Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft
File: czHb7QiXzOhcFINxtHzIB4Ll5ys.mft (raw, json)
Hash identifier: 8SUb1SwibKc+zNG2IRno3Zh+dEB5t80TlHIdzQQ4lRU=
Subject key identifier: BE:4F:F5:94:A6:97:FD:C6:69:51:C7:57:99:DB:58:5D:F5:E4:BC:3D
Authority key identifier: 73:31:DB:ED:08:97:CC:E8:5C:14:83:71:B4:7C:C8:07:82:E5:E7:2B
Certificate issuer: /CN=7331dbed0897cce85c148371b47cc80782e5e72b
Certificate serial: 019A4B17AC89F1A5E073680279BD11F9FD40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czHb7QiXzOhcFINxtHzIB4Ll5ys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft
Manifest number: 05FB
Signing time: Mon 03 Nov 2025 19:00:33 +0000
Manifest this update: Mon 03 Nov 2025 19:00:33 +0000
Manifest next update: Tue 04 Nov 2025 19:00:33 +0000
Files and hashes: 1: czHb7QiXzOhcFINxtHzIB4Ll5ys.crl (hash: xqaa9u7KJ8JqUQXb+fXBR+Kb7e3k7voYboWWmPJfKQc=)
2: x22xk2A-Apb8dLpmSadyKyJCkDo.roa (hash: gu74rPveiHXJ2A/NDXg+xf+4EJriNsSl+5m/7KHQAxg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft
rsync://rpki.ripe.net/repository/DEFAULT/czHb7QiXzOhcFINxtHzIB4Ll5ys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 19:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4b:17:ac:89:f1:a5:e0:73:68:02:79:bd:11:f9:fd:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7331dbed0897cce85c148371b47cc80782e5e72b
Validity
Not Before: Nov 3 19:00:33 2025 GMT
Not After : Nov 4 19:00:33 2025 GMT
Subject: CN=be4ff594a697fdc66951c75799db585df5e4bc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:9e:01:9c:97:19:94:bf:f0:df:04:59:73:22:
fc:ac:02:af:ad:6f:fb:08:81:e1:4e:fb:cf:34:89:
12:b4:11:fd:f9:b0:c3:72:f2:ce:f3:c7:c3:93:b9:
aa:3b:0c:cf:ee:04:6e:94:9f:4b:8f:3f:9c:ac:39:
5f:ba:15:28:0f:6a:00:38:11:06:91:3c:dd:10:c7:
40:d5:fc:fa:ce:ec:8c:c5:91:9a:54:a1:10:bc:d4:
06:b4:18:65:38:d3:c4:aa:d8:04:53:dd:c7:0c:05:
59:f8:47:a1:a2:0e:08:40:7d:8f:6d:d1:00:fa:8a:
b8:19:72:87:c4:5e:5c:fe:c6:78:7a:16:51:2a:f1:
05:66:cf:be:85:fc:cb:88:9b:3c:1e:d7:46:d8:be:
bf:54:4a:98:ed:a6:b3:e1:de:f4:ae:c7:9e:71:24:
69:89:eb:4c:57:67:ab:62:a7:87:8d:c6:a0:18:13:
2e:f8:0d:41:df:5b:df:3c:0e:7d:15:2c:53:bc:3f:
14:97:a7:d4:4f:16:bd:90:e0:a3:17:63:75:a4:a6:
72:37:b6:96:96:e6:f5:24:32:80:01:c1:1b:54:c4:
14:ce:8a:56:76:b7:19:fb:d0:52:22:0c:3e:75:0e:
3f:5c:4a:0b:a4:39:bc:ad:32:6e:d6:9b:e3:bf:71:
09:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4F:F5:94:A6:97:FD:C6:69:51:C7:57:99:DB:58:5D:F5:E4:BC:3D
X509v3 Authority Key Identifier:
keyid:73:31:DB:ED:08:97:CC:E8:5C:14:83:71:B4:7C:C8:07:82:E5:E7:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czHb7QiXzOhcFINxtHzIB4Ll5ys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3b:21:3e:56:5e:12:db:b3:9b:de:e2:de:76:39:5b:95:e5:82:
ef:79:fd:bf:ae:ac:23:01:88:fe:41:8d:eb:cc:77:1b:b9:45:
6a:07:a2:e1:c9:43:8d:a6:1d:18:16:00:16:61:d5:57:ef:0e:
d9:1a:f2:f5:12:e0:b8:54:00:61:26:c1:93:17:76:fd:43:0d:
e9:93:73:57:8c:a8:fd:54:74:c5:42:1a:9a:5d:04:d5:9d:cb:
93:2b:24:b4:6d:c9:49:db:99:9a:8e:07:56:b2:af:a8:eb:67:
27:91:ef:b9:5a:a1:fa:dc:37:e1:fd:e8:4b:48:4d:c7:86:b7:
49:6a:e2:1f:1e:4c:52:e0:60:52:20:bd:60:f0:5b:df:8b:11:
93:82:27:8e:da:6b:b4:4f:75:73:c8:42:16:be:f7:24:67:c9:
02:55:2d:ed:c4:54:29:6a:b1:c9:c1:47:f8:d6:1c:e8:c0:43:
c4:1d:c0:71:d9:87:67:47:bc:5f:79:aa:8e:f3:2a:06:2f:08:
d1:da:7e:aa:a5:41:2d:89:fe:bd:45:e4:86:f7:e7:54:c4:91:
97:45:ea:ab:50:62:9c:44:1f:50:cb:8d:27:2e:22:76:21:1a:
cd:36:e2:90:06:e8:18:7d:e1:04:c0:81:8e:95:b3:ac:c3:10:
b4:6d:68:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpLF6yJ8aXgc2gCeb0R+f1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMzFkYmVkMDg5N2NjZTg1YzE0ODM3MWI0N2NjODA3ODJl
NWU3MmIwHhcNMjUxMTAzMTkwMDMzWhcNMjUxMTA0MTkwMDMzWjAzMTEwLwYDVQQD
EyhiZTRmZjU5NGE2OTdmZGM2Njk1MWM3NTc5OWRiNTg1ZGY1ZTRiYzNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA654BnJcZlL/w3wRZcyL8rAKvrW/7
CIHhTvvPNIkStBH9+bDDcvLO88fDk7mqOwzP7gRulJ9Ljz+crDlfuhUoD2oAOBEG
kTzdEMdA1fz6zuyMxZGaVKEQvNQGtBhlONPEqtgEU93HDAVZ+Eehog4IQH2PbdEA
+oq4GXKHxF5c/sZ4ehZRKvEFZs++hfzLiJs8HtdG2L6/VEqY7aaz4d70rseecSRp
ietMV2erYqeHjcagGBMu+A1B31vfPA59FSxTvD8Ul6fUTxa9kOCjF2N1pKZyN7aW
lub1JDKAAcEbVMQUzopWdrcZ+9BSIgw+dQ4/XEoLpDm8rTJu1pvjv3EJOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL5P9ZSml/3GaVHHV5nbWF315Lw9MB8GA1UdIwQY
MBaAFHMx2+0Il8zoXBSDcbR8yAeC5ecrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pIYjdRaVh6T2hjRklOeHRIeklCNExsNXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jNWYwYzMtMjJlNS00ODAxLTkwZmIt
MDQ2NTA3MmU0MWEzLzEvY3pIYjdRaVh6T2hjRklOeHRIeklCNExsNXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9jNWYwYzMtMjJlNS00ODAxLTkwZmItMDQ2NTA3MmU0MWEz
LzEvY3pIYjdRaVh6T2hjRklOeHRIeklCNExsNXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOyE+Vl4S
27Ob3uLedjlbleWC73n9v66sIwGI/kGN68x3G7lFagei4clDjaYdGBYAFmHVV+8O
2Rry9RLguFQAYSbBkxd2/UMN6ZNzV4yo/VR0xUIaml0E1Z3LkysktG3JSduZmo4H
VrKvqOtnJ5HvuVqh+tw34f3oS0hNx4a3SWriHx5MUuBgUiC9YPBb34sRk4Injtpr
tE91c8hCFr73JGfJAlUt7cRUKWqxycFH+NYc6MBDxB3AcdmHZ0e8X3mqjvMqBi8I
0dp+qqVBLYn+vUXkhvfnVMSRl0Xqq1BinEQfUMuNJy4idiEazTbikAboGH3hBMCB
jpWzrMMQtG1ocA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 04:24:33 2025 by rpki-client