Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
File: zl1FYESPeKTc3LeRoH2tIWOgjN8.mft (raw, json)
Hash identifier: FVwCcxYx3WRvsrkv9aM3F8jgxNhl37C0YqRfRBxfvlo=
Subject key identifier: CF:13:91:51:4B:56:6B:29:7C:2F:99:22:93:6F:FA:08:D2:7D:DF:39
Authority key identifier: CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF
Certificate issuer: /CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf
Certificate serial: 019A54BF6349A2C55E8F4355E66A54DE4B12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
Manifest number: 16A3
Signing time: Wed 05 Nov 2025 16:00:20 +0000
Manifest this update: Wed 05 Nov 2025 16:00:20 +0000
Manifest next update: Thu 06 Nov 2025 16:00:20 +0000
Files and hashes: 1: DnVFEpYRkYdsvx6fTEjYM0mnXYg.roa (hash: Q/XnpIbexx4X2BOItVZgFWxgUIF3KGLUNsRlADlMLPI=)
2: zl1FYESPeKTc3LeRoH2tIWOgjN8.crl (hash: FiZFyXf1I+f0k1kt3L0P5HbMzStJUYhJgh0b0mEYZ7E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:bf:63:49:a2:c5:5e:8f:43:55:e6:6a:54:de:4b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf
Validity
Not Before: Nov 5 16:00:20 2025 GMT
Not After : Nov 6 16:00:20 2025 GMT
Subject: CN=cf1391514b566b297c2f9922936ffa08d27ddf39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cb:6e:75:43:7f:71:c3:bd:f6:a7:7d:92:61:
a0:51:72:b8:f3:e8:72:21:19:b6:a9:f7:e7:c0:ba:
2d:35:18:1d:0d:e8:be:19:47:65:d5:ac:22:8a:f2:
4d:c4:69:e8:49:31:60:fe:d9:aa:e8:05:dd:ee:25:
0e:f8:9f:c7:60:bd:d7:a7:04:80:1b:98:ae:b3:2b:
3c:85:7d:c4:97:6a:8b:ea:04:b3:77:8e:55:b9:ba:
05:4f:6d:f6:87:1a:55:e0:92:98:ca:c6:45:83:38:
b9:2f:ee:cf:c5:28:86:23:5d:66:4f:f5:04:25:67:
dd:2c:3d:18:2f:26:3f:55:18:81:e9:ab:11:7e:ae:
fb:87:cd:b6:46:85:a0:3b:03:0b:7f:14:78:fd:23:
3d:48:5a:c0:09:d2:d9:72:a2:ee:a7:5c:1b:02:f1:
7d:d8:97:39:a3:33:99:5b:b4:07:07:6d:6e:45:7b:
ff:c6:4f:e5:7a:09:68:ec:0f:34:9d:0e:72:0d:23:
c7:99:21:ca:75:0d:48:5f:c1:9b:b3:37:35:cf:10:
5b:1c:92:4a:69:58:73:4f:11:29:26:04:90:57:84:
4e:b8:18:2b:13:26:d9:b4:26:f8:1c:55:31:5f:5e:
ec:9c:77:45:83:08:75:1d:14:95:39:7c:1a:41:1d:
b1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:13:91:51:4B:56:6B:29:7C:2F:99:22:93:6F:FA:08:D2:7D:DF:39
X509v3 Authority Key Identifier:
keyid:CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:6f:51:4e:63:9b:40:4a:93:ef:ac:b2:b0:fb:80:19:a4:48:
97:a8:a3:75:d8:d1:94:dd:f2:0d:43:f6:5f:0a:d0:2d:6c:d6:
a4:a5:7f:bd:6c:33:d2:f6:4e:45:b1:81:d6:17:78:b3:fc:bb:
6d:25:8c:fe:68:d9:5d:3b:01:93:78:5b:3f:19:48:c7:f6:5a:
8f:90:05:0a:9a:bf:12:68:08:59:9a:74:16:61:0c:ea:30:05:
76:24:41:b5:1e:4b:13:d9:f1:39:10:8f:3f:ab:1c:5b:95:4a:
a8:59:32:18:60:af:4a:c0:41:b8:1d:c1:bd:7b:a8:9e:d7:d5:
47:7f:4f:6e:b4:80:c4:21:74:e6:2c:c9:3b:69:87:50:05:c7:
6d:30:50:1f:5f:31:60:b8:a7:1e:bb:2f:39:c8:54:f7:44:a0:
71:95:c2:22:fe:9a:43:36:ea:4a:b7:33:1e:d9:67:0a:be:ac:
cd:f0:59:ba:91:3d:83:4f:36:38:72:ab:22:a8:54:22:8e:80:
80:28:cb:ce:4f:7e:25:a4:06:08:ee:13:ef:7f:1f:75:b8:b6:
95:87:85:91:bb:ce:70:e2:45:08:f0:89:aa:49:7a:c3:ca:fa:
68:a0:14:e7:f6:6a:8a:dc:00:8d:b2:15:a0:86:4e:d7:ab:77:
cb:ba:f1:94
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUv2NJosVej0NV5mpU3ksSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWQ0NTYwNDQ4Zjc4YTRkY2RjYjc5MWEwN2RhZDIxNjNh
MDhjZGYwHhcNMjUxMTA1MTYwMDIwWhcNMjUxMTA2MTYwMDIwWjAzMTEwLwYDVQQD
EyhjZjEzOTE1MTRiNTY2YjI5N2MyZjk5MjI5MzZmZmEwOGQyN2RkZjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApstudUN/ccO99qd9kmGgUXK48+hy
IRm2qffnwLotNRgdDei+GUdl1awiivJNxGnoSTFg/tmq6AXd7iUO+J/HYL3XpwSA
G5iusys8hX3El2qL6gSzd45VuboFT232hxpV4JKYysZFgzi5L+7PxSiGI11mT/UE
JWfdLD0YLyY/VRiB6asRfq77h822RoWgOwMLfxR4/SM9SFrACdLZcqLup1wbAvF9
2Jc5ozOZW7QHB21uRXv/xk/leglo7A80nQ5yDSPHmSHKdQ1IX8Gbszc1zxBbHJJK
aVhzTxEpJgSQV4ROuBgrEybZtCb4HFUxX17snHdFgwh1HRSVOXwaQR2xMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM8TkVFLVmspfC+ZIpNv+gjSfd85MB8GA1UdIwQY
MBaAFM5dRWBEj3ik3Ny3kaB9rSFjoIzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQt
NzhkMTE0NGFkOTY3LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQtNzhkMTE0NGFkOTY3
LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ29RTmOb
QEqT76yysPuAGaRIl6ijddjRlN3yDUP2XwrQLWzWpKV/vWwz0vZORbGB1hd4s/y7
bSWM/mjZXTsBk3hbPxlIx/Zaj5AFCpq/EmgIWZp0FmEM6jAFdiRBtR5LE9nxORCP
P6scW5VKqFkyGGCvSsBBuB3BvXuontfVR39PbrSAxCF05izJO2mHUAXHbTBQH18x
YLinHrsvOchU90SgcZXCIv6aQzbqSrczHtlnCr6szfBZupE9g082OHKrIqhUIo6A
gCjLzk9+JaQGCO4T738fdbi2lYeFkbvOcOJFCPCJqkl6w8r6aKAU5/ZqitwAjbIV
oIZO16t3y7rxlA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:05:56 2025 by rpki-client