Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
File: zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft (raw, json)
Hash identifier: NhmwYm/0iVpvlJCiQNDbkh0m/R1IJuFi5je2P8EFCO8=
Subject key identifier: 29:CF:CE:F6:61:F5:04:88:98:5D:FC:8E:BB:57:98:E1:24:76:72:CC
Authority key identifier: CC:8D:F8:80:54:06:0D:F6:85:BB:A9:73:91:23:E8:34:2D:47:9E:84
Certificate issuer: /CN=cc8df88054060df685bba9739123e8342d479e84
Certificate serial: 019873743A257D1B4B78F60F9E92DCA9B8A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
Manifest number: 15B0
Signing time: Mon 04 Aug 2025 05:00:53 +0000
Manifest this update: Mon 04 Aug 2025 05:00:53 +0000
Manifest next update: Tue 05 Aug 2025 05:00:53 +0000
Files and hashes: 1: Kyq8dvDQCWTM4SDI01T-WEma_xs.roa (hash: csmuD1qBTRKUBvLNGvxDwNNOARNFB8rqYka6vl5ZQvQ=)
2: zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl (hash: TxglwCM/ZmDUiWTCMiUv4h6txJUnCKRS+TrUiEQWqSA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:74:3a:25:7d:1b:4b:78:f6:0f:9e:92:dc:a9:b8:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc8df88054060df685bba9739123e8342d479e84
Validity
Not Before: Aug 4 05:00:53 2025 GMT
Not After : Aug 5 05:00:53 2025 GMT
Subject: CN=29cfcef661f50488985dfc8ebb5798e1247672cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:3a:59:f1:54:da:7d:39:46:e6:bd:fd:d3:
35:90:4d:f1:d3:5d:01:64:ba:79:80:72:9f:21:24:
06:51:04:fa:84:c6:f6:e5:cd:d8:34:38:36:a5:55:
09:58:a6:6f:30:dd:ed:fb:82:17:8c:eb:5f:5a:18:
78:b2:41:f5:ca:aa:09:40:c6:b1:73:5b:87:65:d7:
34:21:71:d5:8c:7f:e7:3c:48:be:24:28:2d:d3:23:
77:7d:05:7c:57:ae:13:43:41:69:ce:69:85:ee:71:
f2:eb:52:89:36:41:04:84:ab:d5:ed:ff:66:99:d3:
8a:d6:73:51:2a:09:ea:f4:64:0a:45:de:00:5a:04:
02:3d:6e:02:d4:41:9b:d5:f7:e9:7f:fa:ea:ae:95:
3a:1d:53:6b:80:25:fc:12:d3:0d:6f:d9:4b:29:ec:
e5:d2:0e:62:f9:5a:0c:48:52:e2:8c:de:9a:14:da:
da:f8:26:f6:6a:90:ae:1b:0d:6a:36:b8:17:fe:5b:
bc:5d:fb:63:cd:cf:f3:5c:85:21:77:05:04:ef:9d:
b4:a6:28:91:43:0a:9b:aa:ec:df:61:8c:75:77:e2:
fb:0a:3d:55:82:a3:f0:7a:cd:6e:57:72:60:38:9d:
90:6d:59:7b:67:f6:fd:71:c8:77:87:4c:e0:39:99:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CF:CE:F6:61:F5:04:88:98:5D:FC:8E:BB:57:98:E1:24:76:72:CC
X509v3 Authority Key Identifier:
keyid:CC:8D:F8:80:54:06:0D:F6:85:BB:A9:73:91:23:E8:34:2D:47:9E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zI34gFQGDfaFu6lzkSPoNC1HnoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/db8d38-077f-4d77-9383-dc781cc2a258/1/zI34gFQGDfaFu6lzkSPoNC1HnoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
83:78:f0:d6:d5:a0:a2:47:ed:26:b1:3e:90:3f:14:be:80:f5:
3b:55:e2:4b:96:bb:3a:1f:c8:61:be:ff:68:12:f8:e4:ad:21:
70:a5:e2:68:ba:a2:ae:8a:cb:f2:54:e5:98:5a:de:b8:b6:c2:
63:cb:b2:cc:fc:b2:c7:98:65:40:2a:5f:1d:58:3a:e8:6c:bc:
10:00:9e:10:75:a5:f9:d4:a1:8b:be:de:a6:fb:2b:5c:3c:91:
0c:19:d3:95:95:f2:4f:da:06:3d:d3:3e:cb:fd:d6:57:98:bd:
ad:9c:a4:69:be:1e:2d:88:f9:5d:60:45:80:5b:60:2e:65:71:
18:c9:46:47:37:cd:21:26:cf:7a:da:30:f0:c9:8e:61:c9:07:
39:f8:8e:1d:20:2c:71:78:e5:dc:43:51:02:cc:6a:8d:1c:de:
58:fd:79:2b:b3:86:aa:ed:c1:d0:c5:5f:aa:92:50:13:c6:71:
f5:5e:71:11:c7:11:6f:93:99:ed:05:c6:55:63:e2:b0:8a:28:
61:2b:1a:15:9b:9f:3b:09:d3:59:0b:9d:67:a5:af:68:70:38:
b9:9b:28:a4:ff:ae:25:31:74:d8:e6:ca:6d:00:31:c8:63:61:
ff:bc:c9:26:e9:7b:45:2d:7d:9e:01:71:18:8e:3b:b1:71:14:
d9:56:72:a7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZhzdDolfRtLePYPnpLcqbilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjOGRmODgwNTQwNjBkZjY4NWJiYTk3MzkxMjNlODM0MmQ0
NzllODQwHhcNMjUwODA0MDUwMDUzWhcNMjUwODA1MDUwMDUzWjAzMTEwLwYDVQQD
EygyOWNmY2VmNjYxZjUwNDg4OTg1ZGZjOGViYjU3OThlMTI0NzY3MmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn206WfFU2n05Rua9/dM1kE3x010B
ZLp5gHKfISQGUQT6hMb25c3YNDg2pVUJWKZvMN3t+4IXjOtfWhh4skH1yqoJQMax
c1uHZdc0IXHVjH/nPEi+JCgt0yN3fQV8V64TQ0FpzmmF7nHy61KJNkEEhKvV7f9m
mdOK1nNRKgnq9GQKRd4AWgQCPW4C1EGb1ffpf/rqrpU6HVNrgCX8EtMNb9lLKezl
0g5i+VoMSFLijN6aFNra+Cb2apCuGw1qNrgX/lu8Xftjzc/zXIUhdwUE7520piiR
QwqbquzfYYx1d+L7Cj1VgqPwes1uV3JgOJ2QbVl7Z/b9cch3h0zgOZlFQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnPzvZh9QSImF38jrtXmOEkdnLMMB8GA1UdIwQY
MBaAFMyN+IBUBg32hbupc5Ej6DQtR56EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9kYjhkMzgtMDc3Zi00ZDc3LTkzODMt
ZGM3ODFjYzJhMjU4LzEvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9kYjhkMzgtMDc3Zi00ZDc3LTkzODMtZGM3ODFjYzJhMjU4
LzEvekkzNGdGUUdEZmFGdTZsemtTUG9OQzFIbm9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3jw1tWg
okftJrE+kD8UvoD1O1XiS5a7Oh/IYb7/aBL45K0hcKXiaLqirorL8lTlmFreuLbC
Y8uyzPyyx5hlQCpfHVg66Gy8EACeEHWl+dShi77epvsrXDyRDBnTlZXyT9oGPdM+
y/3WV5i9rZykab4eLYj5XWBFgFtgLmVxGMlGRzfNISbPetow8MmOYckHOfiOHSAs
cXjl3ENRAsxqjRzeWP15K7OGqu3B0MVfqpJQE8Zx9V5xEccRb5OZ7QXGVWPisIoo
YSsaFZufOwnTWQudZ6WvaHA4uZsopP+uJTF02ObKbQAxyGNh/7zJJul7RS19ngFx
GI47sXEU2VZypw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 11:17:41 2025 by rpki-client