Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
File: zRQ2kCMKRApot6iqmCefL2Xf7ig.mft (raw, json)
Hash identifier: cx4YB/M7zzZTVrmz2VhaCfZxZhIzngKYy5rgjbhYXD4=
Subject key identifier: 90:3C:20:68:A4:37:15:70:C7:44:01:74:37:14:4A:8F:DA:E1:D2:F6
Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Certificate serial: 0199FDD991D27368138405014C0BEA997FCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
Manifest number: 13E5
Signing time: Sun 19 Oct 2025 19:01:58 +0000
Manifest this update: Sun 19 Oct 2025 19:01:58 +0000
Manifest next update: Mon 20 Oct 2025 19:01:58 +0000
Files and hashes: 1: vHQRV0jRUXExLLAYBdY2ODpzWoo.roa (hash: 7UhAMCr3OjHllJdnfdmjdJInrKVauXU3M4e5nn0fWuA=)
2: zRQ2kCMKRApot6iqmCefL2Xf7ig.crl (hash: fDBlhB3xn9YcTJEagx7l8h+CR8WvRCbDzx3SyFsMhWM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:91:d2:73:68:13:84:05:01:4c:0b:ea:99:7f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Validity
Not Before: Oct 19 19:01:58 2025 GMT
Not After : Oct 20 19:01:58 2025 GMT
Subject: CN=903c2068a4371570c744017437144a8fdae1d2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b2:12:1c:54:56:e6:99:a3:fe:6e:5a:a9:86:
24:9f:33:f5:fe:00:da:3b:8b:be:ed:64:53:99:00:
f7:5b:34:a5:9c:f3:58:66:be:79:4a:e9:bf:e5:dc:
84:0e:4f:ad:09:f5:63:0e:a2:ba:cd:46:a1:49:1f:
cd:53:ae:e0:ad:4a:ac:e7:71:37:ab:07:09:ec:7e:
7f:e8:b6:f6:ce:d6:4e:25:90:f6:94:19:88:7a:bf:
18:0f:6f:f2:0b:54:5d:e2:11:3e:8b:b0:a0:af:51:
71:28:3e:21:44:b0:e2:fa:0e:4a:17:5f:1c:ef:4a:
2b:1f:aa:e3:91:29:74:1e:5e:92:6d:06:89:cc:8a:
b2:95:51:fe:a3:b0:0a:dc:2a:92:a0:15:be:51:07:
13:9b:82:57:5d:e9:a6:0c:8e:36:01:14:ac:f3:b5:
68:bc:91:b9:8b:9e:74:1e:f3:68:4e:5d:a4:3b:ce:
72:3a:14:df:aa:6d:65:dd:ea:42:bd:ae:1c:48:a0:
d1:e9:68:3c:69:a7:24:01:2f:0c:e7:d1:e8:72:70:
5a:2e:cf:70:13:b0:53:e6:bf:ce:7c:a4:24:b8:ed:
b9:ed:24:b1:28:1c:ab:9d:82:c0:58:ac:e4:d9:32:
46:8a:f1:ef:c9:8e:ed:8d:63:74:fd:ab:b5:6b:d7:
17:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:3C:20:68:A4:37:15:70:C7:44:01:74:37:14:4A:8F:DA:E1:D2:F6
X509v3 Authority Key Identifier:
keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:81:d4:7e:c9:6e:ac:aa:40:2c:cd:96:26:eb:fa:fc:ef:f8:
2c:05:4d:31:62:10:c6:37:d3:2c:ea:1f:68:30:82:2e:e2:83:
4f:20:61:a6:b8:fa:72:55:fd:3c:d8:ef:74:14:4d:b3:16:8b:
38:7e:65:56:1c:ca:2c:8b:c0:d8:8f:26:86:92:95:3d:5f:4c:
e3:9f:6c:a3:41:b4:0c:58:0a:f1:ce:77:9d:c0:36:32:b4:b1:
87:d8:5f:86:d0:ec:2b:e6:3d:35:f4:e4:ab:1b:7a:62:8f:2e:
72:d1:82:20:97:2f:f5:61:a8:fe:04:19:04:fb:58:85:c6:32:
b2:4d:af:8a:c7:3c:54:dc:76:7f:2d:54:09:b0:35:d1:99:ec:
7d:f2:c1:9d:62:42:ab:dd:2d:c8:b5:68:c9:25:89:8c:d6:eb:
55:7e:52:88:ae:35:a0:e3:db:1e:26:67:12:d7:51:7e:11:62:
c8:2e:50:c1:e1:c6:c9:37:87:01:d1:7e:a7:0e:54:ce:c9:bd:
d3:b4:87:a3:be:45:1c:cd:17:ee:d5:1a:f3:aa:30:ee:42:ca:
33:5d:42:f4:9a:a9:8f:c7:82:46:e9:cb:80:40:4e:1f:33:31:
8d:f0:5c:0d:d0:68:fd:d3:2a:a5:80:80:22:d0:26:33:4d:2b:
ad:8a:b1:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92ZHSc2gThAUBTAvqmX/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk
ZmVlMjgwHhcNMjUxMDE5MTkwMTU4WhcNMjUxMDIwMTkwMTU4WjAzMTEwLwYDVQQD
Eyg5MDNjMjA2OGE0MzcxNTcwYzc0NDAxNzQzNzE0NGE4ZmRhZTFkMmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLISHFRW5pmj/m5aqYYknzP1/gDa
O4u+7WRTmQD3WzSlnPNYZr55Sum/5dyEDk+tCfVjDqK6zUahSR/NU67grUqs53E3
qwcJ7H5/6Lb2ztZOJZD2lBmIer8YD2/yC1Rd4hE+i7Cgr1FxKD4hRLDi+g5KF18c
70orH6rjkSl0Hl6SbQaJzIqylVH+o7AK3CqSoBW+UQcTm4JXXemmDI42ARSs87Vo
vJG5i550HvNoTl2kO85yOhTfqm1l3epCva4cSKDR6Wg8aackAS8M59HocnBaLs9w
E7BT5r/OfKQkuO257SSxKByrnYLAWKzk2TJGivHvyY7tjWN0/au1a9cXnwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJA8IGikNxVwx0QBdDcUSo/a4dL2MB8GA1UdIwQY
MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt
OGVlM2Q5OGNhZDViLzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi
LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF4HUfslu
rKpALM2WJuv6/O/4LAVNMWIQxjfTLOofaDCCLuKDTyBhprj6clX9PNjvdBRNsxaL
OH5lVhzKLIvA2I8mhpKVPV9M459so0G0DFgK8c53ncA2MrSxh9hfhtDsK+Y9NfTk
qxt6Yo8uctGCIJcv9WGo/gQZBPtYhcYysk2visc8VNx2fy1UCbA10ZnsffLBnWJC
q90tyLVoySWJjNbrVX5SiK41oOPbHiZnEtdRfhFiyC5QweHGyTeHAdF+pw5Uzsm9
07SHo75FHM0X7tUa86ow7kLKM11C9Jqpj8eCRunLgEBOHzMxjfBcDdBo/dMqpYCA
ItAmM00rrYqxdA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:39:41 2025 by rpki-client