Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
File: zzKCScw17CfMEOGLiCxsE4l8hJc.mft (raw, json)
Hash identifier: wztVCTMfdPcVYL0nT1HIhw+YOXa1yYazWshdJrqB2iw=
Subject key identifier: 6D:25:0C:49:CD:FB:39:62:E1:FE:E0:CE:1F:C4:25:21:6A:24:7B:23
Authority key identifier: CF:32:82:49:CC:35:EC:27:CC:10:E1:8B:88:2C:6C:13:89:7C:84:97
Certificate issuer: /CN=cf328249cc35ec27cc10e18b882c6c13897c8497
Certificate serial: 019A71B809CE169B5C506E8D308DAF17750B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zzKCScw17CfMEOGLiCxsE4l8hJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
Manifest number: 0EB8
Signing time: Tue 11 Nov 2025 07:01:17 +0000
Manifest this update: Tue 11 Nov 2025 07:01:17 +0000
Manifest next update: Wed 12 Nov 2025 07:01:17 +0000
Files and hashes: 1: zzKCScw17CfMEOGLiCxsE4l8hJc.crl (hash: CWYtyI+fIutvB85DP6diULe8Ggu1pjf95wLVuRP0K6E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/zzKCScw17CfMEOGLiCxsE4l8hJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:09:ce:16:9b:5c:50:6e:8d:30:8d:af:17:75:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf328249cc35ec27cc10e18b882c6c13897c8497
Validity
Not Before: Nov 11 07:01:17 2025 GMT
Not After : Nov 12 07:01:17 2025 GMT
Subject: CN=6d250c49cdfb3962e1fee0ce1fc425216a247b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:61:7f:a6:4e:c4:59:7c:b6:5d:a4:08:a7:fa:
77:0f:4d:f9:ac:4b:ff:b4:f1:11:9a:3d:d3:14:f2:
82:eb:83:fa:05:1e:fb:44:27:32:3f:9d:ea:6d:e2:
50:2f:2f:89:f8:5f:f7:7e:55:f2:0b:7b:4b:16:d7:
73:bf:22:0a:1d:f7:5c:22:e5:3a:64:64:d5:81:d8:
1c:ad:44:55:bd:e0:bd:ba:f5:5c:3a:24:3d:79:01:
e0:15:12:48:98:96:af:63:b5:8c:eb:af:40:d7:f5:
7d:c5:22:9e:5f:4e:26:48:70:33:ba:c4:d4:d5:97:
ea:9e:c4:a2:82:6c:5c:95:22:5f:fa:c2:01:95:d7:
44:ee:24:17:63:46:69:dd:a6:ef:07:95:fc:7b:81:
bd:2a:30:e7:74:b0:7f:02:13:3a:b9:ec:0a:5f:91:
37:7d:2d:c8:fd:2f:de:8f:4d:6b:b6:50:71:16:59:
82:e7:e0:48:0b:db:42:e7:14:12:05:22:25:b8:80:
f8:dc:1f:81:24:d3:57:ea:f0:2f:c6:53:ff:8c:d1:
34:4b:98:a7:91:c0:d0:3c:fc:4e:1c:89:fe:e5:ce:
be:4a:05:6b:72:16:e1:0a:6e:08:f7:df:56:98:64:
d0:9f:ba:78:97:e0:30:25:e3:ce:bd:1e:19:42:29:
9b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:25:0C:49:CD:FB:39:62:E1:FE:E0:CE:1F:C4:25:21:6A:24:7B:23
X509v3 Authority Key Identifier:
keyid:CF:32:82:49:CC:35:EC:27:CC:10:E1:8B:88:2C:6C:13:89:7C:84:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zzKCScw17CfMEOGLiCxsE4l8hJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/27d409-7659-453e-b36f-297d52f0c283/1/zzKCScw17CfMEOGLiCxsE4l8hJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b6:1d:f0:a7:48:b1:2e:b7:91:4c:4d:09:49:ba:53:d1:e7:81:
6d:1c:ce:d8:48:72:79:2a:92:9a:53:2c:1a:dd:11:ff:99:e0:
0a:dc:ce:5b:63:48:67:11:71:a2:8d:6b:3f:da:03:b6:88:bb:
dc:57:5d:b4:76:c6:ae:fd:ec:e1:36:f9:3a:4c:dd:90:e0:b0:
f0:0c:2b:b7:66:21:4b:24:88:25:63:23:0a:a2:17:91:b4:48:
6d:9b:f3:08:fe:9f:47:7b:0d:2c:bd:9e:7f:fc:e1:ae:29:ea:
c5:59:da:9c:3d:2e:70:d9:79:ee:6a:fd:ec:00:82:18:9e:75:
c0:3f:9d:25:6f:63:68:53:82:6c:c6:33:d9:6f:48:ed:e8:5d:
1d:80:38:37:ab:7d:f5:aa:ee:83:43:b6:4c:ac:10:76:1c:33:
dc:4a:3d:dc:d3:bc:c8:90:35:6d:19:b4:96:07:51:61:48:76:
3b:6e:e8:0e:c1:ea:40:fc:1e:2d:4d:ae:00:b3:ed:53:96:6b:
0d:37:cb:2a:28:35:dc:54:f9:07:a6:01:10:50:e7:e8:82:95:
3f:da:9f:ab:a9:29:04:a8:d1:a3:9f:ea:cb:b3:e9:7c:f6:d8:
96:b6:d2:c3:ce:b6:dd:ad:93:82:89:3c:b3:ac:63:b2:a1:36:
c4:22:92:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAnOFptcUG6NMI2vF3ULMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMzI4MjQ5Y2MzNWVjMjdjYzEwZTE4Yjg4MmM2YzEzODk3
Yzg0OTcwHhcNMjUxMTExMDcwMTE3WhcNMjUxMTEyMDcwMTE3WjAzMTEwLwYDVQQD
Eyg2ZDI1MGM0OWNkZmIzOTYyZTFmZWUwY2UxZmM0MjUyMTZhMjQ3YjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWF/pk7EWXy2XaQIp/p3D035rEv/
tPERmj3TFPKC64P6BR77RCcyP53qbeJQLy+J+F/3flXyC3tLFtdzvyIKHfdcIuU6
ZGTVgdgcrURVveC9uvVcOiQ9eQHgFRJImJavY7WM669A1/V9xSKeX04mSHAzusTU
1ZfqnsSigmxclSJf+sIBlddE7iQXY0Zp3abvB5X8e4G9KjDndLB/AhM6uewKX5E3
fS3I/S/ej01rtlBxFlmC5+BIC9tC5xQSBSIluID43B+BJNNX6vAvxlP/jNE0S5in
kcDQPPxOHIn+5c6+SgVrchbhCm4I999WmGTQn7p4l+AwJePOvR4ZQimbgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG0lDEnN+zli4f7gzh/EJSFqJHsjMB8GA1UdIwQY
MBaAFM8ygknMNewnzBDhi4gsbBOJfISXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenpLQ1NjdzE3Q2ZNRU9HTGlDeHNFNGw4aEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS8yN2Q0MDktNzY1OS00NTNlLWIzNmYt
Mjk3ZDUyZjBjMjgzLzEvenpLQ1NjdzE3Q2ZNRU9HTGlDeHNFNGw4aEpjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS8yN2Q0MDktNzY1OS00NTNlLWIzNmYtMjk3ZDUyZjBjMjgz
LzEvenpLQ1NjdzE3Q2ZNRU9HTGlDeHNFNGw4aEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAth3wp0ix
LreRTE0JSbpT0eeBbRzO2EhyeSqSmlMsGt0R/5ngCtzOW2NIZxFxoo1rP9oDtoi7
3FddtHbGrv3s4Tb5OkzdkOCw8Awrt2YhSySIJWMjCqIXkbRIbZvzCP6fR3sNLL2e
f/zhrinqxVnanD0ucNl57mr97ACCGJ51wD+dJW9jaFOCbMYz2W9I7ehdHYA4N6t9
9arug0O2TKwQdhwz3Eo93NO8yJA1bRm0lgdRYUh2O27oDsHqQPweLU2uALPtU5Zr
DTfLKig13FT5B6YBEFDn6IKVP9qfq6kpBKjRo5/qy7PpfPbYlrbSw8623a2Tgok8
s6xjsqE2xCKSbQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:21 2025 by rpki-client