Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
File: 5zfJpEKotKTJEvEbwrbTzxAK30I.mft (raw, json)
Hash identifier: VZreVSIfzzpWU5mbi7IsG8DOfWz0NRmFXCizF5uktlA=
Subject key identifier: 71:82:45:9A:B5:C5:C7:BB:A1:E5:CD:F0:83:E0:B3:19:1D:0C:F1:A2
Authority key identifier: E7:37:C9:A4:42:A8:B4:A4:C9:12:F1:1B:C2:B6:D3:CF:10:0A:DF:42
Certificate issuer: /CN=e737c9a442a8b4a4c912f11bc2b6d3cf100adf42
Certificate serial: 019A7293E510EDEA8F792EBF6F1838D61994
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5zfJpEKotKTJEvEbwrbTzxAK30I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 11:01:26 +0000
Manifest this update: Tue 11 Nov 2025 11:01:26 +0000
Manifest next update: Wed 12 Nov 2025 11:01:26 +0000
Files and hashes: 1: 5zfJpEKotKTJEvEbwrbTzxAK30I.crl (hash: xaVgUKOFtwYxSqKbVnTHznZR58JJ8/0QcGc+lk86RnE=)
2: 9Gaptu7OegDOTWgwtAQ4TQ0AHTI.roa (hash: rkESQzEqL5Foo1j28OK1lOudeGd3GtI+57JqeG8POXM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5zfJpEKotKTJEvEbwrbTzxAK30I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:e5:10:ed:ea:8f:79:2e:bf:6f:18:38:d6:19:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e737c9a442a8b4a4c912f11bc2b6d3cf100adf42
Validity
Not Before: Nov 11 11:01:26 2025 GMT
Not After : Nov 12 11:01:26 2025 GMT
Subject: CN=7182459ab5c5c7bba1e5cdf083e0b3191d0cf1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:09:dc:ec:26:fb:a5:23:5c:81:bf:c7:44:05:
7c:8b:6c:96:ee:11:10:c5:57:a2:da:99:cf:11:93:
8e:d1:81:06:67:83:e6:14:ca:ae:ab:c5:fc:be:a4:
79:4b:ed:c6:b4:f1:42:ca:5a:23:9d:d7:4b:4f:50:
ba:86:00:8c:0c:d7:a3:d9:dc:bb:2d:1f:10:81:1d:
50:d8:24:f1:79:42:c9:92:4e:7f:53:b6:03:b9:8a:
8e:fd:64:c7:2c:3e:95:32:80:6e:50:2d:94:dc:f8:
9b:c3:61:27:8c:a1:92:e9:56:54:f7:3d:7d:60:be:
28:4c:a9:43:6f:41:44:96:22:b6:46:ef:37:4a:e7:
61:2d:eb:bc:15:2c:e4:c7:33:9d:55:c8:d9:61:5d:
d8:a8:9d:7a:c9:97:af:bd:89:af:08:76:e2:f4:0b:
4d:b2:0d:21:6b:f9:ee:af:e1:b2:2d:fd:17:f7:e8:
99:ef:87:0a:50:d7:8d:f3:d0:48:67:4c:18:60:6a:
6d:f5:88:bb:36:c1:fd:ca:b7:a3:1c:79:bb:e7:a7:
95:cc:93:3f:51:f5:bd:e1:90:b7:ef:7e:17:8a:34:
77:dc:fb:3c:70:af:ec:0f:62:fe:96:ab:67:f7:aa:
c7:9d:ad:94:39:48:00:7e:33:85:51:98:d7:56:43:
0a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:82:45:9A:B5:C5:C7:BB:A1:E5:CD:F0:83:E0:B3:19:1D:0C:F1:A2
X509v3 Authority Key Identifier:
keyid:E7:37:C9:A4:42:A8:B4:A4:C9:12:F1:1B:C2:B6:D3:CF:10:0A:DF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zfJpEKotKTJEvEbwrbTzxAK30I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:14:3e:2b:8e:3d:98:54:7b:6e:50:f8:4c:66:43:61:c6:01:
0d:33:7b:93:00:2c:d9:e2:c5:8c:ef:2a:f7:19:a4:7f:c3:fa:
e6:53:10:df:f3:02:0e:30:cf:98:17:87:09:6f:0c:e4:e4:42:
0a:a3:85:63:47:94:8a:f8:d8:1b:7c:f5:81:97:a5:82:22:25:
fc:75:ef:e1:b7:1c:a2:97:f9:cc:4b:c5:b1:3c:0a:6d:eb:fb:
f4:be:54:6b:2d:0f:f7:ae:5c:6e:37:5c:22:d7:6f:a6:d0:64:
85:34:cc:4f:06:48:2f:b5:f5:2a:4b:c1:ce:00:f5:83:6f:f6:
37:12:b9:64:36:72:e9:02:3a:79:a3:d3:7f:de:05:88:2a:b7:
7e:57:c7:96:49:b6:42:45:d5:e0:f3:58:0c:8a:95:37:bc:bd:
46:e1:a8:d9:e9:85:0e:4b:76:1f:1c:b3:ca:04:84:96:89:8f:
07:49:b1:9e:57:23:fa:af:1c:59:b7:db:7a:79:f2:b2:59:84:
d2:d4:5b:19:1c:a0:56:0b:c8:a2:e7:89:8b:1b:61:07:e6:ef:
06:1b:0a:37:16:78:d0:20:5d:c7:28:72:e5:31:1f:eb:02:54:
4c:7e:f3:2f:70:a2:69:74:a0:d1:2b:09:1d:cb:73:81:0e:2b:
4d:94:6d:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+UQ7eqPeS6/bxg41hmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzdjOWE0NDJhOGI0YTRjOTEyZjExYmMyYjZkM2NmMTAw
YWRmNDIwHhcNMjUxMTExMTEwMTI2WhcNMjUxMTEyMTEwMTI2WjAzMTEwLwYDVQQD
Eyg3MTgyNDU5YWI1YzVjN2JiYTFlNWNkZjA4M2UwYjMxOTFkMGNmMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgnc7Cb7pSNcgb/HRAV8i2yW7hEQ
xVei2pnPEZOO0YEGZ4PmFMquq8X8vqR5S+3GtPFCylojnddLT1C6hgCMDNej2dy7
LR8QgR1Q2CTxeULJkk5/U7YDuYqO/WTHLD6VMoBuUC2U3Pibw2EnjKGS6VZU9z19
YL4oTKlDb0FEliK2Ru83SudhLeu8FSzkxzOdVcjZYV3YqJ16yZevvYmvCHbi9AtN
sg0ha/nur+GyLf0X9+iZ74cKUNeN89BIZ0wYYGpt9Yi7NsH9yrejHHm756eVzJM/
UfW94ZC3734XijR33Ps8cK/sD2L+lqtn96rHna2UOUgAfjOFUZjXVkMKrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHGCRZq1xce7oeXN8IPgsxkdDPGiMB8GA1UdIwQY
MBaAFOc3yaRCqLSkyRLxG8K2088QCt9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpmSnBFS290S1RKRXZFYndyYlR6eEFLMzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xNzY2N2UtMDIxOS00MjFlLTg0MTIt
MzFmNjAzNzNhMDkyLzEvNXpmSnBFS290S1RKRXZFYndyYlR6eEFLMzBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xNzY2N2UtMDIxOS00MjFlLTg0MTItMzFmNjAzNzNhMDky
LzEvNXpmSnBFS290S1RKRXZFYndyYlR6eEFLMzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexQ+K449
mFR7blD4TGZDYcYBDTN7kwAs2eLFjO8q9xmkf8P65lMQ3/MCDjDPmBeHCW8M5ORC
CqOFY0eUivjYG3z1gZelgiIl/HXv4bccopf5zEvFsTwKbev79L5Uay0P965cbjdc
ItdvptBkhTTMTwZIL7X1KkvBzgD1g2/2NxK5ZDZy6QI6eaPTf94FiCq3flfHlkm2
QkXV4PNYDIqVN7y9RuGo2emFDkt2HxyzygSElomPB0mxnlcj+q8cWbfbennyslmE
0tRbGRygVgvIoueJixthB+bvBhsKNxZ40CBdxyhy5TEf6wJUTH7zL3CiaXSg0SsJ
HctzgQ4rTZRteg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:32 2025 by rpki-client