Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
File: Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft (raw, json)
Hash identifier: NRcjH3dhqdRx8Nz+SWoyLteCPOX+GaBfnrt4f3o5OuI=
Subject key identifier: 8C:D9:FA:35:82:25:9A:24:54:00:91:07:F0:23:E0:3A:3F:EB:D8:D1
Authority key identifier: 67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
Certificate issuer: /CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Certificate serial: 019A4DE18FD5639D1B2C42455B7DD3A478CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
Manifest number: 0D21
Signing time: Tue 04 Nov 2025 08:00:19 +0000
Manifest this update: Tue 04 Nov 2025 08:00:19 +0000
Manifest next update: Wed 05 Nov 2025 08:00:19 +0000
Files and hashes: 1: IyubcYm7YNGoTHG6Zyl3Cm2IkRw.roa (hash: 4lmGSbybL+9qT7cvm7erjsIQir7v2NPime1p2riEn1k=)
2: Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl (hash: tSIGIBNm0axxmALUgiy2nFbhm5PLJpUaBCwTt4tRF1A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:8f:d5:63:9d:1b:2c:42:45:5b:7d:d3:a4:78:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67e1cedfe0826f0f9775bdfa8e9425300bde9f13
Validity
Not Before: Nov 4 08:00:19 2025 GMT
Not After : Nov 5 08:00:19 2025 GMT
Subject: CN=8cd9fa3582259a2454009107f023e03a3febd8d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e2:54:d6:14:48:33:96:40:e0:9b:37:07:35:
a0:0e:b3:68:30:0e:95:9b:d8:ec:8f:a8:36:f3:af:
f2:46:20:05:64:ce:6e:38:bf:08:c3:5d:47:68:6e:
9a:6d:7a:c9:ae:1c:0f:98:76:bd:61:5d:6e:9a:34:
10:32:c8:f0:0d:56:3f:0d:e6:66:df:88:b4:32:f5:
4d:ad:89:ed:6b:04:fc:c3:35:e5:a0:a9:12:08:ab:
c6:62:63:74:69:55:16:66:1a:0b:46:a2:03:5e:cb:
69:32:c3:6b:f5:cb:ec:3d:6e:01:6a:95:be:e3:f1:
db:c4:96:d2:85:e8:3d:80:6c:23:63:85:81:b8:d2:
13:87:84:62:a7:e9:4e:a7:9e:df:10:27:b5:00:6a:
b9:17:10:fc:94:96:ec:57:75:42:36:c5:37:8b:3c:
52:82:b9:a5:be:1d:df:7f:89:f7:24:9e:26:20:f9:
d3:c8:68:9a:4d:33:81:4b:c4:5e:cb:fc:3d:4f:9d:
06:77:47:5c:26:ad:00:1c:cc:d0:f3:ed:dd:e3:b8:
99:cd:fb:9a:c6:ca:9d:81:10:fc:4b:db:2c:96:c4:
61:9a:e0:26:9b:98:de:29:c4:4c:9a:36:6d:a1:c4:
14:cb:c0:56:91:eb:e8:15:fe:e5:78:ab:ed:de:00:
b6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:D9:FA:35:82:25:9A:24:54:00:91:07:F0:23:E0:3A:3F:EB:D8:D1
X509v3 Authority Key Identifier:
keyid:67:E1:CE:DF:E0:82:6F:0F:97:75:BD:FA:8E:94:25:30:0B:DE:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z-HO3-CCbw-Xdb36jpQlMAvenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/19fa4a-f41d-4baf-b9ea-ec9b75521297/1/Z-HO3-CCbw-Xdb36jpQlMAvenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:49:18:ea:49:64:df:6a:ac:f7:9e:32:f9:37:71:4b:07:09:
1e:62:40:8b:f2:87:a7:f0:29:66:56:3a:06:be:bf:35:e0:53:
26:c7:7f:d3:5a:81:f4:dc:46:dc:3e:7a:1f:48:53:f1:01:ed:
f8:76:75:1c:5a:0b:16:57:b6:a0:55:e9:4a:1c:10:60:d4:6a:
6f:04:19:3c:d7:74:70:2f:36:70:de:a4:18:85:d1:7e:73:16:
ba:e0:83:ea:42:55:61:56:b2:c7:1e:79:dd:7b:3e:b0:11:93:
0e:23:87:2a:79:08:9e:55:84:23:23:84:f2:3e:ac:6a:e2:c1:
d2:a1:3e:70:a7:9e:0d:c6:3d:8c:9d:35:60:e7:c4:d6:bd:42:
cd:f0:73:53:7f:7e:ac:fe:61:27:74:4a:5f:31:cf:3e:a9:52:
f6:cc:38:06:5f:0f:c9:77:09:c3:8a:60:3d:91:ce:4b:71:17:
f1:c0:20:1d:a8:6d:b5:89:f2:a5:f0:13:a1:09:99:af:73:35:
29:9d:36:ed:fe:06:6a:94:62:34:8d:72:98:28:47:4b:61:ff:
97:7c:f4:fd:48:60:64:04:5e:7c:08:ab:23:e1:37:49:d5:93:
f5:f0:f9:7f:dc:96:9b:85:f5:42:d3:52:9c:2f:28:2a:70:93:
46:d5:64:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4Y/VY50bLEJFW33TpHjNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3ZTFjZWRmZTA4MjZmMGY5Nzc1YmRmYThlOTQyNTMwMGJk
ZTlmMTMwHhcNMjUxMTA0MDgwMDE5WhcNMjUxMTA1MDgwMDE5WjAzMTEwLwYDVQQD
Eyg4Y2Q5ZmEzNTgyMjU5YTI0NTQwMDkxMDdmMDIzZTAzYTNmZWJkOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+JU1hRIM5ZA4Js3BzWgDrNoMA6V
m9jsj6g286/yRiAFZM5uOL8Iw11HaG6abXrJrhwPmHa9YV1umjQQMsjwDVY/DeZm
34i0MvVNrYntawT8wzXloKkSCKvGYmN0aVUWZhoLRqIDXstpMsNr9cvsPW4BapW+
4/HbxJbSheg9gGwjY4WBuNITh4Rip+lOp57fECe1AGq5FxD8lJbsV3VCNsU3izxS
grmlvh3ff4n3JJ4mIPnTyGiaTTOBS8Rey/w9T50Gd0dcJq0AHMzQ8+3d47iZzfua
xsqdgRD8S9sslsRhmuAmm5jeKcRMmjZtocQUy8BWkevoFf7leKvt3gC2hQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIzZ+jWCJZokVACRB/Aj4Do/69jRMB8GA1UdIwQY
MBaAFGfhzt/ggm8Pl3W9+o6UJTAL3p8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEt
ZWM5Yjc1NTIxMjk3LzEvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8xOWZhNGEtZjQxZC00YmFmLWI5ZWEtZWM5Yjc1NTIxMjk3
LzEvWi1ITzMtQ0Nidy1YZGIzNmpwUWxNQXZlbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcEkY6klk
32qs954y+TdxSwcJHmJAi/KHp/ApZlY6Br6/NeBTJsd/01qB9NxG3D56H0hT8QHt
+HZ1HFoLFle2oFXpShwQYNRqbwQZPNd0cC82cN6kGIXRfnMWuuCD6kJVYVayxx55
3Xs+sBGTDiOHKnkInlWEIyOE8j6sauLB0qE+cKeeDcY9jJ01YOfE1r1CzfBzU39+
rP5hJ3RKXzHPPqlS9sw4Bl8PyXcJw4pgPZHOS3EX8cAgHahttYnypfAToQmZr3M1
KZ027f4GapRiNI1ymChHS2H/l3z0/UhgZARefAirI+E3SdWT9fD5f9yWm4X1QtNS
nC8oKnCTRtVk5Q==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:38:08 2025 by rpki-client