Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
File: ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json)
Hash identifier: NNAav5X+uUYG3Gw2jJb1LCmo2lf4idWHc18mHVelycw=
Subject key identifier: 1C:5F:7A:22:E5:6D:13:50:E2:FC:16:EB:64:CA:56:9F:16:C4:4D:71
Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
Certificate issuer: /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Certificate serial: 019A706E351EAE239871916D7E1F9D07CACB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
Manifest number: 01D1
Signing time: Tue 11 Nov 2025 01:01:01 +0000
Manifest this update: Tue 11 Nov 2025 01:01:01 +0000
Manifest next update: Wed 12 Nov 2025 01:01:01 +0000
Files and hashes: 1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: 0SPN63tWTu3nATU3dViAgEErExoypPhZSF93Vzd/pSk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 01:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:6e:35:1e:ae:23:98:71:91:6d:7e:1f:9d:07:ca:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457
Validity
Not Before: Nov 11 01:01:01 2025 GMT
Not After : Nov 12 01:01:01 2025 GMT
Subject: CN=1c5f7a22e56d1350e2fc16eb64ca569f16c44d71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b2:2b:7f:20:df:ef:c4:73:de:42:d2:5f:63:
77:76:50:6f:31:8b:90:ad:48:e2:cf:0d:b1:4c:9e:
fc:99:1c:5e:11:50:ef:b2:da:f5:14:5d:90:ee:3e:
56:c2:f1:cc:97:f5:55:78:61:81:20:8c:52:34:84:
0b:d1:b2:0a:85:1e:71:9b:4d:fe:b2:3f:42:6e:cb:
14:f5:8c:75:cb:be:13:07:09:9d:f3:25:d3:3f:c9:
7b:be:b4:d7:88:bd:9f:0e:86:a6:46:12:05:9f:d8:
25:8d:bb:3f:51:93:3d:46:36:5b:c3:c8:bc:11:d6:
43:42:48:4e:00:fd:ec:fd:ea:37:97:ee:d5:81:25:
ba:fb:91:61:9e:f8:e4:4b:66:bf:45:61:f6:54:a6:
f6:7d:2b:69:bd:7f:75:3a:11:65:e4:d0:cc:23:22:
f1:73:d5:a5:1a:52:be:bb:10:a5:6a:50:e8:1e:95:
c5:5c:3b:c1:5e:35:0d:b7:25:c1:a5:87:a6:b9:87:
20:42:5b:6a:c3:83:9e:a1:cc:2d:9d:78:b6:a8:a9:
9b:8d:4a:51:19:fa:c8:e3:42:ed:f8:06:c5:6e:a0:
61:0d:16:d1:9f:97:e5:67:5d:59:4e:aa:fb:7f:cc:
53:72:ac:00:dc:d5:4a:70:69:4c:35:d5:f9:9a:04:
26:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5F:7A:22:E5:6D:13:50:E2:FC:16:EB:64:CA:56:9F:16:C4:4D:71
X509v3 Authority Key Identifier:
keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
45:4f:89:a0:55:de:e3:fc:f8:79:c7:34:ca:36:72:f0:02:0f:
88:f7:7f:4c:f0:12:59:f7:e0:17:1d:b6:b4:74:00:e7:a9:26:
92:ae:51:9d:15:75:fa:1e:04:ad:49:e8:18:f6:1c:2e:32:5e:
89:aa:41:7a:52:24:7f:ae:15:b4:1c:1e:44:fc:12:4e:c5:6b:
33:11:2a:9b:10:d7:27:ac:11:88:2a:f9:45:20:7f:6c:33:e1:
0f:62:40:16:5c:cc:db:14:38:0a:81:56:c0:09:03:12:e7:8e:
bd:5c:05:8d:09:3c:6a:42:60:2f:02:ca:b2:90:15:7a:5a:cb:
ad:50:02:5a:97:2f:5e:ec:ec:1c:5f:24:3b:88:7e:59:60:8b:
57:11:f5:02:0d:6c:1e:b5:a8:19:54:e2:67:22:46:4d:d4:18:
2e:85:27:8a:5b:a7:f8:2f:b2:8b:af:39:73:0d:94:c9:b8:a8:
af:e4:3d:20:b0:4e:52:b0:36:f7:40:a9:39:26:02:f6:2b:5f:
02:b0:2c:e2:63:a5:11:00:8d:83:30:57:00:e6:a4:90:f4:93:
70:ee:25:a8:66:bf:73:4f:f4:aa:47:51:ee:1b:cb:eb:95:38:
30:00:b1:37:51:4f:c1:8d:1b:f6:73:99:7a:cb:cf:84:f0:96:
ad:a9:f0:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwbjUeriOYcZFtfh+dB8rLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh
YzM0NTcwHhcNMjUxMTExMDEwMTAxWhcNMjUxMTEyMDEwMTAxWjAzMTEwLwYDVQQD
EygxYzVmN2EyMmU1NmQxMzUwZTJmYzE2ZWI2NGNhNTY5ZjE2YzQ0ZDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbIrfyDf78Rz3kLSX2N3dlBvMYuQ
rUjizw2xTJ78mRxeEVDvstr1FF2Q7j5WwvHMl/VVeGGBIIxSNIQL0bIKhR5xm03+
sj9CbssU9Yx1y74TBwmd8yXTP8l7vrTXiL2fDoamRhIFn9gljbs/UZM9RjZbw8i8
EdZDQkhOAP3s/eo3l+7VgSW6+5FhnvjkS2a/RWH2VKb2fStpvX91OhFl5NDMIyLx
c9WlGlK+uxClalDoHpXFXDvBXjUNtyXBpYemuYcgQltqw4OeocwtnXi2qKmbjUpR
GfrI40Lt+AbFbqBhDRbRn5flZ11ZTqr7f8xTcqwA3NVKcGlMNdX5mgQmFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBxfeiLlbRNQ4vwW62TKVp8WxE1xMB8GA1UdIwQY
MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt
MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh
LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARU+JoFXe
4/z4ecc0yjZy8AIPiPd/TPASWffgFx22tHQA56kmkq5RnRV1+h4ErUnoGPYcLjJe
iapBelIkf64VtBweRPwSTsVrMxEqmxDXJ6wRiCr5RSB/bDPhD2JAFlzM2xQ4CoFW
wAkDEueOvVwFjQk8akJgLwLKspAVelrLrVACWpcvXuzsHF8kO4h+WWCLVxH1Ag1s
HrWoGVTiZyJGTdQYLoUnilun+C+yi685cw2Uybior+Q9ILBOUrA290CpOSYC9itf
ArAs4mOlEQCNgzBXAOakkPSTcO4lqGa/c0/0qkdR7hvL65U4MACxN1FPwY0b9nOZ
esvPhPCWranw9w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:29 2025 by rpki-client