Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
File: Z42bouOWhCO-_F7tBXGbMABX18s.mft (raw, json)
Hash identifier: rXp4Tsl6DJouTnws+zEfvfwRR4vrNkAMaQJSyKb5Q6I=
Subject key identifier: EE:4B:DF:80:A1:9A:54:9A:59:D4:F8:BF:92:F5:68:11:06:3E:11:7E
Authority key identifier: 67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB
Certificate issuer: /CN=678d9ba2e3968423befc5eed05719b300057d7cb
Certificate serial: 019A71B7C1D89D2F66C628399B5B4F6AC8D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
Manifest number: 0415
Signing time: Tue 11 Nov 2025 07:00:59 +0000
Manifest this update: Tue 11 Nov 2025 07:00:59 +0000
Manifest next update: Wed 12 Nov 2025 07:00:59 +0000
Files and hashes: 1: Z42bouOWhCO-_F7tBXGbMABX18s.crl (hash: 5mugUk4FPsYpon6oqQbz3B335eKiJNmjlIUPEMJDZiM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:c1:d8:9d:2f:66:c6:28:39:9b:5b:4f:6a:c8:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=678d9ba2e3968423befc5eed05719b300057d7cb
Validity
Not Before: Nov 11 07:00:59 2025 GMT
Not After : Nov 12 07:00:59 2025 GMT
Subject: CN=ee4bdf80a19a549a59d4f8bf92f56811063e117e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:bc:b3:39:59:3a:16:9c:c2:8f:b0:3b:b4:f7:
10:47:f5:b8:8e:60:25:2c:03:57:e5:c5:6e:1f:73:
cf:ca:bb:5d:67:74:87:6e:51:5d:ec:73:6e:74:d7:
66:63:a8:23:31:78:c5:7e:85:12:98:13:bb:bd:de:
9d:71:a2:0c:13:ae:a9:28:d9:dd:4d:4f:47:ef:86:
46:43:36:3b:8f:6b:70:8a:cf:75:69:30:a1:6e:2f:
e6:bf:fa:c3:d1:f7:2d:d4:9f:b9:76:14:df:cb:64:
ff:11:ea:c5:94:60:40:78:42:dd:47:f4:d3:75:98:
fa:95:7e:a3:0d:a6:a0:c0:dc:0b:fc:ea:36:4d:e9:
6e:0a:a9:21:fe:33:36:29:87:9c:76:5a:11:b8:47:
3f:87:75:6b:a8:17:82:7d:c1:a3:f0:30:f8:93:17:
4e:65:d5:44:11:af:2e:14:2a:d5:0f:9d:44:8c:06:
f7:82:59:79:fc:c4:0c:b1:eb:43:62:15:41:8c:79:
d6:05:d0:34:8b:74:42:cd:26:1a:1a:ca:49:9e:ca:
87:59:dd:c5:39:7b:dd:7a:09:f2:c9:b8:7f:11:7b:
84:5c:03:be:d0:92:10:ca:3e:5b:2a:ba:d1:24:b2:
b1:8d:3f:7d:60:b6:6d:d5:ca:66:55:a6:3c:d5:a7:
7a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:4B:DF:80:A1:9A:54:9A:59:D4:F8:BF:92:F5:68:11:06:3E:11:7E
X509v3 Authority Key Identifier:
keyid:67:8D:9B:A2:E3:96:84:23:BE:FC:5E:ED:05:71:9B:30:00:57:D7:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z42bouOWhCO-_F7tBXGbMABX18s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/d15b7f-708f-4155-8d31-c80a723d34f7/1/Z42bouOWhCO-_F7tBXGbMABX18s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:62:27:72:52:10:54:a4:f9:1f:79:6e:da:74:fd:90:b8:c5:
dd:c6:4e:fc:44:e9:04:47:9b:96:7e:d5:a1:c0:7e:1d:dc:2b:
62:b5:98:ff:ec:90:88:e4:5c:1b:e2:da:68:4a:81:a6:fe:02:
39:a2:b2:96:b9:9d:61:85:a7:11:be:f3:80:a3:82:87:76:98:
09:a2:4b:27:8f:38:1c:95:85:ca:0b:ae:ef:96:f2:04:e7:d6:
41:d3:3b:66:08:7d:21:4b:15:3c:d7:43:11:bb:b7:a9:bf:4e:
89:74:53:bd:39:72:81:e2:68:b8:cb:e5:90:52:9a:33:5d:9d:
b4:c7:6c:7e:2a:d9:e5:ee:e2:21:a5:0a:a9:ec:50:00:71:4c:
f2:51:8c:51:e3:ee:70:e8:b8:67:16:cd:5e:28:e3:d3:4b:64:
62:74:00:be:5b:46:ad:de:80:b5:34:1f:4e:39:02:68:89:9b:
f0:30:c6:9e:31:72:b9:fc:3a:51:b3:09:9a:30:8d:7a:60:0b:
35:f7:1f:f5:10:1d:3c:1e:08:ca:b3:9a:94:81:1c:dd:c5:7b:
23:ea:78:66:bc:9c:85:e4:de:68:b1:a9:b9:61:66:30:42:bb:
58:d4:55:ea:d3:77:c0:9c:9d:08:f0:7a:1e:4e:90:2a:ad:19:
3e:b8:2c:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt8HYnS9mxig5m1tPasjZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3OGQ5YmEyZTM5Njg0MjNiZWZjNWVlZDA1NzE5YjMwMDA1
N2Q3Y2IwHhcNMjUxMTExMDcwMDU5WhcNMjUxMTEyMDcwMDU5WjAzMTEwLwYDVQQD
EyhlZTRiZGY4MGExOWE1NDlhNTlkNGY4YmY5MmY1NjgxMTA2M2UxMTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbyzOVk6FpzCj7A7tPcQR/W4jmAl
LANX5cVuH3PPyrtdZ3SHblFd7HNudNdmY6gjMXjFfoUSmBO7vd6dcaIME66pKNnd
TU9H74ZGQzY7j2twis91aTChbi/mv/rD0fct1J+5dhTfy2T/EerFlGBAeELdR/TT
dZj6lX6jDaagwNwL/Oo2TeluCqkh/jM2KYecdloRuEc/h3VrqBeCfcGj8DD4kxdO
ZdVEEa8uFCrVD51EjAb3gll5/MQMsetDYhVBjHnWBdA0i3RCzSYaGspJnsqHWd3F
OXvdegnyybh/EXuEXAO+0JIQyj5bKrrRJLKxjT99YLZt1cpmVaY81ad6xQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO5L34ChmlSaWdT4v5L1aBEGPhF+MB8GA1UdIwQY
MBaAFGeNm6LjloQjvvxe7QVxmzAAV9fLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEt
YzgwYTcyM2QzNGY3LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9kMTViN2YtNzA4Zi00MTU1LThkMzEtYzgwYTcyM2QzNGY3
LzEvWjQyYm91T1doQ08tX0Y3dEJYR2JNQUJYMThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApGInclIQ
VKT5H3lu2nT9kLjF3cZO/ETpBEebln7VocB+HdwrYrWY/+yQiORcG+LaaEqBpv4C
OaKylrmdYYWnEb7zgKOCh3aYCaJLJ484HJWFyguu75byBOfWQdM7Zgh9IUsVPNdD
Ebu3qb9OiXRTvTlygeJouMvlkFKaM12dtMdsfirZ5e7iIaUKqexQAHFM8lGMUePu
cOi4ZxbNXijj00tkYnQAvltGrd6AtTQfTjkCaImb8DDGnjFyufw6UbMJmjCNemAL
Nfcf9RAdPB4IyrOalIEc3cV7I+p4ZrycheTeaLGpuWFmMEK7WNRV6tN3wJydCPB6
Hk6QKq0ZPrgsxw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:18 2025 by rpki-client