Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
File: z9rC7BEEwkXZyrqOthY46drxADk.mft (raw, json)
Hash identifier: IeGBrgh36qrU+8YUdea9t3yJS60H9Rbs3qS7w0RX1U8=
Subject key identifier: 2B:C6:F4:85:92:31:91:C7:B3:3F:A7:89:30:2C:23:C5:D1:A5:AD:21
Authority key identifier: CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39
Certificate issuer: /CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
Certificate serial: 019A71B7BAE9D8C6422503F9B5F99A2C100D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
Manifest number: 125C
Signing time: Tue 11 Nov 2025 07:00:57 +0000
Manifest this update: Tue 11 Nov 2025 07:00:57 +0000
Manifest next update: Wed 12 Nov 2025 07:00:57 +0000
Files and hashes: 1: z9rC7BEEwkXZyrqOthY46drxADk.crl (hash: CKKuP76pssSa0Zx5BGLZ67nsTv7P45eEXolTj4MdiIU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:ba:e9:d8:c6:42:25:03:f9:b5:f9:9a:2c:10:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfdac2ec1104c245d9caba8eb61638e9daf10039
Validity
Not Before: Nov 11 07:00:57 2025 GMT
Not After : Nov 12 07:00:57 2025 GMT
Subject: CN=2bc6f485923191c7b33fa789302c23c5d1a5ad21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8f:8c:d6:98:06:af:ae:ac:a2:1e:96:d2:85:
20:b1:ed:be:bc:90:a2:8b:c0:7b:48:a9:bd:d0:64:
3d:21:1d:c5:92:07:3c:e5:1d:58:95:78:51:39:7d:
46:b7:fd:14:a0:c1:b2:04:e5:e7:c0:c9:7b:2d:b0:
e0:e6:1d:4c:af:11:f7:83:de:ab:80:46:d6:89:f5:
cc:ad:4a:f8:59:74:eb:4f:66:98:a0:1f:67:02:cd:
31:9f:f1:29:3a:7e:ae:09:39:de:d3:43:2c:5a:ed:
b3:19:d3:4b:16:0e:2b:e1:fc:41:bb:73:bc:03:ea:
8d:58:cf:a6:5a:6f:fc:77:7d:05:8e:18:fb:b1:83:
31:6d:b8:b5:f5:bc:15:44:e1:b5:6d:b5:de:d4:92:
bd:e9:0d:52:00:cb:64:42:1c:8b:b2:a7:26:01:45:
86:c1:94:86:22:3c:36:58:d7:5e:db:6c:14:06:e3:
c2:06:9e:a3:2a:2a:4a:c0:7e:5d:45:89:51:1e:dc:
d7:10:3b:eb:82:7f:9d:ea:d6:1c:dc:bb:4a:6b:bd:
1a:89:33:9d:ed:85:9b:c3:e7:7d:ee:89:5a:10:f0:
7c:95:4c:0e:2d:f3:aa:e3:3f:f5:98:09:ee:22:4d:
55:b6:16:13:a5:01:72:72:6e:5c:c2:c6:72:25:d5:
a8:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:C6:F4:85:92:31:91:C7:B3:3F:A7:89:30:2C:23:C5:D1:A5:AD:21
X509v3 Authority Key Identifier:
keyid:CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3d:c0:75:f0:76:94:99:f6:84:cb:b1:88:5c:ef:2f:d8:68:c1:
aa:b2:20:74:b9:a4:56:b8:60:cd:ed:f0:ce:0b:77:4c:34:b1:
f5:02:0d:2f:91:23:f2:90:9f:91:1f:a6:a1:8c:d0:8b:dc:50:
7d:d3:4a:2e:95:ca:6a:c9:7c:ee:5f:3a:59:88:4a:ba:7e:a2:
8a:a3:09:00:a3:2b:f4:4e:2e:53:a9:ff:73:33:33:41:2a:49:
c1:b1:a7:50:ae:c8:42:65:de:6f:ba:86:d7:61:ab:fc:e7:fd:
66:4c:10:39:92:63:48:39:ce:9a:1b:52:8a:53:07:aa:ee:34:
11:3c:88:55:fb:2d:ef:9a:6e:ce:2b:dc:37:e7:83:d2:70:77:
51:a4:12:e7:e7:9d:55:37:26:ff:79:b1:19:71:ac:a3:8d:ec:
cb:f5:f7:9b:93:8d:34:3d:e6:6d:9c:4b:2f:a9:6f:fa:32:95:
00:ea:e4:b0:45:96:09:26:30:ad:8d:d8:5a:5a:55:61:b9:14:
8b:e4:4e:a6:74:fb:e4:d6:b2:b8:ba:68:e0:74:9d:49:c2:aa:
f8:47:b1:a2:04:25:30:3a:88:cf:e4:9e:4f:17:78:a4:60:f7:
e1:50:cc:78:30:5e:70:7e:da:a5:d2:38:be:c7:41:dc:fb:3b:
db:de:35:df
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7rp2MZCJQP5tfmaLBANMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGFjMmVjMTEwNGMyNDVkOWNhYmE4ZWI2MTYzOGU5ZGFm
MTAwMzkwHhcNMjUxMTExMDcwMDU3WhcNMjUxMTEyMDcwMDU3WjAzMTEwLwYDVQQD
EygyYmM2ZjQ4NTkyMzE5MWM3YjMzZmE3ODkzMDJjMjNjNWQxYTVhZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwo+M1pgGr66soh6W0oUgse2+vJCi
i8B7SKm90GQ9IR3Fkgc85R1YlXhROX1Gt/0UoMGyBOXnwMl7LbDg5h1MrxH3g96r
gEbWifXMrUr4WXTrT2aYoB9nAs0xn/EpOn6uCTne00MsWu2zGdNLFg4r4fxBu3O8
A+qNWM+mWm/8d30Fjhj7sYMxbbi19bwVROG1bbXe1JK96Q1SAMtkQhyLsqcmAUWG
wZSGIjw2WNde22wUBuPCBp6jKipKwH5dRYlRHtzXEDvrgn+d6tYc3LtKa70aiTOd
7YWbw+d97olaEPB8lUwOLfOq4z/1mAnuIk1VthYTpQFycm5cwsZyJdWoowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvG9IWSMZHHsz+niTAsI8XRpa0hMB8GA1UdIwQY
MBaAFM/awuwRBMJF2cq6jrYWOOna8QA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYt
NTYwNzhjODRkYzE3LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYtNTYwNzhjODRkYzE3
LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPcB18HaU
mfaEy7GIXO8v2GjBqrIgdLmkVrhgze3wzgt3TDSx9QINL5Ej8pCfkR+moYzQi9xQ
fdNKLpXKasl87l86WYhKun6iiqMJAKMr9E4uU6n/czMzQSpJwbGnUK7IQmXeb7qG
12Gr/Of9ZkwQOZJjSDnOmhtSilMHqu40ETyIVfst75puzivcN+eD0nB3UaQS5+ed
VTcm/3mxGXGso43sy/X3m5ONND3mbZxLL6lv+jKVAOrksEWWCSYwrY3YWlpVYbkU
i+ROpnT75NayuLpo4HSdScKq+EexogQlMDqIz+SeTxd4pGD34VDMeDBecH7apdI4
vsdB3Ps729413w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:39 2025 by rpki-client