Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
File: zQwDKJL2la9ME_sKyoBD0Xsbl78.mft (raw, json)
Hash identifier: z108QZt1Pq43HTvJO/AZcUc7tD9bdRumLy27IT0L66A=
Subject key identifier: 03:AA:99:E3:88:CA:D5:6E:8F:5E:FC:4F:1E:68:78:37:46:5F:C1:F8
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Certificate issuer: /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial: 019A7293F45BB27762BBA0ED05322369289F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
Manifest number: 0AC1
Signing time: Tue 11 Nov 2025 11:01:30 +0000
Manifest this update: Tue 11 Nov 2025 11:01:30 +0000
Manifest next update: Wed 12 Nov 2025 11:01:30 +0000
Files and hashes: 1: zQwDKJL2la9ME_sKyoBD0Xsbl78.crl (hash: 1GnldHYWESpBQ3AI0QqTCjD3m+h1/t5pPx6qCx5TQpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:f4:5b:b2:77:62:bb:a0:ed:05:32:23:69:28:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Validity
Not Before: Nov 11 11:01:30 2025 GMT
Not After : Nov 12 11:01:30 2025 GMT
Subject: CN=03aa99e388cad56e8f5efc4f1e687837465fc1f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e9:a1:f1:56:f4:91:00:23:c0:70:53:c6:e5:
7c:2a:ce:dd:db:1e:79:ea:a9:e0:80:91:dc:c3:43:
0f:5b:d9:52:aa:a0:fa:8f:8c:e1:b0:49:63:21:da:
3d:70:e4:60:04:65:bf:6f:b6:61:7d:f8:dc:b6:a3:
42:06:06:59:33:85:9e:fc:f0:f2:48:2b:f8:a7:15:
0d:19:bf:7e:a2:c4:e2:17:95:b3:06:bc:ce:ff:80:
a2:38:b4:35:61:f6:34:d1:b3:c5:4e:53:64:4c:e0:
ab:ef:79:ae:70:be:ce:dd:50:35:89:5f:bb:a4:91:
a1:e5:39:52:37:b5:a9:8d:cc:ce:d3:11:e9:8b:38:
fc:fa:d0:53:4f:ab:8d:c1:95:9b:69:ae:dc:b4:3c:
57:f6:20:67:10:e1:83:8f:81:cd:f5:5d:97:6b:94:
c5:da:fb:04:84:f8:1e:bb:91:56:fc:6e:48:86:54:
59:c7:88:28:d8:25:68:e3:b6:7b:04:50:82:8a:15:
b0:f4:64:94:31:87:46:cc:09:dd:23:ca:b8:d5:c1:
9f:b7:26:0b:90:d4:57:4e:57:1d:85:d7:c9:02:98:
6e:16:80:c4:c4:ba:54:ea:dd:52:8a:db:48:42:1c:
09:f8:1d:4b:99:30:37:06:4a:a4:df:0f:65:ab:b5:
12:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:AA:99:E3:88:CA:D5:6E:8F:5E:FC:4F:1E:68:78:37:46:5F:C1:F8
X509v3 Authority Key Identifier:
keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:80:35:ce:6a:48:cb:0e:ab:90:66:3f:69:ef:11:34:cc:23:
1a:ca:69:4a:58:ed:5c:f3:e9:80:3f:e2:ac:eb:56:b0:f0:07:
a1:9e:96:c7:1a:e1:07:84:4d:35:a7:64:84:e3:2c:7e:c9:12:
cb:d8:37:ee:26:58:95:8f:14:e4:e9:58:46:4a:14:46:b0:ac:
7a:e8:4e:5d:a3:d3:4c:f7:54:45:f4:ff:21:05:00:4d:7d:fd:
06:09:71:4f:8b:7c:a3:90:c3:13:22:23:26:a4:5f:33:97:25:
cf:a7:f6:ef:5e:09:7c:86:5d:0c:6b:c7:02:71:31:1b:61:07:
d8:ba:6b:15:1e:ed:85:2d:28:32:1d:a2:78:4e:78:cb:e1:b3:
c0:cb:33:1f:4f:d9:ad:fd:c5:14:ee:5a:3b:6f:cb:49:95:05:
a6:9c:c8:1b:fd:32:b1:1a:ad:93:9c:44:18:a5:c9:38:b5:b4:
66:d8:01:6f:4e:ea:14:c1:2b:1c:01:e3:83:6e:b6:63:ef:10:
53:31:6f:61:8e:a7:90:88:38:20:ab:09:e8:9a:52:07:0d:2e:
b6:b1:64:e7:cf:85:7c:da:2b:8b:9d:58:f0:5f:7a:73:9f:d7:
61:b5:36:71:54:f1:c0:aa:af:9b:70:ae:06:c3:ee:cb:f7:b4:
47:34:fd:47
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/Rbsndiu6DtBTIjaSifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjUxMTExMTEwMTMwWhcNMjUxMTEyMTEwMTMwWjAzMTEwLwYDVQQD
EygwM2FhOTllMzg4Y2FkNTZlOGY1ZWZjNGYxZTY4NzgzNzQ2NWZjMWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwemh8Vb0kQAjwHBTxuV8Ks7d2x55
6qnggJHcw0MPW9lSqqD6j4zhsEljIdo9cORgBGW/b7ZhffjctqNCBgZZM4We/PDy
SCv4pxUNGb9+osTiF5WzBrzO/4CiOLQ1YfY00bPFTlNkTOCr73mucL7O3VA1iV+7
pJGh5TlSN7WpjczO0xHpizj8+tBTT6uNwZWbaa7ctDxX9iBnEOGDj4HN9V2Xa5TF
2vsEhPgeu5FW/G5IhlRZx4go2CVo47Z7BFCCihWw9GSUMYdGzAndI8q41cGftyYL
kNRXTlcdhdfJAphuFoDExLpU6t1SittIQhwJ+B1LmTA3Bkqk3w9lq7UScwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAOqmeOIytVuj178Tx5oeDdGX8H4MB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACoA1zmpI
yw6rkGY/ae8RNMwjGsppSljtXPPpgD/irOtWsPAHoZ6WxxrhB4RNNadkhOMsfskS
y9g37iZYlY8U5OlYRkoURrCseuhOXaPTTPdURfT/IQUATX39BglxT4t8o5DDEyIj
JqRfM5clz6f2714JfIZdDGvHAnExG2EH2LprFR7thS0oMh2ieE54y+GzwMszH0/Z
rf3FFO5aO2/LSZUFppzIG/0ysRqtk5xEGKXJOLW0ZtgBb07qFMErHAHjg262Y+8Q
UzFvYY6nkIg4IKsJ6JpSBw0utrFk58+FfNori51Y8F96c5/XYbU2cVTxwKqvm3Cu
BsPuy/e0RzT9Rw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:40 2025 by rpki-client