Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
File: ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft (raw, json)
Hash identifier: iXlGYTTNiALWbhmN9WCutw+SD6YjSSgkdP5KrDa3gEY=
Subject key identifier: 27:B2:72:BD:EC:AA:57:B2:80:BC:79:15:1C:27:BC:54:AD:C7:7F:FA
Authority key identifier: 64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
Certificate issuer: /CN=64daba15d1d366cb53095412d06490e23498e170
Certificate serial: 019A4EF5E89420E7672607BDEEED4285AC4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
Manifest number: 170B
Signing time: Tue 04 Nov 2025 13:02:09 +0000
Manifest this update: Tue 04 Nov 2025 13:02:09 +0000
Manifest next update: Wed 05 Nov 2025 13:02:09 +0000
Files and hashes: 1: 7vdGx51ck_YIgYpkt1SPNVfsVKE.roa (hash: Nw+uAqY1I65YKmQSbXqROB23bDhd2atga2x/5hREPHM=)
2: ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl (hash: /2YjUXnvuUsL7noeAtO264J8QU1HVErJ0GPnYlVe5tE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:e8:94:20:e7:67:26:07:bd:ee:ed:42:85:ac:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64daba15d1d366cb53095412d06490e23498e170
Validity
Not Before: Nov 4 13:02:09 2025 GMT
Not After : Nov 5 13:02:09 2025 GMT
Subject: CN=27b272bdecaa57b280bc79151c27bc54adc77ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1b:a7:76:46:6e:f0:93:ac:78:3d:47:1b:7f:
cb:c1:b0:c1:f8:fa:af:1e:4a:b1:f2:25:11:11:4a:
17:8a:14:f2:b0:11:4d:8e:be:72:04:85:26:c6:f6:
b5:31:3b:ae:1f:c4:9b:ad:c2:f2:f3:85:85:70:26:
08:8a:6c:d0:4d:24:af:bf:ac:5d:9f:17:91:12:12:
cd:81:e3:e6:03:f1:7d:dc:21:f2:ba:f6:76:9b:8a:
a7:f9:60:54:5b:e8:d1:18:b9:96:8c:5d:e1:25:16:
92:8c:ca:e8:93:7d:3e:5e:ea:70:6f:bd:fb:78:b1:
71:f2:52:37:8b:7e:db:34:a2:6a:d7:cb:fc:5a:7a:
8a:2f:86:14:65:fe:b8:75:8e:c9:7f:83:eb:15:3d:
21:d9:4a:75:4b:4f:23:fc:ad:27:20:27:72:74:74:
6e:a2:de:db:98:25:0e:f8:96:14:94:49:6f:f4:77:
4b:64:62:60:f2:58:8b:27:a1:03:8f:96:de:41:51:
6f:7b:3f:af:ea:3e:28:05:96:be:0e:bc:4b:4e:7c:
5f:e6:88:fd:22:d0:98:61:99:18:38:35:31:ed:5c:
3f:71:41:64:56:3c:69:ad:30:66:94:e0:74:bc:d7:
10:7c:50:73:44:cf:16:f9:d9:dd:ed:7d:d9:ab:ad:
ee:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:B2:72:BD:EC:AA:57:B2:80:BC:79:15:1C:27:BC:54:AD:C7:7F:FA
X509v3 Authority Key Identifier:
keyid:64:DA:BA:15:D1:D3:66:CB:53:09:54:12:D0:64:90:E2:34:98:E1:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/736db2-0c64-45ed-833a-a94dd8ccaf9f/1/ZNq6FdHTZstTCVQS0GSQ4jSY4XA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
69:81:de:11:73:df:bf:61:7c:c9:4a:2e:c5:23:82:6a:d9:f6:
f7:20:c8:e0:23:c5:a4:06:74:cb:86:66:ac:a8:ae:fc:ea:a5:
ae:c2:2c:95:80:6a:19:f5:d1:64:f4:cb:dd:23:87:52:f6:cc:
4e:fc:7f:ba:80:e7:11:10:bc:ff:d3:55:6a:bc:87:10:1f:37:
12:30:96:01:15:23:5b:73:d2:05:ea:f9:e7:b3:d1:1c:61:44:
50:6b:ee:8a:f4:7f:37:e3:05:69:ab:e1:06:94:56:4c:26:84:
3f:37:b7:45:75:04:72:3b:88:42:07:80:83:af:03:ea:be:01:
d2:00:5d:a4:8c:f8:bc:ff:98:64:61:12:a4:1d:0c:8f:de:08:
b3:0c:d7:5f:5d:ae:e2:d3:56:ac:ad:77:a6:41:30:31:f9:79:
a9:8a:05:52:2c:2d:a6:ad:56:e1:1e:2d:ed:c7:cc:8c:52:dc:
a7:65:e6:e3:f2:c4:92:eb:c7:7c:7d:41:46:4e:df:ef:7d:8c:
61:57:70:5d:8d:21:d9:3f:ac:a3:43:64:86:75:3a:d9:7c:e8:
74:ee:07:82:33:45:8b:29:37:d8:98:d7:98:b4:9c:7a:86:f5:
29:93:98:33:d0:6b:97:65:29:9e:3b:4a:d8:9d:1a:88:0f:85:
b4:26:d7:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9eiUIOdnJge97u1ChaxMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGFiYTE1ZDFkMzY2Y2I1MzA5NTQxMmQwNjQ5MGUyMzQ5
OGUxNzAwHhcNMjUxMTA0MTMwMjA5WhcNMjUxMTA1MTMwMjA5WjAzMTEwLwYDVQQD
EygyN2IyNzJiZGVjYWE1N2IyODBiYzc5MTUxYzI3YmM1NGFkYzc3ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4BundkZu8JOseD1HG3/LwbDB+Pqv
Hkqx8iUREUoXihTysBFNjr5yBIUmxva1MTuuH8SbrcLy84WFcCYIimzQTSSvv6xd
nxeREhLNgePmA/F93CHyuvZ2m4qn+WBUW+jRGLmWjF3hJRaSjMrok30+Xupwb737
eLFx8lI3i37bNKJq18v8WnqKL4YUZf64dY7Jf4PrFT0h2Up1S08j/K0nICdydHRu
ot7bmCUO+JYUlElv9HdLZGJg8liLJ6EDj5beQVFvez+v6j4oBZa+DrxLTnxf5oj9
ItCYYZkYODUx7Vw/cUFkVjxprTBmlOB0vNcQfFBzRM8W+dnd7X3Zq63uhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCeycr3sqleygLx5FRwnvFStx3/6MB8GA1UdIwQY
MBaAFGTauhXR02bLUwlUEtBkkOI0mOFwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2Et
YTk0ZGQ4Y2NhZjlmLzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi83MzZkYjItMGM2NC00NWVkLTgzM2EtYTk0ZGQ4Y2NhZjlm
LzEvWk5xNkZkSFRac3RUQ1ZRUzBHU1E0alNZNFhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaYHeEXPf
v2F8yUouxSOCatn29yDI4CPFpAZ0y4ZmrKiu/OqlrsIslYBqGfXRZPTL3SOHUvbM
Tvx/uoDnERC8/9NVaryHEB83EjCWARUjW3PSBer557PRHGFEUGvuivR/N+MFaavh
BpRWTCaEPze3RXUEcjuIQgeAg68D6r4B0gBdpIz4vP+YZGESpB0Mj94IswzXX12u
4tNWrK13pkEwMfl5qYoFUiwtpq1W4R4t7cfMjFLcp2Xm4/LEkuvHfH1BRk7f732M
YVdwXY0h2T+so0NkhnU62XzodO4HgjNFiyk32JjXmLSceob1KZOYM9Brl2UpnjtK
2J0aiA+FtCbXwg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:04:52 2025 by rpki-client