Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
File: CZ05RkE90RFhtGx99q02Kpk41dQ.mft (raw, json)
Hash identifier: MfEHahzCAonSBZ8/vTNRWzEqCcbCvqRroslpCKQpZVY=
Subject key identifier: 3F:01:90:E0:59:AE:0B:74:69:27:EE:0A:53:41:45:CD:51:6C:3E:FF
Authority key identifier: 09:9D:39:46:41:3D:D1:11:61:B4:6C:7D:F6:AD:36:2A:99:38:D5:D4
Certificate issuer: /CN=099d3946413dd11161b46c7df6ad362a9938d5d4
Certificate serial: 019A72261BE56985AA1D056FBCA0AF9D023F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ05RkE90RFhtGx99q02Kpk41dQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
Manifest number: 04EF
Signing time: Tue 11 Nov 2025 09:01:31 +0000
Manifest this update: Tue 11 Nov 2025 09:01:31 +0000
Manifest next update: Wed 12 Nov 2025 09:01:31 +0000
Files and hashes: 1: 1-jvgd6RnvKghGloVJb1Iw3eDs48.roa (hash: B7s4SajlBd3EvNe+3zoLXiT8A5U0bChHVGW9zyQgNFY=)
2: CZ05RkE90RFhtGx99q02Kpk41dQ.crl (hash: DcOCpoPkWHnQKD1s3qhMnire3FpoYkYGbWVuePlzbo4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZ05RkE90RFhtGx99q02Kpk41dQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:1b:e5:69:85:aa:1d:05:6f:bc:a0:af:9d:02:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099d3946413dd11161b46c7df6ad362a9938d5d4
Validity
Not Before: Nov 11 09:01:31 2025 GMT
Not After : Nov 12 09:01:31 2025 GMT
Subject: CN=3f0190e059ae0b746927ee0a534145cd516c3eff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a2:7f:f9:df:0d:c4:a7:fd:74:1d:c8:b9:db:
41:90:f3:48:e1:2d:07:be:93:28:44:65:e9:a8:12:
c8:2e:5b:a7:3e:06:ae:18:41:9d:65:84:2b:8c:92:
98:4a:d1:21:90:e2:93:8b:18:ed:db:6a:96:a5:3a:
09:f9:40:91:17:84:97:35:07:40:e6:31:06:12:c9:
fb:d1:15:5a:d7:89:48:c6:19:2b:9d:5a:c0:6f:fe:
15:44:9c:ce:5b:de:72:7a:d5:12:db:9b:1d:3c:c1:
ea:d2:bd:3f:ca:0b:f0:09:0e:84:8e:ad:a6:a5:d6:
5b:c8:d9:3c:39:8d:04:60:2b:9c:b8:88:06:81:f5:
8f:df:27:5c:46:96:d8:56:60:ea:9b:18:d8:a8:9a:
29:8f:1e:c0:56:09:fe:ec:87:46:ac:b5:01:b1:df:
9a:ce:91:d7:e8:1a:52:aa:74:d2:01:e9:8c:ad:7b:
d1:c0:57:94:6f:ce:4d:f3:44:20:86:66:bb:8d:3c:
74:9a:36:96:74:bf:d0:77:0a:e2:77:38:41:4c:ee:
2b:e7:31:36:04:24:7e:f7:3e:57:01:3f:91:84:bf:
ef:4b:e9:15:56:66:64:85:db:b3:b1:01:bc:68:a0:
43:56:61:25:76:df:dd:43:be:f4:fd:9b:a4:de:94:
72:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:01:90:E0:59:AE:0B:74:69:27:EE:0A:53:41:45:CD:51:6C:3E:FF
X509v3 Authority Key Identifier:
keyid:09:9D:39:46:41:3D:D1:11:61:B4:6C:7D:F6:AD:36:2A:99:38:D5:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ05RkE90RFhtGx99q02Kpk41dQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/856443-b8fb-478e-87c9-cf52aa9d6ccc/1/CZ05RkE90RFhtGx99q02Kpk41dQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:7f:06:7c:cc:c7:81:db:6d:f8:6e:82:d6:06:47:1b:f5:d5:
f5:ae:ae:3a:8c:a4:33:fa:4a:5c:31:c0:e9:49:88:bf:f8:3d:
37:b6:1e:d8:81:63:5d:6f:68:c6:58:88:fc:9a:da:9f:e7:40:
9c:2b:35:99:cb:93:94:82:08:34:35:3e:55:5d:19:0b:1c:94:
f1:1a:eb:51:1b:2d:e5:74:e1:57:47:ba:42:9d:eb:2f:17:e2:
e0:6f:07:68:3c:f3:44:cb:15:b1:06:8a:81:3a:c6:a3:04:7f:
e0:56:a2:d8:91:bc:06:aa:29:4c:4d:31:58:56:3d:a1:e6:53:
cc:c7:d3:dc:bf:d6:6e:70:8b:8c:2b:d8:52:de:ef:92:39:c7:
61:5d:2c:92:c2:49:b0:da:a8:4c:ac:10:1d:b5:60:e1:24:35:
37:eb:8c:69:91:0a:35:ce:fc:58:42:c8:75:1d:63:b1:e1:17:
02:86:c0:cc:57:96:77:fb:a2:0b:77:fa:92:c7:8f:a0:f5:1b:
e6:d1:af:90:f4:33:2a:30:08:de:a9:18:0e:65:37:a9:f4:57:
d6:8b:5e:ec:31:26:83:58:07:0d:8b:5b:db:8f:3c:0e:11:28:
ab:6f:d0:87:60:89:f1:07:45:24:16:25:2c:80:6b:6d:0e:72:
bd:0d:ea:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJhvlaYWqHQVvvKCvnQI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWQzOTQ2NDEzZGQxMTE2MWI0NmM3ZGY2YWQzNjJhOTkz
OGQ1ZDQwHhcNMjUxMTExMDkwMTMxWhcNMjUxMTEyMDkwMTMxWjAzMTEwLwYDVQQD
EygzZjAxOTBlMDU5YWUwYjc0NjkyN2VlMGE1MzQxNDVjZDUxNmMzZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6J/+d8NxKf9dB3IudtBkPNI4S0H
vpMoRGXpqBLILlunPgauGEGdZYQrjJKYStEhkOKTixjt22qWpToJ+UCRF4SXNQdA
5jEGEsn70RVa14lIxhkrnVrAb/4VRJzOW95yetUS25sdPMHq0r0/ygvwCQ6Ejq2m
pdZbyNk8OY0EYCucuIgGgfWP3ydcRpbYVmDqmxjYqJopjx7AVgn+7IdGrLUBsd+a
zpHX6BpSqnTSAemMrXvRwFeUb85N80Qghma7jTx0mjaWdL/QdwridzhBTO4r5zE2
BCR+9z5XAT+RhL/vS+kVVmZkhduzsQG8aKBDVmEldt/dQ770/Zuk3pRyOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8BkOBZrgt0aSfuClNBRc1RbD7/MB8GA1UdIwQY
MBaAFAmdOUZBPdERYbRsffatNiqZONXUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1owNVJrRTkwUkZodEd4OTlxMDJLcGs0MWRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC84NTY0NDMtYjhmYi00NzhlLTg3Yzkt
Y2Y1MmFhOWQ2Y2NjLzEvQ1owNVJrRTkwUkZodEd4OTlxMDJLcGs0MWRRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC84NTY0NDMtYjhmYi00NzhlLTg3YzktY2Y1MmFhOWQ2Y2Nj
LzEvQ1owNVJrRTkwUkZodEd4OTlxMDJLcGs0MWRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHn8GfMzH
gdtt+G6C1gZHG/XV9a6uOoykM/pKXDHA6UmIv/g9N7Ye2IFjXW9oxliI/Jran+dA
nCs1mcuTlIIINDU+VV0ZCxyU8RrrURst5XThV0e6Qp3rLxfi4G8HaDzzRMsVsQaK
gTrGowR/4Fai2JG8BqopTE0xWFY9oeZTzMfT3L/WbnCLjCvYUt7vkjnHYV0sksJJ
sNqoTKwQHbVg4SQ1N+uMaZEKNc78WELIdR1jseEXAobAzFeWd/uiC3f6ksePoPUb
5tGvkPQzKjAI3qkYDmU3qfRX1ote7DEmg1gHDYtb2488DhEoq2/Qh2CJ8QdFJBYl
LIBrbQ5yvQ3q6w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:31 2025 by rpki-client