Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
File: zCdbIX3x3piMohkqg64R3fQjpE8.mft (raw, json)
Hash identifier: QJYhHC1wh7Vs8cWt/W9QdcbWxqNCqgf3+oIN0A9Fwi8=
Subject key identifier: 49:04:D9:E9:20:B9:67:78:B1:CD:31:32:5B:E5:A2:CD:7A:54:17:1C
Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Certificate serial: 019A7149A50AD6B8F654C5623BF5D9F9A33F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
Manifest number: 0BD6
Signing time: Tue 11 Nov 2025 05:00:42 +0000
Manifest this update: Tue 11 Nov 2025 05:00:42 +0000
Manifest next update: Wed 12 Nov 2025 05:00:42 +0000
Files and hashes: 1: Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa (hash: Ka3gajN2kG5bn7od03MC2i4kFc5aTTook8osIu09I1U=)
2: zCdbIX3x3piMohkqg64R3fQjpE8.crl (hash: Bk31njNCzyWmIErnrrzcC38wBlUpYfKTLjqXEIbKytI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:a5:0a:d6:b8:f6:54:c5:62:3b:f5:d9:f9:a3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f
Validity
Not Before: Nov 11 05:00:42 2025 GMT
Not After : Nov 12 05:00:42 2025 GMT
Subject: CN=4904d9e920b96778b1cd31325be5a2cd7a54171c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:60:96:5a:41:47:cf:be:a0:19:e3:0a:c5:29:
9b:4e:29:91:ef:d4:b5:de:71:16:23:9e:7b:ea:41:
66:7c:45:25:b8:a3:6b:97:0b:96:fe:aa:ea:25:b7:
a1:fd:f0:f0:13:13:47:23:7a:ee:63:af:27:9b:12:
e8:b7:a5:56:f4:e5:45:13:c5:e4:05:cb:ae:ed:62:
cf:68:00:a8:ef:c9:98:8a:67:c9:2f:e9:5b:0a:8f:
bc:f2:19:ba:f4:7b:c5:f0:8c:b1:19:5b:df:d7:80:
5a:75:b1:bd:f0:c0:0d:8d:e6:64:dc:d4:a6:85:d2:
97:29:38:6c:0d:df:69:0f:cb:12:e5:09:f6:91:be:
77:21:bb:d8:c8:81:6d:ce:38:20:f7:c3:1a:63:e4:
40:92:67:34:92:4e:f4:e8:37:3d:e4:a8:df:b3:1e:
64:15:b0:83:6b:a5:38:c7:4a:a0:c4:1a:e0:df:03:
6c:08:70:9b:f2:9e:fc:09:91:a4:9a:0d:4b:a2:08:
00:81:7a:78:24:78:88:86:50:f9:34:60:04:81:7d:
35:ac:4e:ee:d3:e6:35:bf:e0:6a:e4:37:8d:cb:ec:
df:a6:5f:67:05:7e:f5:9e:17:60:54:80:8a:6a:ac:
99:1d:9f:ea:5f:6e:a7:9f:25:58:f6:f1:ed:75:72:
82:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:04:D9:E9:20:B9:67:78:B1:CD:31:32:5B:E5:A2:CD:7A:54:17:1C
X509v3 Authority Key Identifier:
keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:11:7d:1b:09:83:99:b8:57:3e:43:23:5f:63:ce:52:d0:0f:
f7:87:01:e7:6b:58:9a:e1:be:86:92:bf:72:f6:e4:34:30:5f:
f2:59:64:2a:75:09:b3:6c:4d:e6:78:29:c9:0c:74:bf:49:b5:
17:54:ea:dd:9a:1e:77:8d:23:27:89:f0:f6:64:82:e6:eb:2c:
87:3a:50:5a:e8:8b:99:ad:ec:f4:07:1c:26:93:f3:39:67:0f:
49:29:6a:65:57:0f:b8:1b:60:e8:b9:71:09:38:63:81:1e:22:
e2:de:31:ec:09:70:59:86:0d:00:ea:dd:48:65:29:13:27:c3:
3b:99:a3:ce:0d:ef:72:a1:a6:8a:46:6d:23:7a:50:dd:75:05:
79:df:80:7d:35:b5:a9:5c:07:29:73:2e:19:fc:3b:9b:43:6e:
7d:50:0b:59:65:99:2b:70:9c:45:d6:b0:76:43:ef:ac:e7:ce:
bf:ed:02:5d:b3:fd:b1:42:14:33:e4:c5:fa:c4:04:8b:26:0b:
b8:58:e1:6e:e1:fd:6a:e5:33:66:f0:08:64:e1:8b:58:ca:96:
9e:f7:14:84:70:11:b1:f7:c9:34:39:eb:a8:35:fb:c2:5c:e6:
4b:03:69:f4:b4:65:06:7f:26:f2:3b:44:d8:e7:12:40:7c:62:
45:84:10:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSaUK1rj2VMViO/XZ+aM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy
M2E0NGYwHhcNMjUxMTExMDUwMDQyWhcNMjUxMTEyMDUwMDQyWjAzMTEwLwYDVQQD
Eyg0OTA0ZDllOTIwYjk2Nzc4YjFjZDMxMzI1YmU1YTJjZDdhNTQxNzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42CWWkFHz76gGeMKxSmbTimR79S1
3nEWI5576kFmfEUluKNrlwuW/qrqJbeh/fDwExNHI3ruY68nmxLot6VW9OVFE8Xk
Bcuu7WLPaACo78mYimfJL+lbCo+88hm69HvF8IyxGVvf14BadbG98MANjeZk3NSm
hdKXKThsDd9pD8sS5Qn2kb53IbvYyIFtzjgg98MaY+RAkmc0kk706Dc95Kjfsx5k
FbCDa6U4x0qgxBrg3wNsCHCb8p78CZGkmg1LoggAgXp4JHiIhlD5NGAEgX01rE7u
0+Y1v+Bq5DeNy+zfpl9nBX71nhdgVICKaqyZHZ/qX26nnyVY9vHtdXKCqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEkE2ekguWd4sc0xMlvlos16VBccMB8GA1UdIwQY
MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt
MmU2MzlmY2E0NjQwLzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw
LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexF9GwmD
mbhXPkMjX2POUtAP94cB52tYmuG+hpK/cvbkNDBf8llkKnUJs2xN5ngpyQx0v0m1
F1Tq3Zoed40jJ4nw9mSC5usshzpQWuiLma3s9AccJpPzOWcPSSlqZVcPuBtg6Llx
CThjgR4i4t4x7AlwWYYNAOrdSGUpEyfDO5mjzg3vcqGmikZtI3pQ3XUFed+AfTW1
qVwHKXMuGfw7m0NufVALWWWZK3CcRdawdkPvrOfOv+0CXbP9sUIUM+TF+sQEiyYL
uFjhbuH9auUzZvAIZOGLWMqWnvcUhHARsffJNDnrqDX7wlzmSwNp9LRlBn8m8jtE
2OcSQHxiRYQQXQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:12 2025 by rpki-client