Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
File: zdpbTOlfoL32BUFp53rvyCZd28Q.mft (raw, json)
Hash identifier: l2HorehMTITkLontByToOOI07/z/HmbcQMLSatN+Yis=
Subject key identifier: A2:A7:7D:FC:D0:1A:72:26:69:23:42:57:ED:70:1E:25:9E:A4:EF:40
Authority key identifier: CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
Certificate issuer: /CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Certificate serial: 0197B7B33E460D581560C8A9EB91B905F14A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
Manifest number: 1548
Signing time: Sat 28 Jun 2025 18:01:06 +0000
Manifest this update: Sat 28 Jun 2025 18:01:06 +0000
Manifest next update: Sun 29 Jun 2025 18:01:06 +0000
Files and hashes: 1: 40_j8EnMOslOGeaUGeLQNCGHg64.roa (hash: BOU6u1kQjKsVBkJf+h9lI/7YbpbYLn1ZXJQhHit/Gyg=)
2: zdpbTOlfoL32BUFp53rvyCZd28Q.crl (hash: AWjksGWtL9mmSTf0cOhNurMl/2eTNUhdcnBD/PIEPcQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:b3:3e:46:0d:58:15:60:c8:a9:eb:91:b9:05:f1:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Validity
Not Before: Jun 28 18:01:06 2025 GMT
Not After : Jun 29 18:01:06 2025 GMT
Subject: CN=a2a77dfcd01a722669234257ed701e259ea4ef40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c6:db:06:5c:af:61:00:b4:46:b2:72:8b:2f:
d5:5b:13:1a:0a:81:50:c8:77:39:d2:96:8b:14:47:
9e:e4:f4:6b:5c:e1:a6:cc:0d:af:a8:61:f7:85:44:
e8:99:7d:73:dd:f8:70:e3:d7:46:69:a8:59:d8:cd:
e8:58:25:5a:20:9b:5f:b9:c4:d5:01:a8:6a:55:f3:
d7:ec:d7:f3:3c:66:b9:c9:58:32:37:38:a1:8e:78:
b6:53:18:50:cc:d5:6b:7d:d5:56:2e:34:36:f5:6a:
31:25:58:8c:63:8f:56:a3:bc:9e:9b:11:63:0e:94:
81:f9:d5:9d:64:cc:55:bd:75:f7:cf:51:69:49:8b:
81:7b:cd:62:b2:94:35:bc:e7:48:7a:19:cf:1b:77:
d0:4f:34:59:06:1d:00:8e:da:a3:e4:11:f5:7f:ba:
95:50:1a:da:4e:27:77:3f:38:a9:1b:a2:29:1c:cd:
de:5b:37:e6:6f:a8:f8:cb:55:93:ed:5e:2e:a5:84:
5c:7a:d1:aa:0b:6d:8b:d5:33:d9:fb:1b:02:d1:a4:
4b:dc:1a:02:19:49:b2:24:79:dc:5e:d1:49:a5:ca:
66:cd:c5:17:1e:41:a5:9d:e0:48:6f:b2:f3:66:5b:
74:2d:6f:93:53:94:0b:4f:87:33:28:ad:61:b1:d4:
93:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A7:7D:FC:D0:1A:72:26:69:23:42:57:ED:70:1E:25:9E:A4:EF:40
X509v3 Authority Key Identifier:
keyid:CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d3:7b:a2:7e:f3:79:e7:aa:24:f8:f9:71:05:5e:ea:53:65:f5:
e1:94:36:6a:7b:f4:22:96:dd:88:9b:0d:0b:22:37:2d:56:a9:
e0:be:19:c3:8f:64:b3:ca:f2:0c:e4:f5:15:e9:5c:9c:0f:53:
0d:1d:ce:83:de:19:a1:a1:31:68:f9:58:ae:e7:5e:8e:3d:bf:
b3:16:a2:d9:72:53:9a:ea:56:41:4f:3a:93:71:dc:8c:a7:97:
71:e2:4c:51:6e:53:e9:b9:f6:39:bf:79:f3:6d:8a:4e:b3:7a:
60:2b:21:71:3e:37:0a:d7:f3:85:33:83:6d:18:0f:f1:38:f0:
97:74:63:3c:06:7b:e0:33:2d:d8:ed:ab:d6:4e:ad:aa:db:41:
55:66:16:b8:a9:5b:c2:85:ab:95:55:87:b3:f9:d9:09:21:22:
4b:87:98:7a:c2:06:24:6f:06:4a:4d:70:22:80:63:ba:94:1e:
ec:37:65:60:57:5f:1d:d7:c1:94:f0:b9:b2:9a:42:3a:49:83:
4b:2c:7d:3e:59:b2:e5:31:8a:48:f0:fb:f1:67:2d:42:23:8e:
48:70:8d:d1:f9:d1:ba:56:1c:14:1c:13:e7:1d:9d:8c:b8:f0:
46:8b:f2:af:cb:82:9d:07:56:16:94:dc:11:f6:1a:26:ec:72:
a2:00:19:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3sz5GDVgVYMip65G5BfFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGE1YjRjZTk1ZmEwYmRmNjA1NDE2OWU3N2FlZmM4MjY1
ZGRiYzQwHhcNMjUwNjI4MTgwMTA2WhcNMjUwNjI5MTgwMTA2WjAzMTEwLwYDVQQD
EyhhMmE3N2RmY2QwMWE3MjI2NjkyMzQyNTdlZDcwMWUyNTllYTRlZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMbbBlyvYQC0RrJyiy/VWxMaCoFQ
yHc50paLFEee5PRrXOGmzA2vqGH3hUTomX1z3fhw49dGaahZ2M3oWCVaIJtfucTV
AahqVfPX7NfzPGa5yVgyNzihjni2UxhQzNVrfdVWLjQ29WoxJViMY49Wo7yemxFj
DpSB+dWdZMxVvXX3z1FpSYuBe81ispQ1vOdIehnPG3fQTzRZBh0Ajtqj5BH1f7qV
UBraTid3PzipG6IpHM3eWzfmb6j4y1WT7V4upYRcetGqC22L1TPZ+xsC0aRL3BoC
GUmyJHncXtFJpcpmzcUXHkGlneBIb7LzZlt0LW+TU5QLT4czKK1hsdST3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKKnffzQGnImaSNCV+1wHiWepO9AMB8GA1UdIwQY
MBaAFM3aW0zpX6C99gVBaed678gmXdvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2Yt
MmFkZDVlNzk3Yzc1LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2YtMmFkZDVlNzk3Yzc1
LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA03uifvN5
56ok+PlxBV7qU2X14ZQ2anv0IpbdiJsNCyI3LVap4L4Zw49ks8ryDOT1FelcnA9T
DR3Og94ZoaExaPlYrudejj2/sxai2XJTmupWQU86k3HcjKeXceJMUW5T6bn2Ob95
822KTrN6YCshcT43CtfzhTODbRgP8Tjwl3RjPAZ74DMt2O2r1k6tqttBVWYWuKlb
woWrlVWHs/nZCSEiS4eYesIGJG8GSk1wIoBjupQe7DdlYFdfHdfBlPC5sppCOkmD
Syx9Plmy5TGKSPD78WctQiOOSHCN0fnRulYcFBwT5x2djLjwRovyr8uCnQdWFpTc
EfYaJuxyogAZkA==
-----END CERTIFICATE-----
Generated at Sat Jun 28 21:40:28 2025 by rpki-client