Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
File: ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft (raw, json)
Hash identifier: gXTM1taLaG+qzNyFUPd0yZw12nI6nKcGRsGISUpeijM=
Subject key identifier: BB:4B:98:42:72:05:B2:13:02:42:0D:3D:98:C6:A3:32:A3:06:53:74
Authority key identifier: 65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A
Certificate issuer: /CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a
Certificate serial: 019A4DE218DFD5C45D2EA1B005F503217246
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
Manifest number: 13CB
Signing time: Tue 04 Nov 2025 08:00:54 +0000
Manifest this update: Tue 04 Nov 2025 08:00:54 +0000
Manifest next update: Wed 05 Nov 2025 08:00:54 +0000
Files and hashes: 1: ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl (hash: czL5sDUnYT9Gv5kKJFMxyLRh/rroJoZM9rezNpg6pTg=)
2: cD0i6eXUEb95MRC9zt2P-QsR-zI.roa (hash: bwRfJD4nIDDz+Ohj/YcPEu2i5IBHAbvcA7uyG/Ew8EE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:18:df:d5:c4:5d:2e:a1:b0:05:f5:03:21:72:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a
Validity
Not Before: Nov 4 08:00:54 2025 GMT
Not After : Nov 5 08:00:54 2025 GMT
Subject: CN=bb4b98427205b21302420d3d98c6a332a3065374
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:97:9c:16:4d:34:41:0d:4a:d2:39:07:c0:dc:
42:5f:38:73:09:d3:58:b2:93:ff:8e:df:0d:6c:05:
2b:e2:6a:d8:f6:67:f5:ae:95:0b:4a:2e:1d:9d:67:
0d:ca:27:61:4c:3e:b7:67:72:ce:63:1b:a2:69:2e:
12:68:c1:d1:eb:43:64:fb:a3:29:12:56:0d:e0:5f:
8f:91:a3:28:71:b1:a7:40:1b:b5:70:45:9c:70:c9:
c1:da:a8:57:3e:a2:64:d9:72:89:d2:be:22:cf:f7:
5e:e5:bc:9f:56:14:06:67:33:c5:a1:55:48:50:77:
28:71:34:d7:61:3e:9b:5f:7b:b2:55:a1:2f:68:33:
f5:b0:4e:a4:a4:be:c9:67:67:d6:22:3c:ae:f2:f4:
7a:8e:71:b7:93:40:1d:10:96:01:1e:f6:19:61:a8:
e1:f9:bb:8a:bb:e9:c1:d3:91:71:fe:78:10:f7:c0:
bd:22:2e:bc:3d:8e:2a:9a:c5:ce:47:8c:11:1e:23:
4c:33:0a:62:a3:2b:3c:da:cc:7e:b2:ec:09:39:dd:
d5:9f:2b:cd:9e:85:42:1b:46:27:fb:4f:9b:f2:4e:
31:00:60:b7:b3:33:bd:a3:6b:f3:0f:ca:05:71:86:
06:f7:9c:00:4e:26:f4:2b:52:88:11:30:00:26:56:
59:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4B:98:42:72:05:B2:13:02:42:0D:3D:98:C6:A3:32:A3:06:53:74
X509v3 Authority Key Identifier:
keyid:65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:e5:9d:03:8a:6f:93:e2:3d:e0:d3:3d:e3:1a:3a:25:e9:d9:
e9:a6:e5:bc:bd:d9:d1:e5:66:4e:7d:ce:2a:37:ae:6a:5f:c1:
35:d7:ed:fe:70:92:eb:b1:00:92:e3:05:ea:f0:aa:68:fb:e7:
dc:bc:36:4f:48:1c:3c:4a:a8:46:b8:32:77:74:3d:5f:7f:37:
31:0b:31:24:05:b7:e8:ba:36:5c:22:7d:50:83:30:d3:e6:79:
96:60:30:d8:1f:2a:0a:82:60:4b:e8:de:7b:db:62:78:32:95:
95:bc:03:26:73:ad:10:2f:ea:3e:8d:2a:a0:4b:0f:1a:ec:9b:
16:80:07:3e:b2:ad:82:e8:25:cf:e7:81:bb:e4:23:c9:8c:93:
1d:c0:bd:da:9d:44:1f:55:b9:bc:7c:7e:c5:fa:ef:3a:2a:8a:
42:c3:a3:90:1d:8b:15:d4:95:ca:ef:87:73:74:fb:d7:56:ba:
7a:33:eb:3f:d1:8e:59:84:6f:0b:e6:bc:65:7b:c6:0e:2b:48:
f6:2c:7d:74:79:46:c9:39:d1:46:25:f8:c4:56:ba:c9:bb:aa:
b1:cb:bc:56:76:74:05:14:cd:3d:74:6d:29:cb:88:8a:43:c7:
61:8f:51:29:41:bc:e5:9e:b9:83:11:ca:1e:b8:9a:4a:da:fa:
af:fa:51:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4hjf1cRdLqGwBfUDIXJGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDY2MzI5NTc2YzljMDFiM2NkODI4NWY0YjU0YjAxNzBk
OGMzOWEwHhcNMjUxMTA0MDgwMDU0WhcNMjUxMTA1MDgwMDU0WjAzMTEwLwYDVQQD
EyhiYjRiOTg0MjcyMDViMjEzMDI0MjBkM2Q5OGM2YTMzMmEzMDY1Mzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5ecFk00QQ1K0jkHwNxCXzhzCdNY
spP/jt8NbAUr4mrY9mf1rpULSi4dnWcNyidhTD63Z3LOYxuiaS4SaMHR60Nk+6Mp
ElYN4F+PkaMocbGnQBu1cEWccMnB2qhXPqJk2XKJ0r4iz/de5byfVhQGZzPFoVVI
UHcocTTXYT6bX3uyVaEvaDP1sE6kpL7JZ2fWIjyu8vR6jnG3k0AdEJYBHvYZYajh
+buKu+nB05Fx/ngQ98C9Ii68PY4qmsXOR4wRHiNMMwpioys82sx+suwJOd3VnyvN
noVCG0Yn+0+b8k4xAGC3szO9o2vzD8oFcYYG95wATib0K1KIETAAJlZZiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLtLmEJyBbITAkINPZjGozKjBlN0MB8GA1UdIwQY
MBaAFGXWYylXbJwBs82ChfS1SwFw2MOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgt
MWU2NjUwNTEzMWNhLzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgtMWU2NjUwNTEzMWNh
LzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeuWdA4pv
k+I94NM94xo6JenZ6ablvL3Z0eVmTn3OKjeual/BNdft/nCS67EAkuMF6vCqaPvn
3Lw2T0gcPEqoRrgyd3Q9X383MQsxJAW36Lo2XCJ9UIMw0+Z5lmAw2B8qCoJgS+je
e9tieDKVlbwDJnOtEC/qPo0qoEsPGuybFoAHPrKtguglz+eBu+QjyYyTHcC92p1E
H1W5vHx+xfrvOiqKQsOjkB2LFdSVyu+Hc3T711a6ejPrP9GOWYRvC+a8ZXvGDitI
9ix9dHlGyTnRRiX4xFa6ybuqscu8VnZ0BRTNPXRtKcuIikPHYY9RKUG85Z65gxHK
HriaStr6r/pRJQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:36 2025 by rpki-client