Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: C0f2xLpsvBDyFy2Q/DD3Zjlqo9jpJ3+EJCVpWnBbVM8=
Subject key identifier: 7C:0B:34:E2:4C:E0:31:52:D0:1F:2B:7D:14:07:14:F4:53:0D:4E:A2
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 0198D58392CDA6A8A1B542E52CDE0272223B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 164A
Signing time: Sat 23 Aug 2025 06:00:26 +0000
Manifest this update: Sat 23 Aug 2025 06:00:26 +0000
Manifest next update: Sun 24 Aug 2025 06:00:26 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: lmZC39MSCWfIrvkgbfxMZH+qTqSiwc7Oa7bLb0RJbtA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:83:92:cd:a6:a8:a1:b5:42:e5:2c:de:02:72:22:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Aug 23 06:00:26 2025 GMT
Not After : Aug 24 06:00:26 2025 GMT
Subject: CN=7c0b34e24ce03152d01f2b7d140714f4530d4ea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bf:c2:15:de:f4:9e:74:6f:c1:41:6c:89:00:
6f:3d:d9:58:3e:1e:5a:67:c8:01:98:f3:10:a8:f9:
2e:b0:5b:d0:7d:2c:df:ba:9a:4d:32:00:82:4d:75:
b8:81:de:ca:a1:00:e0:85:47:31:ed:59:f2:d9:c3:
d3:30:9a:a5:29:32:2c:db:b4:a4:b5:31:4f:ec:dd:
81:be:66:6f:a9:d3:26:fa:47:47:33:eb:9d:2c:67:
6d:a2:a3:74:a5:dd:c3:8f:f4:1f:84:60:13:06:cd:
6b:0e:1d:00:73:4a:85:9d:f0:38:64:e6:e8:b9:67:
12:62:af:01:1b:9d:0a:ce:05:c9:d9:05:ab:c9:db:
44:2c:11:c1:d9:ee:d7:0a:b2:59:03:84:46:bd:e6:
aa:e6:67:1b:62:3f:5d:e9:42:40:65:67:1c:10:08:
43:a3:b7:b7:29:2b:7d:18:6e:3a:0f:30:dc:a4:21:
7c:64:e8:bf:9c:64:ba:6f:68:42:0b:76:b2:bd:83:
10:5e:c7:ac:9b:ff:83:ce:bc:77:e8:54:db:7b:25:
e8:8a:94:c0:9c:59:f8:ad:44:7d:c0:3e:aa:0e:c9:
78:0b:52:3e:e6:07:5d:e1:d6:7b:84:7e:e6:92:64:
00:a9:40:6a:3c:f8:b0:28:65:bd:1d:99:2c:43:4b:
bb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:0B:34:E2:4C:E0:31:52:D0:1F:2B:7D:14:07:14:F4:53:0D:4E:A2
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:7b:82:ac:4c:a9:85:5e:ff:28:fe:7a:c9:d7:49:28:31:8c:
f8:72:f0:32:67:d1:2f:4d:e7:9d:c2:e5:bd:1f:3f:c3:55:e7:
19:4c:cd:c6:3b:2b:2d:57:d1:c9:9c:c8:37:a1:e5:18:7b:4d:
bc:cc:ae:3c:8a:17:8a:8a:5e:86:29:61:27:40:be:b5:dc:b5:
64:cb:b5:f8:33:b6:ed:07:e0:ba:0c:ac:75:eb:d5:89:a7:f4:
d9:96:0d:b7:6b:e6:b0:33:a4:82:73:01:d3:ea:bf:ea:82:16:
1b:82:29:89:01:60:74:09:ca:76:bc:ca:b6:d3:66:bd:49:e7:
72:be:eb:e1:a5:b2:59:2f:56:2b:e2:8e:f4:a8:c0:9c:70:c9:
a9:42:87:5a:21:44:22:b1:43:39:40:75:39:46:be:9c:ce:c0:
50:be:af:35:31:a1:f6:22:e5:06:82:fe:33:af:0e:5c:69:95:
dd:b5:e6:77:85:54:91:85:00:48:72:56:30:7f:0b:b4:bc:a6:
9a:09:e5:82:be:b0:ab:01:a2:e9:5b:b8:77:f0:34:fc:3a:9d:
fb:d4:1f:9c:d1:e5:ab:ae:06:db:25:1c:d9:b7:38:fe:99:38:
c5:fd:6c:4b:3c:2d:d9:59:c3:40:e1:2b:9e:50:8e:21:6c:e7:
6c:58:95:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZjVg5LNpqihtULlLN4CciI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwODIzMDYwMDI2WhcNMjUwODI0MDYwMDI2WjAzMTEwLwYDVQQD
Eyg3YzBiMzRlMjRjZTAzMTUyZDAxZjJiN2QxNDA3MTRmNDUzMGQ0ZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7/CFd70nnRvwUFsiQBvPdlYPh5a
Z8gBmPMQqPkusFvQfSzfuppNMgCCTXW4gd7KoQDghUcx7Vny2cPTMJqlKTIs27Sk
tTFP7N2BvmZvqdMm+kdHM+udLGdtoqN0pd3Dj/QfhGATBs1rDh0Ac0qFnfA4ZObo
uWcSYq8BG50KzgXJ2QWrydtELBHB2e7XCrJZA4RGveaq5mcbYj9d6UJAZWccEAhD
o7e3KSt9GG46DzDcpCF8ZOi/nGS6b2hCC3ayvYMQXsesm/+Dzrx36FTbeyXoipTA
nFn4rUR9wD6qDsl4C1I+5gdd4dZ7hH7mkmQAqUBqPPiwKGW9HZksQ0u7fQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHwLNOJM4DFS0B8rfRQHFPRTDU6iMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlnuCrEyp
hV7/KP56yddJKDGM+HLwMmfRL03nncLlvR8/w1XnGUzNxjsrLVfRyZzIN6HlGHtN
vMyuPIoXiopehilhJ0C+tdy1ZMu1+DO27QfgugysdevViaf02ZYNt2vmsDOkgnMB
0+q/6oIWG4IpiQFgdAnKdrzKttNmvUnncr7r4aWyWS9WK+KO9KjAnHDJqUKHWiFE
IrFDOUB1OUa+nM7AUL6vNTGh9iLlBoL+M68OXGmV3bXmd4VUkYUASHJWMH8LtLym
mgnlgr6wqwGi6Vu4d/A0/Dqd+9QfnNHlq64G2yUc2bc4/pk4xf1sSzwt2VnDQOEr
nlCOIWznbFiV6Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:35:58 2025 by rpki-client