Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.mft
File: 7pzNOKXWSWiAvAlHBuaPoE-izZY.mft (raw, json)
Hash identifier: iOJOL7ezJHzMRD0bVJBADV2CXpjbQpCOm3Cy7e4IH8k=
Subject key identifier: D2:9A:D4:78:5F:E4:B1:8B:22:27:DB:B8:0D:E9:C9:EE:6C:47:68:08
Authority key identifier: EE:9C:CD:38:A5:D6:49:68:80:BC:09:47:06:E6:8F:A0:4F:A2:CD:96
Certificate issuer: /CN=ee9ccd38a5d6496880bc094706e68fa04fa2cd96
Certificate serial: 019A71B86F8A04205FA8389421EAA661AED3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7pzNOKXWSWiAvAlHBuaPoE-izZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.mft
Manifest number: 02DB
Signing time: Tue 11 Nov 2025 07:01:43 +0000
Manifest this update: Tue 11 Nov 2025 07:01:43 +0000
Manifest next update: Wed 12 Nov 2025 07:01:43 +0000
Files and hashes: 1: 7pzNOKXWSWiAvAlHBuaPoE-izZY.crl (hash: mkzOpILvvGT1U7FbCePgxEDcvolBJLTz4tewPakKXcQ=)
2: zUvaZsb6AAcGs5bszD-Bq4oB3BE.roa (hash: 2T5+Ho1mw99m4EQU26GsTeUM3Ju0dbCS0haz/aa2sBA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/7pzNOKXWSWiAvAlHBuaPoE-izZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:6f:8a:04:20:5f:a8:38:94:21:ea:a6:61:ae:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee9ccd38a5d6496880bc094706e68fa04fa2cd96
Validity
Not Before: Nov 11 07:01:43 2025 GMT
Not After : Nov 12 07:01:43 2025 GMT
Subject: CN=d29ad4785fe4b18b2227dbb80de9c9ee6c476808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:03:fe:bb:b8:70:ad:5b:13:cc:a7:be:de:65:
56:6e:34:90:83:6a:73:60:04:5e:fc:55:42:29:31:
21:c5:c1:ad:c6:bb:e3:d8:a3:73:7a:c8:cf:ab:5d:
52:c1:60:97:34:b8:4b:3e:b3:be:5b:2b:e4:af:6b:
4d:84:09:0f:e2:c1:5a:e3:1d:1b:3d:39:57:2b:b2:
b8:49:a4:63:b1:e1:68:31:be:4c:a2:b1:e5:c7:9c:
e0:be:fc:8d:16:79:75:94:c6:fa:c6:fa:6b:aa:6e:
cb:27:31:59:d5:33:c6:21:d1:21:2f:18:d2:22:cf:
42:ba:29:11:02:50:81:73:40:38:fc:73:0d:56:ed:
02:53:85:31:37:cb:a7:99:48:3a:33:74:38:54:7d:
1a:81:60:f3:3a:8d:ab:a3:b4:33:88:26:e8:2b:76:
20:f7:59:1e:04:a5:b8:a5:b0:fe:12:50:12:b8:77:
24:a3:e3:15:fd:f5:28:fe:07:5e:a3:48:64:69:2c:
f2:1f:4a:bf:43:fa:e3:92:6a:39:bb:eb:5b:60:5c:
9b:02:16:0c:71:19:bb:38:b2:1e:21:cd:0b:a0:8c:
83:40:57:0a:2d:02:4b:b8:72:ca:9f:7a:df:a4:c1:
09:90:e2:f6:b3:3c:f5:02:d8:e1:c5:22:95:14:3a:
ba:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:9A:D4:78:5F:E4:B1:8B:22:27:DB:B8:0D:E9:C9:EE:6C:47:68:08
X509v3 Authority Key Identifier:
keyid:EE:9C:CD:38:A5:D6:49:68:80:BC:09:47:06:E6:8F:A0:4F:A2:CD:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7pzNOKXWSWiAvAlHBuaPoE-izZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/15f95c-b0b6-4522-8ea0-55beafa4bb29/1/7pzNOKXWSWiAvAlHBuaPoE-izZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:d8:dc:45:ef:42:86:74:53:b4:a8:e5:08:8c:5d:ec:b9:25:
d2:64:a3:c2:23:2d:fd:d9:51:04:b6:56:2d:6f:51:2b:07:ee:
5b:c0:6c:38:15:89:fb:42:09:bc:41:5c:d9:56:e5:cd:94:69:
93:ed:6f:ca:1c:b7:95:87:50:c2:43:9a:31:d4:5c:60:58:22:
2d:cb:81:11:2a:0f:28:de:31:ff:b3:bb:62:85:0d:4b:b3:66:
98:41:72:63:e6:ad:7f:c7:6e:a3:50:7a:82:47:10:ff:f3:d5:
56:41:15:6c:63:64:f3:9d:12:f4:9d:78:bf:ea:7e:fa:a1:c1:
7e:d4:d0:50:32:93:16:03:2d:c2:84:9d:19:35:27:cb:53:ad:
37:dd:32:ff:a5:8f:6f:8f:cb:99:af:03:00:00:30:78:f5:a8:
a4:7e:87:8d:99:fd:ac:51:e7:a8:ba:b2:c2:f8:4b:0d:10:89:
cd:f6:ce:8f:ed:8c:54:5c:ce:a5:b0:63:35:aa:76:3c:e6:b6:
1c:cf:47:97:6f:3b:66:94:93:03:21:a0:de:5a:87:f6:5a:57:
51:3d:4a:44:f7:3e:d5:8f:0a:02:6a:10:3f:db:1f:2e:71:df:
df:29:37:9a:38:1d:41:d2:37:33:b3:27:02:2c:5f:2f:99:b8:
dd:46:88:52
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuG+KBCBfqDiUIeqmYa7TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlOWNjZDM4YTVkNjQ5Njg4MGJjMDk0NzA2ZTY4ZmEwNGZh
MmNkOTYwHhcNMjUxMTExMDcwMTQzWhcNMjUxMTEyMDcwMTQzWjAzMTEwLwYDVQQD
EyhkMjlhZDQ3ODVmZTRiMThiMjIyN2RiYjgwZGU5YzllZTZjNDc2ODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwP+u7hwrVsTzKe+3mVWbjSQg2pz
YARe/FVCKTEhxcGtxrvj2KNzesjPq11SwWCXNLhLPrO+Wyvkr2tNhAkP4sFa4x0b
PTlXK7K4SaRjseFoMb5MorHlx5zgvvyNFnl1lMb6xvprqm7LJzFZ1TPGIdEhLxjS
Is9CuikRAlCBc0A4/HMNVu0CU4UxN8unmUg6M3Q4VH0agWDzOo2ro7QziCboK3Yg
91keBKW4pbD+ElASuHcko+MV/fUo/gdeo0hkaSzyH0q/Q/rjkmo5u+tbYFybAhYM
cRm7OLIeIc0LoIyDQFcKLQJLuHLKn3rfpMEJkOL2szz1AtjhxSKVFDq6mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNKa1Hhf5LGLIifbuA3pye5sR2gIMB8GA1UdIwQY
MBaAFO6czTil1klogLwJRwbmj6BPos2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3B6Tk9LWFdTV2lBdkFsSEJ1YVBvRS1pelpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xNWY5NWMtYjBiNi00NTIyLThlYTAt
NTViZWFmYTRiYjI5LzEvN3B6Tk9LWFdTV2lBdkFsSEJ1YVBvRS1pelpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xNWY5NWMtYjBiNi00NTIyLThlYTAtNTViZWFmYTRiYjI5
LzEvN3B6Tk9LWFdTV2lBdkFsSEJ1YVBvRS1pelpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAftjcRe9C
hnRTtKjlCIxd7Lkl0mSjwiMt/dlRBLZWLW9RKwfuW8BsOBWJ+0IJvEFc2VblzZRp
k+1vyhy3lYdQwkOaMdRcYFgiLcuBESoPKN4x/7O7YoUNS7NmmEFyY+atf8duo1B6
gkcQ//PVVkEVbGNk850S9J14v+p++qHBftTQUDKTFgMtwoSdGTUny1OtN90y/6WP
b4/Lma8DAAAwePWopH6HjZn9rFHnqLqywvhLDRCJzfbOj+2MVFzOpbBjNap2POa2
HM9Hl287ZpSTAyGg3lqH9lpXUT1KRPc+1Y8KAmoQP9sfLnHf3yk3mjgdQdI3M7Mn
AixfL5m43UaIUg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:38 2025 by rpki-client