Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json)
Hash identifier: 742Oykk1qFzPfMwY+Cseunu/REfg+23G7o0eQadN8NE=
Subject key identifier: C0:52:39:58:9D:6E:37:C2:8D:A4:E6:38:C9:21:93:B1:77:E3:74:C9
Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Certificate serial: 019A4F997B6191B42ADE707687381D4A956C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
Manifest number: 0AA6
Signing time: Tue 04 Nov 2025 16:00:49 +0000
Manifest this update: Tue 04 Nov 2025 16:00:49 +0000
Manifest next update: Wed 05 Nov 2025 16:00:49 +0000
Files and hashes: 1: CXaycMVQIz4mD7AGkHky2lc1t_E.roa (hash: XQ8QKr5tV5GANcYht5PHTQQD2/hz4d9yrWShPJMOBBM=)
2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: 7K/GlLldaQylcp+ZC1VCYdN7tHB3gC/vL72Vz3BrD1Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:99:7b:61:91:b4:2a:de:70:76:87:38:1d:4a:95:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6
Validity
Not Before: Nov 4 16:00:49 2025 GMT
Not After : Nov 5 16:00:49 2025 GMT
Subject: CN=c05239589d6e37c28da4e638c92193b177e374c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d9:50:53:45:98:26:59:8c:a0:8e:6f:4b:59:
b0:d0:f4:22:eb:29:7e:d2:d9:b0:a8:a9:68:e1:f3:
55:a7:c4:02:e6:80:0c:6a:66:2f:df:a0:0e:bd:61:
87:9a:ac:c9:ea:f9:7c:47:4c:1e:28:a4:63:89:14:
ba:6a:17:2a:ef:3a:c2:0d:a9:36:a6:ef:6d:d7:0d:
0d:b8:3a:3b:c5:1d:58:43:2d:1a:80:b4:07:dd:25:
a8:8e:02:46:cf:56:15:79:bd:d7:e6:1e:04:5a:a4:
d6:44:5f:42:df:27:3f:7a:b5:96:20:52:17:76:14:
2f:be:d6:d4:27:e3:51:1c:66:95:c5:ff:c9:fa:04:
1b:5b:5f:dc:53:e7:e5:e5:ae:0b:b7:d7:66:1f:aa:
0e:b2:b0:1f:32:c3:d1:5f:4b:0d:26:6a:2b:0a:21:
ac:82:cd:0b:2b:f0:09:40:64:c6:d0:46:2e:38:e6:
6c:4f:40:50:7d:56:e4:b6:cf:6e:5a:ae:f5:3b:f3:
1f:ca:e5:d9:4b:19:2d:0a:4b:be:08:83:77:9f:02:
50:ea:67:0e:e4:71:75:f6:01:25:08:f4:e6:2d:46:
b4:5f:db:a6:bb:33:12:2b:bf:90:6d:bd:d7:db:f7:
73:cc:82:25:31:51:ec:eb:42:09:43:e9:4f:12:8b:
9f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:52:39:58:9D:6E:37:C2:8D:A4:E6:38:C9:21:93:B1:77:E3:74:C9
X509v3 Authority Key Identifier:
keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0c:27:f9:b1:86:5c:3a:3a:e8:33:3e:80:63:4f:f6:4f:1d:ce:
ed:ea:9e:9a:67:02:d0:1f:a5:af:da:d4:ad:9b:61:32:b2:63:
e1:34:14:1b:b7:4e:d0:8b:6c:db:2f:fb:91:56:48:0e:7d:5c:
a1:1c:ad:a7:85:9d:ae:f7:07:aa:6b:bb:16:44:2a:1d:f0:a2:
16:17:f3:ca:19:13:69:1c:1b:62:62:f1:e7:9a:14:2d:06:03:
77:6a:c3:58:25:5c:8d:29:fe:71:b8:65:9a:89:2c:d9:ba:fd:
e3:15:38:ed:3a:f6:52:0f:89:8b:48:02:00:a9:38:bc:09:c7:
86:2b:63:6e:23:6b:47:f1:2e:5c:71:62:58:d8:01:ed:57:a5:
2f:bb:d1:9a:77:ff:49:4f:36:dc:3b:6d:3b:0d:29:28:27:f6:
ad:d7:38:4a:21:82:75:1b:ea:64:72:46:5f:06:0e:79:ac:f1:
bb:18:9f:7d:6e:f7:6e:0e:64:3f:59:5c:fd:74:ee:24:6a:96:
2a:ff:db:e9:0d:de:a3:6d:bb:c6:7c:2c:ea:cf:52:7e:f1:ac:
97:8b:63:aa:c3:07:89:c8:30:db:b6:1e:35:12:a7:36:6b:bb:
fd:fe:9f:35:eb:6d:e3:db:ba:be:15:c2:f9:60:7d:2a:c8:d3:
f6:0e:30:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPmXthkbQq3nB2hzgdSpVsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl
NDYxYTYwHhcNMjUxMTA0MTYwMDQ5WhcNMjUxMTA1MTYwMDQ5WjAzMTEwLwYDVQQD
EyhjMDUyMzk1ODlkNmUzN2MyOGRhNGU2MzhjOTIxOTNiMTc3ZTM3NGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9lQU0WYJlmMoI5vS1mw0PQi6yl+
0tmwqKlo4fNVp8QC5oAMamYv36AOvWGHmqzJ6vl8R0weKKRjiRS6ahcq7zrCDak2
pu9t1w0NuDo7xR1YQy0agLQH3SWojgJGz1YVeb3X5h4EWqTWRF9C3yc/erWWIFIX
dhQvvtbUJ+NRHGaVxf/J+gQbW1/cU+fl5a4Lt9dmH6oOsrAfMsPRX0sNJmorCiGs
gs0LK/AJQGTG0EYuOOZsT0BQfVbkts9uWq71O/MfyuXZSxktCku+CIN3nwJQ6mcO
5HF19gElCPTmLUa0X9umuzMSK7+Qbb3X2/dzzIIlMVHs60IJQ+lPEouf+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBSOVidbjfCjaTmOMkhk7F343TJMB8GA1UdIwQY
MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt
ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh
LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADCf5sYZc
OjroMz6AY0/2Tx3O7eqemmcC0B+lr9rUrZthMrJj4TQUG7dO0Its2y/7kVZIDn1c
oRytp4WdrvcHqmu7FkQqHfCiFhfzyhkTaRwbYmLx55oULQYDd2rDWCVcjSn+cbhl
moks2br94xU47Tr2Ug+Ji0gCAKk4vAnHhitjbiNrR/EuXHFiWNgB7VelL7vRmnf/
SU823DttOw0pKCf2rdc4SiGCdRvqZHJGXwYOeazxuxiffW73bg5kP1lc/XTuJGqW
Kv/b6Q3eo227xnws6s9SfvGsl4tjqsMHicgw27YeNRKnNmu7/f6fNett49u6vhXC
+WB9KsjT9g4wMg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:22:10 2025 by rpki-client