Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
File: 5zfJpEKotKTJEvEbwrbTzxAK30I.mft (raw, json)
Hash identifier: 5o0+LteccCjUss6xyg7REI1nkjLjTEUVWPtjOidfX0M=
Subject key identifier: 24:46:55:66:CD:79:C3:88:5A:4C:39:20:25:5D:43:0D:13:4F:60:3F
Authority key identifier: E7:37:C9:A4:42:A8:B4:A4:C9:12:F1:1B:C2:B6:D3:CF:10:0A:DF:42
Certificate issuer: /CN=e737c9a442a8b4a4c912f11bc2b6d3cf100adf42
Certificate serial: 0199228C65DCBD937FC0149BD1FB031B6881
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5zfJpEKotKTJEvEbwrbTzxAK30I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
Manifest number: 1673
Signing time: Sun 07 Sep 2025 05:00:50 +0000
Manifest this update: Sun 07 Sep 2025 05:00:50 +0000
Manifest next update: Mon 08 Sep 2025 05:00:50 +0000
Files and hashes: 1: 5zfJpEKotKTJEvEbwrbTzxAK30I.crl (hash: t+lafkmCYq3hWjRkSZBc19EJtr79nXYxI/JjHBEA/S8=)
2: 9Gaptu7OegDOTWgwtAQ4TQ0AHTI.roa (hash: rkESQzEqL5Foo1j28OK1lOudeGd3GtI+57JqeG8POXM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5zfJpEKotKTJEvEbwrbTzxAK30I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:22:8c:65:dc:bd:93:7f:c0:14:9b:d1:fb:03:1b:68:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e737c9a442a8b4a4c912f11bc2b6d3cf100adf42
Validity
Not Before: Sep 7 05:00:50 2025 GMT
Not After : Sep 8 05:00:50 2025 GMT
Subject: CN=24465566cd79c3885a4c3920255d430d134f603f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f9:e4:bf:c8:59:54:c4:ae:ed:0d:57:e3:9b:
ae:f0:d1:63:46:6b:8a:5c:ea:ea:7f:18:9a:50:bb:
5a:b9:57:da:cb:a9:64:75:5f:cf:66:bb:35:a7:6a:
6a:1f:f5:ff:b1:63:39:57:a4:f1:49:47:be:62:c4:
df:ee:77:10:31:05:5a:6f:57:c5:07:3b:dc:db:ac:
22:83:d9:47:23:9b:07:66:5d:1f:3c:6f:83:6c:95:
2b:1f:7e:fd:80:65:fb:b7:ec:40:f0:75:72:93:46:
ec:0b:f3:0a:c3:33:75:c1:ca:7a:e3:a5:c6:b2:33:
45:47:b9:41:27:8b:31:ea:f6:b3:f8:40:98:83:83:
d6:c5:ab:d7:96:06:d2:80:3f:f5:8e:40:6c:cb:9e:
b0:9a:0d:ef:06:f0:36:cb:82:a8:e7:c5:27:52:c0:
d5:b2:da:0a:20:09:ee:fc:d0:3d:5b:39:a7:2e:46:
51:2a:71:bb:ca:34:98:2c:f5:04:2b:16:4b:92:28:
d7:83:a1:4a:72:76:1a:4f:ef:46:09:9f:ac:77:0c:
c0:f7:7c:5c:fd:1b:f7:cd:ea:bf:e4:9a:49:a1:18:
20:9a:f4:75:22:c1:2d:dc:00:ef:e7:58:7f:fa:ba:
20:85:c5:ec:dc:7a:3c:5a:b6:cf:8d:a5:38:3f:e0:
cf:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:46:55:66:CD:79:C3:88:5A:4C:39:20:25:5D:43:0D:13:4F:60:3F
X509v3 Authority Key Identifier:
keyid:E7:37:C9:A4:42:A8:B4:A4:C9:12:F1:1B:C2:B6:D3:CF:10:0A:DF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5zfJpEKotKTJEvEbwrbTzxAK30I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/17667e-0219-421e-8412-31f60373a092/1/5zfJpEKotKTJEvEbwrbTzxAK30I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:18:f2:0e:bc:fb:f4:9a:12:c7:97:74:b1:f9:de:23:fc:5c:
72:72:11:f1:d6:0e:fb:e2:92:27:5e:69:28:07:e9:0e:4f:8b:
45:fb:a2:b2:25:a8:cc:f3:20:79:6a:1f:8b:df:38:f9:9d:f1:
1a:1a:dd:2c:e0:4f:96:f3:ca:dc:a9:10:ac:6a:dc:04:8d:93:
2a:25:28:a5:76:7a:93:12:5e:e7:e5:6e:fd:7e:ea:8a:30:26:
a5:d4:9a:16:f6:d9:88:03:26:c0:14:7b:45:5d:53:db:dd:7a:
c5:2a:bc:19:e3:c6:f5:f3:09:a1:7a:77:0c:03:77:47:21:61:
9b:fa:67:0c:63:e6:23:9c:5e:d7:5e:e4:76:00:9f:f8:ee:11:
75:70:0f:c3:b1:07:39:e0:4b:5d:38:1c:f9:10:22:c4:16:2b:
26:9a:5d:d0:0f:f0:9e:59:3b:71:82:22:bb:20:8d:04:26:5e:
68:ef:35:db:34:37:6a:0a:11:83:49:65:da:f1:e8:c3:d8:a1:
d8:8d:cc:1c:7d:22:fb:2f:f0:b9:87:40:cf:e8:c1:82:49:d2:
11:74:4c:b2:f5:ff:8b:55:6c:85:e2:0e:99:8d:49:47:dc:b9:
3e:e8:a7:f1:c2:7d:e3:20:79:20:6a:eb:88:d4:b9:62:36:82:
4c:26:a6:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkijGXcvZN/wBSb0fsDG2iBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MzdjOWE0NDJhOGI0YTRjOTEyZjExYmMyYjZkM2NmMTAw
YWRmNDIwHhcNMjUwOTA3MDUwMDUwWhcNMjUwOTA4MDUwMDUwWjAzMTEwLwYDVQQD
EygyNDQ2NTU2NmNkNzljMzg4NWE0YzM5MjAyNTVkNDMwZDEzNGY2MDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvnkv8hZVMSu7Q1X45uu8NFjRmuK
XOrqfxiaULtauVfay6lkdV/PZrs1p2pqH/X/sWM5V6TxSUe+YsTf7ncQMQVab1fF
Bzvc26wig9lHI5sHZl0fPG+DbJUrH379gGX7t+xA8HVyk0bsC/MKwzN1wcp646XG
sjNFR7lBJ4sx6vaz+ECYg4PWxavXlgbSgD/1jkBsy56wmg3vBvA2y4Ko58UnUsDV
stoKIAnu/NA9WzmnLkZRKnG7yjSYLPUEKxZLkijXg6FKcnYaT+9GCZ+sdwzA93xc
/Rv3zeq/5JpJoRggmvR1IsEt3ADv51h/+roghcXs3Ho8WrbPjaU4P+DPlwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCRGVWbNecOIWkw5ICVdQw0TT2A/MB8GA1UdIwQY
MBaAFOc3yaRCqLSkyRLxG8K2088QCt9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXpmSnBFS290S1RKRXZFYndyYlR6eEFLMzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xNzY2N2UtMDIxOS00MjFlLTg0MTIt
MzFmNjAzNzNhMDkyLzEvNXpmSnBFS290S1RKRXZFYndyYlR6eEFLMzBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xNzY2N2UtMDIxOS00MjFlLTg0MTItMzFmNjAzNzNhMDky
LzEvNXpmSnBFS290S1RKRXZFYndyYlR6eEFLMzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKRjyDrz7
9JoSx5d0sfneI/xccnIR8dYO++KSJ15pKAfpDk+LRfuisiWozPMgeWofi984+Z3x
GhrdLOBPlvPK3KkQrGrcBI2TKiUopXZ6kxJe5+Vu/X7qijAmpdSaFvbZiAMmwBR7
RV1T2916xSq8GePG9fMJoXp3DAN3RyFhm/pnDGPmI5xe117kdgCf+O4RdXAPw7EH
OeBLXTgc+RAixBYrJppd0A/wnlk7cYIiuyCNBCZeaO812zQ3agoRg0ll2vHow9ih
2I3MHH0i+y/wuYdAz+jBgknSEXRMsvX/i1VsheIOmY1JR9y5Puin8cJ94yB5IGrr
iNS5YjaCTCamng==
-----END CERTIFICATE-----
Generated at Sun Sep 7 11:49:49 2025 by rpki-client