Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/f62382-99dd-47d4-8de4-1fe6912f8e7e/1/gCNZN6302riSXVgEWjNxgWyYBTE.mft
File: gCNZN6302riSXVgEWjNxgWyYBTE.mft (raw, json)
Hash identifier: sIFjmy/NcBLA1AODs4kFFMKqL2+Hd4d+pKOZhecslQ0=
Subject key identifier: 5D:65:A0:AB:BC:5D:D4:27:DF:23:9B:9A:07:BA:B2:46:9F:D7:E0:2A
Authority key identifier: 80:23:59:37:AD:F4:DA:B8:92:5D:58:04:5A:33:71:81:6C:98:05:31
Certificate issuer: /CN=80235937adf4dab8925d58045a3371816c980531
Certificate serial: 019A7149D18EB97FE56EA043E014086F5839
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gCNZN6302riSXVgEWjNxgWyYBTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/f62382-99dd-47d4-8de4-1fe6912f8e7e/1/gCNZN6302riSXVgEWjNxgWyYBTE.mft
Manifest number: 0903
Signing time: Tue 11 Nov 2025 05:00:54 +0000
Manifest this update: Tue 11 Nov 2025 05:00:54 +0000
Manifest next update: Wed 12 Nov 2025 05:00:54 +0000
Files and hashes: 1: gCNZN6302riSXVgEWjNxgWyYBTE.crl (hash: ZKI3e+4koTv8Y6a6gfKFhZbvvMOvm+L5RJ8txVybnH0=)
2: xGfGnzNZn4HUZigqa5Ok1nkmfsE.roa (hash: XpFkMfmlY0imCtGtKPRW/lTcymGc5XbfGzDPyUvzl8w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/f62382-99dd-47d4-8de4-1fe6912f8e7e/1/gCNZN6302riSXVgEWjNxgWyYBTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/f62382-99dd-47d4-8de4-1fe6912f8e7e/1/gCNZN6302riSXVgEWjNxgWyYBTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/gCNZN6302riSXVgEWjNxgWyYBTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d1:8e:b9:7f:e5:6e:a0:43:e0:14:08:6f:58:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80235937adf4dab8925d58045a3371816c980531
Validity
Not Before: Nov 11 05:00:54 2025 GMT
Not After : Nov 12 05:00:54 2025 GMT
Subject: CN=5d65a0abbc5dd427df239b9a07bab2469fd7e02a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:00:f4:be:23:dc:ff:a3:fc:1a:30:79:ad:76:
44:0d:97:2c:46:b5:f6:1e:0d:d4:89:d9:63:e3:66:
d7:e1:a3:de:5e:a9:5d:9e:79:94:26:0b:73:eb:a6:
75:78:45:f7:33:dd:4e:c6:82:4b:65:a2:f7:d1:85:
44:53:ce:67:80:74:a2:d6:21:cb:1a:1d:1a:14:ca:
56:3d:e2:e8:b8:fd:3d:0a:a3:07:5c:8a:ae:6d:e9:
18:fa:c9:6a:ac:9b:a1:4d:a5:28:d4:a8:98:2d:5a:
7a:f6:11:08:85:6a:24:b4:c4:c2:e4:c3:de:7c:76:
96:95:b6:07:ef:7f:a6:28:93:1b:0c:7e:40:ac:bf:
e0:79:0e:ca:a9:8f:f1:50:48:6b:eb:a6:72:bd:3f:
01:e5:b6:08:c2:68:79:39:98:9b:83:63:7f:a7:49:
c6:10:a2:de:54:b7:ef:5a:c7:80:41:99:0e:67:d5:
8e:c0:12:b2:3c:08:3c:b9:b8:8e:3d:43:17:6b:17:
92:6a:0e:66:1a:3f:94:8e:42:06:8d:b6:f4:6a:97:
7d:28:10:b2:40:6e:6f:e4:4f:94:dd:c0:98:54:58:
d6:90:54:f4:48:f0:12:7e:7c:b9:48:eb:f8:f9:55:
29:09:6f:c3:ad:23:ac:86:09:4d:bc:64:ea:5a:6d:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:65:A0:AB:BC:5D:D4:27:DF:23:9B:9A:07:BA:B2:46:9F:D7:E0:2A
X509v3 Authority Key Identifier:
keyid:80:23:59:37:AD:F4:DA:B8:92:5D:58:04:5A:33:71:81:6C:98:05:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gCNZN6302riSXVgEWjNxgWyYBTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f62382-99dd-47d4-8de4-1fe6912f8e7e/1/gCNZN6302riSXVgEWjNxgWyYBTE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/f62382-99dd-47d4-8de4-1fe6912f8e7e/1/gCNZN6302riSXVgEWjNxgWyYBTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:08:8b:74:96:ea:2e:6c:a6:a8:c0:42:d2:42:2c:66:58:aa:
80:39:dd:98:ca:f0:24:c6:e0:c3:3c:f1:66:ba:ec:22:54:58:
b9:26:82:5a:e5:07:51:e5:d0:68:b9:47:60:41:49:d9:76:bd:
5e:46:bd:20:08:73:56:34:c5:86:8a:75:6c:34:91:6d:61:8d:
c2:a0:e2:4c:1d:ca:b5:cd:b6:56:24:09:65:23:ef:a9:c5:93:
60:38:d2:8c:61:aa:9e:06:ad:be:86:fb:d4:33:42:21:56:f7:
71:43:cf:71:f6:a6:97:b5:6b:ac:fa:a8:d7:b4:a6:d7:b4:13:
c6:13:2a:1e:44:bc:2f:42:dc:7b:2a:5e:21:76:b2:84:a2:db:
ce:57:9b:94:2c:66:b9:0d:53:08:1e:b6:3a:d4:f4:64:e4:f2:
17:7e:11:91:d0:77:1a:b1:a4:81:2b:96:56:77:79:3b:cd:4d:
84:62:6c:96:56:97:c3:ad:f0:ae:43:33:7a:1d:89:6b:21:89:
4f:92:16:57:89:bf:15:a7:d2:e7:f8:70:50:3a:15:de:92:14:
b0:19:c4:54:8f:d6:71:a1:61:e5:45:1d:28:79:69:4b:27:12:
35:e3:89:5a:99:55:8b:dc:b1:ad:a0:a8:d0:4f:76:fb:87:9d:
45:ba:9f:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdGOuX/lbqBD4BQIb1g5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwMjM1OTM3YWRmNGRhYjg5MjVkNTgwNDVhMzM3MTgxNmM5
ODA1MzEwHhcNMjUxMTExMDUwMDU0WhcNMjUxMTEyMDUwMDU0WjAzMTEwLwYDVQQD
Eyg1ZDY1YTBhYmJjNWRkNDI3ZGYyMzliOWEwN2JhYjI0NjlmZDdlMDJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugD0viPc/6P8GjB5rXZEDZcsRrX2
Hg3Uidlj42bX4aPeXqldnnmUJgtz66Z1eEX3M91OxoJLZaL30YVEU85ngHSi1iHL
Gh0aFMpWPeLouP09CqMHXIqubekY+slqrJuhTaUo1KiYLVp69hEIhWoktMTC5MPe
fHaWlbYH73+mKJMbDH5ArL/geQ7KqY/xUEhr66ZyvT8B5bYIwmh5OZibg2N/p0nG
EKLeVLfvWseAQZkOZ9WOwBKyPAg8ubiOPUMXaxeSag5mGj+UjkIGjbb0apd9KBCy
QG5v5E+U3cCYVFjWkFT0SPASfny5SOv4+VUpCW/DrSOshglNvGTqWm2+TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1loKu8XdQn3yObmge6skaf1+AqMB8GA1UdIwQY
MBaAFIAjWTet9Nq4kl1YBFozcYFsmAUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0NOWk42MzAycmlTWFZnRVdqTnhnV3lZQlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9mNjIzODItOTlkZC00N2Q0LThkZTQt
MWZlNjkxMmY4ZTdlLzEvZ0NOWk42MzAycmlTWFZnRVdqTnhnV3lZQlRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9mNjIzODItOTlkZC00N2Q0LThkZTQtMWZlNjkxMmY4ZTdl
LzEvZ0NOWk42MzAycmlTWFZnRVdqTnhnV3lZQlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOAiLdJbq
LmymqMBC0kIsZliqgDndmMrwJMbgwzzxZrrsIlRYuSaCWuUHUeXQaLlHYEFJ2Xa9
Xka9IAhzVjTFhop1bDSRbWGNwqDiTB3Ktc22ViQJZSPvqcWTYDjSjGGqngatvob7
1DNCIVb3cUPPcfaml7VrrPqo17Sm17QTxhMqHkS8L0LceypeIXayhKLbzleblCxm
uQ1TCB62OtT0ZOTyF34RkdB3GrGkgSuWVnd5O81NhGJsllaXw63wrkMzeh2JayGJ
T5IWV4m/FafS5/hwUDoV3pIUsBnEVI/WcaFh5UUdKHlpSycSNeOJWplVi9yxraCo
0E92+4edRbqf7A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:41 2025 by rpki-client