Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
File: zTwRDf139XdXORwPrt7r42CGVx0.mft (raw, json)
Hash identifier: N2CLeDHrDulwuVhWaLzht3DF+PNF2yTuQ97zld6u1FM=
Subject key identifier: 67:A9:7A:5C:4C:45:92:8C:6A:9C:3C:21:9F:D3:B7:06:B4:48:E0:1F
Authority key identifier: CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
Certificate issuer: /CN=cd3c110dfd77f57757391c0faedeebe36086571d
Certificate serial: 0197B7457CA0FCCE0830BCAFD60429D5C250
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
Manifest number: 0DD1
Signing time: Sat 28 Jun 2025 16:01:13 +0000
Manifest this update: Sat 28 Jun 2025 16:01:13 +0000
Manifest next update: Sun 29 Jun 2025 16:01:13 +0000
Files and hashes: 1: n79crWM-L0W_-YTIs0SA8x1g-4g.roa (hash: WTPugh0CrOL+7geJ0TTyRViJCXrCGCyNH+3nK4QxB48=)
2: zTwRDf139XdXORwPrt7r42CGVx0.crl (hash: YB1Jzp9FCNxXfDop5mn0gXe+5tFzqbKaW+TTmnYUYyA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b7:45:7c:a0:fc:ce:08:30:bc:af:d6:04:29:d5:c2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3c110dfd77f57757391c0faedeebe36086571d
Validity
Not Before: Jun 28 16:01:13 2025 GMT
Not After : Jun 29 16:01:13 2025 GMT
Subject: CN=67a97a5c4c45928c6a9c3c219fd3b706b448e01f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e0:9f:5a:a0:87:36:f4:66:bc:30:cc:af:9c:
66:6b:54:31:c1:73:06:d3:64:ff:8a:29:d1:cf:e3:
0c:fa:4a:fc:8f:82:6b:37:bc:78:f8:4a:ee:f3:c2:
4d:8b:85:37:17:28:c2:64:5b:08:03:ab:44:ba:cc:
e2:5c:06:e4:ad:f4:fc:cf:5f:f1:b9:8a:f7:02:c7:
d4:8f:73:76:6f:0d:df:79:39:52:6d:06:ad:f2:81:
b5:e4:7c:b9:5b:f3:93:0d:c8:c7:3c:78:fa:e5:f1:
0c:06:fb:81:a0:5c:27:54:7f:c9:49:03:dd:cc:2f:
c1:93:b9:96:6a:79:fb:e7:cb:4f:e1:fa:cf:99:66:
38:60:cf:10:21:29:1f:08:d1:8d:82:2e:a1:3b:95:
d5:2b:24:af:a8:fd:33:2c:37:d6:66:76:3e:6b:26:
4f:26:5f:a8:99:37:6f:73:35:ce:24:26:da:12:22:
79:26:b9:32:80:71:fe:12:be:55:79:71:e1:56:48:
09:75:9a:33:cb:0d:b7:e2:53:30:96:74:d7:10:aa:
55:ac:87:9d:69:74:d2:85:31:e2:14:41:bb:de:d4:
b7:e9:05:0c:d3:69:de:24:90:70:80:17:d7:93:cd:
e4:45:eb:2d:20:6d:4c:da:8e:94:0a:3b:4f:94:3b:
bd:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A9:7A:5C:4C:45:92:8C:6A:9C:3C:21:9F:D3:B7:06:B4:48:E0:1F
X509v3 Authority Key Identifier:
keyid:CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
af:1d:6b:23:2c:f7:bc:87:71:df:09:08:dc:e3:31:bc:2d:1b:
7b:02:94:c1:e5:ee:36:53:da:df:c2:c6:f0:c0:21:bc:48:01:
d1:e1:fa:ac:31:f9:a8:f1:2f:1d:f9:ad:78:f5:17:dc:d9:b6:
97:1d:ee:d9:87:c7:51:04:70:70:11:90:d5:23:23:93:80:af:
11:03:d4:7f:ca:ef:7c:0d:6d:c1:8a:b9:7c:5d:13:d5:64:dd:
ff:02:04:d1:2d:97:ce:0d:26:fb:7c:11:94:ff:c9:3c:c9:95:
af:0b:88:98:3a:ba:c9:1e:f9:17:94:16:6e:4e:80:72:49:6f:
bb:1f:e4:ca:8e:39:f5:d9:f9:e1:95:04:7c:60:77:8d:89:44:
c6:92:e7:0a:c6:1a:db:14:33:f4:32:87:43:ad:2d:fb:2f:3a:
a5:77:cc:29:14:51:bd:f8:c1:23:50:66:9e:c4:be:31:9a:13:
d2:34:ad:c5:5b:30:1a:70:4e:4d:64:a1:f3:17:34:9d:a8:d9:
de:ab:bc:87:b0:a4:ff:8e:cb:e4:ca:c1:5e:9c:90:5a:d7:05:
5b:71:83:5d:2e:9c:6e:4b:2a:b3:8f:a7:5f:ff:8e:ee:1e:3c:
ed:35:35:92:81:44:b8:d2:70:4a:1c:d3:ea:db:29:0c:41:f1:
92:7f:7e:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe3RXyg/M4IMLyv1gQp1cJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2MxMTBkZmQ3N2Y1Nzc1NzM5MWMwZmFlZGVlYmUzNjA4
NjU3MWQwHhcNMjUwNjI4MTYwMTEzWhcNMjUwNjI5MTYwMTEzWjAzMTEwLwYDVQQD
Eyg2N2E5N2E1YzRjNDU5MjhjNmE5YzNjMjE5ZmQzYjcwNmI0NDhlMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOCfWqCHNvRmvDDMr5xma1QxwXMG
02T/iinRz+MM+kr8j4JrN7x4+Eru88JNi4U3FyjCZFsIA6tEusziXAbkrfT8z1/x
uYr3AsfUj3N2bw3feTlSbQat8oG15Hy5W/OTDcjHPHj65fEMBvuBoFwnVH/JSQPd
zC/Bk7mWann758tP4frPmWY4YM8QISkfCNGNgi6hO5XVKySvqP0zLDfWZnY+ayZP
Jl+omTdvczXOJCbaEiJ5JrkygHH+Er5VeXHhVkgJdZozyw234lMwlnTXEKpVrIed
aXTShTHiFEG73tS36QUM02neJJBwgBfXk83kRestIG1M2o6UCjtPlDu9mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGepelxMRZKMapw8IZ/Ttwa0SOAfMB8GA1UdIwQY
MBaAFM08EQ39d/V3VzkcD67e6+NghlcdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYt
NmMwMmVjMTliODA5LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYtNmMwMmVjMTliODA5
LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArx1rIyz3
vIdx3wkI3OMxvC0bewKUweXuNlPa38LG8MAhvEgB0eH6rDH5qPEvHfmtePUX3Nm2
lx3u2YfHUQRwcBGQ1SMjk4CvEQPUf8rvfA1twYq5fF0T1WTd/wIE0S2Xzg0m+3wR
lP/JPMmVrwuImDq6yR75F5QWbk6Acklvux/kyo459dn54ZUEfGB3jYlExpLnCsYa
2xQz9DKHQ60t+y86pXfMKRRRvfjBI1BmnsS+MZoT0jStxVswGnBOTWSh8xc0najZ
3qu8h7Ck/47L5MrBXpyQWtcFW3GDXS6cbksqs4+nX/+O7h487TU1koFEuNJwShzT
6tspDEHxkn9+SQ==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:00:06 2025 by rpki-client