Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
File: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft (raw, json)
Hash identifier: O8OkTXkReF8kuh1njbjGGytxcBsbUXmaMNiAokPU1ig=
Subject key identifier: B6:25:85:F3:20:DF:59:67:8C:AC:9C:A5:B2:1F:31:3C:2C:03:30:61
Authority key identifier: AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
Certificate issuer: /CN=af3465437669ce586261a066cc4ad1ea464eb663
Certificate serial: 019A71B8C8369B0D7E2EDCECEA9CC4BEDD7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
Manifest number: 0FCE
Signing time: Tue 11 Nov 2025 07:02:06 +0000
Manifest this update: Tue 11 Nov 2025 07:02:06 +0000
Manifest next update: Wed 12 Nov 2025 07:02:06 +0000
Files and hashes: 1: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl (hash: iCRNcGPuxWf3ReROlQW1V90rJ2+zXPXM2Ya/fqdLeI4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:c8:36:9b:0d:7e:2e:dc:ec:ea:9c:c4:be:dd:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3465437669ce586261a066cc4ad1ea464eb663
Validity
Not Before: Nov 11 07:02:06 2025 GMT
Not After : Nov 12 07:02:06 2025 GMT
Subject: CN=b62585f320df59678cac9ca5b21f313c2c033061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b7:ab:ac:c1:fe:a0:09:cd:03:ea:23:1b:3f:
88:13:cd:a5:62:17:df:24:84:4e:b9:8e:92:0a:b4:
10:1a:69:65:17:7a:d2:80:36:79:ef:17:fd:cf:a2:
47:0a:98:8c:44:c5:3f:29:0f:33:b9:b5:0c:4c:36:
b4:e2:58:1c:71:ef:30:ca:ab:94:24:ca:bd:71:ab:
c5:a8:00:5d:66:8d:f2:79:68:7d:df:b6:3f:f9:e5:
42:bb:b2:57:49:33:e5:ed:2c:3f:76:44:58:68:b6:
35:b0:c2:b1:a0:45:f9:1f:f9:76:7d:6e:2c:84:e5:
92:60:7a:a3:8e:73:07:7d:bd:87:64:ba:73:2b:9f:
9f:32:6f:c1:1e:dc:f0:14:06:a5:f6:39:39:1a:10:
e6:0a:e0:31:03:d9:79:7a:05:f1:78:c5:95:14:7f:
1d:ed:d9:bc:20:87:2d:d4:e7:a2:95:3f:d1:91:ad:
e3:0d:59:d8:a8:f9:5a:e4:aa:e3:a8:60:66:43:23:
6f:fa:81:a2:89:f0:e3:26:4b:0c:3a:f2:27:48:d3:
c1:36:33:14:42:27:9f:99:da:c4:a1:b0:a9:16:f3:
8f:0e:59:0b:93:82:cd:44:d3:e7:2b:07:27:4f:c2:
4f:b9:b5:8c:71:e5:0c:33:9a:c1:26:f4:50:5b:11:
44:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:25:85:F3:20:DF:59:67:8C:AC:9C:A5:B2:1F:31:3C:2C:03:30:61
X509v3 Authority Key Identifier:
keyid:AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
78:37:9c:95:ae:48:66:cc:b9:07:1c:9d:1c:1b:68:49:2e:d4:
46:15:7f:f6:c3:f9:bc:3b:cb:db:42:93:61:ec:12:42:45:e1:
9c:18:4d:a1:88:6c:64:40:54:6d:13:b8:7a:fa:8c:b3:1d:52:
52:96:de:29:84:df:fa:30:1e:e1:59:57:25:48:9a:1b:0b:30:
64:aa:65:c5:52:50:4b:92:92:b8:8d:c9:16:a3:16:fc:21:9f:
82:10:16:04:82:29:f9:b3:8e:50:91:7f:b6:01:53:cf:37:8e:
a1:84:fd:1d:7b:7e:76:46:86:2a:fa:3b:05:24:62:1c:6b:86:
52:86:f7:f4:32:77:73:2d:0f:01:59:60:f0:21:4d:09:64:18:
ce:2c:cb:af:86:3f:64:13:18:d8:fc:58:06:4a:34:ec:3f:a6:
93:3e:05:68:d0:12:ab:21:72:99:7e:f5:f9:b5:91:d4:68:1f:
04:20:db:8e:59:48:87:52:9c:30:3c:12:31:05:f1:ca:05:02:
62:ad:be:94:2a:36:e3:4a:13:be:e0:7f:da:23:c3:bb:70:e6:
f4:fe:67:7e:9e:90:2e:83:05:23:b5:b5:17:9d:da:c0:ab:1f:
d1:33:4a:49:28:e1:01:b0:f6:b1:43:99:3f:92:51:b6:c2:5b:
25:87:02:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuMg2mw1+Ltzs6pzEvt18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzQ2NTQzNzY2OWNlNTg2MjYxYTA2NmNjNGFkMWVhNDY0
ZWI2NjMwHhcNMjUxMTExMDcwMjA2WhcNMjUxMTEyMDcwMjA2WjAzMTEwLwYDVQQD
EyhiNjI1ODVmMzIwZGY1OTY3OGNhYzljYTViMjFmMzEzYzJjMDMzMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7errMH+oAnNA+ojGz+IE82lYhff
JIROuY6SCrQQGmllF3rSgDZ57xf9z6JHCpiMRMU/KQ8zubUMTDa04lgcce8wyquU
JMq9cavFqABdZo3yeWh937Y/+eVCu7JXSTPl7Sw/dkRYaLY1sMKxoEX5H/l2fW4s
hOWSYHqjjnMHfb2HZLpzK5+fMm/BHtzwFAal9jk5GhDmCuAxA9l5egXxeMWVFH8d
7dm8IIct1OeilT/Rka3jDVnYqPla5KrjqGBmQyNv+oGiifDjJksMOvInSNPBNjMU
QiefmdrEobCpFvOPDlkLk4LNRNPnKwcnT8JPubWMceUMM5rBJvRQWxFEbQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYlhfMg31lnjKycpbIfMTwsAzBhMB8GA1UdIwQY
MBaAFK80ZUN2ac5YYmGgZsxK0epGTrZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQt
NjBjZjY2MGFkNTMzLzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQtNjBjZjY2MGFkNTMz
LzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeDecla5I
Zsy5BxydHBtoSS7URhV/9sP5vDvL20KTYewSQkXhnBhNoYhsZEBUbRO4evqMsx1S
UpbeKYTf+jAe4VlXJUiaGwswZKplxVJQS5KSuI3JFqMW/CGfghAWBIIp+bOOUJF/
tgFTzzeOoYT9HXt+dkaGKvo7BSRiHGuGUob39DJ3cy0PAVlg8CFNCWQYzizLr4Y/
ZBMY2PxYBko07D+mkz4FaNASqyFymX71+bWR1GgfBCDbjllIh1KcMDwSMQXxygUC
Yq2+lCo240oTvuB/2iPDu3Dm9P5nfp6QLoMFI7W1F53awKsf0TNKSSjhAbD2sUOZ
P5JRtsJbJYcChA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:14:12 2025 by rpki-client