Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json)
Hash identifier: /N94L5WIlHlaWcEpKDJori6WV37oCse8FpEEzTAVENA=
Subject key identifier: FA:A8:EB:F7:37:D7:10:69:06:E9:99:2C:66:36:9D:0E:FA:A8:90:B1
Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Certificate serial: 019A168554A4AEC3201D2D865D8903AAF7A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
Manifest number: 18
Signing time: Fri 24 Oct 2025 14:00:27 +0000
Manifest this update: Fri 24 Oct 2025 14:00:27 +0000
Manifest next update: Sat 25 Oct 2025 14:00:27 +0000
Files and hashes: 1: 5wnQts3aHCqK4LPQTc1TSV8LlF8.roa (hash: k5nmC2X9nRpfsHKs8VUO+zQKfKvAMmG2gTrsovLYmdc=)
2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: NY634AsCGt6xSmj3Dd53B7Kvgqkev9yxqpHyGXx8qqo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:85:54:a4:ae:c3:20:1d:2d:86:5d:89:03:aa:f7:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Validity
Not Before: Oct 24 14:00:27 2025 GMT
Not After : Oct 25 14:00:27 2025 GMT
Subject: CN=faa8ebf737d7106906e9992c66369d0efaa890b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a2:00:a1:c1:35:73:27:cd:81:f8:71:2a:9e:
6a:b6:bc:a8:8b:da:fa:4b:08:c8:cc:77:c8:96:81:
0a:1d:98:65:eb:b7:58:be:30:f8:8c:59:08:29:8b:
1c:a5:1d:88:54:44:df:72:b2:8d:09:55:40:da:ef:
ee:92:e7:a4:da:43:02:bf:ce:21:ee:90:a4:10:cc:
90:38:a0:c0:c3:76:16:6b:07:26:61:fe:b1:bf:df:
f0:76:ad:a1:27:ac:23:fe:63:e5:bd:5b:11:1e:b6:
49:64:36:a3:03:c0:30:4c:70:f4:8c:da:ed:9a:18:
1c:5d:44:ef:8c:c9:30:d6:e2:c3:65:d6:f3:30:bb:
71:6a:5b:31:26:27:22:b3:8b:da:b3:61:8b:c6:fb:
c3:dd:9c:e3:71:96:2b:0a:e7:ae:97:b8:a3:d1:f8:
51:e9:ef:6a:9d:cf:a4:3b:21:47:11:32:10:5f:1d:
9c:db:c1:b4:a0:81:3e:fd:8d:29:bc:a9:27:4c:6c:
ba:af:52:fe:27:9d:50:88:e4:06:93:98:a4:77:be:
1f:c5:0c:7a:49:28:5a:3a:c6:31:ec:ac:45:a6:98:
2c:11:94:8c:18:7d:88:39:0e:ec:e3:23:bd:00:53:
f6:c1:4c:e1:8b:c3:8a:9c:89:6f:8b:c4:e5:41:90:
26:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A8:EB:F7:37:D7:10:69:06:E9:99:2C:66:36:9D:0E:FA:A8:90:B1
X509v3 Authority Key Identifier:
keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:3d:05:6c:e0:de:18:5f:0f:b2:25:02:1c:6e:d4:48:41:7b:
b6:c8:7e:59:a6:fe:e7:d4:00:d7:6d:3c:cc:86:b7:d9:54:74:
89:3f:d3:93:de:08:64:fc:af:74:2f:14:8d:58:f9:56:9c:61:
eb:51:eb:fb:10:b3:43:43:8c:bb:f6:aa:9a:98:e6:cf:ca:73:
0e:53:44:85:04:88:37:89:f7:78:cb:38:b5:22:0c:0c:eb:b8:
ab:95:77:40:71:88:23:61:51:05:cd:e7:a8:44:d8:6f:7a:da:
a9:e3:25:e7:53:90:2a:ac:4a:f8:d9:f3:c9:44:eb:d1:cc:20:
d3:76:a3:0d:6e:ee:ac:e9:29:3b:2a:3c:1b:76:24:ed:ac:49:
a3:f0:2f:22:85:bc:d3:af:19:85:0f:47:8c:a3:f8:2d:0a:67:
26:86:a9:ec:19:38:aa:9a:2d:a9:20:69:58:7d:73:a0:87:8e:
d5:14:83:36:ea:1e:96:f7:a7:05:6c:ad:ec:fb:35:aa:43:cf:
ee:6e:20:28:bf:6e:57:99:a8:90:88:4d:3b:22:9a:34:21:83:
b3:5d:e4:c4:98:a2:8d:bc:44:60:08:59:11:2d:e8:b3:f0:d0:
b3:ee:f4:1a:e2:5d:eb:a2:86:54:97:c8:5e:44:c2:9a:ea:82:
90:f6:62:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoWhVSkrsMgHS2GXYkDqvehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1
ZTk2NjMwHhcNMjUxMDI0MTQwMDI3WhcNMjUxMDI1MTQwMDI3WjAzMTEwLwYDVQQD
EyhmYWE4ZWJmNzM3ZDcxMDY5MDZlOTk5MmM2NjM2OWQwZWZhYTg5MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qIAocE1cyfNgfhxKp5qtryoi9r6
SwjIzHfIloEKHZhl67dYvjD4jFkIKYscpR2IVETfcrKNCVVA2u/ukuek2kMCv84h
7pCkEMyQOKDAw3YWawcmYf6xv9/wdq2hJ6wj/mPlvVsRHrZJZDajA8AwTHD0jNrt
mhgcXUTvjMkw1uLDZdbzMLtxalsxJicis4vas2GLxvvD3ZzjcZYrCueul7ij0fhR
6e9qnc+kOyFHETIQXx2c28G0oIE+/Y0pvKknTGy6r1L+J51QiOQGk5ikd74fxQx6
SShaOsYx7KxFppgsEZSMGH2IOQ7s4yO9AFP2wUzhi8OKnIlvi8TlQZAmwwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPqo6/c31xBpBumZLGY2nQ76qJCxMB8GA1UdIwQY
MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt
MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl
LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAST0FbODe
GF8PsiUCHG7USEF7tsh+Wab+59QA1208zIa32VR0iT/Tk94IZPyvdC8UjVj5Vpxh
61Hr+xCzQ0OMu/aqmpjmz8pzDlNEhQSIN4n3eMs4tSIMDOu4q5V3QHGII2FRBc3n
qETYb3raqeMl51OQKqxK+NnzyUTr0cwg03ajDW7urOkpOyo8G3Yk7axJo/AvIoW8
068ZhQ9HjKP4LQpnJoap7Bk4qpotqSBpWH1zoIeO1RSDNuoelvenBWyt7Ps1qkPP
7m4gKL9uV5mokIhNOyKaNCGDs13kxJiijbxEYAhZES3os/DQs+70GuJd66KGVJfI
XkTCmuqCkPZi7w==
-----END CERTIFICATE-----
Generated at Fri Oct 24 17:23:06 2025 by rpki-client