Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: j0Av7WMmkKVAzKa65P7JJMp07DNNQYIdc4G0Z8VoNqs=
Subject key identifier: C0:91:88:36:42:94:B9:42:42:39:66:79:4B:1F:4E:2E:8A:6B:61:60
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 0197B9A1BB8C04639DB6716E37F4AC20CC93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 15B7
Signing time: Sun 29 Jun 2025 03:01:13 +0000
Manifest this update: Sun 29 Jun 2025 03:01:13 +0000
Manifest next update: Mon 30 Jun 2025 03:01:13 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: GwSpOfVqNH4z7lf9zrQGBpKFLs82ZYxSNm/q8vwZjU0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 03:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b9:a1:bb:8c:04:63:9d:b6:71:6e:37:f4:ac:20:cc:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Jun 29 03:01:13 2025 GMT
Not After : Jun 30 03:01:13 2025 GMT
Subject: CN=c09188364294b942423966794b1f4e2e8a6b6160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1b:1d:df:36:6e:ec:b0:d3:43:4c:82:52:d2:
65:4d:76:87:7a:a7:98:80:81:bb:81:4c:5d:e5:5a:
91:91:d0:f3:ab:3c:78:69:5d:23:a5:b6:b6:60:1c:
61:cb:c4:1f:c9:e1:1e:a6:ee:56:cb:b6:ec:ad:0e:
b3:22:e0:91:f4:7b:c0:5b:38:1d:2c:92:d1:86:db:
45:75:19:37:b8:8c:de:c8:e3:44:06:ed:aa:91:45:
be:2a:61:e6:13:a1:63:f8:72:a1:a0:7a:39:0b:0b:
9d:ec:2b:99:bd:a9:0c:d4:05:24:5f:1f:c0:bd:9b:
c6:e9:e1:35:ac:6d:26:21:49:9e:4a:bb:de:47:b4:
eb:70:7f:3e:8f:d8:38:5e:a1:4b:59:34:9c:ad:b7:
66:7b:34:6e:cb:e1:5e:ce:9c:8c:19:35:d0:1f:e5:
28:c3:1f:26:a0:7d:81:15:39:c0:d8:5d:66:e5:7a:
c1:0d:d5:5b:ba:6b:87:7e:95:f5:a3:ca:91:6a:18:
0a:91:ee:21:ad:83:0b:42:91:66:36:29:ef:dd:62:
31:38:d9:42:70:dd:19:59:b7:16:3b:71:8b:ec:da:
b9:c8:2b:92:2d:24:28:f7:4a:9e:96:b4:22:e3:69:
f7:c3:bb:8d:c9:22:8d:98:20:43:cc:2a:2e:76:81:
1f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:91:88:36:42:94:B9:42:42:39:66:79:4B:1F:4E:2E:8A:6B:61:60
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:5a:67:51:9d:3b:ed:9d:d7:1b:db:e2:01:81:0a:ed:ba:a8:
d1:ab:5b:03:4d:20:c9:00:44:87:52:7e:c3:d3:14:f5:99:42:
87:f6:eb:9e:50:9a:af:94:fb:4e:f8:5e:d0:1b:2c:65:db:dd:
96:f7:66:cb:42:76:7d:81:38:a4:b6:07:6e:a9:d2:8d:98:ac:
1b:83:eb:45:14:43:41:69:ca:64:38:9a:a1:f3:b1:2e:dd:47:
7e:a3:7c:1e:23:3f:9e:7a:ee:31:b2:86:27:54:7d:11:b6:42:
ae:05:79:6c:9e:ba:8c:ab:e1:27:b0:01:21:f8:29:97:bf:b6:
d9:e2:50:2a:77:e4:82:e2:0d:6d:7c:69:a6:95:df:43:6e:0d:
19:4d:6d:a2:2c:ee:f5:50:9b:75:53:69:19:90:c3:de:e1:77:
e6:5d:2f:f3:6c:08:a8:b3:33:78:93:eb:c5:f3:24:f6:59:c7:
f3:89:0c:3f:d7:00:50:73:cb:11:77:b7:3d:15:23:1e:d4:60:
06:2c:ed:67:eb:fc:17:21:47:9c:2f:65:02:cd:61:bf:38:e3:
6c:61:48:e7:ed:99:a5:1e:bb:7b:1a:22:7d:14:23:d2:f3:b9:
24:cb:3e:3c:22:0d:19:58:40:c3:e5:16:57:e5:4d:33:ec:ec:
c1:f8:3b:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZe5obuMBGOdtnFuN/SsIMyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwNjI5MDMwMTEzWhcNMjUwNjMwMDMwMTEzWjAzMTEwLwYDVQQD
EyhjMDkxODgzNjQyOTRiOTQyNDIzOTY2Nzk0YjFmNGUyZThhNmI2MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRsd3zZu7LDTQ0yCUtJlTXaHeqeY
gIG7gUxd5VqRkdDzqzx4aV0jpba2YBxhy8QfyeEepu5Wy7bsrQ6zIuCR9HvAWzgd
LJLRhttFdRk3uIzeyONEBu2qkUW+KmHmE6Fj+HKhoHo5Cwud7CuZvakM1AUkXx/A
vZvG6eE1rG0mIUmeSrveR7TrcH8+j9g4XqFLWTScrbdmezRuy+FezpyMGTXQH+Uo
wx8moH2BFTnA2F1m5XrBDdVbumuHfpX1o8qRahgKke4hrYMLQpFmNinv3WIxONlC
cN0ZWbcWO3GL7Nq5yCuSLSQo90qelrQi42n3w7uNySKNmCBDzCoudoEf8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMCRiDZClLlCQjlmeUsfTi6Ka2FgMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaFpnUZ07
7Z3XG9viAYEK7bqo0atbA00gyQBEh1J+w9MU9ZlCh/brnlCar5T7Tvhe0BssZdvd
lvdmy0J2fYE4pLYHbqnSjZisG4PrRRRDQWnKZDiaofOxLt1HfqN8HiM/nnruMbKG
J1R9EbZCrgV5bJ66jKvhJ7ABIfgpl7+22eJQKnfkguINbXxpppXfQ24NGU1toizu
9VCbdVNpGZDD3uF35l0v82wIqLMzeJPrxfMk9lnH84kMP9cAUHPLEXe3PRUjHtRg
BiztZ+v8FyFHnC9lAs1hvzjjbGFI5+2ZpR67exoifRQj0vO5JMs+PCINGVhAw+UW
V+VNM+zswfg7wA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:31:07 2025 by rpki-client