Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: 4TDpxUgWUbllGEzOvSvwv3Fa6u5wr7jJct0lwNnjyBA=
Subject key identifier: 54:C3:F4:15:56:A0:16:12:6C:21:18:9A:EC:08:B1:80:6B:36:93:08
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 019A4E18F0F6A3ABCF3A93D7C763B136E013
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 09:00:48 +0000
Manifest this update: Tue 04 Nov 2025 09:00:48 +0000
Manifest next update: Wed 05 Nov 2025 09:00:48 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: nvGCqUsKrVQrK5AX2d+oRZ177jyG/hNyeO8yn9m1AaI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:f0:f6:a3:ab:cf:3a:93:d7:c7:63:b1:36:e0:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Nov 4 09:00:48 2025 GMT
Not After : Nov 5 09:00:48 2025 GMT
Subject: CN=54c3f41556a016126c21189aec08b1806b369308
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:aa:7b:ed:26:ea:2e:69:31:5f:fa:17:85:71:
e6:90:3e:ca:d0:78:86:eb:59:7b:9a:fa:bd:7c:ab:
2d:67:64:41:ed:a8:c3:67:a4:73:fd:a2:8c:0a:fe:
6b:2c:c0:6a:68:d2:14:42:d6:6f:f5:48:37:f3:1d:
0c:03:43:58:bc:e1:51:c7:8e:82:3b:fb:f4:71:1d:
c7:cb:9c:bc:b4:64:c4:a3:b6:6c:a1:06:88:5b:79:
d3:1c:59:79:48:4e:c5:64:63:99:1a:32:3d:6d:49:
a8:eb:fc:60:84:d9:e5:cc:79:ae:b4:d2:ff:0a:60:
89:8b:2b:08:04:6e:e3:26:63:c3:5e:77:dd:94:f7:
82:e9:5a:71:ab:85:3f:fb:4d:25:5e:a3:dc:f1:3c:
4c:7c:39:ae:c1:48:44:12:09:9c:5d:22:92:2a:37:
b6:ad:ef:6c:5b:f1:b9:f5:0d:41:e2:bb:66:70:cc:
48:b1:19:84:46:8e:25:50:3a:54:5c:3c:a6:bc:c7:
b6:a8:63:f5:0a:93:90:69:d8:37:e7:54:f7:c8:b1:
fd:fc:e0:7a:4e:8f:97:cd:23:33:d3:d7:f8:93:67:
38:cb:2d:40:af:3c:b0:0d:ae:ac:f2:fb:0b:63:c4:
bf:87:03:e5:c9:26:7e:15:b8:ba:2d:ac:a5:08:b9:
da:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:C3:F4:15:56:A0:16:12:6C:21:18:9A:EC:08:B1:80:6B:36:93:08
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:ab:59:7b:5f:e7:fe:d4:81:8a:53:59:83:ff:04:51:9f:2f:
c1:77:f9:a0:b0:60:82:5e:91:e5:f2:ae:92:90:1a:3f:b9:50:
c2:f5:22:35:ce:71:07:4d:0a:e9:e3:3a:dd:b9:c5:0c:e2:0f:
5e:62:c5:c6:66:52:62:8f:52:41:9f:65:3e:af:7a:26:99:4e:
40:42:76:80:a0:ac:33:b2:dd:8f:6a:cd:70:b1:fd:ac:1e:78:
8e:ff:ac:49:b9:ff:a6:b7:ce:ee:34:b4:f5:dc:21:d9:58:e0:
39:7c:c1:2f:c0:2e:0e:84:07:68:f7:42:b5:19:78:a0:4a:8e:
1c:ee:f9:bc:07:12:e6:d5:2d:8c:4f:be:a4:1d:c6:dc:81:d2:
24:53:b7:04:98:12:f1:41:da:c0:1c:e3:15:e9:9e:ed:56:56:
90:3c:d9:cd:c4:78:91:2c:b4:81:49:7c:bc:ff:b5:a2:f3:e7:
05:16:89:bc:af:eb:05:11:cc:56:f2:44:a4:fa:64:80:51:5c:
ff:45:57:d9:72:d8:3f:71:3f:5b:45:f8:1f:b2:e2:c9:78:3a:
be:73:15:65:8d:b0:c5:90:44:65:41:b6:4f:c4:11:10:76:56:
1f:63:31:4e:15:38:94:24:8e:0e:9e:9e:36:d6:aa:33:82:e4:
c1:6a:5d:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGPD2o6vPOpPXx2OxNuATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUxMTA0MDkwMDQ4WhcNMjUxMTA1MDkwMDQ4WjAzMTEwLwYDVQQD
Eyg1NGMzZjQxNTU2YTAxNjEyNmMyMTE4OWFlYzA4YjE4MDZiMzY5MzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKp77SbqLmkxX/oXhXHmkD7K0HiG
61l7mvq9fKstZ2RB7ajDZ6Rz/aKMCv5rLMBqaNIUQtZv9Ug38x0MA0NYvOFRx46C
O/v0cR3Hy5y8tGTEo7ZsoQaIW3nTHFl5SE7FZGOZGjI9bUmo6/xghNnlzHmutNL/
CmCJiysIBG7jJmPDXnfdlPeC6Vpxq4U/+00lXqPc8TxMfDmuwUhEEgmcXSKSKje2
re9sW/G59Q1B4rtmcMxIsRmERo4lUDpUXDymvMe2qGP1CpOQadg351T3yLH9/OB6
To+XzSMz09f4k2c4yy1ArzywDa6s8vsLY8S/hwPlySZ+Fbi6LaylCLnaKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFTD9BVWoBYSbCEYmuwIsYBrNpMIMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe6tZe1/n
/tSBilNZg/8EUZ8vwXf5oLBggl6R5fKukpAaP7lQwvUiNc5xB00K6eM63bnFDOIP
XmLFxmZSYo9SQZ9lPq96JplOQEJ2gKCsM7Ldj2rNcLH9rB54jv+sSbn/prfO7jS0
9dwh2VjgOXzBL8AuDoQHaPdCtRl4oEqOHO75vAcS5tUtjE++pB3G3IHSJFO3BJgS
8UHawBzjFeme7VZWkDzZzcR4kSy0gUl8vP+1ovPnBRaJvK/rBRHMVvJEpPpkgFFc
/0VX2XLYP3E/W0X4H7LiyXg6vnMVZY2wxZBEZUG2T8QREHZWH2MxThU4lCSODp6e
NtaqM4LkwWpdGA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:49 2025 by rpki-client