Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
File: sz3NILWulcFy0y7XKevzBhl7I-c.mft (raw, json)
Hash identifier: bRUKJGRVVOwqUU/+uQ/pC4I9FwHoxIHhazXFarofIFk=
Subject key identifier: 28:D8:20:32:0F:43:C5:3E:C1:7E:95:DC:B3:1D:89:61:CD:8B:99:CD
Authority key identifier: B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
Certificate issuer: /CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Certificate serial: 019A232EAFAD8284DEE41FA64DE882536C00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
Manifest number: 16F7
Signing time: Mon 27 Oct 2025 01:00:53 +0000
Manifest this update: Mon 27 Oct 2025 01:00:53 +0000
Manifest next update: Tue 28 Oct 2025 01:00:53 +0000
Files and hashes: 1: CIm7PdRT4tGc0ohUd0vMkXyk2Z4.roa (hash: bKi9ERQ3HDvQWS3A9n+SnlJFymCAx7E6eQcIAFgcP7o=)
2: sz3NILWulcFy0y7XKevzBhl7I-c.crl (hash: ZklQbwuU87Yb50PyMHP5HpJLh1SBFrqJloeiUWj/U/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:2e:af:ad:82:84:de:e4:1f:a6:4d:e8:82:53:6c:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b33dcd20b5ae95c172d32ed729ebf306197b23e7
Validity
Not Before: Oct 27 01:00:53 2025 GMT
Not After : Oct 28 01:00:53 2025 GMT
Subject: CN=28d820320f43c53ec17e95dcb31d8961cd8b99cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:a3:ea:ef:61:0b:98:0f:a1:df:c5:5b:a2:
b7:a8:dc:ed:d4:2b:bb:e2:2f:70:3e:1c:5a:f9:56:
c7:31:40:9e:d7:83:54:65:e7:1c:eb:92:3b:ec:db:
30:90:5a:1f:42:eb:5f:06:a4:15:59:2e:4e:53:ee:
42:18:66:3f:a2:71:f4:45:4f:95:d1:3c:eb:85:e8:
9e:cc:72:cf:f3:0f:c9:3f:38:ae:52:fa:94:3d:61:
8e:08:28:78:e7:0b:ad:bf:6d:c1:2c:2a:5b:f5:97:
5f:98:96:0b:79:3c:cd:ce:4a:e4:63:d3:08:25:25:
0a:26:7d:ad:9b:c1:3a:1b:78:6b:fe:76:4f:f7:80:
d1:95:c7:24:b5:05:8e:4c:a0:24:92:e7:6c:51:3c:
34:a3:2f:3c:33:e5:12:b8:47:a4:40:af:c1:1f:06:
cd:90:21:c4:b9:d1:e2:7d:18:e5:ea:12:26:98:7b:
48:59:c8:68:cc:40:0d:bf:4e:bc:57:75:4f:34:d5:
cb:fe:3e:10:6a:da:80:a8:9f:b0:98:cc:4d:73:08:
ae:e0:79:16:9b:1e:cf:36:b4:71:bd:dd:0a:85:cc:
b0:f1:6e:91:e3:c3:d7:47:f3:c3:4c:b2:92:a5:27:
1f:78:ef:28:44:27:14:21:ae:1d:da:63:8c:22:ac:
f0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:D8:20:32:0F:43:C5:3E:C1:7E:95:DC:B3:1D:89:61:CD:8B:99:CD
X509v3 Authority Key Identifier:
keyid:B3:3D:CD:20:B5:AE:95:C1:72:D3:2E:D7:29:EB:F3:06:19:7B:23:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sz3NILWulcFy0y7XKevzBhl7I-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/0ac3ba-54d3-491f-9048-555a19833d8e/1/sz3NILWulcFy0y7XKevzBhl7I-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:81:dc:98:cf:bc:c5:14:68:d6:21:c0:f3:05:47:33:e0:7b:
b2:40:36:2a:ca:64:f8:52:ae:0c:90:fc:54:42:b2:64:c4:a7:
6e:65:26:31:1a:de:b3:05:0e:bb:65:4f:8e:1c:ce:6f:d4:55:
91:16:2b:db:df:73:e6:08:0a:f9:d2:0b:94:ac:3b:7b:00:c2:
3d:f1:0e:6c:df:b4:30:3d:79:7c:42:fa:cf:1f:90:e0:12:3f:
6c:d5:14:43:c3:3f:6c:d7:1e:c4:37:a1:d3:6c:e8:08:44:76:
2c:2a:6c:e4:e6:1b:52:44:65:65:54:31:d3:54:12:4a:30:d5:
40:d3:de:ed:f7:f7:0d:17:0d:d8:0d:04:da:23:51:31:19:6e:
99:53:58:04:f0:1d:d7:81:9f:2d:86:7a:23:11:75:7f:0e:4a:
25:62:ea:72:a2:c5:85:8d:e5:10:24:11:6d:b6:e5:c5:88:35:
de:1f:48:e5:12:4f:4f:ff:ce:c9:6b:37:f0:36:7c:9e:ba:c7:
4b:b4:6f:ba:df:28:b5:4e:2d:23:65:5e:e8:3f:29:3b:d3:2f:
3d:34:9b:5d:cd:de:a5:0a:f1:10:ab:32:6a:d2:2b:69:93:cb:
f2:0e:37:2e:9c:d9:0d:04:05:75:29:84:f7:73:2e:ec:af:13:
90:0c:1a:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZojLq+tgoTe5B+mTeiCU2wAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzM2RjZDIwYjVhZTk1YzE3MmQzMmVkNzI5ZWJmMzA2MTk3
YjIzZTcwHhcNMjUxMDI3MDEwMDUzWhcNMjUxMDI4MDEwMDUzWjAzMTEwLwYDVQQD
EygyOGQ4MjAzMjBmNDNjNTNlYzE3ZTk1ZGNiMzFkODk2MWNkOGI5OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ymj6u9hC5gPod/FW6K3qNzt1Cu7
4i9wPhxa+VbHMUCe14NUZecc65I77NswkFofQutfBqQVWS5OU+5CGGY/onH0RU+V
0TzrheiezHLP8w/JPziuUvqUPWGOCCh45wutv23BLCpb9ZdfmJYLeTzNzkrkY9MI
JSUKJn2tm8E6G3hr/nZP94DRlccktQWOTKAkkudsUTw0oy88M+USuEekQK/BHwbN
kCHEudHifRjl6hImmHtIWchozEANv068V3VPNNXL/j4QatqAqJ+wmMxNcwiu4HkW
mx7PNrRxvd0Khcyw8W6R48PXR/PDTLKSpScfeO8oRCcUIa4d2mOMIqzwXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjYIDIPQ8U+wX6V3LMdiWHNi5nNMB8GA1UdIwQY
MBaAFLM9zSC1rpXBctMu1ynr8wYZeyPnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgt
NTU1YTE5ODMzZDhlLzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wYWMzYmEtNTRkMy00OTFmLTkwNDgtNTU1YTE5ODMzZDhl
LzEvc3ozTklMV3VsY0Z5MHk3WEtldnpCaGw3SS1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl4HcmM+8
xRRo1iHA8wVHM+B7skA2Kspk+FKuDJD8VEKyZMSnbmUmMRreswUOu2VPjhzOb9RV
kRYr299z5ggK+dILlKw7ewDCPfEObN+0MD15fEL6zx+Q4BI/bNUUQ8M/bNcexDeh
02zoCER2LCps5OYbUkRlZVQx01QSSjDVQNPe7ff3DRcN2A0E2iNRMRlumVNYBPAd
14GfLYZ6IxF1fw5KJWLqcqLFhY3lECQRbbblxYg13h9I5RJPT//OyWs38DZ8nrrH
S7Rvut8otU4tI2Ve6D8pO9MvPTSbXc3epQrxEKsyatIraZPL8g43LpzZDQQFdSmE
93Mu7K8TkAwa5Q==
-----END CERTIFICATE-----
Generated at Mon Oct 27 07:05:53 2025 by rpki-client