Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft
File: MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft (raw, json)
Hash identifier: ItsWdcx5o43oTPDt7qQQIjz1S7ocJSbfBqC/BAViCBU=
Subject key identifier: 65:0C:C9:14:63:9E:EC:F2:82:47:0C:CA:06:DD:CA:81:B4:38:81:BF
Authority key identifier: 31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9
Certificate issuer: /CN=3195f73419e822329794cf17fba7e93f375374a9
Certificate serial: 019A72262CE2D5D51DBD722248C6CBD984DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft
Manifest number: 12C5
Signing time: Tue 11 Nov 2025 09:01:35 +0000
Manifest this update: Tue 11 Nov 2025 09:01:35 +0000
Manifest next update: Wed 12 Nov 2025 09:01:35 +0000
Files and hashes: 1: MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl (hash: 31oUMIqxzKOp7Gw4Qgd26u9DO8K7g0j83PBH9fEEYxg=)
2: SCHcZAvBuEDabGE8ZnvuGrNm6LM.roa (hash: +7HN05BMaB78AnyjOqZ5Q8EXtIVzWFh5zSmSPi10HzA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft
rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:2c:e2:d5:d5:1d:bd:72:22:48:c6:cb:d9:84:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3195f73419e822329794cf17fba7e93f375374a9
Validity
Not Before: Nov 11 09:01:35 2025 GMT
Not After : Nov 12 09:01:35 2025 GMT
Subject: CN=650cc914639eecf282470cca06ddca81b43881bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d5:7b:67:0c:fd:e7:8a:85:e7:05:5b:d1:10:
6d:af:99:63:b1:52:9b:52:0e:dd:c6:9b:f2:ef:45:
1e:8e:67:42:4d:15:a4:7d:2c:02:38:4d:03:64:bb:
4b:e5:04:09:a5:7c:5d:58:6a:98:69:9f:81:5d:81:
0a:79:c2:8a:16:55:b4:2e:0e:21:c9:c4:37:fa:66:
0d:f8:a7:aa:7e:ae:e9:57:82:81:37:e6:a1:b5:58:
82:ad:14:27:84:25:26:30:ca:c0:6f:61:81:9b:55:
64:02:62:e6:d8:8c:9e:02:88:e5:a5:e9:0d:a0:bd:
41:38:fc:64:2a:95:25:90:c2:da:04:48:10:79:fa:
9a:8c:3c:25:f5:21:fe:1f:db:b4:b7:6a:b6:20:c1:
4c:b5:30:a8:fa:f9:0a:8d:c4:2a:d1:25:e3:f5:86:
9c:da:11:82:d1:78:4c:cf:11:5d:23:e4:a6:26:95:
03:6d:07:ac:4b:8f:93:26:a3:a8:74:3a:25:84:dc:
a2:3b:6d:5d:bb:43:11:4e:c1:35:cd:62:ac:73:12:
01:c5:0d:5d:d8:d5:14:0b:98:82:d5:db:0d:d1:01:
62:d6:75:a7:1b:a2:f1:6a:2a:ff:15:72:37:b0:b2:
df:89:82:cd:cb:07:40:da:46:e2:35:cd:af:97:31:
c0:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:0C:C9:14:63:9E:EC:F2:82:47:0C:CA:06:DD:CA:81:B4:38:81:BF
X509v3 Authority Key Identifier:
keyid:31:95:F7:34:19:E8:22:32:97:94:CF:17:FB:A7:E9:3F:37:53:74:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MZX3NBnoIjKXlM8X-6fpPzdTdKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a448a-5e7a-47e0-87da-cdcfbb100447/1/MZX3NBnoIjKXlM8X-6fpPzdTdKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bc:7c:78:7c:0f:98:bb:a0:54:50:52:8c:b1:61:b5:8f:80:e1:
b7:23:97:75:c2:ac:c4:7c:47:8d:b0:08:a0:56:bb:93:b8:14:
11:e9:71:6a:d6:dd:79:ec:10:4c:62:d0:dc:e7:e7:f6:04:59:
af:93:49:e2:46:e6:52:c7:03:32:bb:5b:68:9c:60:c7:a0:5d:
6c:d1:db:46:d3:63:10:72:ba:4a:34:49:49:37:69:e2:e8:e1:
1d:32:fc:3b:b0:6a:53:21:97:81:15:cd:69:32:aa:98:b2:e7:
b9:79:75:ca:53:e3:14:1c:6d:58:a9:11:ae:39:ab:8f:13:80:
82:89:68:7f:01:29:69:2b:fc:cf:ad:52:73:e1:9f:bd:a6:3c:
b8:20:fc:54:58:e4:f8:a6:84:d5:0d:43:38:a8:4a:3d:36:cd:
bc:b8:27:f1:27:30:3d:97:b5:6b:16:68:c6:d1:51:47:d1:e9:
a2:ef:5a:dd:aa:ac:d6:e1:b5:91:4d:56:b1:b4:b0:26:77:db:
31:0c:d9:e3:7c:d4:af:fe:fb:d4:56:35:1d:c2:89:96:d1:ba:
4c:1a:7b:88:f3:32:bf:e1:1c:32:0b:52:8b:4f:33:41:c2:5a:
5a:2b:2e:f7:c3:b7:c6:62:02:7d:6f:04:11:15:af:b9:06:20:
eb:42:41:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJizi1dUdvXIiSMbL2YTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxOTVmNzM0MTllODIyMzI5Nzk0Y2YxN2ZiYTdlOTNmMzc1
Mzc0YTkwHhcNMjUxMTExMDkwMTM1WhcNMjUxMTEyMDkwMTM1WjAzMTEwLwYDVQQD
Eyg2NTBjYzkxNDYzOWVlY2YyODI0NzBjY2EwNmRkY2E4MWI0Mzg4MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltV7Zwz954qF5wVb0RBtr5ljsVKb
Ug7dxpvy70UejmdCTRWkfSwCOE0DZLtL5QQJpXxdWGqYaZ+BXYEKecKKFlW0Lg4h
ycQ3+mYN+Keqfq7pV4KBN+ahtViCrRQnhCUmMMrAb2GBm1VkAmLm2IyeAojlpekN
oL1BOPxkKpUlkMLaBEgQefqajDwl9SH+H9u0t2q2IMFMtTCo+vkKjcQq0SXj9Yac
2hGC0XhMzxFdI+SmJpUDbQesS4+TJqOodDolhNyiO21du0MRTsE1zWKscxIBxQ1d
2NUUC5iC1dsN0QFi1nWnG6Lxair/FXI3sLLfiYLNywdA2kbiNc2vlzHAMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGUMyRRjnuzygkcMygbdyoG0OIG/MB8GA1UdIwQY
MBaAFDGV9zQZ6CIyl5TPF/un6T83U3SpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEt
Y2RjZmJiMTAwNDQ3LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81YTQ0OGEtNWU3YS00N2UwLTg3ZGEtY2RjZmJiMTAwNDQ3
LzEvTVpYM05Cbm9JaktYbE04WC02ZnBQemRUZEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvHx4fA+Y
u6BUUFKMsWG1j4DhtyOXdcKsxHxHjbAIoFa7k7gUEelxatbdeewQTGLQ3Ofn9gRZ
r5NJ4kbmUscDMrtbaJxgx6BdbNHbRtNjEHK6SjRJSTdp4ujhHTL8O7BqUyGXgRXN
aTKqmLLnuXl1ylPjFBxtWKkRrjmrjxOAgolofwEpaSv8z61Sc+GfvaY8uCD8VFjk
+KaE1Q1DOKhKPTbNvLgn8ScwPZe1axZoxtFRR9Hpou9a3aqs1uG1kU1WsbSwJnfb
MQzZ43zUr/771FY1HcKJltG6TBp7iPMyv+EcMgtSi08zQcJaWisu98O3xmICfW8E
ERWvuQYg60JBZA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:59 2025 by rpki-client