Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
File: zTwRDf139XdXORwPrt7r42CGVx0.mft (raw, json)
Hash identifier: 7eNLObSIvkd2pvX89SQPdFv20p7kIF7KLMfVuoRrKk0=
Subject key identifier: F5:27:B5:ED:44:1F:7F:46:C9:DC:49:57:DC:76:72:1A:DE:C9:5B:18
Authority key identifier: CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
Certificate issuer: /CN=cd3c110dfd77f57757391c0faedeebe36086571d
Certificate serial: 019A725C67CAF9B7B603D980D96CCFEC30A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
Manifest number: 0F3B
Signing time: Tue 11 Nov 2025 10:00:49 +0000
Manifest this update: Tue 11 Nov 2025 10:00:49 +0000
Manifest next update: Wed 12 Nov 2025 10:00:49 +0000
Files and hashes: 1: n79crWM-L0W_-YTIs0SA8x1g-4g.roa (hash: WTPugh0CrOL+7geJ0TTyRViJCXrCGCyNH+3nK4QxB48=)
2: zTwRDf139XdXORwPrt7r42CGVx0.crl (hash: iZPLNTBDbTXdiN6VEijd+TOzC5NqsJxRjDPEHT2WbXs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:67:ca:f9:b7:b6:03:d9:80:d9:6c:cf:ec:30:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3c110dfd77f57757391c0faedeebe36086571d
Validity
Not Before: Nov 11 10:00:49 2025 GMT
Not After : Nov 12 10:00:49 2025 GMT
Subject: CN=f527b5ed441f7f46c9dc4957dc76721adec95b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:4f:90:14:10:a5:59:d8:c6:26:e3:7b:5d:9e:
b4:c7:b3:5d:b5:30:aa:8b:74:de:49:c8:7b:63:17:
a7:4b:fe:3e:a6:d9:f3:d8:c4:1d:d1:18:9e:90:ae:
ea:24:97:5c:90:38:ba:95:7f:d0:af:72:09:e8:ff:
d3:88:69:43:07:49:b3:22:6b:6c:ea:15:fe:33:98:
f4:01:fc:7d:fb:2c:06:ae:98:4a:be:f9:e1:0b:ff:
6d:7d:8a:18:0e:e1:ef:74:c8:66:b8:28:44:2e:87:
15:e9:45:d8:44:e9:28:ce:66:41:45:99:4f:70:ba:
df:7e:ad:1d:63:5e:cd:a8:f8:61:a8:3d:a7:b1:4d:
ab:a3:54:a9:3a:ae:f6:50:7c:e1:42:01:4c:c0:49:
1e:e1:e1:7d:ca:ab:4d:d0:bf:4c:ee:f6:09:b7:5f:
c0:a9:94:a0:8a:20:6b:67:9a:98:b9:a6:12:e9:9d:
43:ee:12:80:df:a1:b4:bc:e9:e4:34:a1:b8:0a:ec:
11:ff:a9:f7:f3:c0:70:de:bc:ed:43:47:43:04:c3:
42:f2:fc:da:a6:69:17:fd:ae:58:6e:ff:6f:35:3d:
c5:57:4c:1a:06:e6:0a:5a:89:c4:6a:ee:8b:ff:5b:
7d:ec:3c:3b:6c:ad:08:8a:32:19:49:0e:51:20:f6:
ed:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:27:B5:ED:44:1F:7F:46:C9:DC:49:57:DC:76:72:1A:DE:C9:5B:18
X509v3 Authority Key Identifier:
keyid:CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:7c:2b:6e:af:64:aa:82:1c:5a:06:12:a1:64:35:67:47:2a:
42:51:8d:68:a6:50:aa:86:ce:10:0a:b1:cc:6d:e2:ef:2d:c9:
a0:7d:97:75:5d:e9:c6:2d:d4:3b:66:51:c3:b9:41:b4:a2:f5:
fe:68:ce:36:ec:ac:83:e2:00:56:67:6a:f1:4d:01:45:65:ee:
aa:48:ff:08:4f:24:b4:a9:61:60:0a:b4:5b:19:ed:65:8d:af:
4e:46:60:c8:b1:20:87:22:81:71:2a:44:eb:f8:31:f4:3e:5c:
18:66:80:4d:cf:29:57:f5:64:09:37:1d:1a:c7:05:8d:df:b2:
51:6f:8f:53:39:81:d4:60:7d:e2:4a:b0:83:b3:37:75:38:d2:
e8:78:be:0f:13:da:0f:21:af:e0:4b:8e:b6:29:83:9a:bb:14:
e8:0b:75:1f:a4:b1:30:20:f3:e9:65:75:89:05:69:61:fc:57:
d7:b1:5b:d8:72:e3:cb:65:fe:f4:ae:8f:f4:94:4d:0e:89:23:
ae:db:75:b4:d0:e0:e0:bd:80:53:99:51:22:f6:82:02:fa:94:
3f:37:67:49:3a:3d:fa:d4:2c:a6:90:a3:c4:b7:73:ea:af:44:
64:50:e8:0d:60:b4:16:25:e8:8b:24:27:8a:20:35:a8:94:64:
74:c6:79:2e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGfK+be2A9mA2WzP7DCiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2MxMTBkZmQ3N2Y1Nzc1NzM5MWMwZmFlZGVlYmUzNjA4
NjU3MWQwHhcNMjUxMTExMTAwMDQ5WhcNMjUxMTEyMTAwMDQ5WjAzMTEwLwYDVQQD
EyhmNTI3YjVlZDQ0MWY3ZjQ2YzlkYzQ5NTdkYzc2NzIxYWRlYzk1YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0+QFBClWdjGJuN7XZ60x7NdtTCq
i3TeSch7YxenS/4+ptnz2MQd0RiekK7qJJdckDi6lX/Qr3IJ6P/TiGlDB0mzImts
6hX+M5j0Afx9+ywGrphKvvnhC/9tfYoYDuHvdMhmuChELocV6UXYROkozmZBRZlP
cLrffq0dY17NqPhhqD2nsU2ro1SpOq72UHzhQgFMwEke4eF9yqtN0L9M7vYJt1/A
qZSgiiBrZ5qYuaYS6Z1D7hKA36G0vOnkNKG4CuwR/6n388Bw3rztQ0dDBMNC8vza
pmkX/a5Ybv9vNT3FV0waBuYKWonEau6L/1t97Dw7bK0IijIZSQ5RIPbtZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPUnte1EH39GydxJV9x2chreyVsYMB8GA1UdIwQY
MBaAFM08EQ39d/V3VzkcD67e6+NghlcdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYt
NmMwMmVjMTliODA5LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYtNmMwMmVjMTliODA5
LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWnwrbq9k
qoIcWgYSoWQ1Z0cqQlGNaKZQqobOEAqxzG3i7y3JoH2XdV3pxi3UO2ZRw7lBtKL1
/mjONuysg+IAVmdq8U0BRWXuqkj/CE8ktKlhYAq0WxntZY2vTkZgyLEghyKBcSpE
6/gx9D5cGGaATc8pV/VkCTcdGscFjd+yUW+PUzmB1GB94kqwg7M3dTjS6Hi+DxPa
DyGv4EuOtimDmrsU6At1H6SxMCDz6WV1iQVpYfxX17Fb2HLjy2X+9K6P9JRNDokj
rtt1tNDg4L2AU5lRIvaCAvqUPzdnSTo9+tQsppCjxLdz6q9EZFDoDWC0FiXoiyQn
iiA1qJRkdMZ5Lg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:47:59 2025 by rpki-client