4nKIbwZ4
vFPiCBqS4dO8xQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 08:05:03 2025 by rpki-client