Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
File: zZEXAvST1u3htuhyvKzcuFQoK60.mft (raw, json)
Hash identifier: VaHMm0MllaSoOCaYaivFRVrVW/wOne7eYMgi+VXjUbM=
Subject key identifier: 62:FF:B5:2E:09:96:11:36:75:91:F7:AF:FC:11:04:D0:B8:55:7A:DC
Authority key identifier: CD:91:17:02:F4:93:D6:ED:E1:B6:E8:72:BC:AC:DC:B8:54:28:2B:AD
Certificate issuer: /CN=cd911702f493d6ede1b6e872bcacdcb854282bad
Certificate serial: 019A0222D1DFC165FEA88FE13871A9B9D12B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
Manifest number: 0D4A
Signing time: Mon 20 Oct 2025 15:00:27 +0000
Manifest this update: Mon 20 Oct 2025 15:00:27 +0000
Manifest next update: Tue 21 Oct 2025 15:00:27 +0000
Files and hashes: 1: talgukTPD8oL2wxiXAXrxPFSwAY.roa (hash: 42F75IV5IsX3V6ll7VHZlZ+ABWMo+HJa6Q+yWz1dm0U=)
2: zZEXAvST1u3htuhyvKzcuFQoK60.crl (hash: /uYk9sbu252X3985g/O52fL8RIVrieYKPd/pMw2QX5k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:22:d1:df:c1:65:fe:a8:8f:e1:38:71:a9:b9:d1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd911702f493d6ede1b6e872bcacdcb854282bad
Validity
Not Before: Oct 20 15:00:27 2025 GMT
Not After : Oct 21 15:00:27 2025 GMT
Subject: CN=62ffb52e099611367591f7affc1104d0b8557adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:17:04:67:42:cb:d6:fc:c8:6e:9c:fe:d1:e6:
26:ac:2a:18:5c:d7:11:ca:80:e0:58:59:a3:22:a4:
c6:ad:27:a9:79:63:6f:bb:63:24:f5:41:8a:1d:f9:
74:87:b2:56:78:ed:a5:e7:bb:f8:20:e4:e4:c0:c3:
a3:c9:ea:32:3b:66:b6:f7:80:9b:1c:92:98:e8:70:
7f:b7:67:ca:75:cb:5f:d1:34:d8:22:72:38:90:ff:
39:cf:76:57:25:32:7b:f6:1e:7f:fa:a5:67:aa:ae:
e0:2c:f9:24:4b:fa:68:d1:f3:68:a2:83:87:19:d2:
3c:0f:4e:ec:30:cd:b1:6e:dd:7e:3b:25:94:4a:8d:
c9:53:c0:8e:75:a2:82:cc:02:06:b9:2d:1d:26:c9:
1e:8b:d2:0a:8b:7e:c2:6c:35:92:d1:69:1d:1b:4a:
24:7e:b1:c0:0c:c7:0f:38:7a:23:be:7a:2f:55:6d:
83:1b:35:01:01:1b:f1:3f:bc:4c:40:96:83:fd:84:
39:e6:89:4d:7f:c3:25:20:ee:f2:d3:55:0b:1d:8f:
84:de:5e:71:f3:86:a6:fd:b7:7e:53:7d:ad:3a:85:
bd:97:97:1d:1f:d3:7c:a1:f8:f4:59:7e:68:e9:e7:
a1:13:01:96:9b:ef:39:b0:2a:da:d0:df:48:39:90:
bd:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:FF:B5:2E:09:96:11:36:75:91:F7:AF:FC:11:04:D0:B8:55:7A:DC
X509v3 Authority Key Identifier:
keyid:CD:91:17:02:F4:93:D6:ED:E1:B6:E8:72:BC:AC:DC:B8:54:28:2B:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:95:ef:e7:0c:a4:8b:7d:cc:62:9a:86:72:7c:78:a1:53:f8:
b1:86:3a:19:a0:38:1e:de:02:81:b5:96:f6:0e:28:f8:75:b5:
f7:4f:db:3f:05:b3:04:65:c9:89:14:64:d3:30:52:a0:36:2f:
79:e3:80:ee:54:a1:13:93:1c:c6:49:be:12:23:11:24:b8:d3:
25:f5:97:3b:0c:2e:3a:4a:91:4a:81:a1:45:7f:cc:73:ae:0a:
b9:32:6c:83:d2:b6:93:00:82:65:f4:2e:e8:74:fb:62:72:04:
3b:98:01:2a:f2:58:3d:d6:8e:05:bb:02:4c:03:0d:0d:28:be:
d4:86:f1:d1:79:53:20:c9:2f:85:83:2b:71:2b:8e:b5:3d:c1:
0d:33:54:e7:1c:06:48:bf:ee:f7:ec:ce:ad:d6:b4:21:56:81:
7f:6c:97:a4:17:50:f5:bd:21:b6:34:bb:ba:73:74:2c:b1:65:
3d:7f:fc:81:db:3a:09:8a:ad:5e:1e:c7:89:7f:55:42:b6:d9:
99:b9:1e:ba:48:28:6d:d7:96:35:e0:23:f9:53:62:71:1e:90:
9d:ed:00:22:31:50:57:c4:27:84:87:09:d6:60:af:d4:3c:9a:
9b:68:40:8b:2f:1c:70:23:62:6b:0e:7a:93:4d:b9:6d:ef:7c:
d0:e7:7f:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCItHfwWX+qI/hOHGpudErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOTExNzAyZjQ5M2Q2ZWRlMWI2ZTg3MmJjYWNkY2I4NTQy
ODJiYWQwHhcNMjUxMDIwMTUwMDI3WhcNMjUxMDIxMTUwMDI3WjAzMTEwLwYDVQQD
Eyg2MmZmYjUyZTA5OTYxMTM2NzU5MWY3YWZmYzExMDRkMGI4NTU3YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBcEZ0LL1vzIbpz+0eYmrCoYXNcR
yoDgWFmjIqTGrSepeWNvu2Mk9UGKHfl0h7JWeO2l57v4IOTkwMOjyeoyO2a294Cb
HJKY6HB/t2fKdctf0TTYInI4kP85z3ZXJTJ79h5/+qVnqq7gLPkkS/po0fNoooOH
GdI8D07sMM2xbt1+OyWUSo3JU8COdaKCzAIGuS0dJskei9IKi37CbDWS0WkdG0ok
frHADMcPOHojvnovVW2DGzUBARvxP7xMQJaD/YQ55olNf8MlIO7y01ULHY+E3l5x
84am/bd+U32tOoW9l5cdH9N8ofj0WX5o6eehEwGWm+85sCra0N9IOZC95wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGL/tS4JlhE2dZH3r/wRBNC4VXrcMB8GA1UdIwQY
MBaAFM2RFwL0k9bt4bbocrys3LhUKCutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iNzQyMDctMzg1My00MzVkLWFiZGUt
MjJiNzc4MjE2MmNhLzEvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9iNzQyMDctMzg1My00MzVkLWFiZGUtMjJiNzc4MjE2MmNh
LzEvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJXv5wyk
i33MYpqGcnx4oVP4sYY6GaA4Ht4CgbWW9g4o+HW190/bPwWzBGXJiRRk0zBSoDYv
eeOA7lShE5Mcxkm+EiMRJLjTJfWXOwwuOkqRSoGhRX/Mc64KuTJsg9K2kwCCZfQu
6HT7YnIEO5gBKvJYPdaOBbsCTAMNDSi+1Ibx0XlTIMkvhYMrcSuOtT3BDTNU5xwG
SL/u9+zOrda0IVaBf2yXpBdQ9b0htjS7unN0LLFlPX/8gds6CYqtXh7HiX9VQrbZ
mbkeukgobdeWNeAj+VNicR6Qne0AIjFQV8QnhIcJ1mCv1Dyam2hAiy8ccCNiaw56
k025be980Od/sQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:39:58 2025 by rpki-client