Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json)
Hash identifier: ww4ka6gTFSPse3C/uH4Pd7Bwr230UVGdKRIpHKO8ju0=
Subject key identifier: 6A:AA:8B:4D:07:3D:61:93:FB:1B:5B:56:80:5C:C1:4A:4F:9A:3D:4F
Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Certificate serial: 019A4EF533FC95D559D8A885630F0D7D1343
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 13:01:23 +0000
Manifest this update: Tue 04 Nov 2025 13:01:23 +0000
Manifest next update: Wed 05 Nov 2025 13:01:23 +0000
Files and hashes: 1: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: uyg2nrAssvDd89kWySdmPxT5HL26Aog5BjuG9lZnj94=)
2: zwMZXsX6Z6y_GtPEpsaBS7FPtIU.roa (hash: bi378rHsH1o9Uq16RD7qe5x44q14EkwJzXLivtK1Naw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:33:fc:95:d5:59:d8:a8:85:63:0f:0d:7d:13:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa
Validity
Not Before: Nov 4 13:01:23 2025 GMT
Not After : Nov 5 13:01:23 2025 GMT
Subject: CN=6aaa8b4d073d6193fb1b5b56805cc14a4f9a3d4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:50:2a:29:34:ca:43:a9:52:cb:b6:08:40:fc:
92:32:e6:aa:c0:ec:12:c0:b6:24:89:34:07:6c:19:
e5:9c:fa:fa:c3:90:3d:47:d7:8d:b4:b3:fa:4f:5a:
3d:5a:fe:6e:af:02:52:8f:75:54:79:3f:e6:e0:e5:
8a:61:8c:15:59:10:29:ba:6a:ef:2a:48:c2:91:6c:
5d:74:4c:c4:2b:f8:e5:47:e9:45:4d:41:cf:f0:9e:
85:83:b5:46:23:d5:99:fd:80:2c:4d:05:f4:5a:f9:
b9:6d:1f:2b:2d:d6:26:af:e1:0f:02:ca:cb:fa:24:
ea:df:5e:29:79:2e:e2:24:5a:8a:25:b3:58:24:26:
b9:72:70:11:03:d0:6d:b4:10:e1:59:54:2a:a9:26:
6b:4b:46:77:97:11:b5:25:50:4b:c0:c5:33:58:86:
dc:a7:20:e9:b7:df:7a:0a:1b:a2:4d:b1:24:69:b5:
6c:47:cf:3e:26:18:d8:82:8e:a1:16:3f:44:f3:cb:
7d:07:d1:85:19:2d:0d:d2:09:03:13:a2:ac:8a:dc:
f6:71:f4:42:fa:4a:e0:1a:0f:38:d3:b1:79:4b:a9:
aa:22:1a:9b:a2:42:ef:31:98:80:f2:00:c3:13:e2:
e9:d8:3c:02:54:81:e3:7a:d7:89:09:41:f0:7e:3c:
01:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AA:8B:4D:07:3D:61:93:FB:1B:5B:56:80:5C:C1:4A:4F:9A:3D:4F
X509v3 Authority Key Identifier:
keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:0e:0e:28:a8:39:2e:0e:c7:4d:f8:1f:e5:ae:83:ca:e5:cb:
cf:0f:9f:93:6b:d7:15:09:6b:1b:be:f7:7b:6b:c7:6f:de:e0:
8e:00:ec:15:fe:66:52:29:6a:f5:52:ff:7a:1a:2b:92:ee:7b:
e0:6a:8b:b9:6a:f2:ad:42:5f:ad:57:9f:c4:2b:c2:3e:a6:fb:
0f:42:9d:c2:29:95:e9:ff:de:fd:86:30:a9:9d:39:4e:fb:75:
35:07:7d:00:3e:88:61:8e:67:6b:c1:b8:87:07:d9:80:59:a5:
a0:e2:a2:0f:18:8b:d0:f2:c2:8e:d6:54:74:1f:a7:7f:5d:38:
51:a7:d0:ef:9f:54:84:80:6c:e3:ec:ef:70:94:48:63:f4:bc:
73:d4:47:f9:d1:20:8d:e8:ea:97:14:30:e3:fa:5f:c5:de:90:
53:b0:d4:82:33:23:68:64:d7:46:80:6a:28:34:a1:57:94:14:
61:d1:ad:48:15:ac:a5:da:a3:4c:b8:51:80:76:db:0b:2a:1c:
51:db:13:a7:32:5b:f8:57:c5:2c:36:fe:15:7d:df:38:a2:51:
b4:52:eb:7e:76:ca:44:2c:ac:69:21:32:d7:74:c4:2a:42:14:
35:02:ef:ae:6f:70:19:ae:a0:ed:4f:72:b9:88:20:e4:32:e3:
89:31:71:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9TP8ldVZ2KiFYw8NfRNDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz
ODg1YWEwHhcNMjUxMTA0MTMwMTIzWhcNMjUxMTA1MTMwMTIzWjAzMTEwLwYDVQQD
Eyg2YWFhOGI0ZDA3M2Q2MTkzZmIxYjViNTY4MDVjYzE0YTRmOWEzZDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1AqKTTKQ6lSy7YIQPySMuaqwOwS
wLYkiTQHbBnlnPr6w5A9R9eNtLP6T1o9Wv5urwJSj3VUeT/m4OWKYYwVWRApumrv
KkjCkWxddEzEK/jlR+lFTUHP8J6Fg7VGI9WZ/YAsTQX0Wvm5bR8rLdYmr+EPAsrL
+iTq314peS7iJFqKJbNYJCa5cnARA9BttBDhWVQqqSZrS0Z3lxG1JVBLwMUzWIbc
pyDpt996ChuiTbEkabVsR88+JhjYgo6hFj9E88t9B9GFGS0N0gkDE6Ksitz2cfRC
+krgGg8407F5S6mqIhqbokLvMZiA8gDDE+Lp2DwCVIHjeteJCUHwfjwB+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGqqi00HPWGT+xtbVoBcwUpPmj1PMB8GA1UdIwQY
MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt
YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3
LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIA4OKKg5
Lg7HTfgf5a6DyuXLzw+fk2vXFQlrG773e2vHb97gjgDsFf5mUilq9VL/ehorku57
4GqLuWryrUJfrVefxCvCPqb7D0KdwimV6f/e/YYwqZ05Tvt1NQd9AD6IYY5na8G4
hwfZgFmloOKiDxiL0PLCjtZUdB+nf104UafQ759UhIBs4+zvcJRIY/S8c9RH+dEg
jejqlxQw4/pfxd6QU7DUgjMjaGTXRoBqKDShV5QUYdGtSBWspdqjTLhRgHbbCyoc
UdsTpzJb+FfFLDb+FX3fOKJRtFLrfnbKRCysaSEy13TEKkIUNQLvrm9wGa6g7U9y
uYgg5DLjiTFxgg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:37:25 2025 by rpki-client