Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
File: ZAsfh3LG70hOLNLWYmPy75j6OWg.mft (raw, json)
Hash identifier: D+Vzvhkv5/wy+lVXaCxKDWvLAC8jjsM/DlMH6arhK6E=
Subject key identifier: 9D:F7:01:24:34:80:E2:F4:2D:2D:C7:A0:DD:A2:60:CC:1E:84:F7:8A
Authority key identifier: 64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
Certificate issuer: /CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Certificate serial: 019A503E59BEE15B1CB98617466CB71379C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 19:00:54 +0000
Manifest this update: Tue 04 Nov 2025 19:00:54 +0000
Manifest next update: Wed 05 Nov 2025 19:00:54 +0000
Files and hashes: 1: 5sIyZUUxUKqIAWVgUkx5eBGU5N0.roa (hash: 3M5MqZOHY6IgU/oY5PEX9Quago5F235Gft3ZQVLU+EE=)
2: ZAsfh3LG70hOLNLWYmPy75j6OWg.crl (hash: PZ03lSCdgxHUa5na3fs7KT8+2xUGtcvnh1HH+5XNFIQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3e:59:be:e1:5b:1c:b9:86:17:46:6c:b7:13:79:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968
Validity
Not Before: Nov 4 19:00:54 2025 GMT
Not After : Nov 5 19:00:54 2025 GMT
Subject: CN=9df701243480e2f42d2dc7a0dda260cc1e84f78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:80:01:c1:7f:dd:50:79:69:ba:41:82:16:b8:
09:3e:74:49:14:99:71:e9:ca:f6:74:96:01:05:54:
12:80:1f:b1:d5:b2:1e:5a:bd:83:64:cd:a9:fe:8e:
f1:59:ee:a6:d9:06:7a:fa:f0:be:66:61:b0:dc:2e:
d4:b3:34:80:6a:9e:03:65:f8:f0:6d:3c:00:56:14:
ec:b4:f4:c4:3a:f4:4b:61:3b:4f:49:f0:5f:b9:13:
e1:cd:34:39:9a:c5:41:ba:89:38:82:6e:ad:fa:e9:
bc:96:26:56:c9:4c:ae:ed:7c:2c:05:4e:e1:9b:3a:
dd:05:3a:21:86:29:30:cf:36:33:c6:44:2a:e6:65:
66:5a:21:b5:4e:91:fe:a1:06:b8:fb:26:55:27:90:
87:7d:4e:57:e6:4b:ae:9c:5f:78:a2:24:d1:06:6f:
58:77:62:4c:41:c4:e1:af:3d:2a:6f:50:2f:27:03:
a8:61:aa:a9:ef:a2:48:da:3e:b6:60:b2:c1:33:3d:
7b:45:80:df:39:34:e7:a7:03:bb:2f:fb:77:c8:58:
8b:37:c6:4a:5f:06:2f:29:c4:30:0e:49:03:7c:a1:
df:34:9c:57:68:54:b4:08:01:c0:73:75:62:2c:c8:
b8:2e:ae:bb:ad:9c:e3:a7:6c:0e:a4:fd:16:78:0f:
42:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:F7:01:24:34:80:E2:F4:2D:2D:C7:A0:DD:A2:60:CC:1E:84:F7:8A
X509v3 Authority Key Identifier:
keyid:64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
96:1d:60:d8:4c:4f:ad:13:42:1d:f3:ef:1d:31:0e:21:48:51:
e0:ec:38:1e:b7:15:44:6c:10:06:d8:ee:ac:a0:17:8b:93:c9:
01:e4:d7:f0:f0:ad:e8:fc:92:5b:46:22:52:58:47:e6:b9:fb:
1b:ff:48:ed:78:3d:1d:f8:8e:b1:88:06:ba:37:c9:b0:db:91:
40:e9:3a:65:93:2e:67:1e:83:ff:b3:26:3f:e9:7d:a7:50:61:
4f:db:82:60:41:ae:09:ef:19:66:e7:11:1e:08:76:18:ab:6c:
a6:47:53:29:af:40:69:ae:40:27:05:d2:69:b8:15:84:c6:dd:
21:ac:0b:d8:02:23:05:7f:72:e8:99:43:ea:ed:96:7a:2b:64:
ba:8e:a6:2b:2b:2e:08:2e:14:93:ec:17:c3:52:b1:fc:6c:7a:
67:89:f0:4c:c8:89:41:b6:a6:4b:1d:b0:aa:f3:f7:49:ec:37:
e6:2b:8b:10:f9:78:94:e3:c8:cb:71:05:c7:3c:75:49:c9:be:
fc:2a:af:3e:06:26:42:05:f4:ec:c9:18:e2:1c:1f:cc:71:6e:
71:2f:0a:c2:86:4b:f3:ea:c5:de:3e:2c:43:17:c9:52:9f:fd:
4e:e2:48:c6:1f:23:b0:1f:a0:1d:fe:7b:f3:3f:98:f1:a3:41:
74:f5:aa:48
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPlm+4VscuYYXRmy3E3nAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MGIxZjg3NzJjNmVmNDg0ZTJjZDJkNjYyNjNmMmVmOThm
YTM5NjgwHhcNMjUxMTA0MTkwMDU0WhcNMjUxMTA1MTkwMDU0WjAzMTEwLwYDVQQD
Eyg5ZGY3MDEyNDM0ODBlMmY0MmQyZGM3YTBkZGEyNjBjYzFlODRmNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYABwX/dUHlpukGCFrgJPnRJFJlx
6cr2dJYBBVQSgB+x1bIeWr2DZM2p/o7xWe6m2QZ6+vC+ZmGw3C7UszSAap4DZfjw
bTwAVhTstPTEOvRLYTtPSfBfuRPhzTQ5msVBuok4gm6t+um8liZWyUyu7XwsBU7h
mzrdBTohhikwzzYzxkQq5mVmWiG1TpH+oQa4+yZVJ5CHfU5X5kuunF94oiTRBm9Y
d2JMQcThrz0qb1AvJwOoYaqp76JI2j62YLLBMz17RYDfOTTnpwO7L/t3yFiLN8ZK
XwYvKcQwDkkDfKHfNJxXaFS0CAHAc3ViLMi4Lq67rZzjp2wOpP0WeA9CvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ33ASQ0gOL0LS3HoN2iYMwehPeKMB8GA1UdIwQY
MBaAFGQLH4dyxu9ITizS1mJj8u+Y+jloMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQt
Mzg3YWZhMGE1MzRmLzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQtMzg3YWZhMGE1MzRm
LzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlh1g2ExP
rRNCHfPvHTEOIUhR4Ow4HrcVRGwQBtjurKAXi5PJAeTX8PCt6PySW0YiUlhH5rn7
G/9I7Xg9HfiOsYgGujfJsNuRQOk6ZZMuZx6D/7MmP+l9p1BhT9uCYEGuCe8ZZucR
Hgh2GKtspkdTKa9Aaa5AJwXSabgVhMbdIawL2AIjBX9y6JlD6u2Weitkuo6mKysu
CC4Uk+wXw1Kx/Gx6Z4nwTMiJQbamSx2wqvP3Sew35iuLEPl4lOPIy3EFxzx1Scm+
/CqvPgYmQgX07MkY4hwfzHFucS8KwoZL8+rF3j4sQxfJUp/9TuJIxh8jsB+gHf57
8z+Y8aNBdPWqSA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:41:25 2025 by rpki-client