Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
File: kziECSasc-rVthh5GeiPEAMimco.mft (raw, json)
Hash identifier: fGAz4EhcwzTHitsDrmzNx0Vdoq+Qk3Y5xkkAZ0pBP9U=
Subject key identifier: A6:C2:4D:45:D0:27:A7:08:FF:FF:7D:FC:54:8E:B5:04:A8:AC:F3:FF
Authority key identifier: 93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
Certificate issuer: /CN=9338840926ac73ead5b6187919e88f10032299ca
Certificate serial: 019A725CA9FE0D5F9C082805A173069DB1D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
Manifest number: 12
Signing time: Tue 11 Nov 2025 10:01:06 +0000
Manifest this update: Tue 11 Nov 2025 10:01:06 +0000
Manifest next update: Wed 12 Nov 2025 10:01:06 +0000
Files and hashes: 1: 6qpwTp_twSsQCkDCqlXaV6Y_Gvs.roa (hash: cxK1vGF/j/jrrI28KWaa9qp0OQ1XyFSlP3Jf5B9ba90=)
2: kziECSasc-rVthh5GeiPEAMimco.crl (hash: vMQW7n5QRLa2cc0Yl6jCr+hMp1hqzGJcc3MbqjKxhB4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:a9:fe:0d:5f:9c:08:28:05:a1:73:06:9d:b1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9338840926ac73ead5b6187919e88f10032299ca
Validity
Not Before: Nov 11 10:01:06 2025 GMT
Not After : Nov 12 10:01:06 2025 GMT
Subject: CN=a6c24d45d027a708ffff7dfc548eb504a8acf3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:16:02:2d:6e:f6:f8:b7:6d:59:53:4c:a3:5a:
e5:15:99:c2:2c:59:fd:9d:80:31:be:c5:27:0d:3d:
0a:bf:e7:ff:24:51:da:2b:88:57:8a:8b:67:5e:43:
8e:21:33:65:8e:12:0e:1f:e1:74:41:1b:a2:0b:0e:
cf:6c:b9:57:05:d9:8c:dc:6e:c6:92:ff:f1:36:f2:
11:73:d0:ed:17:ab:46:71:09:21:07:45:08:fe:a1:
b6:59:55:3f:c8:04:7b:2d:7e:e7:4e:77:67:6b:a1:
a2:95:74:99:4c:dd:5e:a5:d1:4a:04:3f:75:2e:13:
c7:5d:28:c6:61:f4:7f:56:5a:8e:36:d6:c3:b5:00:
23:78:c6:34:8c:48:ec:4b:e1:f1:51:b5:e6:54:00:
3c:62:62:b5:8f:8d:4c:21:93:bd:67:55:d2:31:00:
cd:53:53:6b:62:15:a0:90:39:58:00:b8:13:53:cb:
fd:e2:bb:75:49:2a:e8:64:7f:c7:c8:c7:c1:e1:b9:
37:6e:44:5b:c5:8b:e3:f6:a0:88:0e:f7:a2:73:d8:
44:72:95:c4:16:1c:2f:d7:c6:88:68:29:26:34:83:
9a:a3:67:be:d4:5f:81:e0:bd:6b:56:21:0f:92:70:
01:6d:12:3a:84:64:27:03:a2:d4:61:a8:fb:aa:e2:
7a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:C2:4D:45:D0:27:A7:08:FF:FF:7D:FC:54:8E:B5:04:A8:AC:F3:FF
X509v3 Authority Key Identifier:
keyid:93:38:84:09:26:AC:73:EA:D5:B6:18:79:19:E8:8F:10:03:22:99:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kziECSasc-rVthh5GeiPEAMimco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/0bd4d3-d46c-483f-956e-ea7ae72bd32d/1/kziECSasc-rVthh5GeiPEAMimco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:b0:2d:2d:b0:a3:a8:61:00:34:38:24:a7:0d:af:b0:85:c3:
5e:fb:b9:09:39:0a:e0:8e:50:3b:95:dc:a6:3d:44:af:48:52:
7f:97:c5:78:7d:f5:15:a2:e3:09:61:87:c1:27:68:ae:1c:77:
06:9f:96:9f:15:d4:a7:f8:4d:64:e3:19:89:38:54:09:50:82:
69:e4:a4:4c:7a:ee:63:7b:99:70:54:b9:8d:d3:ac:d5:19:ea:
4d:86:fc:2b:3c:a9:cc:f3:aa:29:cb:3c:a6:d8:0f:d5:d8:07:
ee:84:9a:cf:f2:fa:1a:96:43:27:4f:67:51:da:b0:72:94:a7:
d9:85:4c:87:9e:83:39:74:7d:bc:96:5a:d4:47:3a:d0:f5:31:
83:8b:13:a3:30:08:63:dd:86:61:87:54:a4:05:5d:70:98:66:
40:80:6b:0a:7c:79:91:28:d6:3b:c1:17:80:0a:4a:a7:49:01:
1e:d0:c0:66:f9:9e:bb:c4:87:54:1c:cb:53:a5:32:fb:45:b2:
07:92:31:62:57:5c:74:70:8d:a2:61:98:1a:20:96:f3:75:1d:
90:9c:7b:20:0c:b3:e6:07:a1:a0:bf:10:8e:d4:03:05:44:0a:
56:07:44:91:84:53:02:11:e5:52:45:0c:be:f0:32:ab:66:60:
99:4e:54:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXKn+DV+cCCgFoXMGnbHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMzg4NDA5MjZhYzczZWFkNWI2MTg3OTE5ZTg4ZjEwMDMy
Mjk5Y2EwHhcNMjUxMTExMTAwMTA2WhcNMjUxMTEyMTAwMTA2WjAzMTEwLwYDVQQD
EyhhNmMyNGQ0NWQwMjdhNzA4ZmZmZjdkZmM1NDhlYjUwNGE4YWNmM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhYCLW72+LdtWVNMo1rlFZnCLFn9
nYAxvsUnDT0Kv+f/JFHaK4hXiotnXkOOITNljhIOH+F0QRuiCw7PbLlXBdmM3G7G
kv/xNvIRc9DtF6tGcQkhB0UI/qG2WVU/yAR7LX7nTndna6GilXSZTN1epdFKBD91
LhPHXSjGYfR/VlqONtbDtQAjeMY0jEjsS+HxUbXmVAA8YmK1j41MIZO9Z1XSMQDN
U1NrYhWgkDlYALgTU8v94rt1SSroZH/HyMfB4bk3bkRbxYvj9qCIDveic9hEcpXE
Fhwv18aIaCkmNIOao2e+1F+B4L1rViEPknABbRI6hGQnA6LUYaj7quJ6bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKbCTUXQJ6cI//99/FSOtQSorPP/MB8GA1UdIwQY
MBaAFJM4hAkmrHPq1bYYeRnojxADIpnKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUt
ZWE3YWU3MmJkMzJkLzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS8wYmQ0ZDMtZDQ2Yy00ODNmLTk1NmUtZWE3YWU3MmJkMzJk
LzEva3ppRUNTYXNjLXJWdGhoNUdlaVBFQU1pbWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAObAtLbCj
qGEANDgkpw2vsIXDXvu5CTkK4I5QO5Xcpj1Er0hSf5fFeH31FaLjCWGHwSdorhx3
Bp+WnxXUp/hNZOMZiThUCVCCaeSkTHruY3uZcFS5jdOs1RnqTYb8KzypzPOqKcs8
ptgP1dgH7oSaz/L6GpZDJ09nUdqwcpSn2YVMh56DOXR9vJZa1Ec60PUxg4sTozAI
Y92GYYdUpAVdcJhmQIBrCnx5kSjWO8EXgApKp0kBHtDAZvmeu8SHVBzLU6Uy+0Wy
B5IxYldcdHCNomGYGiCW83UdkJx7IAyz5gehoL8QjtQDBUQKVgdEkYRTAhHlUkUM
vvAyq2ZgmU5UPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:35 2025 by rpki-client