Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft
File: rzA4pxexVOHPpHEWgy2ibyiyowQ.mft (raw, json)
Hash identifier: DRJRaKrz7fqAEjfTG2fAJEw0d1uw/rOBtv8PoQ5J1IE=
Subject key identifier: C0:FC:60:0A:18:D0:88:71:A7:49:F7:12:76:BD:C8:D5:3E:D5:2F:74
Authority key identifier: AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
Certificate issuer: /CN=af3038a717b154e1cfa47116832da26f28b2a304
Certificate serial: 019A71EEA8D081A2179F0FF7FF2244178335
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 08:00:57 +0000
Manifest this update: Tue 11 Nov 2025 08:00:57 +0000
Manifest next update: Wed 12 Nov 2025 08:00:57 +0000
Files and hashes: 1: 9-nqsKi4Ev5jKkuKWzG_WIBo83k.roa (hash: SHAm2ssxR7ZkFZ7Brw788jEHfHi8MZS6JxMLuTDqDJs=)
2: rzA4pxexVOHPpHEWgy2ibyiyowQ.crl (hash: FTpdoaJj4LBjXa1pXMIvslcYyl1kJPKnMOf228cS+A8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:a8:d0:81:a2:17:9f:0f:f7:ff:22:44:17:83:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af3038a717b154e1cfa47116832da26f28b2a304
Validity
Not Before: Nov 11 08:00:57 2025 GMT
Not After : Nov 12 08:00:57 2025 GMT
Subject: CN=c0fc600a18d08871a749f71276bdc8d53ed52f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e2:e2:88:af:d0:41:d2:b0:f9:61:7b:81:10:
ae:b1:36:27:70:11:d6:69:f3:57:8c:15:eb:0f:41:
21:60:87:c0:0b:b9:c5:46:84:4e:79:a4:0b:ac:3d:
da:04:04:8b:82:ac:01:fe:01:96:19:8b:e2:6b:1c:
61:8e:e6:55:36:2a:e7:66:9f:63:a9:fa:a9:45:f4:
f9:64:8b:47:b2:06:3a:27:1c:0b:24:de:97:e5:45:
8f:fa:6e:b3:b7:47:1c:79:44:27:1d:14:17:8e:ff:
64:26:7f:5e:1b:b3:a5:1c:c6:40:96:f8:ed:6c:c0:
50:5f:c6:b9:4b:43:e2:26:16:40:a0:96:07:50:30:
9e:ac:d8:c4:70:1f:01:f5:5a:00:42:2e:d4:72:ec:
1b:3a:a6:8b:54:f9:8d:c0:d2:fa:1e:fc:aa:11:a1:
9e:24:32:66:71:77:1c:64:2c:13:fa:6d:c3:12:c3:
d3:89:8b:24:19:1c:0b:60:ed:08:7d:85:43:d3:c1:
8b:6e:4f:11:d5:8b:14:db:83:fc:63:59:ed:02:b2:
7f:fe:49:9b:19:8a:e0:02:9a:38:ce:d7:ab:51:12:
80:d8:fd:6e:10:81:80:d8:19:95:2c:45:da:89:23:
2a:3e:24:10:11:e7:b3:30:2f:35:11:37:21:9a:07:
22:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:FC:60:0A:18:D0:88:71:A7:49:F7:12:76:BD:C8:D5:3E:D5:2F:74
X509v3 Authority Key Identifier:
keyid:AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:f8:8a:77:86:25:64:5b:e1:6f:70:3f:30:8d:0d:51:3c:15:
0c:6a:42:cc:ff:2c:fd:60:97:e5:8d:2a:93:31:ae:b6:3f:be:
df:44:89:78:cd:72:1f:62:e6:4b:a7:99:36:55:ae:a5:59:70:
3a:5e:be:c7:59:54:a4:4d:47:d6:01:27:cc:28:21:d6:6a:06:
ef:d7:b0:f4:00:e7:23:91:e4:88:f7:b3:62:20:3a:65:03:7d:
a5:c7:03:80:0d:78:73:d5:61:9d:0f:b5:db:46:4b:0b:a2:ac:
ba:76:8b:e9:7c:43:22:32:7c:8b:f8:88:8e:05:c9:b4:01:4d:
14:7e:57:86:8f:6f:64:a6:51:f8:74:6a:f7:39:73:54:d4:2e:
d5:0c:48:91:03:51:64:64:de:0b:27:6f:51:94:13:61:8f:a7:
48:7a:36:d4:b9:65:66:5b:5b:f9:90:07:e8:28:38:a2:08:6b:
3e:ac:b2:bf:67:98:25:71:b3:19:d5:6b:91:da:eb:df:57:29:
fa:07:4c:27:19:8d:0e:77:df:a4:da:84:1e:ea:cd:4d:08:72:
05:6d:34:dd:fa:94:d0:13:5e:cf:b5:d0:a2:a2:fb:be:9a:35:
7e:4c:ea:90:f0:da:03:39:c4:90:47:e2:e9:ca:ed:b7:93:42:
e8:a1:60:95
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qjQgaIXnw/3/yJEF4M1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMzAzOGE3MTdiMTU0ZTFjZmE0NzExNjgzMmRhMjZmMjhi
MmEzMDQwHhcNMjUxMTExMDgwMDU3WhcNMjUxMTEyMDgwMDU3WjAzMTEwLwYDVQQD
EyhjMGZjNjAwYTE4ZDA4ODcxYTc0OWY3MTI3NmJkYzhkNTNlZDUyZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+LiiK/QQdKw+WF7gRCusTYncBHW
afNXjBXrD0EhYIfAC7nFRoROeaQLrD3aBASLgqwB/gGWGYviaxxhjuZVNirnZp9j
qfqpRfT5ZItHsgY6JxwLJN6X5UWP+m6zt0cceUQnHRQXjv9kJn9eG7OlHMZAlvjt
bMBQX8a5S0PiJhZAoJYHUDCerNjEcB8B9VoAQi7UcuwbOqaLVPmNwNL6HvyqEaGe
JDJmcXccZCwT+m3DEsPTiYskGRwLYO0IfYVD08GLbk8R1YsU24P8Y1ntArJ//kmb
GYrgApo4zterURKA2P1uEIGA2BmVLEXaiSMqPiQQEeezMC81ETchmgciwQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMD8YAoY0Ihxp0n3Ena9yNU+1S90MB8GA1UdIwQY
MBaAFK8wOKcXsVThz6RxFoMtom8osqMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMt
ODYwYzQ5ZDBlYjZhLzEvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMtODYwYzQ5ZDBlYjZh
LzEvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcviKd4Yl
ZFvhb3A/MI0NUTwVDGpCzP8s/WCX5Y0qkzGutj++30SJeM1yH2LmS6eZNlWupVlw
Ol6+x1lUpE1H1gEnzCgh1moG79ew9ADnI5HkiPezYiA6ZQN9pccDgA14c9VhnQ+1
20ZLC6KsunaL6XxDIjJ8i/iIjgXJtAFNFH5Xho9vZKZR+HRq9zlzVNQu1QxIkQNR
ZGTeCydvUZQTYY+nSHo21LllZltb+ZAH6Cg4oghrPqyyv2eYJXGzGdVrkdrr31cp
+gdMJxmNDnffpNqEHurNTQhyBW003fqU0BNez7XQoqL7vpo1fkzqkPDaAznEkEfi
6crtt5NC6KFglQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:40:22 2025 by rpki-client