Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.mft
File: zY6OvYD8-ISXXkK0a_TlSHk_Kcs.mft (raw, json)
Hash identifier: GMriCycax0SP/1jDhZ3Dl58nDZFUveawL8vuOZCREvY=
Subject key identifier: 76:6E:EF:1A:1C:97:E0:DF:45:5D:13:40:07:0F:CB:97:E5:C4:21:6D
Authority key identifier: CD:8E:8E:BD:80:FC:F8:84:97:5E:42:B4:6B:F4:E5:48:79:3F:29:CB
Certificate issuer: /CN=cd8e8ebd80fcf884975e42b46bf4e548793f29cb
Certificate serial: 019A7149BDF52BB8E6FC1F1F096036E06811
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.mft
Manifest number: 0CD1
Signing time: Tue 11 Nov 2025 05:00:49 +0000
Manifest this update: Tue 11 Nov 2025 05:00:49 +0000
Manifest next update: Wed 12 Nov 2025 05:00:49 +0000
Files and hashes: 1: pbWUlF6kph4C-luLlJFzTT778aw.roa (hash: FFtm0Ye7lx+oD8pt9jf446A0y5P8uQmRXJuEy3Pug1Q=)
2: zY6OvYD8-ISXXkK0a_TlSHk_Kcs.crl (hash: RObgKZwGzUcZ8UCQbtAc2u1105NER2IMvJRzd0PZxzU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:bd:f5:2b:b8:e6:fc:1f:1f:09:60:36:e0:68:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8e8ebd80fcf884975e42b46bf4e548793f29cb
Validity
Not Before: Nov 11 05:00:49 2025 GMT
Not After : Nov 12 05:00:49 2025 GMT
Subject: CN=766eef1a1c97e0df455d1340070fcb97e5c4216d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:85:21:ba:29:56:79:f4:54:b2:2e:88:34:7b:
67:f9:bf:b4:88:f9:dd:40:b6:ec:12:4f:53:2a:05:
7b:62:49:1c:10:b1:a1:a6:b5:11:f2:e8:33:d9:3a:
1c:8a:d6:94:83:ca:6f:56:a3:79:a0:63:fa:8e:27:
6f:e5:c4:5d:a8:ab:d1:e4:f5:12:25:d4:8a:f8:46:
52:b3:a0:de:2b:0f:53:6a:34:80:aa:50:b6:ee:3d:
42:2a:97:13:45:1c:87:79:4d:e0:ce:aa:2d:cb:f0:
49:e4:07:2f:7f:c9:f5:b5:50:0d:e8:09:13:0b:e1:
3b:75:e5:50:60:b9:f4:95:da:9b:86:9d:68:78:43:
e6:2e:e5:04:51:5e:3c:b9:be:0e:e9:8a:25:1d:44:
ea:1a:60:fb:83:da:47:c8:36:bb:b6:6f:1c:ce:69:
e5:8b:73:43:f8:f4:5f:28:89:86:7f:d0:89:a3:cc:
bb:ae:af:4d:39:30:9b:87:d7:12:ce:48:ff:98:09:
92:3d:80:0d:cb:b4:63:4a:cb:cc:38:03:84:dc:48:
85:97:b2:69:67:b8:13:54:6d:5b:87:f9:81:e0:5a:
b3:96:78:da:14:df:82:53:60:d7:ac:26:72:7a:a7:
6d:88:eb:94:a3:6f:62:3c:7d:3a:fd:3b:b7:79:aa:
ff:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6E:EF:1A:1C:97:E0:DF:45:5D:13:40:07:0F:CB:97:E5:C4:21:6D
X509v3 Authority Key Identifier:
keyid:CD:8E:8E:BD:80:FC:F8:84:97:5E:42:B4:6B:F4:E5:48:79:3F:29:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/dc8f9b-06d6-44d3-9a38-286a5ee6e043/1/zY6OvYD8-ISXXkK0a_TlSHk_Kcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:e8:9a:0a:05:46:25:8b:6a:fd:6f:ac:e5:55:8d:0e:e4:d5:
14:38:9e:41:a4:5b:dc:93:a1:e1:df:bd:25:39:d2:8f:b4:6e:
e1:36:17:ae:f4:fc:ab:25:f7:a4:fb:7b:ae:a1:97:1c:0e:b9:
65:7f:45:17:47:b1:47:f2:67:d4:de:fa:21:a7:58:ae:b2:73:
95:97:75:15:06:62:6d:eb:33:fa:47:fe:b5:4f:6a:23:c8:9c:
a9:34:7f:0c:1c:87:24:50:60:be:ff:e3:fc:3f:ec:5c:ab:01:
e7:4e:d9:9d:05:ba:02:5e:5b:d7:10:4b:cc:40:3e:33:40:1e:
98:91:5f:8a:e3:7f:32:60:e5:ff:86:6e:7e:ca:4c:3f:8d:1c:
af:db:25:fd:dc:90:d6:45:dd:42:32:b5:10:9b:ba:f9:49:92:
32:e0:6e:1f:f1:c9:78:b4:73:f2:a1:a5:8b:5e:33:3a:5a:59:
cc:e4:73:97:64:db:ec:27:e1:b4:cf:58:14:8b:97:90:78:c1:
4a:61:bf:18:f1:bf:7d:4c:0f:a7:8c:53:ed:4c:60:ab:81:4b:
75:42:79:63:6d:a0:2e:62:1c:c5:cd:84:ee:2f:c5:a4:0f:04:
4c:6f:54:6f:d4:5b:eb:a1:7b:fb:6e:c1:c0:6e:92:67:5b:96:
6c:39:d1:ee
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSb31K7jm/B8fCWA24GgRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkOGU4ZWJkODBmY2Y4ODQ5NzVlNDJiNDZiZjRlNTQ4Nzkz
ZjI5Y2IwHhcNMjUxMTExMDUwMDQ5WhcNMjUxMTEyMDUwMDQ5WjAzMTEwLwYDVQQD
Eyg3NjZlZWYxYTFjOTdlMGRmNDU1ZDEzNDAwNzBmY2I5N2U1YzQyMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4UhuilWefRUsi6INHtn+b+0iPnd
QLbsEk9TKgV7YkkcELGhprUR8ugz2TocitaUg8pvVqN5oGP6jidv5cRdqKvR5PUS
JdSK+EZSs6DeKw9TajSAqlC27j1CKpcTRRyHeU3gzqoty/BJ5Acvf8n1tVAN6AkT
C+E7deVQYLn0ldqbhp1oeEPmLuUEUV48ub4O6YolHUTqGmD7g9pHyDa7tm8czmnl
i3ND+PRfKImGf9CJo8y7rq9NOTCbh9cSzkj/mAmSPYANy7RjSsvMOAOE3EiFl7Jp
Z7gTVG1bh/mB4FqzlnjaFN+CU2DXrCZyeqdtiOuUo29iPH06/Tu3ear/KwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHZu7xocl+DfRV0TQAcPy5flxCFtMB8GA1UdIwQY
MBaAFM2Ojr2A/PiEl15CtGv05Uh5PynLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kYzhmOWItMDZkNi00NGQzLTlhMzgt
Mjg2YTVlZTZlMDQzLzEvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kYzhmOWItMDZkNi00NGQzLTlhMzgtMjg2YTVlZTZlMDQz
LzEvelk2T3ZZRDgtSVNYWGtLMGFfVGxTSGtfS2NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY+iaCgVG
JYtq/W+s5VWNDuTVFDieQaRb3JOh4d+9JTnSj7Ru4TYXrvT8qyX3pPt7rqGXHA65
ZX9FF0exR/Jn1N76IadYrrJzlZd1FQZibesz+kf+tU9qI8icqTR/DByHJFBgvv/j
/D/sXKsB507ZnQW6Al5b1xBLzEA+M0AemJFfiuN/MmDl/4ZufspMP40cr9sl/dyQ
1kXdQjK1EJu6+UmSMuBuH/HJeLRz8qGli14zOlpZzORzl2Tb7CfhtM9YFIuXkHjB
SmG/GPG/fUwPp4xT7Uxgq4FLdUJ5Y22gLmIcxc2E7i/FpA8ETG9Ub9Rb66F7+27B
wG6SZ1uWbDnR7g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:41 2025 by rpki-client