Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.mft
File: zlaqDiFVjJKkhlQkTgWWGh_PoPI.mft (raw, json)
Hash identifier: vulmg3jiSKABSNi13q59Jrg+p7FfPDGFz30J5Kio5IU=
Subject key identifier: DF:42:67:11:22:3B:04:D8:2A:EF:48:FD:7A:8D:3C:5D:85:C8:84:61
Authority key identifier: CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
Certificate issuer: /CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Certificate serial: 0199FD347EBC60D1AE8D9CD7E44AF57694C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.mft
Manifest number: 16E4
Signing time: Sun 19 Oct 2025 16:01:39 +0000
Manifest this update: Sun 19 Oct 2025 16:01:39 +0000
Manifest next update: Mon 20 Oct 2025 16:01:39 +0000
Files and hashes: 1: apVhYj18Bs_r1Q931zVqcqi5yvI.roa (hash: /gXE2P6qUcVxgRclWTrINQ6lVlcjG0089HciFUVuRsI=)
2: zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl (hash: ESllUmD+dG2dH6hiEtK35XkHhuSThCpgx7qdJr0pB28=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:34:7e:bc:60:d1:ae:8d:9c:d7:e4:4a:f5:76:94:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce56aa0e21558c92a48654244e05961a1fcfa0f2
Validity
Not Before: Oct 19 16:01:39 2025 GMT
Not After : Oct 20 16:01:39 2025 GMT
Subject: CN=df426711223b04d82aef48fd7a8d3c5d85c88461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:25:f1:30:43:68:1e:2a:91:70:f7:b3:ff:1f:
7d:23:10:e7:6a:04:48:0d:7d:2d:a3:17:2f:0a:58:
68:33:bb:d5:aa:2d:ff:ac:81:dd:66:de:e2:29:a5:
7a:0a:f4:1d:ae:0a:5e:20:fa:ae:09:35:9b:ff:a4:
0d:8b:4a:33:01:e0:b1:36:42:78:2b:79:98:eb:1a:
f0:a9:99:04:63:36:d5:9d:f9:40:42:51:42:62:8f:
2d:5e:ca:30:84:f2:f2:7d:f4:f6:96:64:7c:b9:b6:
6f:09:a1:4e:35:bd:86:0e:49:fb:0e:d9:cf:bf:b3:
dd:e9:73:f8:b1:61:69:da:9c:4c:64:e5:ee:31:4f:
2f:76:ef:b3:4d:e0:79:55:45:03:0b:e9:94:af:15:
09:e3:1a:50:c0:a8:c3:a5:2e:63:f7:e1:d1:d6:52:
41:8f:bd:29:8e:2e:5d:72:56:4f:99:a7:34:fd:12:
d8:00:98:e5:19:72:61:09:91:4e:74:8a:40:a7:07:
4c:d6:47:cf:53:bd:0e:66:2d:fb:b6:8d:fe:fd:b0:
74:32:47:49:1c:4e:80:ae:ac:a0:90:bd:8d:c5:f7:
14:f0:e2:f9:5e:a1:5a:a2:1d:ed:32:28:76:8c:34:
25:dc:41:3a:13:aa:e0:52:b7:8d:be:5d:2e:81:a5:
44:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:42:67:11:22:3B:04:D8:2A:EF:48:FD:7A:8D:3C:5D:85:C8:84:61
X509v3 Authority Key Identifier:
keyid:CE:56:AA:0E:21:55:8C:92:A4:86:54:24:4E:05:96:1A:1F:CF:A0:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zlaqDiFVjJKkhlQkTgWWGh_PoPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/07476c-2c5b-40e9-b562-54fa30864c21/1/zlaqDiFVjJKkhlQkTgWWGh_PoPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:e1:b1:de:32:a9:05:ff:c7:19:31:7a:59:e4:20:13:e6:c2:
fc:66:ef:19:c5:b9:f2:60:6e:5f:fc:66:0d:fa:41:5f:13:a2:
15:01:23:41:fb:6d:18:5c:3a:df:f5:17:c5:f5:ab:b6:9c:d4:
12:b2:70:31:c2:65:2b:3c:25:06:92:95:18:12:10:c8:76:e1:
91:11:1c:f9:d2:2d:15:92:be:81:9e:2d:26:37:fd:7a:ce:36:
00:ab:15:cc:3d:55:49:31:a3:ff:fe:42:ea:53:d0:28:0e:01:
44:60:d7:59:60:45:ca:68:af:cb:ae:e5:26:6e:4d:ef:87:bd:
26:26:0f:18:f3:bf:dd:05:ad:3e:19:a3:78:cd:96:7f:48:8e:
ff:98:31:5e:07:09:b9:40:86:35:2e:05:b6:5d:44:d3:8d:df:
1a:9d:d2:bf:fb:d6:d6:2c:74:1d:fc:62:31:63:96:b0:56:1c:
e5:05:c8:b0:30:89:08:5d:c6:1b:47:be:fd:17:59:c0:d0:cc:
b6:ed:67:33:80:a4:f7:e1:28:3c:a6:30:fa:2e:bf:ac:57:a5:
ba:2e:6b:0a:7a:bc:ee:40:5c:7e:4f:7c:db:a0:db:e4:d1:7c:
20:1e:64:0c:7f:73:3e:dd:86:8d:06:b2:81:8a:b9:6c:71:00:
03:57:02:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9NH68YNGujZzX5Er1dpTAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNTZhYTBlMjE1NThjOTJhNDg2NTQyNDRlMDU5NjFhMWZj
ZmEwZjIwHhcNMjUxMDE5MTYwMTM5WhcNMjUxMDIwMTYwMTM5WjAzMTEwLwYDVQQD
EyhkZjQyNjcxMTIyM2IwNGQ4MmFlZjQ4ZmQ3YThkM2M1ZDg1Yzg4NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyXxMENoHiqRcPez/x99IxDnagRI
DX0toxcvClhoM7vVqi3/rIHdZt7iKaV6CvQdrgpeIPquCTWb/6QNi0ozAeCxNkJ4
K3mY6xrwqZkEYzbVnflAQlFCYo8tXsowhPLyffT2lmR8ubZvCaFONb2GDkn7DtnP
v7Pd6XP4sWFp2pxMZOXuMU8vdu+zTeB5VUUDC+mUrxUJ4xpQwKjDpS5j9+HR1lJB
j70pji5dclZPmac0/RLYAJjlGXJhCZFOdIpApwdM1kfPU70OZi37to3+/bB0MkdJ
HE6ArqygkL2NxfcU8OL5XqFaoh3tMih2jDQl3EE6E6rgUreNvl0ugaVEswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN9CZxEiOwTYKu9I/XqNPF2FyIRhMB8GA1UdIwQY
MBaAFM5Wqg4hVYySpIZUJE4Flhofz6DyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjIt
NTRmYTMwODY0YzIxLzEvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wNzQ3NmMtMmM1Yi00MGU5LWI1NjItNTRmYTMwODY0YzIx
LzEvemxhcURpRlZqSktraGxRa1RnV1dHaF9Qb1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhuGx3jKp
Bf/HGTF6WeQgE+bC/GbvGcW58mBuX/xmDfpBXxOiFQEjQfttGFw63/UXxfWrtpzU
ErJwMcJlKzwlBpKVGBIQyHbhkREc+dItFZK+gZ4tJjf9es42AKsVzD1VSTGj//5C
6lPQKA4BRGDXWWBFymivy67lJm5N74e9JiYPGPO/3QWtPhmjeM2Wf0iO/5gxXgcJ
uUCGNS4Ftl1E043fGp3Sv/vW1ix0HfxiMWOWsFYc5QXIsDCJCF3GG0e+/RdZwNDM
tu1nM4Ck9+EoPKYw+i6/rFelui5rCnq87kBcfk9826Db5NF8IB5kDH9zPt2GjQay
gYq5bHEAA1cC7A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:17:31 2025 by rpki-client