Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json)
Hash identifier: NHzOH0+ceN4lC3+oCsLGh7aAAxLyCk4jhkK6KnLqNHM=
Subject key identifier: 0C:F2:C3:32:D7:70:B7:9A:FB:A8:01:64:C8:7F:D0:F0:09:6B:D4:39
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 019A0259CFA1B79D4761F8ADB63E963118B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
Manifest number: 0A7E
Signing time: Mon 20 Oct 2025 16:00:31 +0000
Manifest this update: Mon 20 Oct 2025 16:00:31 +0000
Manifest next update: Tue 21 Oct 2025 16:00:31 +0000
Files and hashes: 1: CXaycMVQIz4mD7AGkHky2lc1t_E.roa (hash: XQ8QKr5tV5GANcYht5PHTQQD2/hz4d9yrWShPJMOBBM=)
2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: sI9U+CPVVbGdxyvjLLqeAsw0vdCsEBnnITauSIVctmM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:59:cf:a1:b7:9d:47:61:f8:ad:b6:3e:96:31:18:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: Oct 20 16:00:31 2025 GMT
Not After : Oct 21 16:00:31 2025 GMT
Subject: CN=0cf2c332d770b79afba80164c87fd0f0096bd439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:bf:47:8e:1a:90:38:3e:22:29:91:46:22:
e8:d8:21:85:71:59:f4:a1:d8:ba:b2:1a:d7:d7:bd:
3c:00:8a:a6:d7:6b:14:c1:9a:41:7c:60:9b:3b:59:
d5:2a:75:a4:4d:45:0e:b7:3e:d1:b5:93:e9:37:29:
be:ab:7d:4c:dc:59:13:71:4f:0a:60:c8:29:9e:9e:
16:a6:5a:6f:1e:16:5a:f0:50:49:08:a9:95:fa:12:
61:59:df:1d:b6:55:54:f2:37:63:b4:df:10:74:d0:
84:b2:8a:e4:e7:aa:00:df:e3:4d:de:a2:06:87:f8:
68:8c:2f:0f:49:a8:9a:91:88:13:d0:b6:5e:8b:74:
1e:95:47:0a:7d:b2:66:38:1d:9b:26:b3:5c:69:ef:
00:19:35:eb:26:71:2c:c3:50:3f:73:2e:30:a0:f6:
86:19:2c:ab:bb:f2:5e:e7:50:24:65:e9:24:4a:72:
0e:2d:1b:a6:50:9d:90:16:61:28:f1:e4:c5:6b:83:
cd:8e:f4:df:6b:f3:e4:04:7f:52:30:80:eb:13:68:
e3:79:92:f1:6d:94:d9:4a:ee:6c:d8:0b:21:f6:06:
7c:0b:c5:d6:53:ac:4e:02:79:bc:ce:dd:08:68:84:
06:7f:69:0d:d8:0b:70:c0:27:ca:4a:dd:44:fc:ed:
ca:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:F2:C3:32:D7:70:B7:9A:FB:A8:01:64:C8:7F:D0:F0:09:6B:D4:39
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:0f:d3:21:16:cc:60:42:96:d7:ff:25:d2:f8:f9:1e:b2:f2:
5d:c5:05:26:c7:5c:3c:60:0e:03:b9:98:59:97:83:51:1a:a8:
75:69:68:57:cb:29:6f:ff:6d:ef:45:52:68:c2:55:c7:71:28:
19:f7:27:df:c1:3b:d8:65:c7:27:78:8c:b6:39:e6:3a:03:fd:
97:c7:a5:f2:0f:20:9b:2c:4a:fa:84:49:0c:d1:cc:e5:cb:6a:
92:d5:67:7f:56:34:43:3d:89:fb:8b:15:f2:25:4a:22:7c:c0:
f6:a8:5d:9a:bf:30:b1:a5:1f:a6:0f:75:2b:92:7e:41:b6:87:
fd:a5:3e:86:df:8b:c3:4d:ae:ec:76:ec:6f:f5:a5:60:8e:9f:
f7:4d:d9:de:d7:0b:f8:2e:cf:a4:64:e6:36:eb:5b:d3:f2:7d:
f6:ab:dc:cd:db:14:2b:1a:b6:a0:1f:ee:59:5f:e2:a1:29:de:
90:d1:03:6e:ff:8d:e6:30:63:3c:42:93:3d:d6:19:8a:46:48:
0a:ba:1e:a5:89:7d:47:d7:55:09:65:84:22:a7:89:42:70:1d:
ec:ca:6d:86:e6:56:f1:f1:81:62:03:64:a3:93:99:0e:be:b3:
bf:4b:03:b7:c8:b3:83:f9:4b:51:8b:18:c4:5c:d5:e9:9d:f2:
b0:e9:a5:73
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoCWc+ht51HYfittj6WMRixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjUxMDIwMTYwMDMxWhcNMjUxMDIxMTYwMDMxWjAzMTEwLwYDVQQD
EygwY2YyYzMzMmQ3NzBiNzlhZmJhODAxNjRjODdmZDBmMDA5NmJkNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEC/R44akDg+IimRRiLo2CGFcVn0
odi6shrX1708AIqm12sUwZpBfGCbO1nVKnWkTUUOtz7RtZPpNym+q31M3FkTcU8K
YMgpnp4WplpvHhZa8FBJCKmV+hJhWd8dtlVU8jdjtN8QdNCEsork56oA3+NN3qIG
h/hojC8PSaiakYgT0LZei3QelUcKfbJmOB2bJrNcae8AGTXrJnEsw1A/cy4woPaG
GSyru/Je51AkZekkSnIOLRumUJ2QFmEo8eTFa4PNjvTfa/PkBH9SMIDrE2jjeZLx
bZTZSu5s2Ash9gZ8C8XWU6xOAnm8zt0IaIQGf2kN2AtwwCfKSt1E/O3K/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAzywzLXcLea+6gBZMh/0PAJa9Q5MB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvA/TIRbM
YEKW1/8l0vj5HrLyXcUFJsdcPGAOA7mYWZeDURqodWloV8spb/9t70VSaMJVx3Eo
Gfcn38E72GXHJ3iMtjnmOgP9l8el8g8gmyxK+oRJDNHM5ctqktVnf1Y0Qz2J+4sV
8iVKInzA9qhdmr8wsaUfpg91K5J+QbaH/aU+ht+Lw02u7Hbsb/WlYI6f903Z3tcL
+C7PpGTmNutb0/J99qvczdsUKxq2oB/uWV/ioSnekNEDbv+N5jBjPEKTPdYZikZI
CroepYl9R9dVCWWEIqeJQnAd7MpthuZW8fGBYgNko5OZDr6zv0sDt8izg/lLUYsY
xFzV6Z3ysOmlcw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 23:34:53 2025 by rpki-client