Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
File: zdpbTOlfoL32BUFp53rvyCZd28Q.mft (raw, json)
Hash identifier: XkA895wIF9/voViKWyUWTUqYwmSokU4en+6R1x1lRCA=
Subject key identifier: 4C:F7:C9:13:9C:B0:46:30:AF:8A:26:4C:D5:39:0E:A2:35:C0:75:18
Authority key identifier: CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
Certificate issuer: /CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Certificate serial: 0198D58370076DAD951DC6A77F75D80D6EC4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
Manifest number: 15DC
Signing time: Sat 23 Aug 2025 06:00:17 +0000
Manifest this update: Sat 23 Aug 2025 06:00:17 +0000
Manifest next update: Sun 24 Aug 2025 06:00:17 +0000
Files and hashes: 1: 40_j8EnMOslOGeaUGeLQNCGHg64.roa (hash: BOU6u1kQjKsVBkJf+h9lI/7YbpbYLn1ZXJQhHit/Gyg=)
2: zdpbTOlfoL32BUFp53rvyCZd28Q.crl (hash: AV9opp4jxLnD1tCvZ/6VyHu/4fBXDrUAhkGQHwwK4hg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:70:07:6d:ad:95:1d:c6:a7:7f:75:d8:0d:6e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdda5b4ce95fa0bdf6054169e77aefc8265ddbc4
Validity
Not Before: Aug 23 06:00:17 2025 GMT
Not After : Aug 24 06:00:17 2025 GMT
Subject: CN=4cf7c9139cb04630af8a264cd5390ea235c07518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:d7:96:97:9a:fd:75:60:8f:2a:75:46:3f:
73:0c:04:f4:46:8f:6c:c4:eb:21:d6:55:74:d1:4c:
a3:90:1e:e7:ce:9d:25:d7:c8:6d:b2:14:44:49:8a:
90:17:fa:2a:04:4e:ec:9a:f8:2e:79:40:81:58:03:
6d:30:1a:4a:06:8b:bd:8c:19:3a:ab:31:d6:63:75:
32:c1:27:b2:14:4b:9b:07:52:57:63:df:6d:ae:24:
6f:e1:bb:2f:48:f8:ae:5e:63:00:bb:e2:16:a8:68:
27:67:ad:e7:c7:23:be:32:bd:1d:39:71:cf:71:21:
02:82:ad:c2:f6:46:12:56:b9:76:32:11:4a:e0:c6:
da:dd:52:da:6b:d1:7b:71:f7:a9:d1:51:df:00:2f:
e1:8a:aa:3e:37:61:64:61:3b:7d:0a:20:df:ca:1e:
af:31:21:5e:01:e8:00:64:b2:90:82:54:06:1a:c8:
82:c6:ac:56:e2:e2:dd:a9:7e:72:ca:94:09:0d:89:
83:ec:36:37:59:0a:2f:7c:da:6e:af:9c:3a:53:0a:
74:8f:7e:6a:a9:31:cd:44:a1:0b:f9:1e:ce:7e:74:
54:0a:01:1a:93:74:2a:33:5b:72:99:df:17:ff:da:
6a:cf:73:0e:a5:a9:27:0b:1b:f0:9d:79:cd:ba:c7:
49:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F7:C9:13:9C:B0:46:30:AF:8A:26:4C:D5:39:0E:A2:35:C0:75:18
X509v3 Authority Key Identifier:
keyid:CD:DA:5B:4C:E9:5F:A0:BD:F6:05:41:69:E7:7A:EF:C8:26:5D:DB:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdpbTOlfoL32BUFp53rvyCZd28Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/8e23e5-db28-45ed-b67f-2add5e797c75/1/zdpbTOlfoL32BUFp53rvyCZd28Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:18:ee:e3:e3:e5:fe:25:e1:33:49:85:d0:f5:77:aa:33:d5:
cc:d9:18:20:a6:b0:d9:b4:18:ae:78:38:2b:fb:d7:4d:80:5b:
19:de:29:a5:cc:a9:98:1e:ef:43:9f:ff:93:66:4f:88:15:83:
9c:a4:dc:d0:38:15:8e:62:ae:18:f3:9d:5b:bf:4e:bc:37:b9:
f4:e0:b7:34:4c:4a:f7:45:06:19:87:c7:43:44:26:0f:da:d4:
74:39:e5:d5:17:67:5a:d7:08:ce:63:d4:79:6d:4d:04:31:a6:
14:db:9b:9c:65:c1:24:ac:94:d6:4a:4c:93:58:5e:c6:77:d0:
1a:63:67:bf:f2:ae:18:0f:5a:26:fd:40:c9:0c:50:65:27:7b:
97:ba:74:71:9c:7c:01:fe:21:0c:53:bb:49:c8:62:17:19:b4:
72:de:41:c7:22:20:0e:fa:78:76:fa:40:7e:a5:c3:63:ba:7e:
f9:ee:53:13:24:a1:b9:89:af:15:0f:33:6a:13:c6:f0:4a:f7:
98:b2:99:0c:f1:3d:78:c0:82:10:f1:40:c0:19:23:dc:50:fa:
93:be:7c:bd:c6:aa:96:76:dd:17:bc:b9:9a:ae:fb:8c:5a:a4:
bd:af:7a:7d:36:51:b7:d0:f7:36:21:de:e4:3b:84:00:94:59:
93:fd:76:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg3AHba2VHcanf3XYDW7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGE1YjRjZTk1ZmEwYmRmNjA1NDE2OWU3N2FlZmM4MjY1
ZGRiYzQwHhcNMjUwODIzMDYwMDE3WhcNMjUwODI0MDYwMDE3WjAzMTEwLwYDVQQD
Eyg0Y2Y3YzkxMzljYjA0NjMwYWY4YTI2NGNkNTM5MGVhMjM1YzA3NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD3Xlpea/XVgjyp1Rj9zDAT0Ro9s
xOsh1lV00UyjkB7nzp0l18htshRESYqQF/oqBE7smvgueUCBWANtMBpKBou9jBk6
qzHWY3UywSeyFEubB1JXY99triRv4bsvSPiuXmMAu+IWqGgnZ63nxyO+Mr0dOXHP
cSECgq3C9kYSVrl2MhFK4Mba3VLaa9F7cfep0VHfAC/hiqo+N2FkYTt9CiDfyh6v
MSFeAegAZLKQglQGGsiCxqxW4uLdqX5yypQJDYmD7DY3WQovfNpur5w6Uwp0j35q
qTHNRKEL+R7OfnRUCgEak3QqM1tymd8X/9pqz3MOpaknCxvwnXnNusdJIwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEz3yROcsEYwr4omTNU5DqI1wHUYMB8GA1UdIwQY
MBaAFM3aW0zpX6C99gVBaed678gmXdvEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2Yt
MmFkZDVlNzk3Yzc1LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC84ZTIzZTUtZGIyOC00NWVkLWI2N2YtMmFkZDVlNzk3Yzc1
LzEvemRwYlRPbGZvTDMyQlVGcDUzcnZ5Q1pkMjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACRju4+Pl
/iXhM0mF0PV3qjPVzNkYIKaw2bQYrng4K/vXTYBbGd4ppcypmB7vQ5//k2ZPiBWD
nKTc0DgVjmKuGPOdW79OvDe59OC3NExK90UGGYfHQ0QmD9rUdDnl1RdnWtcIzmPU
eW1NBDGmFNubnGXBJKyU1kpMk1hexnfQGmNnv/KuGA9aJv1AyQxQZSd7l7p0cZx8
Af4hDFO7SchiFxm0ct5BxyIgDvp4dvpAfqXDY7p++e5TEyShuYmvFQ8zahPG8Er3
mLKZDPE9eMCCEPFAwBkj3FD6k758vcaqlnbdF7y5mq77jFqkva96fTZRt9D3NiHe
5DuEAJRZk/12xg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:27:19 2025 by rpki-client