Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: vOTNGjEiC2x6bXJji9gISNvR9VgUOpCeurgqctf1lw0=
Subject key identifier: BD:BB:98:69:CB:9D:95:71:B7:E8:45:A1:06:17:29:51:F6:7C:47:4D
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 0199FCFD72811A339B547C54FE55DF8C3FD2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 15:01:32 +0000
Manifest this update: Sun 19 Oct 2025 15:01:32 +0000
Manifest next update: Mon 20 Oct 2025 15:01:32 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: VexkS8HBbnUD9NFAtoc9IvEckmQf4q8AItd54KUmSqM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:72:81:1a:33:9b:54:7c:54:fe:55:df:8c:3f:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Oct 19 15:01:32 2025 GMT
Not After : Oct 20 15:01:32 2025 GMT
Subject: CN=bdbb9869cb9d9571b7e845a106172951f67c474d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:73:fa:4d:59:0e:2f:4d:15:69:6a:26:15:ef:
83:f9:f4:2c:bd:81:65:96:be:56:f1:43:e4:cb:58:
09:5f:33:ca:ad:02:5e:09:be:00:01:d1:7c:76:56:
aa:7c:79:85:af:9c:12:c0:07:a7:06:d7:e0:24:c9:
f2:63:d1:49:80:5b:e8:cf:8d:17:a5:87:a8:f4:d1:
c9:ba:fe:10:2b:31:38:8c:07:c3:d8:c9:96:d2:e3:
3a:dc:6e:6e:65:bf:52:80:e6:f8:74:ee:e3:61:b0:
58:98:6b:43:0c:8a:a0:c3:19:47:16:2b:7a:62:60:
e8:49:a4:bd:d3:74:55:14:4b:d1:f4:10:44:75:e0:
14:0d:92:77:e8:6c:61:76:96:29:18:e1:90:be:68:
75:cd:37:e2:22:3d:f3:df:35:27:5d:68:e6:ce:ca:
bb:0f:a6:1a:27:c4:4d:99:f3:17:1b:f3:7f:ac:a7:
92:d4:97:91:6d:30:5d:48:71:71:03:4b:78:7c:b2:
96:ef:61:bb:01:91:9a:a3:02:79:38:06:db:f1:e3:
5b:98:22:a7:be:fc:56:e5:41:b2:c0:88:d8:da:d5:
29:af:25:19:07:7d:c0:51:a7:de:22:05:7e:e9:1c:
80:12:e3:16:21:fe:ab:aa:6f:d9:bc:21:e0:ef:5d:
d7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:BB:98:69:CB:9D:95:71:B7:E8:45:A1:06:17:29:51:F6:7C:47:4D
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:44:57:5f:02:8c:ed:4f:38:2c:e9:15:b1:6f:23:39:3f:63:
98:2f:27:30:7e:d3:f9:01:96:ac:79:d2:a3:8b:61:1e:cc:8d:
93:db:53:dd:dd:85:ca:77:e3:3a:34:07:84:ea:7e:67:90:45:
ea:e2:0f:f4:df:06:9f:31:63:b5:01:86:41:ca:d2:5e:30:99:
94:bb:26:7f:19:28:4c:11:8d:66:b4:28:53:39:d9:0f:fa:a6:
79:81:75:b7:a8:23:57:b3:6e:8e:c6:ba:b2:18:a6:1a:82:34:
04:75:f4:8b:4a:00:fb:af:e6:60:12:36:84:52:d4:40:43:37:
0e:87:c7:c0:09:aa:12:2d:0d:fe:23:e9:4f:46:33:2d:75:c0:
08:76:9d:02:37:ed:29:bd:1c:5d:f1:eb:0f:d2:83:fd:3c:2c:
d7:c0:78:6a:eb:57:6a:b5:a1:18:5e:64:14:72:db:22:7a:36:
c4:73:f9:79:0b:34:8e:17:f3:20:a7:5a:da:9e:cd:77:7e:3f:
3d:9b:3c:6e:2e:58:37:06:ab:77:08:e6:4e:fb:dd:7a:45:c3:
19:3d:ed:96:3d:5c:e0:f8:20:e5:b2:93:30:ad:04:62:d3:c6:
53:2a:3d:4e:f6:96:b5:64:c7:7f:17:0d:43:5c:49:38:8a:90:
c0:78:e7:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/XKBGjObVHxU/lXfjD/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUxMDE5MTUwMTMyWhcNMjUxMDIwMTUwMTMyWjAzMTEwLwYDVQQD
EyhiZGJiOTg2OWNiOWQ5NTcxYjdlODQ1YTEwNjE3Mjk1MWY2N2M0NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nP6TVkOL00VaWomFe+D+fQsvYFl
lr5W8UPky1gJXzPKrQJeCb4AAdF8dlaqfHmFr5wSwAenBtfgJMnyY9FJgFvoz40X
pYeo9NHJuv4QKzE4jAfD2MmW0uM63G5uZb9SgOb4dO7jYbBYmGtDDIqgwxlHFit6
YmDoSaS903RVFEvR9BBEdeAUDZJ36GxhdpYpGOGQvmh1zTfiIj3z3zUnXWjmzsq7
D6YaJ8RNmfMXG/N/rKeS1JeRbTBdSHFxA0t4fLKW72G7AZGaowJ5OAbb8eNbmCKn
vvxW5UGywIjY2tUpryUZB33AUafeIgV+6RyAEuMWIf6rqm/ZvCHg713XUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL27mGnLnZVxt+hFoQYXKVH2fEdNMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF0RXXwKM
7U84LOkVsW8jOT9jmC8nMH7T+QGWrHnSo4thHsyNk9tT3d2FynfjOjQHhOp+Z5BF
6uIP9N8GnzFjtQGGQcrSXjCZlLsmfxkoTBGNZrQoUznZD/qmeYF1t6gjV7Nujsa6
shimGoI0BHX0i0oA+6/mYBI2hFLUQEM3DofHwAmqEi0N/iPpT0YzLXXACHadAjft
Kb0cXfHrD9KD/Tws18B4autXarWhGF5kFHLbIno2xHP5eQs0jhfzIKda2p7Nd34/
PZs8bi5YNwardwjmTvvdekXDGT3tlj1c4Pgg5bKTMK0EYtPGUyo9TvaWtWTHfxcN
Q1xJOIqQwHjn6Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:17:36 2025 by rpki-client