Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft
File: bzipg89Dc6pJdJhasi1RTA9IHS4.mft (raw, json)
Hash identifier: FGz/bjadnYZof+eS+trYLaoxtt/Ueiqs3QD1nLGAyns=
Subject key identifier: CC:07:59:2B:0C:C6:F3:0E:E1:AA:EC:34:B8:56:4D:5D:BA:C8:5B:9E
Authority key identifier: 6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E
Certificate issuer: /CN=6f38a983cf4373aa4974985ab22d514c0f481d2e
Certificate serial: 019A71B8451298FCD2B12255BE9CD7E3D6D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft
Manifest number: 036C
Signing time: Tue 11 Nov 2025 07:01:32 +0000
Manifest this update: Tue 11 Nov 2025 07:01:32 +0000
Manifest next update: Wed 12 Nov 2025 07:01:32 +0000
Files and hashes: 1: HZb4ypfyyLknrNflDGCKDQospm0.roa (hash: DJb41fbhgLGXN4Umv3DyaNZTQa8ZY7nKkJ22hR0xLS4=)
2: bzipg89Dc6pJdJhasi1RTA9IHS4.crl (hash: ggDYOD86EXNAFzcmqr4mkG3StvwjFbhijF8VyarrSHc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:45:12:98:fc:d2:b1:22:55:be:9c:d7:e3:d6:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f38a983cf4373aa4974985ab22d514c0f481d2e
Validity
Not Before: Nov 11 07:01:32 2025 GMT
Not After : Nov 12 07:01:32 2025 GMT
Subject: CN=cc07592b0cc6f30ee1aaec34b8564d5dbac85b9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:53:eb:90:91:20:cc:3a:f8:0e:7d:77:24:e8:
d2:9c:fc:09:48:74:63:e2:d0:d3:00:4a:c5:e0:8b:
b7:1d:ed:5a:23:31:1d:4f:ba:4d:eb:17:88:37:07:
5a:25:de:1b:49:2f:fc:f4:77:7b:9f:07:60:6f:4d:
63:9d:33:25:a1:87:b4:37:c5:99:e7:07:27:37:06:
64:b2:38:c8:3e:cc:d1:df:36:32:44:29:58:f9:a3:
f3:3a:01:5f:d4:78:81:f1:1e:c7:33:5a:6b:ab:4b:
5c:12:45:1f:e4:69:17:67:3d:be:60:f0:7a:1d:2e:
4f:38:d0:e8:0f:33:f7:d7:75:d5:01:6c:b0:1b:f9:
85:31:1c:da:b7:14:aa:d5:5c:52:10:ac:88:6f:39:
b1:3c:19:b5:5d:2a:9f:00:e5:8f:24:29:62:3c:47:
e7:22:5c:3f:df:4b:83:dc:83:82:2b:7e:76:3c:1e:
cb:d5:93:7d:b1:a4:70:c1:58:48:77:e9:64:09:73:
b7:b5:a2:09:13:d3:0a:9a:41:be:91:c7:4c:88:a4:
8b:bf:b9:30:2e:ef:31:5e:65:76:81:59:77:a9:bf:
e6:a2:b8:8f:f2:57:82:7c:53:be:57:98:34:b3:66:
48:20:07:95:43:d1:44:08:c0:9b:ff:53:dc:f1:1d:
22:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:07:59:2B:0C:C6:F3:0E:E1:AA:EC:34:B8:56:4D:5D:BA:C8:5B:9E
X509v3 Authority Key Identifier:
keyid:6F:38:A9:83:CF:43:73:AA:49:74:98:5A:B2:2D:51:4C:0F:48:1D:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzipg89Dc6pJdJhasi1RTA9IHS4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/74337b-f98e-4e31-9004-af5a567732ef/1/bzipg89Dc6pJdJhasi1RTA9IHS4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:86:c0:e4:b4:7f:54:ab:db:d6:c6:95:a6:21:05:49:b7:9e:
52:69:bb:fd:05:51:98:b7:ac:56:f8:a8:33:08:92:9d:a7:5d:
3a:a9:f1:f7:e5:0c:be:8b:1c:7f:59:27:00:b7:d3:49:15:11:
c7:69:e4:78:32:fe:e0:d4:98:ac:be:61:8a:a4:39:e3:06:35:
60:2e:95:30:86:7a:13:69:95:d3:95:e0:18:0e:b1:bc:75:8a:
18:56:7a:0d:e9:96:83:b8:2c:9e:f0:3e:b6:bc:61:31:f0:f4:
03:00:24:65:ed:85:d4:62:1b:cd:06:0b:86:9b:ef:6f:c1:03:
30:88:ee:51:a6:9a:aa:db:e0:b0:00:ac:65:3c:b9:6d:b1:52:
e2:13:8c:59:e8:f8:5a:1f:34:a6:a5:7a:2b:9c:c8:7d:c2:b8:
d1:d3:2d:90:1f:be:0f:37:96:f5:eb:54:27:0b:9c:49:e0:dc:
a7:fa:27:21:cf:17:26:f9:16:7c:b9:be:19:b7:8a:67:fe:2f:
8a:1e:ce:a9:72:69:03:98:2e:ed:7e:c9:03:f4:a6:90:36:c0:
6c:e5:50:59:ee:00:69:4d:fb:73:05:f3:cf:42:d1:81:0c:8d:
48:67:04:7b:20:36:9b:67:10:3b:35:7f:24:5c:a9:41:c3:76:
ad:22:d6:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuEUSmPzSsSJVvpzX49bZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmMzhhOTgzY2Y0MzczYWE0OTc0OTg1YWIyMmQ1MTRjMGY0
ODFkMmUwHhcNMjUxMTExMDcwMTMyWhcNMjUxMTEyMDcwMTMyWjAzMTEwLwYDVQQD
EyhjYzA3NTkyYjBjYzZmMzBlZTFhYWVjMzRiODU2NGQ1ZGJhYzg1YjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklPrkJEgzDr4Dn13JOjSnPwJSHRj
4tDTAErF4Iu3He1aIzEdT7pN6xeINwdaJd4bSS/89Hd7nwdgb01jnTMloYe0N8WZ
5wcnNwZksjjIPszR3zYyRClY+aPzOgFf1HiB8R7HM1prq0tcEkUf5GkXZz2+YPB6
HS5PONDoDzP313XVAWywG/mFMRzatxSq1VxSEKyIbzmxPBm1XSqfAOWPJCliPEfn
Ilw/30uD3IOCK352PB7L1ZN9saRwwVhId+lkCXO3taIJE9MKmkG+kcdMiKSLv7kw
Lu8xXmV2gVl3qb/moriP8leCfFO+V5g0s2ZIIAeVQ9FECMCb/1Pc8R0ikQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwHWSsMxvMO4arsNLhWTV26yFueMB8GA1UdIwQY
MBaAFG84qYPPQ3OqSXSYWrItUUwPSB0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQt
YWY1YTU2NzczMmVmLzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS83NDMzN2ItZjk4ZS00ZTMxLTkwMDQtYWY1YTU2NzczMmVm
LzEvYnppcGc4OURjNnBKZEpoYXNpMVJUQTlJSFM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW4bA5LR/
VKvb1saVpiEFSbeeUmm7/QVRmLesVvioMwiSnaddOqnx9+UMvoscf1knALfTSRUR
x2nkeDL+4NSYrL5hiqQ54wY1YC6VMIZ6E2mV05XgGA6xvHWKGFZ6DemWg7gsnvA+
trxhMfD0AwAkZe2F1GIbzQYLhpvvb8EDMIjuUaaaqtvgsACsZTy5bbFS4hOMWej4
Wh80pqV6K5zIfcK40dMtkB++DzeW9etUJwucSeDcp/onIc8XJvkWfLm+GbeKZ/4v
ih7OqXJpA5gu7X7JA/SmkDbAbOVQWe4AaU37cwXzz0LRgQyNSGcEeyA2m2cQOzV/
JFypQcN2rSLW/Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:34:57 2025 by rpki-client