Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/207876-80b7-4443-9f0c-55f06f062ce0/1/z65GEYj_we8vOhR0VxqUOaVTdKw.mft
File: z65GEYj_we8vOhR0VxqUOaVTdKw.mft (raw, json)
Hash identifier: z0Wwkb4B6BEnEdVwLHTnYh90Ufeb/OURWxmGET14gVs=
Subject key identifier: 1E:8A:30:D6:02:E8:6B:06:D6:40:22:AC:30:FF:D5:2B:C2:8C:9E:9B
Authority key identifier: CF:AE:46:11:88:FF:C1:EF:2F:3A:14:74:57:1A:94:39:A5:53:74:AC
Certificate issuer: /CN=cfae461188ffc1ef2f3a1474571a9439a55374ac
Certificate serial: 019A72257EC588927688A6E501833467568D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z65GEYj_we8vOhR0VxqUOaVTdKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/207876-80b7-4443-9f0c-55f06f062ce0/1/z65GEYj_we8vOhR0VxqUOaVTdKw.mft
Manifest number: 0438
Signing time: Tue 11 Nov 2025 09:00:51 +0000
Manifest this update: Tue 11 Nov 2025 09:00:51 +0000
Manifest next update: Wed 12 Nov 2025 09:00:51 +0000
Files and hashes: 1: 1k7B6OZhB1CFcx64eFikJ90IArY.roa (hash: BObzQX0NmXL+SkwyifLtayjL5iVc0jp/QAmHV8ZAgNM=)
2: z65GEYj_we8vOhR0VxqUOaVTdKw.crl (hash: 8I8Y8f6MEh8xmc+6C/bGAqmUUYVGUNwgfdXJbBRX/EQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/207876-80b7-4443-9f0c-55f06f062ce0/1/z65GEYj_we8vOhR0VxqUOaVTdKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/207876-80b7-4443-9f0c-55f06f062ce0/1/z65GEYj_we8vOhR0VxqUOaVTdKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/z65GEYj_we8vOhR0VxqUOaVTdKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7e:c5:88:92:76:88:a6:e5:01:83:34:67:56:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfae461188ffc1ef2f3a1474571a9439a55374ac
Validity
Not Before: Nov 11 09:00:51 2025 GMT
Not After : Nov 12 09:00:51 2025 GMT
Subject: CN=1e8a30d602e86b06d64022ac30ffd52bc28c9e9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ab:7d:3f:e0:fb:0d:39:f0:71:38:c1:21:40:
19:c4:83:b1:80:7a:6b:ba:32:8b:67:9c:ce:84:45:
93:4f:c0:e3:60:7b:9b:d1:4e:5e:af:ba:f7:8b:8d:
ed:61:37:9f:1e:62:2b:98:31:63:ce:f7:df:ba:82:
b5:1b:2d:1b:ed:e1:a2:90:7b:d7:7f:dc:97:e7:4b:
28:90:b0:83:c8:ee:44:cb:da:1c:41:43:7c:1e:f2:
9a:f4:d7:31:b0:96:ea:93:3f:b5:7b:ef:36:27:61:
e4:80:0d:15:03:f0:33:e0:8e:d5:16:87:9e:19:4d:
60:3b:fc:06:c4:f7:5d:a5:47:88:b2:21:f6:10:54:
7e:f8:35:5a:37:fc:0b:53:99:36:f6:91:6a:5d:64:
4f:10:04:c3:e3:be:24:3f:ec:26:5f:64:ed:5c:6e:
7f:1c:f5:31:4f:20:08:6f:95:a9:5f:d0:41:27:f1:
b0:d0:5b:2c:b0:63:f9:2e:1a:56:ef:94:d2:85:67:
ae:34:03:2e:de:06:b7:11:17:ed:f8:ec:85:d8:36:
0b:1e:47:6b:65:21:b0:94:95:d4:4e:ec:18:38:a5:
6d:2a:86:60:9a:96:5d:4a:3f:04:8b:06:78:31:c4:
75:aa:ec:fc:cf:94:d1:9a:c9:f9:98:3c:6e:f2:6f:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8A:30:D6:02:E8:6B:06:D6:40:22:AC:30:FF:D5:2B:C2:8C:9E:9B
X509v3 Authority Key Identifier:
keyid:CF:AE:46:11:88:FF:C1:EF:2F:3A:14:74:57:1A:94:39:A5:53:74:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z65GEYj_we8vOhR0VxqUOaVTdKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/207876-80b7-4443-9f0c-55f06f062ce0/1/z65GEYj_we8vOhR0VxqUOaVTdKw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/207876-80b7-4443-9f0c-55f06f062ce0/1/z65GEYj_we8vOhR0VxqUOaVTdKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:4c:fa:1c:c0:33:84:eb:21:04:09:b3:4b:24:26:55:e6:8b:
df:4b:35:d7:fb:6f:b7:36:9a:16:b6:94:ca:cb:04:7a:8a:d5:
c8:5b:d9:51:7f:e5:93:7d:f2:fa:66:b6:a9:0a:37:0d:38:36:
81:47:21:d4:ad:7f:7d:87:12:76:e5:bb:59:61:9d:5d:91:82:
43:27:22:57:e0:ef:1a:a7:22:d8:d0:bf:ba:04:ee:a6:3d:2d:
26:c8:61:15:11:13:09:c3:42:e9:41:d0:0a:1a:f9:a0:c3:b5:
15:87:81:3f:12:f1:eb:f4:a5:40:92:ae:ab:27:30:be:55:ad:
1f:61:ba:4a:8a:44:6c:b4:41:12:aa:06:e0:a2:84:04:7f:e0:
9a:cb:20:57:46:8f:a9:09:4c:8b:69:66:3e:77:c0:5b:53:e2:
30:56:31:08:b4:e6:31:6b:8f:fc:db:b1:f4:47:b3:19:7f:63:
d7:eb:13:a7:f9:dc:95:83:32:bc:99:b2:cf:6f:81:da:7f:4e:
fc:5f:08:29:7a:82:f7:49:c6:1b:54:cd:68:b7:e6:28:ea:51:
83:ca:aa:0b:9a:de:91:2b:33:b6:50:2a:6d:5b:84:bd:74:e7:
18:2b:59:34:76:be:95:81:43:0b:3c:a3:f3:e2:b4:50:0c:5a:
10:ee:d0:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJX7FiJJ2iKblAYM0Z1aNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYWU0NjExODhmZmMxZWYyZjNhMTQ3NDU3MWE5NDM5YTU1
Mzc0YWMwHhcNMjUxMTExMDkwMDUxWhcNMjUxMTEyMDkwMDUxWjAzMTEwLwYDVQQD
EygxZThhMzBkNjAyZTg2YjA2ZDY0MDIyYWMzMGZmZDUyYmMyOGM5ZTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66t9P+D7DTnwcTjBIUAZxIOxgHpr
ujKLZ5zOhEWTT8DjYHub0U5er7r3i43tYTefHmIrmDFjzvffuoK1Gy0b7eGikHvX
f9yX50sokLCDyO5Ey9ocQUN8HvKa9NcxsJbqkz+1e+82J2HkgA0VA/Az4I7VFoee
GU1gO/wGxPddpUeIsiH2EFR++DVaN/wLU5k29pFqXWRPEATD474kP+wmX2TtXG5/
HPUxTyAIb5WpX9BBJ/Gw0FsssGP5LhpW75TShWeuNAMu3ga3ERft+OyF2DYLHkdr
ZSGwlJXUTuwYOKVtKoZgmpZdSj8EiwZ4McR1quz8z5TRmsn5mDxu8m8r+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB6KMNYC6GsG1kAirDD/1SvCjJ6bMB8GA1UdIwQY
MBaAFM+uRhGI/8HvLzoUdFcalDmlU3SsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejY1R0VZal93ZTh2T2hSMFZ4cVVPYVZUZEt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8yMDc4NzYtODBiNy00NDQzLTlmMGMt
NTVmMDZmMDYyY2UwLzEvejY1R0VZal93ZTh2T2hSMFZ4cVVPYVZUZEt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8yMDc4NzYtODBiNy00NDQzLTlmMGMtNTVmMDZmMDYyY2Uw
LzEvejY1R0VZal93ZTh2T2hSMFZ4cVVPYVZUZEt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANUz6HMAz
hOshBAmzSyQmVeaL30s11/tvtzaaFraUyssEeorVyFvZUX/lk33y+ma2qQo3DTg2
gUch1K1/fYcSduW7WWGdXZGCQyciV+DvGqci2NC/ugTupj0tJshhFRETCcNC6UHQ
Chr5oMO1FYeBPxLx6/SlQJKuqycwvlWtH2G6SopEbLRBEqoG4KKEBH/gmssgV0aP
qQlMi2lmPnfAW1PiMFYxCLTmMWuP/Nux9EezGX9j1+sTp/nclYMyvJmyz2+B2n9O
/F8IKXqC90nGG1TNaLfmKOpRg8qqC5rekSsztlAqbVuEvXTnGCtZNHa+lYFDCzyj
8+K0UAxaEO7QOw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:49 2025 by rpki-client