Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json)
Hash identifier: vFR6z/9Tl7hjRS4GF5H7vKej2vfDSWawXD1b6wFKugw=
Subject key identifier: EB:82:24:F7:CC:04:C3:B8:71:16:09:4D:9F:6D:5A:D9:4F:A3:0F:58
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 01988A32C3D809DFA701B03F6C90EAA33CB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
Manifest number: 1623
Signing time: Fri 08 Aug 2025 15:00:39 +0000
Manifest this update: Fri 08 Aug 2025 15:00:39 +0000
Manifest next update: Sat 09 Aug 2025 15:00:39 +0000
Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=)
2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: OXdlc5jZKqC5tf4Sc0WdB6QWoRSjjXVPq+1BEx8oy4c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 15:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8a:32:c3:d8:09:df:a7:01:b0:3f:6c:90:ea:a3:3c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Aug 8 15:00:39 2025 GMT
Not After : Aug 9 15:00:39 2025 GMT
Subject: CN=eb8224f7cc04c3b87116094d9f6d5ad94fa30f58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9e:f5:5f:29:53:21:92:06:22:af:ca:c7:c5:
ff:f2:df:73:f0:55:db:0b:d4:db:dc:cd:07:6a:c1:
f5:cc:ba:a2:5c:8d:7c:16:94:f2:66:c9:4e:ed:a4:
af:ac:b2:c4:10:11:68:76:dc:c4:49:48:2a:72:77:
36:af:a6:d9:3c:23:cc:01:2f:4a:31:c0:c3:dd:35:
62:fd:73:b9:58:f3:2e:6c:d0:5e:73:ff:f6:ed:ba:
9d:fd:cb:7e:3d:a4:67:5e:9e:c3:9e:ca:1e:4e:28:
fb:da:a3:70:d5:6d:96:a8:fd:c1:94:c0:dd:a2:9c:
4d:24:ac:d0:d5:e1:07:06:d5:15:88:1d:3f:f9:9c:
df:7f:a8:e0:63:3d:13:f4:27:9a:5d:aa:a0:6b:79:
dc:76:e6:d8:01:9c:21:9b:c7:5d:fd:26:fc:8b:11:
fe:42:dc:06:01:c5:95:bf:59:b2:fe:0d:a0:60:30:
25:08:b4:51:16:b6:ba:c2:db:a4:c8:f1:95:b1:1b:
3a:fa:4c:1f:fc:ad:b3:8e:a2:dd:96:6b:4e:f3:8e:
c1:c1:0f:64:50:b0:f3:34:f9:e2:fb:f7:bd:54:46:
18:35:c1:d9:43:e3:2a:88:80:16:a3:88:61:36:90:
f9:fe:28:86:63:5e:8a:a4:81:a4:9d:06:64:81:45:
10:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:82:24:F7:CC:04:C3:B8:71:16:09:4D:9F:6D:5A:D9:4F:A3:0F:58
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
46:1a:96:2a:2f:d3:76:be:9e:96:f2:6d:af:c1:f2:82:fb:24:
a4:59:97:5d:df:f2:ea:33:78:25:a2:f0:c8:56:5b:af:ea:7e:
f4:af:21:1e:79:98:de:3d:1c:b2:31:c8:5d:2b:e9:63:9a:0b:
05:47:59:51:a5:7b:db:84:90:2b:7f:5b:74:78:1e:bf:24:8c:
89:d9:be:2c:39:20:53:58:f9:24:74:4e:5f:86:20:f8:f5:f2:
7e:36:8a:4b:af:77:44:73:9b:bd:5b:4e:51:74:d9:4f:04:28:
7f:4b:65:fc:8c:e6:ad:ed:5c:97:2e:7b:29:c3:c1:b6:13:5b:
1b:68:43:94:2e:7a:32:98:18:ef:f5:61:02:34:10:d1:15:f2:
6c:22:f3:48:6e:7c:2c:ed:bf:70:46:eb:60:bb:df:f8:85:2a:
1e:6e:24:ac:88:48:25:2e:77:d2:84:5e:a0:99:d3:4d:02:f1:
e6:c8:0c:15:71:e4:af:e5:e8:ba:21:40:80:89:74:7c:6a:b1:
e1:c0:1c:70:e4:76:e8:91:3c:c3:c7:83:77:ab:11:e5:fe:ea:
1a:00:94:89:78:b4:d6:20:5c:9a:37:43:2e:27:ae:4a:6f:1f:
88:5d:b2:c4:e6:fe:bb:de:9e:aa:b2:0e:4a:b8:66:d8:c7:cd:
57:45:37:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiKMsPYCd+nAbA/bJDqozy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjUwODA4MTUwMDM5WhcNMjUwODA5MTUwMDM5WjAzMTEwLwYDVQQD
EyhlYjgyMjRmN2NjMDRjM2I4NzExNjA5NGQ5ZjZkNWFkOTRmYTMwZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp71XylTIZIGIq/Kx8X/8t9z8FXb
C9Tb3M0HasH1zLqiXI18FpTyZslO7aSvrLLEEBFodtzESUgqcnc2r6bZPCPMAS9K
McDD3TVi/XO5WPMubNBec//27bqd/ct+PaRnXp7DnsoeTij72qNw1W2WqP3BlMDd
opxNJKzQ1eEHBtUViB0/+Zzff6jgYz0T9CeaXaqga3ncdubYAZwhm8dd/Sb8ixH+
QtwGAcWVv1my/g2gYDAlCLRRFra6wtukyPGVsRs6+kwf/K2zjqLdlmtO847BwQ9k
ULDzNPni+/e9VEYYNcHZQ+MqiIAWo4hhNpD5/iiGY16KpIGknQZkgUUQkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOuCJPfMBMO4cRYJTZ9tWtlPow9YMB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARhqWKi/T
dr6elvJtr8HygvskpFmXXd/y6jN4JaLwyFZbr+p+9K8hHnmY3j0csjHIXSvpY5oL
BUdZUaV724SQK39bdHgevySMidm+LDkgU1j5JHROX4Yg+PXyfjaKS693RHObvVtO
UXTZTwQof0tl/Izmre1cly57KcPBthNbG2hDlC56MpgY7/VhAjQQ0RXybCLzSG58
LO2/cEbrYLvf+IUqHm4krIhIJS530oReoJnTTQLx5sgMFXHkr+XouiFAgIl0fGqx
4cAccOR26JE8w8eDd6sR5f7qGgCUiXi01iBcmjdDLieuSm8fiF2yxOb+u96eqrIO
Srhm2MfNV0U3iQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 01:00:03 2025 by rpki-client