Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft
File: ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft (raw, json)
Hash identifier: VQnNjrBhU8XX/2jtc2t0nLKr6p9Vfucel2pH3EgcsSI=
Subject key identifier: 73:2E:85:50:1F:89:B2:78:C6:F9:A0:E2:9E:25:C9:34:76:0B:31:FE
Authority key identifier: 66:08:99:13:33:29:FA:A5:B5:71:6B:1C:95:FB:AF:93:02:1F:BC:61
Certificate issuer: /CN=660899133329faa5b5716b1c95fbaf93021fbc61
Certificate serial: 019A4E869C6A31E5DE8D0935CA4F5CD771E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgiZEzMp-qW1cWsclfuvkwIfvGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft
Manifest number: 0DF1
Signing time: Tue 04 Nov 2025 11:00:35 +0000
Manifest this update: Tue 04 Nov 2025 11:00:35 +0000
Manifest next update: Wed 05 Nov 2025 11:00:35 +0000
Files and hashes: 1: RA9kR943QDfswVQ2De2E5cFSYaU.roa (hash: jCT5nXHXTc0Nn3QbV8+Qje22n9CHMzdTyZ/tDlKS5Ck=)
2: ZgiZEzMp-qW1cWsclfuvkwIfvGE.crl (hash: qn7XrAXtt6TIM/5pZ2DcJ/aBxTBwWl00uzAqlphBlgo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZgiZEzMp-qW1cWsclfuvkwIfvGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:9c:6a:31:e5:de:8d:09:35:ca:4f:5c:d7:71:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=660899133329faa5b5716b1c95fbaf93021fbc61
Validity
Not Before: Nov 4 11:00:35 2025 GMT
Not After : Nov 5 11:00:35 2025 GMT
Subject: CN=732e85501f89b278c6f9a0e29e25c934760b31fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:4a:fc:2a:81:a0:88:2f:8f:ee:a5:8e:ed:48:
a1:62:c1:2a:18:42:0c:15:06:3d:ce:fd:c7:b8:8c:
ed:3a:6c:b4:3b:f1:7c:ea:47:40:88:cc:03:76:67:
8c:02:6e:24:bb:32:22:a7:d0:dc:0e:38:18:66:b7:
24:fc:17:c5:fd:88:65:5c:d8:1b:45:88:ad:cd:3b:
ec:de:ef:96:80:bc:86:2b:3e:9d:78:94:e9:0c:20:
dd:b9:6c:fd:f0:9a:ae:14:c5:39:bc:5f:81:e7:c5:
69:ef:f8:cf:98:03:d5:98:b3:c8:6c:5b:13:f9:d2:
1e:08:ab:c8:ba:dd:c8:4d:d5:55:a3:54:93:e0:c3:
c5:e4:43:4e:ae:82:81:47:db:cd:9a:fe:2a:59:a0:
d2:2f:6e:5e:d1:a5:f3:22:d8:b2:53:ce:c9:10:32:
4a:46:45:b9:8b:ce:49:60:82:08:20:4d:9e:7e:70:
c9:d3:fb:e9:53:1a:1b:c5:75:56:66:45:fe:69:b3:
ce:46:99:ce:cd:47:e7:59:c2:46:31:87:7c:68:9a:
3c:0e:b7:c3:7d:64:11:e1:86:5d:c7:4e:ee:38:d9:
ba:73:0c:2e:61:a7:da:c4:66:4b:c2:6b:f4:35:e7:
ed:25:41:16:1c:c5:62:19:27:b8:78:28:95:8b:ce:
a2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:2E:85:50:1F:89:B2:78:C6:F9:A0:E2:9E:25:C9:34:76:0B:31:FE
X509v3 Authority Key Identifier:
keyid:66:08:99:13:33:29:FA:A5:B5:71:6B:1C:95:FB:AF:93:02:1F:BC:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgiZEzMp-qW1cWsclfuvkwIfvGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
00:e1:3e:50:0b:b4:37:bc:1f:59:bc:0c:d0:2f:e9:a3:be:d6:
31:4e:d2:2a:88:1a:5e:2f:5f:f8:c6:25:c9:67:8a:3e:12:9c:
37:68:d0:9a:45:f8:3d:d3:4f:16:dc:bf:1f:b3:b7:03:57:e9:
0d:0f:58:b2:e8:1a:16:23:d9:30:32:9b:94:69:6d:cb:73:14:
5a:0c:16:66:29:d4:6b:4f:de:49:37:82:bf:1a:3d:6b:8c:c6:
3d:78:74:d6:5f:31:d6:3d:5c:44:96:7b:9a:82:55:66:24:5e:
e7:3b:61:9e:9b:11:eb:94:d7:f4:fe:7e:52:f8:c2:27:fa:b0:
6d:7a:1b:3b:6b:ee:78:e0:27:db:aa:6a:31:53:33:0e:71:01:
74:7b:95:68:e7:66:6e:ba:47:be:0a:d3:98:f6:ea:51:f2:01:
96:33:a9:dc:ae:c4:4a:0d:b5:2f:d1:fa:21:7c:0a:5e:7c:3a:
e9:81:b4:8f:40:59:6f:6b:4a:d6:e3:6d:c1:31:e6:a8:80:d1:
6b:9d:c2:ea:fd:5d:55:16:c0:31:d8:37:c4:54:3a:49:ec:59:
3f:28:e7:ab:d7:a4:11:b6:a0:38:f4:78:dc:49:ba:f3:fb:25:
d4:7c:8d:e5:c6:33:07:34:55:90:0b:b6:dc:d7:32:a5:b6:70:
26:08:06:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhpxqMeXejQk1yk9c13HiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2MDg5OTEzMzMyOWZhYTViNTcxNmIxYzk1ZmJhZjkzMDIx
ZmJjNjEwHhcNMjUxMTA0MTEwMDM1WhcNMjUxMTA1MTEwMDM1WjAzMTEwLwYDVQQD
Eyg3MzJlODU1MDFmODliMjc4YzZmOWEwZTI5ZTI1YzkzNDc2MGIzMWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzEr8KoGgiC+P7qWO7UihYsEqGEIM
FQY9zv3HuIztOmy0O/F86kdAiMwDdmeMAm4kuzIip9DcDjgYZrck/BfF/YhlXNgb
RYitzTvs3u+WgLyGKz6deJTpDCDduWz98JquFMU5vF+B58Vp7/jPmAPVmLPIbFsT
+dIeCKvIut3ITdVVo1ST4MPF5ENOroKBR9vNmv4qWaDSL25e0aXzItiyU87JEDJK
RkW5i85JYIIIIE2efnDJ0/vpUxobxXVWZkX+abPORpnOzUfnWcJGMYd8aJo8DrfD
fWQR4YZdx07uONm6cwwuYafaxGZLwmv0NeftJUEWHMViGSe4eCiVi86i9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHMuhVAfibJ4xvmg4p4lyTR2CzH+MB8GA1UdIwQY
MBaAFGYImRMzKfqltXFrHJX7r5MCH7xhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmdpWkV6TXAtcVcxY1dzY2xmdXZrd0lmdkdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iZDc1YjEtMTc0Yi00MTdjLTg3NTAt
ZWI4YTQ1M2JjNTZlLzEvWmdpWkV6TXAtcVcxY1dzY2xmdXZrd0lmdkdFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9iZDc1YjEtMTc0Yi00MTdjLTg3NTAtZWI4YTQ1M2JjNTZl
LzEvWmdpWkV6TXAtcVcxY1dzY2xmdXZrd0lmdkdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAOE+UAu0
N7wfWbwM0C/po77WMU7SKogaXi9f+MYlyWeKPhKcN2jQmkX4PdNPFty/H7O3A1fp
DQ9YsugaFiPZMDKblGlty3MUWgwWZinUa0/eSTeCvxo9a4zGPXh01l8x1j1cRJZ7
moJVZiRe5zthnpsR65TX9P5+UvjCJ/qwbXobO2vueOAn26pqMVMzDnEBdHuVaOdm
brpHvgrTmPbqUfIBljOp3K7ESg21L9H6IXwKXnw66YG0j0BZb2tK1uNtwTHmqIDR
a53C6v1dVRbAMdg3xFQ6SexZPyjnq9ekEbagOPR43Em68/sl1HyN5cYzBzRVkAu2
3NcypbZwJggGMg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:50:26 2025 by rpki-client