Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json)
Hash identifier: 9/50Htd5xPrUB2F/YEbzTNY/KWbTThIoaCG0z7bAmfQ=
Subject key identifier: B9:21:DF:C3:22:EE:D6:3C:D8:A7:3B:09:BF:A3:0A:37:84:86:7F:B4
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 01988D6BA5B22D0712F77D102E307B3C04DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
Manifest number: 0F77
Signing time: Sat 09 Aug 2025 06:01:38 +0000
Manifest this update: Sat 09 Aug 2025 06:01:38 +0000
Manifest next update: Sun 10 Aug 2025 06:01:38 +0000
Files and hashes: 1: clDd21QzHwOlwdLoUbCFlA9N4Bc.roa (hash: b4fVPg9ViPXbDXBeIAFrk3g5qdFMK0V6puBPZsjXHfs=)
2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: eatpYXmp6mDU9BT6cRPiUgqj0g5lNI0SFDcZrZv92HA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8d:6b:a5:b2:2d:07:12:f7:7d:10:2e:30:7b:3c:04:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Aug 9 06:01:38 2025 GMT
Not After : Aug 10 06:01:38 2025 GMT
Subject: CN=b921dfc322eed63cd8a73b09bfa30a3784867fb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:db:87:9c:92:6a:ee:91:29:20:05:7e:11:c6:
f6:ab:97:1f:95:3f:19:f6:dd:75:aa:82:4e:cc:30:
1d:94:ce:30:8e:e2:85:40:62:d2:05:a5:bd:2b:f8:
f3:58:cc:dc:2c:22:cc:c3:d1:35:f7:17:1c:e5:68:
80:05:7f:c3:d4:e1:7e:ea:4f:40:7e:a5:ef:74:dd:
41:ec:ac:94:a7:fd:63:e8:c7:60:29:95:50:7d:b0:
d4:cb:a9:15:b1:e0:65:64:33:9a:71:fd:35:d9:23:
85:73:ab:6d:d6:81:df:be:75:bb:78:be:22:39:7e:
32:f6:76:a5:db:55:08:aa:c3:b9:5b:19:48:42:eb:
f5:88:0a:b3:fa:d9:82:3d:4f:0f:95:fc:f5:9c:ca:
90:7a:83:d1:b3:08:59:30:08:b7:21:56:26:c8:9a:
44:15:85:d4:cf:43:c5:51:80:71:8d:0f:3f:f8:a6:
cd:b2:d5:50:f1:77:e1:8c:15:8e:f7:df:91:2b:de:
a2:66:aa:7a:0f:4d:52:43:1e:97:d0:21:8d:c1:21:
ff:d6:65:56:34:57:4e:22:a5:4f:57:f0:90:a9:2e:
34:b8:3e:26:75:18:8e:01:0c:dc:62:14:b1:28:3d:
79:cf:f4:89:8d:9b:4b:91:52:34:14:0e:3f:be:a8:
43:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:21:DF:C3:22:EE:D6:3C:D8:A7:3B:09:BF:A3:0A:37:84:86:7F:B4
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:73:82:53:a8:0e:2a:e9:80:27:84:cc:6e:ac:9f:1a:76:4f:
de:fa:3d:cd:e9:4c:6a:50:27:87:11:14:c4:0e:95:7b:0b:53:
7f:0d:0d:9f:dc:55:bb:c8:21:1b:c4:43:2d:f5:e2:c4:79:dd:
05:fb:75:a1:71:d7:4d:35:7e:70:b5:cf:8f:f5:5d:44:7a:2b:
32:a0:a0:af:7e:37:0e:74:7d:00:b6:63:23:98:a7:13:46:62:
37:5e:d2:04:84:c8:3c:3a:3a:8a:d6:c5:70:ec:1a:d2:ad:07:
0a:c0:77:f2:55:c8:15:b9:0b:91:97:ae:4f:16:6b:bc:4e:2f:
7c:92:25:fa:4a:cd:81:dc:c8:06:47:18:ef:3e:a3:03:23:8a:
69:de:80:a1:87:cd:f3:af:9f:05:31:e9:65:b9:d8:70:c4:15:
a7:24:20:ea:0f:96:fe:24:ce:0f:c5:e1:07:43:51:d5:67:fa:
67:82:06:38:b5:86:f2:39:30:56:72:8e:59:05:80:22:35:16:
75:c3:c9:ee:4f:21:da:e3:06:07:3b:c0:e1:34:40:41:73:95:
df:ce:fa:86:dd:d3:c6:b2:a3:be:12:d4:30:23:b3:27:e9:11:
2c:a2:ff:b8:28:3d:50:c9:03:70:58:9d:1a:ee:13:bb:ba:33:
6e:f3:ac:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiNa6WyLQcS930QLjB7PATbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjUwODA5MDYwMTM4WhcNMjUwODEwMDYwMTM4WjAzMTEwLwYDVQQD
EyhiOTIxZGZjMzIyZWVkNjNjZDhhNzNiMDliZmEzMGEzNzg0ODY3ZmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApduHnJJq7pEpIAV+Ecb2q5cflT8Z
9t11qoJOzDAdlM4wjuKFQGLSBaW9K/jzWMzcLCLMw9E19xcc5WiABX/D1OF+6k9A
fqXvdN1B7KyUp/1j6MdgKZVQfbDUy6kVseBlZDOacf012SOFc6tt1oHfvnW7eL4i
OX4y9nal21UIqsO5WxlIQuv1iAqz+tmCPU8Plfz1nMqQeoPRswhZMAi3IVYmyJpE
FYXUz0PFUYBxjQ8/+KbNstVQ8XfhjBWO99+RK96iZqp6D01SQx6X0CGNwSH/1mVW
NFdOIqVPV/CQqS40uD4mdRiOAQzcYhSxKD15z/SJjZtLkVI0FA4/vqhDtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLkh38Mi7tY82Kc7Cb+jCjeEhn+0MB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi3OCU6gO
KumAJ4TMbqyfGnZP3vo9zelMalAnhxEUxA6VewtTfw0Nn9xVu8ghG8RDLfXixHnd
Bft1oXHXTTV+cLXPj/VdRHorMqCgr343DnR9ALZjI5inE0ZiN17SBITIPDo6itbF
cOwa0q0HCsB38lXIFbkLkZeuTxZrvE4vfJIl+krNgdzIBkcY7z6jAyOKad6AoYfN
86+fBTHpZbnYcMQVpyQg6g+W/iTOD8XhB0NR1Wf6Z4IGOLWG8jkwVnKOWQWAIjUW
dcPJ7k8h2uMGBzvA4TRAQXOV3876ht3TxrKjvhLUMCOzJ+kRLKL/uCg9UMkDcFid
Gu4Tu7ozbvOsbw==
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:35:24 2025 by rpki-client