Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
File: dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft (raw, json)
Hash identifier: SHQZaF6Cq9F0+Zcju2GATrCgEFrH2BHj8gaA+YIXuKI=
Subject key identifier: 52:27:D8:8A:A0:F9:EB:48:71:68:AD:1E:CD:31:8E:83:C1:4C:EB:4A
Authority key identifier: 75:92:3E:C5:46:DF:37:1D:09:E6:8C:6B:06:02:5E:A3:12:61:23:4A
Certificate issuer: /CN=75923ec546df371d09e68c6b06025ea31261234a
Certificate serial: 019A71B7EF5A8FFCEFF5BA76D3972A03F305
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:01:10 +0000
Manifest this update: Tue 11 Nov 2025 07:01:10 +0000
Manifest next update: Wed 12 Nov 2025 07:01:10 +0000
Files and hashes: 1: dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl (hash: nGm5Lzzz6BUcTgIoPf0WbEVL7uD4Qc+4rSqzQSUZ/eI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ef:5a:8f:fc:ef:f5:ba:76:d3:97:2a:03:f3:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75923ec546df371d09e68c6b06025ea31261234a
Validity
Not Before: Nov 11 07:01:10 2025 GMT
Not After : Nov 12 07:01:10 2025 GMT
Subject: CN=5227d88aa0f9eb487168ad1ecd318e83c14ceb4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4d:21:28:e1:0e:9a:95:a1:41:4a:5d:9b:14:
75:86:1a:64:1a:5e:41:dd:70:f9:6e:75:f5:b5:9b:
51:fa:29:ac:82:96:dc:f0:65:12:27:83:67:a7:fc:
3a:61:aa:ec:40:17:2f:a9:76:d3:63:53:15:e4:a3:
da:7a:cf:e0:30:fa:18:44:c9:55:64:eb:1c:ed:b2:
8d:91:b3:d9:de:bc:a9:e1:6c:2a:28:96:ed:6b:7d:
54:64:a5:23:a9:40:ec:9d:5a:15:15:1b:ed:08:a1:
61:0a:01:87:da:cb:fa:70:3a:f6:30:98:73:3a:cd:
29:2b:ee:45:58:23:c2:8e:d9:cf:38:1a:11:ea:27:
26:0e:89:26:cb:a6:f2:cc:e0:30:ec:fd:96:77:22:
00:33:8f:b6:95:23:8e:1f:09:53:52:14:fd:69:3e:
b4:c5:30:38:e7:de:9f:4d:a3:60:0f:4c:e7:1a:41:
83:1c:4b:9e:c5:c9:47:3f:b3:b9:f1:cf:11:5c:f5:
ef:e3:8f:ba:a6:52:bb:02:1b:dd:4c:c6:f6:d9:60:
47:56:3c:79:ed:ea:81:dc:db:8e:28:55:17:0d:e3:
11:5a:2a:af:c5:8b:3b:5a:fd:82:31:4b:24:6a:dd:
cc:c7:3d:38:d0:ac:de:b9:04:b9:76:34:fe:d6:6e:
8b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:27:D8:8A:A0:F9:EB:48:71:68:AD:1E:CD:31:8E:83:C1:4C:EB:4A
X509v3 Authority Key Identifier:
keyid:75:92:3E:C5:46:DF:37:1D:09:E6:8C:6B:06:02:5E:A3:12:61:23:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZI-xUbfNx0J5oxrBgJeoxJhI0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/26c68c-0482-4b62-b2af-4855366edfef/1/dZI-xUbfNx0J5oxrBgJeoxJhI0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0d:9f:54:29:5e:5a:75:0f:cf:89:87:da:8e:3c:14:bb:47:ce:
e4:0f:df:65:e0:8e:fc:cd:de:57:82:e4:c3:e1:c9:ac:49:5a:
15:d9:51:6d:06:9a:13:6b:7c:98:a2:6f:7a:4b:f8:6f:c5:52:
87:9a:91:bb:9d:07:d8:83:53:f9:f3:4b:60:96:bc:d4:58:0e:
6c:04:b2:45:e4:3d:fb:5f:52:c1:39:83:0b:47:d0:ed:2f:cf:
8c:1c:52:3c:88:3e:65:d0:8c:0a:17:99:1a:20:17:87:21:45:
32:e2:9c:95:02:ae:d1:41:c7:34:ac:0d:a6:44:9d:d3:c0:73:
b1:e2:36:ac:d4:27:cd:08:a8:49:f1:6b:3d:59:8d:01:e3:d4:
0a:e9:2d:ca:ff:ee:4c:aa:8c:67:ce:69:15:2b:22:96:f2:f4:
7f:98:cc:56:25:58:07:4a:3f:fc:f5:b2:7d:82:5a:bb:e7:bf:
8a:e8:b4:20:81:78:9c:98:c6:fa:f8:d5:08:04:78:c8:ca:db:
47:54:e2:16:cf:69:87:0e:d2:15:3c:58:44:3b:6c:dc:3d:42:
ac:39:58:a3:bc:27:4e:05:a6:2b:5c:31:b9:c8:77:1c:e6:ba:
bb:42:e1:6b:46:76:42:83:5f:5e:af:d7:0f:90:67:90:e4:8f:
c5:23:a7:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt+9aj/zv9bp205cqA/MFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1OTIzZWM1NDZkZjM3MWQwOWU2OGM2YjA2MDI1ZWEzMTI2
MTIzNGEwHhcNMjUxMTExMDcwMTEwWhcNMjUxMTEyMDcwMTEwWjAzMTEwLwYDVQQD
Eyg1MjI3ZDg4YWEwZjllYjQ4NzE2OGFkMWVjZDMxOGU4M2MxNGNlYjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArk0hKOEOmpWhQUpdmxR1hhpkGl5B
3XD5bnX1tZtR+imsgpbc8GUSJ4Nnp/w6YarsQBcvqXbTY1MV5KPaes/gMPoYRMlV
ZOsc7bKNkbPZ3ryp4WwqKJbta31UZKUjqUDsnVoVFRvtCKFhCgGH2sv6cDr2MJhz
Os0pK+5FWCPCjtnPOBoR6icmDokmy6byzOAw7P2WdyIAM4+2lSOOHwlTUhT9aT60
xTA4596fTaNgD0znGkGDHEuexclHP7O58c8RXPXv44+6plK7AhvdTMb22WBHVjx5
7eqB3NuOKFUXDeMRWiqvxYs7Wv2CMUskat3Mxz040KzeuQS5djT+1m6LLQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFIn2Iqg+etIcWitHs0xjoPBTOtKMB8GA1UdIwQY
MBaAFHWSPsVG3zcdCeaMawYCXqMSYSNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNmM2OGMtMDQ4Mi00YjYyLWIyYWYt
NDg1NTM2NmVkZmVmLzEvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNmM2OGMtMDQ4Mi00YjYyLWIyYWYtNDg1NTM2NmVkZmVm
LzEvZFpJLXhVYmZOeDBKNW94ckJnSmVveEpoSTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADZ9UKV5a
dQ/PiYfajjwUu0fO5A/fZeCO/M3eV4Lkw+HJrElaFdlRbQaaE2t8mKJvekv4b8VS
h5qRu50H2INT+fNLYJa81FgObASyReQ9+19SwTmDC0fQ7S/PjBxSPIg+ZdCMCheZ
GiAXhyFFMuKclQKu0UHHNKwNpkSd08BzseI2rNQnzQioSfFrPVmNAePUCuktyv/u
TKqMZ85pFSsilvL0f5jMViVYB0o//PWyfYJau+e/iui0IIF4nJjG+vjVCAR4yMrb
R1TiFs9phw7SFTxYRDts3D1CrDlYo7wnTgWmK1wxuch3HOa6u0Lha0Z2QoNfXq/X
D5BnkOSPxSOnVA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:36:19 2025 by rpki-client