Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: +w9hjChDehA5jGhDdWT/6VRVcjtKEk9rurHibgMCGd0=
Subject key identifier: F2:8D:D6:74:B6:80:CC:2F:ED:CF:66:50:AE:D9:6E:DF:D4:BB:1A:9A
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 01977609E1075B87B49FC800C75F013DB3F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1594
Signing time: Mon 16 Jun 2025 00:00:48 +0000
Manifest this update: Mon 16 Jun 2025 00:00:48 +0000
Manifest next update: Tue 17 Jun 2025 00:00:48 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: MfUUmpVs9cYmdxWHLXTDoAAGlOiZzWhKJLocB3EgBZM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 20:59:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:76:09:e1:07:5b:87:b4:9f:c8:00:c7:5f:01:3d:b3:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Jun 16 00:00:48 2025 GMT
Not After : Jun 17 00:00:48 2025 GMT
Subject: CN=f28dd674b680cc2fedcf6650aed96edfd4bb1a9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:04:c4:7f:6d:8e:03:b1:70:d7:40:8c:09:35:
74:73:6c:70:3b:c9:e1:01:a7:ff:06:fe:92:ef:34:
25:46:52:13:99:e0:3e:7b:59:91:c8:d7:11:84:10:
c1:9d:92:24:9f:4c:6a:41:ba:66:e7:57:02:fc:1e:
de:b8:e5:d2:f3:aa:f7:51:ce:f2:95:e1:16:93:56:
b1:01:24:5f:75:0c:10:4a:ae:1f:c0:9a:b9:41:19:
84:b7:5a:d4:1d:2a:1d:9c:2c:54:8b:3c:ca:46:dc:
da:bf:47:34:88:ff:83:61:d4:0d:36:39:27:e3:50:
ed:e8:d9:59:05:16:77:aa:ca:61:14:20:96:16:05:
68:59:02:cb:fe:3d:34:ff:75:5f:71:8c:52:4f:4e:
2d:a1:34:40:47:f1:85:4b:a6:4e:67:8f:6c:28:d5:
06:a1:1f:c4:b2:a0:a9:e2:6a:7f:81:08:cc:6d:3e:
87:9b:27:99:eb:9b:8b:24:20:7f:e7:a3:f1:b7:47:
50:d9:d9:05:e6:9d:10:29:3b:c7:8a:97:cd:dc:97:
71:34:26:33:ed:ea:7d:9a:ae:00:0a:a5:75:6e:0b:
ca:c8:ae:f0:42:c7:e8:b4:b1:a0:9a:43:ff:5f:00:
3d:2f:ec:1f:5e:ba:2b:64:7d:6f:6f:3d:0d:15:51:
30:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:8D:D6:74:B6:80:CC:2F:ED:CF:66:50:AE:D9:6E:DF:D4:BB:1A:9A
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:de:27:e4:29:b6:c9:d3:02:41:29:24:9d:ff:0f:29:71:07:
32:74:a4:50:bd:23:74:11:b9:c0:e0:15:e9:ca:e0:b2:a0:06:
28:bb:55:34:63:00:38:28:e7:70:2b:4e:ab:b0:69:94:62:53:
f2:b5:0f:98:47:dc:f2:1c:70:0e:f7:4c:88:c8:8c:ad:a7:07:
a1:7f:4c:2b:8a:66:e9:1c:ff:ab:3f:b9:99:03:6e:40:55:ee:
08:d6:06:e8:2c:6a:15:0c:71:a0:41:c2:a5:65:42:98:d2:44:
25:e7:4b:a2:e7:5c:ad:00:42:f7:cf:e0:72:bf:cb:99:20:22:
cf:d0:ab:79:45:34:f9:22:c5:32:9c:46:84:f0:82:0e:b4:7f:
d1:40:20:34:86:f9:68:85:e7:f5:c7:54:fc:a3:89:18:66:8b:
b9:58:ae:b9:2a:be:57:00:4f:03:d6:ae:fa:a8:c0:4a:3d:65:
39:e1:7d:c9:cd:1e:1d:be:05:87:72:ac:fc:10:8b:74:ad:7e:
79:7d:49:8f:60:4c:19:ca:ab:f1:0c:34:e5:c2:a5:14:06:44:
b0:7a:47:48:26:6e:e2:d3:d3:24:45:0c:c3:10:93:47:ef:50:
3d:9c:d1:64:a7:3c:b2:d1:94:5a:15:af:24:26:77:85:f6:ef:
2f:1d:ad:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZd2CeEHW4e0n8gAx18BPbP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwNjE2MDAwMDQ4WhcNMjUwNjE3MDAwMDQ4WjAzMTEwLwYDVQQD
EyhmMjhkZDY3NGI2ODBjYzJmZWRjZjY2NTBhZWQ5NmVkZmQ0YmIxYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuATEf22OA7Fw10CMCTV0c2xwO8nh
Aaf/Bv6S7zQlRlITmeA+e1mRyNcRhBDBnZIkn0xqQbpm51cC/B7euOXS86r3Uc7y
leEWk1axASRfdQwQSq4fwJq5QRmEt1rUHSodnCxUizzKRtzav0c0iP+DYdQNNjkn
41Dt6NlZBRZ3qsphFCCWFgVoWQLL/j00/3VfcYxST04toTRAR/GFS6ZOZ49sKNUG
oR/EsqCp4mp/gQjMbT6HmyeZ65uLJCB/56Pxt0dQ2dkF5p0QKTvHipfN3JdxNCYz
7ep9mq4ACqV1bgvKyK7wQsfotLGgmkP/XwA9L+wfXrorZH1vbz0NFVEwWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKN1nS2gMwv7c9mUK7Zbt/UuxqaMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANN4n5Cm2
ydMCQSkknf8PKXEHMnSkUL0jdBG5wOAV6crgsqAGKLtVNGMAOCjncCtOq7BplGJT
8rUPmEfc8hxwDvdMiMiMracHoX9MK4pm6Rz/qz+5mQNuQFXuCNYG6CxqFQxxoEHC
pWVCmNJEJedLoudcrQBC98/gcr/LmSAiz9CreUU0+SLFMpxGhPCCDrR/0UAgNIb5
aIXn9cdU/KOJGGaLuViuuSq+VwBPA9au+qjASj1lOeF9yc0eHb4Fh3Ks/BCLdK1+
eX1Jj2BMGcqr8Qw05cKlFAZEsHpHSCZu4tPTJEUMwxCTR+9QPZzRZKc8stGUWhWv
JCZ3hfbvLx2tOw==
-----END CERTIFICATE-----
Generated at Mon Jun 16 05:48:51 2025 by rpki-client