Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft
File: rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft (raw, json)
Hash identifier: CeXhS70ezeSzyAmXgi7/iLqvBANh2CWNq0+jifYnxqU=
Subject key identifier: 57:66:8D:C1:EB:C1:2D:EE:9E:B7:CC:A0:14:A9:D4:EF:E7:60:B5:F5
Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Certificate serial: 019A7293BC9CB41F7A5BAC0B08B1CE0A60C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft
Manifest number: 0C3D
Signing time: Tue 11 Nov 2025 11:01:15 +0000
Manifest this update: Tue 11 Nov 2025 11:01:15 +0000
Manifest next update: Wed 12 Nov 2025 11:01:15 +0000
Files and hashes: 1: nd2mEoM182MlqnyU97QFBEBtYLc.roa (hash: H4CTJi+dex4a2tP/U9S7boExXOmFzvTZ0iE52ANC1z0=)
2: rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl (hash: HvPkNoiPVHIylQVZsyAwD4f5ju2kx059zOChVegk+EM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft
rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:bc:9c:b4:1f:7a:5b:ac:0b:08:b1:ce:0a:60:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa
Validity
Not Before: Nov 11 11:01:15 2025 GMT
Not After : Nov 12 11:01:15 2025 GMT
Subject: CN=57668dc1ebc12dee9eb7cca014a9d4efe760b5f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:52:82:0a:37:e8:3b:46:39:f8:5e:dd:59:38:
dd:4c:04:60:6e:79:49:a8:ab:b8:59:0a:16:bc:59:
0d:ef:fe:9c:8a:30:b4:31:e2:8e:2d:24:a5:bb:19:
9d:83:b7:97:52:ab:fc:98:80:f6:e2:37:9f:63:3f:
a8:c3:ae:3b:c2:79:09:63:d3:b5:25:05:13:f2:68:
13:14:69:54:3d:bb:d0:5d:87:2c:76:61:51:60:43:
b0:53:2f:0e:72:3c:94:54:5f:39:d2:07:34:4a:2f:
89:a0:fd:a4:6a:d0:84:ce:9f:a7:41:eb:bd:8f:40:
8b:a8:1e:ab:cf:99:88:bd:e8:bc:69:00:a9:58:92:
a9:58:7f:61:91:bf:74:67:84:51:c0:3c:54:f2:f4:
22:83:af:52:15:22:4a:42:3f:69:6e:40:83:84:d5:
97:f8:bf:c1:4a:07:df:4c:1f:58:14:6d:cd:5a:21:
79:d7:ec:22:82:5e:5f:99:8f:22:32:65:d4:8b:d1:
36:60:64:09:9c:ae:a2:18:56:1d:2a:09:d4:a5:ad:
36:60:68:c3:ba:bc:11:22:af:db:23:2d:f5:69:0c:
e1:5f:92:90:f1:b6:ca:4e:e9:4e:f9:79:ed:b3:78:
df:e6:24:19:c7:1b:f9:62:6e:bc:d2:c8:d3:62:6a:
01:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:66:8D:C1:EB:C1:2D:EE:9E:B7:CC:A0:14:A9:D4:EF:E7:60:B5:F5
X509v3 Authority Key Identifier:
keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:73:08:19:a1:47:c1:73:94:e3:48:ac:25:9a:7f:e6:18:16:
3b:7c:e8:05:0e:c0:3b:31:df:30:71:cb:fd:f6:6e:4d:81:2a:
35:2e:e0:14:3a:1f:d3:0f:f4:4a:2e:ab:5a:45:ed:10:84:fd:
36:f4:ce:a8:b0:2e:c1:41:53:04:91:f5:39:14:eb:cb:75:4d:
4f:a7:5b:38:a3:a8:a3:ac:75:ae:b2:86:b1:9c:63:63:88:88:
18:8b:27:38:43:5b:52:f0:7f:2e:7e:44:39:fa:e3:e3:10:d0:
80:19:ee:86:0e:2f:b9:b2:ae:e6:13:a7:82:02:92:22:54:e7:
8e:48:9c:13:a1:f9:d1:43:1f:c1:de:44:37:d3:d5:31:ab:9d:
fd:c8:96:ee:1e:09:66:97:82:18:e8:37:05:28:0b:c4:6d:17:
40:d4:85:73:6e:aa:ed:48:fe:68:e8:b7:01:38:ac:52:05:73:
f4:c8:dc:5c:95:f5:21:84:d2:81:35:4f:7b:e5:6f:e3:87:1a:
27:a2:04:e9:ba:6c:a3:cb:d0:47:18:27:d8:b6:8e:1b:ce:33:
ce:58:fc:48:51:13:1f:d9:51:18:2c:97:3a:66:14:ce:e2:76:
3a:c5:b9:3b:7f:e3:c1:dd:6f:09:65:0d:85:e2:74:aa:38:91:
fc:be:11:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7yctB96W6wLCLHOCmDAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3
NzZlZmEwHhcNMjUxMTExMTEwMTE1WhcNMjUxMTEyMTEwMTE1WjAzMTEwLwYDVQQD
Eyg1NzY2OGRjMWViYzEyZGVlOWViN2NjYTAxNGE5ZDRlZmU3NjBiNWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1KCCjfoO0Y5+F7dWTjdTARgbnlJ
qKu4WQoWvFkN7/6cijC0MeKOLSSluxmdg7eXUqv8mID24jefYz+ow647wnkJY9O1
JQUT8mgTFGlUPbvQXYcsdmFRYEOwUy8OcjyUVF850gc0Si+JoP2katCEzp+nQeu9
j0CLqB6rz5mIvei8aQCpWJKpWH9hkb90Z4RRwDxU8vQig69SFSJKQj9pbkCDhNWX
+L/BSgffTB9YFG3NWiF51+wigl5fmY8iMmXUi9E2YGQJnK6iGFYdKgnUpa02YGjD
urwRIq/bIy31aQzhX5KQ8bbKTulO+Xnts3jf5iQZxxv5Ym680sjTYmoBkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdmjcHrwS3unrfMoBSp1O/nYLX1MB8GA1UdIwQY
MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt
ZjYwMGQwZmQwM2NlLzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl
LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdHMIGaFH
wXOU40isJZp/5hgWO3zoBQ7AOzHfMHHL/fZuTYEqNS7gFDof0w/0Si6rWkXtEIT9
NvTOqLAuwUFTBJH1ORTry3VNT6dbOKOoo6x1rrKGsZxjY4iIGIsnOENbUvB/Ln5E
Ofrj4xDQgBnuhg4vubKu5hOnggKSIlTnjkicE6H50UMfwd5EN9PVMaud/ciW7h4J
ZpeCGOg3BSgLxG0XQNSFc26q7Uj+aOi3ATisUgVz9MjcXJX1IYTSgTVPe+Vv44ca
J6IE6bpso8vQRxgn2LaOG84zzlj8SFETH9lRGCyXOmYUzuJ2OsW5O3/jwd1vCWUN
heJ0qjiR/L4R6g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:28:10 2025 by rpki-client