Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.mft
File: fzP8QNLgMzu8e96rK9hZlUMBwPE.mft (raw, json)
Hash identifier: OjDNp8n8Kxmw5zw5cOIFFKp5ULMmdJ2CdO0iR8aGgig=
Subject key identifier: 8D:73:2C:BA:7C:47:4E:01:E7:97:7A:73:4C:5A:03:96:E6:4C:79:D8
Authority key identifier: 7F:33:FC:40:D2:E0:33:3B:BC:7B:DE:AB:2B:D8:59:95:43:01:C0:F1
Certificate issuer: /CN=7f33fc40d2e0333bbc7bdeab2bd859954301c0f1
Certificate serial: 019A71EE69C1CCA820C761B767D0A68CC96E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzP8QNLgMzu8e96rK9hZlUMBwPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.mft
Manifest number: 0668
Signing time: Tue 11 Nov 2025 08:00:41 +0000
Manifest this update: Tue 11 Nov 2025 08:00:41 +0000
Manifest next update: Wed 12 Nov 2025 08:00:41 +0000
Files and hashes: 1: f1ExHnnpEtCBbKoz7AnZOPhegIQ.roa (hash: tpDqxgdQcG2Fws3Zh018Pk/IwRSbsjhgaDj2i2YW1RE=)
2: fzP8QNLgMzu8e96rK9hZlUMBwPE.crl (hash: MsGeeJVLJYKYnxpZISuPbBGiTYkoFSC89neyVEfqpQk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzP8QNLgMzu8e96rK9hZlUMBwPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:69:c1:cc:a8:20:c7:61:b7:67:d0:a6:8c:c9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f33fc40d2e0333bbc7bdeab2bd859954301c0f1
Validity
Not Before: Nov 11 08:00:41 2025 GMT
Not After : Nov 12 08:00:41 2025 GMT
Subject: CN=8d732cba7c474e01e7977a734c5a0396e64c79d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ee:d9:1f:d8:93:3f:29:7f:af:6f:4a:88:ae:
a6:64:4c:ea:d8:3b:3e:17:5e:bc:6d:13:94:03:47:
64:b0:c1:4c:04:10:5a:a3:fe:91:42:fa:ab:57:c7:
2a:9e:c0:e7:af:21:a5:7a:0a:0a:0e:9f:dc:5b:1c:
a7:62:ea:cb:38:f3:27:3f:eb:94:00:5a:87:5c:a2:
7a:9e:08:d5:b6:fd:11:e4:7d:4c:7c:c0:4f:19:16:
ad:cf:48:54:85:14:45:22:4a:c3:a9:c3:fa:03:12:
b7:e3:21:4b:24:55:de:2e:62:af:87:32:d4:b4:2e:
78:57:a6:db:18:41:c5:8b:95:49:6f:fb:c6:cb:82:
87:1a:8f:a9:39:af:04:c4:3c:ad:ba:0d:ce:17:cc:
31:72:ba:1d:83:2e:06:56:ef:46:16:45:9b:e2:27:
b8:43:55:fc:08:16:f2:b7:2f:88:89:9f:3d:01:43:
6e:90:8f:9d:ea:cd:51:bd:c6:7e:cd:54:bd:f2:f0:
e6:e5:23:07:24:d3:4c:d3:05:45:67:88:b0:0f:5e:
cf:2f:f0:d1:d0:27:72:c6:f2:93:9e:13:57:01:08:
d2:f6:1d:5f:65:7d:2f:f4:e5:ec:2e:ad:15:88:c9:
9e:0e:29:50:be:94:c9:f2:3e:a8:55:5a:bd:77:c7:
b5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:73:2C:BA:7C:47:4E:01:E7:97:7A:73:4C:5A:03:96:E6:4C:79:D8
X509v3 Authority Key Identifier:
keyid:7F:33:FC:40:D2:E0:33:3B:BC:7B:DE:AB:2B:D8:59:95:43:01:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzP8QNLgMzu8e96rK9hZlUMBwPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bf1d-ec1d-40e6-849d-79790d66d7d3/1/fzP8QNLgMzu8e96rK9hZlUMBwPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:ec:3f:61:20:8e:7f:31:fa:65:dc:48:d2:6f:4d:fb:50:1c:
c9:c9:6c:c3:01:28:b8:a9:43:2d:9b:23:7f:aa:bf:09:b3:fc:
2a:54:5a:5b:dd:1c:88:53:f4:75:d5:2a:49:b6:0b:13:bd:d4:
b8:2b:58:71:43:69:0f:cf:c2:6d:4b:51:b1:32:37:47:67:9c:
03:f9:bc:91:3e:2c:46:55:ec:98:34:0c:e4:64:8f:2f:4a:28:
92:b6:69:1d:64:19:d4:23:2a:46:33:23:63:e5:98:60:c5:58:
d1:da:20:28:db:4c:96:90:7d:67:3c:a7:2f:7b:ca:73:25:73:
c7:7a:5f:97:e1:e4:bd:3f:d5:f3:cc:74:32:85:f5:0a:83:23:
98:aa:e2:48:1d:68:b4:d2:1f:e7:72:49:93:9b:d8:f4:be:cc:
3a:4c:e8:e6:a3:28:eb:2a:ee:3f:8d:be:fd:5f:e2:7f:64:ac:
ef:df:4c:0a:89:1b:e9:c3:a0:cd:37:14:fe:92:67:a3:9f:31:
ec:06:05:45:6a:73:75:27:21:f4:b3:8b:e7:e8:b8:a2:92:63:
82:52:b2:03:8f:98:86:2e:30:e0:c6:2f:dd:87:fd:4a:50:5a:
83:26:8d:cb:f2:07:12:6e:24:2a:53:7e:45:4b:d9:62:80:79:
2e:f1:b3:2f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7mnBzKggx2G3Z9CmjMluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzNmYzQwZDJlMDMzM2JiYzdiZGVhYjJiZDg1OTk1NDMw
MWMwZjEwHhcNMjUxMTExMDgwMDQxWhcNMjUxMTEyMDgwMDQxWjAzMTEwLwYDVQQD
Eyg4ZDczMmNiYTdjNDc0ZTAxZTc5NzdhNzM0YzVhMDM5NmU2NGM3OWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+7ZH9iTPyl/r29KiK6mZEzq2Ds+
F168bROUA0dksMFMBBBao/6RQvqrV8cqnsDnryGlegoKDp/cWxynYurLOPMnP+uU
AFqHXKJ6ngjVtv0R5H1MfMBPGRatz0hUhRRFIkrDqcP6AxK34yFLJFXeLmKvhzLU
tC54V6bbGEHFi5VJb/vGy4KHGo+pOa8ExDytug3OF8wxcrodgy4GVu9GFkWb4ie4
Q1X8CBbyty+IiZ89AUNukI+d6s1RvcZ+zVS98vDm5SMHJNNM0wVFZ4iwD17PL/DR
0CdyxvKTnhNXAQjS9h1fZX0v9OXsLq0ViMmeDilQvpTJ8j6oVVq9d8e1kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1zLLp8R04B55d6c0xaA5bmTHnYMB8GA1UdIwQY
MBaAFH8z/EDS4DM7vHveqyvYWZVDAcDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpQOFFOTGdNenU4ZTk2cks5aFpsVU1Cd1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJmMWQtZWMxZC00MGU2LTg0OWQt
Nzk3OTBkNjZkN2QzLzEvZnpQOFFOTGdNenU4ZTk2cks5aFpsVU1Cd1BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC82NWJmMWQtZWMxZC00MGU2LTg0OWQtNzk3OTBkNjZkN2Qz
LzEvZnpQOFFOTGdNenU4ZTk2cks5aFpsVU1Cd1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPOw/YSCO
fzH6ZdxI0m9N+1AcyclswwEouKlDLZsjf6q/CbP8KlRaW90ciFP0ddUqSbYLE73U
uCtYcUNpD8/CbUtRsTI3R2ecA/m8kT4sRlXsmDQM5GSPL0ookrZpHWQZ1CMqRjMj
Y+WYYMVY0dogKNtMlpB9ZzynL3vKcyVzx3pfl+HkvT/V88x0MoX1CoMjmKriSB1o
tNIf53JJk5vY9L7MOkzo5qMo6yruP42+/V/if2Ss799MCokb6cOgzTcU/pJno58x
7AYFRWpzdSch9LOL5+i4opJjglKyA4+Yhi4w4MYv3Yf9SlBagyaNy/IHEm4kKlN+
RUvZYoB5LvGzLw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:12:18 2025 by rpki-client