Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
File: tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft (raw, json)
Hash identifier: G074qb6kJTJ3pm+m8Sk8GVyF8BLI2azYyEueXeP/Y0g=
Subject key identifier: 9C:8E:51:92:69:A6:F5:9E:80:8A:72:AF:2D:A6:F6:11:79:AD:D0:DE
Authority key identifier: B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77
Certificate issuer: /CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977
Certificate serial: 019A72259E98395C4452DC6F51518BD31619
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
Manifest number: 0D50
Signing time: Tue 11 Nov 2025 09:00:59 +0000
Manifest this update: Tue 11 Nov 2025 09:00:59 +0000
Manifest next update: Wed 12 Nov 2025 09:00:59 +0000
Files and hashes: 1: 6mSAzptlMtavroiRBEbzErufO08.roa (hash: lJ5Bp/WretmXqwZLM24/DP1Oy5iyysz4o7F+olg5yZQ=)
2: tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl (hash: CDAkpnJMHVkSn6IrRvtksIYvo9TZhf5F8kEeEFIjUR8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:9e:98:39:5c:44:52:dc:6f:51:51:8b:d3:16:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977
Validity
Not Before: Nov 11 09:00:59 2025 GMT
Not After : Nov 12 09:00:59 2025 GMT
Subject: CN=9c8e519269a6f59e808a72af2da6f61179add0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:dd:27:bf:c5:31:b5:e1:d7:07:4b:13:5a:0c:
ba:9b:b6:8d:13:f1:16:7d:b9:fb:c8:9a:00:f5:ac:
0a:a3:38:b0:94:59:27:a0:08:74:7f:90:e9:35:a7:
cb:7a:85:b6:e1:cf:44:c4:b6:4a:fa:1a:40:f8:db:
6e:db:c2:92:24:a0:be:84:6c:65:1d:23:35:58:0d:
a4:fd:62:bb:b3:07:f8:ed:c7:31:df:1b:2e:b8:80:
94:16:7c:44:66:ce:c1:0a:c4:43:5d:49:0e:9b:94:
33:a7:d3:65:10:48:ef:c4:49:4f:19:70:2a:6e:11:
7b:a0:51:d0:b2:f1:12:60:61:a6:0e:70:17:a9:39:
e1:c3:5f:57:ea:17:9d:7f:e2:1f:c5:73:ec:42:81:
21:1b:58:dc:93:eb:53:a5:f9:f4:89:59:c0:cc:08:
51:aa:d3:64:58:72:38:50:f8:8d:ee:1e:22:85:ba:
6c:3e:a6:16:28:67:46:59:aa:02:c7:ec:6c:4b:a6:
40:69:69:96:a4:0c:3c:b5:a1:6a:9b:96:d3:65:06:
45:99:22:0a:3b:47:c4:08:d7:07:04:5a:e9:e4:2b:
05:fc:d5:87:ca:ef:45:ad:36:1a:c8:f5:d7:47:35:
fc:e0:f9:24:87:37:3e:0a:24:d6:e3:58:fc:a0:6b:
b3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8E:51:92:69:A6:F5:9E:80:8A:72:AF:2D:A6:F6:11:79:AD:D0:DE
X509v3 Authority Key Identifier:
keyid:B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:d7:24:a8:9f:5a:13:06:1e:65:f3:76:8d:9e:da:22:fb:14:
67:93:7e:f2:ef:97:9d:86:2f:61:d0:40:90:41:cc:58:60:70:
cd:3c:65:f1:4a:e2:e2:8f:40:86:a4:0b:ad:58:f6:57:aa:b1:
01:ab:ef:15:2b:a0:22:0c:4c:5e:de:ae:97:1e:81:1e:a1:67:
db:ff:38:ed:c0:fd:2c:ec:19:0f:ba:21:ad:c0:12:4d:4e:d4:
9a:3d:12:ee:ac:bc:d0:d8:3f:9a:96:68:12:59:a9:43:4e:f4:
7b:3d:29:d2:72:cd:64:67:7a:3c:d1:7f:d8:38:69:92:2a:40:
49:17:05:e8:7a:1c:65:0f:a1:cc:43:cb:f5:95:d7:d9:39:2f:
88:82:ff:03:86:68:d7:2e:4d:c5:8c:1e:59:81:66:ac:81:52:
87:a6:ac:71:3b:41:66:f6:28:f6:cc:4f:1f:ac:b7:ef:43:d0:
38:7b:d6:66:09:03:0c:1f:e0:96:4c:ad:b0:98:c2:3b:9d:bb:
fc:69:49:9e:45:27:71:eb:dd:6a:ee:22:51:4e:4a:42:af:cf:
d4:12:76:5f:40:91:44:49:df:c0:83:6c:fe:40:9a:6b:1a:f3:
4c:1d:bb:86:a7:fb:c0:55:38:c7:df:50:5e:b3:26:a3:c6:66:
a1:41:9c:83
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZ6YOVxEUtxvUVGL0xYZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Y2NkZDg4M2Y2ZGQxMTRlY2Y2ZjcyNzE2YTg0NjM0ZjY3
YWM5NzcwHhcNMjUxMTExMDkwMDU5WhcNMjUxMTEyMDkwMDU5WjAzMTEwLwYDVQQD
Eyg5YzhlNTE5MjY5YTZmNTllODA4YTcyYWYyZGE2ZjYxMTc5YWRkMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA590nv8UxteHXB0sTWgy6m7aNE/EW
fbn7yJoA9awKoziwlFknoAh0f5DpNafLeoW24c9ExLZK+hpA+Ntu28KSJKC+hGxl
HSM1WA2k/WK7swf47ccx3xsuuICUFnxEZs7BCsRDXUkOm5Qzp9NlEEjvxElPGXAq
bhF7oFHQsvESYGGmDnAXqTnhw19X6hedf+IfxXPsQoEhG1jck+tTpfn0iVnAzAhR
qtNkWHI4UPiN7h4ihbpsPqYWKGdGWaoCx+xsS6ZAaWmWpAw8taFqm5bTZQZFmSIK
O0fECNcHBFrp5CsF/NWHyu9FrTYayPXXRzX84Pkkhzc+CiTW41j8oGuzaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJyOUZJppvWegIpyry2m9hF5rdDeMB8GA1UdIwQY
MBaAFLXM3Yg/bdEU7Pb3JxaoRjT2esl3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgt
NGFiYWY1M2E1MGFmLzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgtNGFiYWY1M2E1MGFm
LzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqdckqJ9a
EwYeZfN2jZ7aIvsUZ5N+8u+XnYYvYdBAkEHMWGBwzTxl8Uri4o9AhqQLrVj2V6qx
AavvFSugIgxMXt6ulx6BHqFn2/847cD9LOwZD7ohrcASTU7Umj0S7qy80Ng/mpZo
ElmpQ070ez0p0nLNZGd6PNF/2DhpkipASRcF6HocZQ+hzEPL9ZXX2TkviIL/A4Zo
1y5NxYweWYFmrIFSh6ascTtBZvYo9sxPH6y370PQOHvWZgkDDB/glkytsJjCO527
/GlJnkUncevdau4iUU5KQq/P1BJ2X0CRREnfwINs/kCaaxrzTB27hqf7wFU4x99Q
XrMmo8ZmoUGcgw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:32 2025 by rpki-client