Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json)
Hash identifier: 1J+ndOjPsx5KrUna+dy7FhP5myHZMHlVcaU1u5LOBaE=
Subject key identifier: 01:E6:92:D9:17:8A:29:90:64:B7:B0:99:23:11:D4:26:F0:3B:DF:45
Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Certificate serial: 019A72257A346DC1BB6122328317CE727329
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
Manifest number: 1072
Signing time: Tue 11 Nov 2025 09:00:49 +0000
Manifest this update: Tue 11 Nov 2025 09:00:49 +0000
Manifest next update: Wed 12 Nov 2025 09:00:49 +0000
Files and hashes: 1: clDd21QzHwOlwdLoUbCFlA9N4Bc.roa (hash: b4fVPg9ViPXbDXBeIAFrk3g5qdFMK0V6puBPZsjXHfs=)
2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: 44uMX6EnkXACQ929SSvZDSVUfCqr0fAgaa/HdeylPd8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7a:34:6d:c1:bb:61:22:32:83:17:ce:72:73:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811
Validity
Not Before: Nov 11 09:00:49 2025 GMT
Not After : Nov 12 09:00:49 2025 GMT
Subject: CN=01e692d9178a299064b7b0992311d426f03bdf45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:62:78:6c:2e:f3:6f:61:b2:25:59:97:40:
ef:55:2a:28:7c:f5:0b:83:66:96:5f:fc:d0:b7:2d:
50:27:5f:66:a4:18:43:e8:7d:b3:a1:40:22:af:d7:
e7:04:6e:ce:5a:9b:32:5a:57:f1:50:d8:dc:d5:a5:
59:c6:b6:7d:fa:42:5c:7e:f9:b5:1d:27:82:6c:70:
91:05:22:28:e9:c8:0e:84:85:c1:6b:2b:58:ab:74:
8e:5a:c6:66:88:ce:7c:25:fc:1e:10:4f:9b:37:8e:
ef:6a:2e:69:9e:dc:20:01:4f:c6:65:61:d5:6e:16:
a4:a2:29:84:e1:06:1f:d1:81:1d:53:38:9a:1f:b0:
18:e2:51:63:7e:cb:da:b9:7b:a2:a1:d3:57:d7:5f:
98:33:ed:a3:db:4a:c7:5b:fc:3f:b2:db:65:7f:95:
e2:67:f8:9b:13:70:fd:d3:73:bf:11:03:07:1d:c5:
bf:85:c3:97:9b:80:56:86:c7:61:11:62:d4:5d:10:
81:d8:a3:10:b4:f5:94:ae:34:72:4c:d8:77:a3:8b:
10:9d:7c:ba:58:26:f3:b4:f4:37:a5:ce:32:22:52:
32:e2:2c:29:b1:51:8c:d6:a8:95:c3:02:c7:cd:45:
51:13:36:0c:ce:81:8c:81:95:dd:0a:6a:5f:aa:89:
e7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:E6:92:D9:17:8A:29:90:64:B7:B0:99:23:11:D4:26:F0:3B:DF:45
X509v3 Authority Key Identifier:
keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:72:3f:92:7a:a3:83:80:b6:62:96:76:89:00:36:9d:ce:11:
4d:04:49:ff:7f:96:be:b1:27:5c:27:9a:e7:c6:b7:cd:5d:85:
4a:f0:a3:9c:ac:4a:57:27:c1:6b:ab:3d:c0:bc:38:0f:f1:36:
95:a5:d2:50:d7:3c:62:8d:0e:7b:46:5a:ca:78:a9:bc:0c:c0:
9d:fc:ff:3b:2c:18:50:cf:16:fd:a5:3b:f1:0b:bc:0a:fb:15:
c1:86:ac:c0:77:33:02:ab:86:33:7d:e5:0e:a8:53:f1:93:b8:
a3:15:9e:d8:6b:ef:75:46:eb:f6:0b:2c:c6:ae:c7:5e:fd:12:
00:b1:68:89:94:a1:99:77:39:0b:19:cf:fe:65:6c:9e:e0:e1:
b8:89:f9:8a:b2:05:0d:b3:74:ad:4c:1b:d4:26:b6:bd:84:f8:
b4:8b:2e:08:42:cb:c8:ca:78:4f:4d:99:0c:ca:0f:67:66:9c:
57:f5:b4:fe:4a:68:f3:46:b8:c9:82:0c:aa:4a:bd:c5:1b:53:
71:61:d4:77:95:a0:1a:9e:5e:60:8e:7b:b6:e4:0d:3d:45:14:
80:f3:aa:57:87:57:ac:bf:00:a3:e7:4b:16:f5:2b:82:04:47:
3c:43:07:1b:cd:36:ed:4e:b6:23:56:14:75:79:94:8e:60:08:
27:4d:98:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXo0bcG7YSIygxfOcnMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm
ZDc4MTEwHhcNMjUxMTExMDkwMDQ5WhcNMjUxMTEyMDkwMDQ5WjAzMTEwLwYDVQQD
EygwMWU2OTJkOTE3OGEyOTkwNjRiN2IwOTkyMzExZDQyNmYwM2JkZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh9ieGwu829hsiVZl0DvVSoofPUL
g2aWX/zQty1QJ19mpBhD6H2zoUAir9fnBG7OWpsyWlfxUNjc1aVZxrZ9+kJcfvm1
HSeCbHCRBSIo6cgOhIXBaytYq3SOWsZmiM58JfweEE+bN47vai5pntwgAU/GZWHV
bhakoimE4QYf0YEdUziaH7AY4lFjfsvauXuiodNX11+YM+2j20rHW/w/sttlf5Xi
Z/ibE3D903O/EQMHHcW/hcOXm4BWhsdhEWLUXRCB2KMQtPWUrjRyTNh3o4sQnXy6
WCbztPQ3pc4yIlIy4iwpsVGM1qiVwwLHzUVREzYMzoGMgZXdCmpfqonn5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAHmktkXiimQZLewmSMR1CbwO99FMB8GA1UdIwQY
MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt
YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh
LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXXI/knqj
g4C2YpZ2iQA2nc4RTQRJ/3+WvrEnXCea58a3zV2FSvCjnKxKVyfBa6s9wLw4D/E2
laXSUNc8Yo0Oe0ZaynipvAzAnfz/OywYUM8W/aU78Qu8CvsVwYaswHczAquGM33l
DqhT8ZO4oxWe2GvvdUbr9gssxq7HXv0SALFoiZShmXc5CxnP/mVsnuDhuIn5irIF
DbN0rUwb1Ca2vYT4tIsuCELLyMp4T02ZDMoPZ2acV/W0/kpo80a4yYIMqkq9xRtT
cWHUd5WgGp5eYI57tuQNPUUUgPOqV4dXrL8Ao+dLFvUrggRHPEMHG8027U62I1YU
dXmUjmAIJ02YOQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:32 2025 by rpki-client