Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
File: 4z2f_axY52ErCVFE_sBrolhapqg.mft (raw, json)
Hash identifier: g8//4keob3V7sUKP84bGab75hxoWT2AnoKFYQbI4W/M=
Subject key identifier: 70:E7:20:C1:A6:1C:45:20:25:95:96:B0:C2:A3:AA:D3:50:DD:E7:2C
Authority key identifier: E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8
Certificate issuer: /CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8
Certificate serial: 019A1B74DB9F2ACE1CE505DB5C329D690CD8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
Manifest number: 1449
Signing time: Sat 25 Oct 2025 13:00:34 +0000
Manifest this update: Sat 25 Oct 2025 13:00:34 +0000
Manifest next update: Sun 26 Oct 2025 13:00:34 +0000
Files and hashes: 1: 4z2f_axY52ErCVFE_sBrolhapqg.crl (hash: g4Rc+9VJuW/7cBDkmJIjb69maKzRrNu+0SBurtHWqiE=)
2: kDBI9l_YMVWuxKarh0cfBt-co8E.roa (hash: Cmec62sAgGLnTuvkkeIcYM85TIkQ74UMRSA2arV5eDI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1b:74:db:9f:2a:ce:1c:e5:05:db:5c:32:9d:69:0c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8
Validity
Not Before: Oct 25 13:00:34 2025 GMT
Not After : Oct 26 13:00:34 2025 GMT
Subject: CN=70e720c1a61c4520259596b0c2a3aad350dde72c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:4c:43:30:7e:1a:0a:e3:ad:41:88:c1:6b:
b2:b6:c8:2f:8d:c4:6d:7c:ab:74:eb:c2:b9:6f:0a:
67:b4:74:f6:b4:67:b6:51:ff:0f:d4:28:59:8d:aa:
31:ac:2f:03:74:ad:40:4a:9a:a4:32:f4:6d:a5:81:
e6:97:f4:b3:9a:19:b0:0d:d8:0e:72:1c:83:ab:17:
c8:14:99:8a:5d:fc:4f:b5:9a:89:78:a7:b2:39:cc:
06:b8:5c:d8:8c:34:60:6b:28:fa:cc:8f:29:ef:46:
1d:9f:b4:7e:95:30:c8:b6:fd:68:bc:03:70:f2:de:
90:a3:e8:9a:04:08:ab:0f:34:07:48:a3:11:2e:80:
46:2d:06:a4:76:fe:aa:d2:9f:77:0e:3c:d6:74:ce:
5f:75:4a:32:b7:f1:d0:6c:54:5e:15:26:e9:bf:fd:
ef:a6:47:04:0b:c5:ac:43:0d:2b:ec:ba:fa:47:1e:
1d:1e:62:d6:82:6d:ef:fb:04:59:dd:6e:ad:d9:ab:
2d:14:5d:d9:31:be:ed:79:fb:a5:12:b4:e3:1a:35:
94:48:2e:26:d0:86:3e:4c:e4:65:ad:3e:42:a4:3b:
bb:ba:cc:e5:0b:ee:2f:30:59:9c:f5:bb:e1:6c:03:
04:87:fd:49:c3:2a:55:5e:f3:8d:3c:bf:07:d0:29:
8f:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E7:20:C1:A6:1C:45:20:25:95:96:B0:C2:A3:AA:D3:50:DD:E7:2C
X509v3 Authority Key Identifier:
keyid:E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:c5:cc:d7:4a:27:3e:03:bc:49:77:2c:11:d1:bd:69:de:a1:
18:6a:70:92:75:4c:fc:60:01:0e:1a:ed:9b:0e:22:a6:36:23:
ac:94:40:6a:e0:39:c6:ec:dd:af:46:ca:7d:08:f3:98:a4:a8:
a4:82:2a:0a:c1:6f:1c:11:f0:95:7d:04:8e:10:f4:0b:5f:1f:
c7:6e:20:f8:6a:d4:8a:40:d6:61:c3:55:2e:78:1f:38:28:9d:
5c:c4:7e:59:7b:43:78:68:a4:3e:48:5f:54:11:66:09:40:9c:
36:5e:ad:eb:d8:bd:89:fa:4e:07:4e:0f:a1:43:b6:3d:fc:f1:
00:58:a0:fd:fc:13:d7:bf:42:8d:4f:a4:81:e1:10:01:2e:6c:
20:5e:a6:5e:a3:22:d6:59:c5:74:b0:8d:ee:83:22:24:69:94:
82:9c:72:4a:c9:ec:b9:3f:d4:65:d9:6b:1d:a2:37:e6:74:d5:
e9:bd:75:0b:6a:1e:1f:b7:bd:2d:15:0c:c7:45:31:92:e3:10:
bc:aa:be:e5:c7:76:3c:7a:34:79:42:fd:7e:9e:16:86:7e:bd:
4a:6e:22:db:ef:74:64:0f:1d:f2:33:63:53:e8:d8:a4:1d:6c:
c2:41:df:a4:07:29:a7:31:b9:f2:6f:3c:23:47:26:ab:b6:a7:
8c:11:c4:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZobdNufKs4c5QXbXDKdaQzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzM2Q5ZmZkYWM1OGU3NjEyYjA5NTE0NGZlYzA2YmEyNTg1
YWE2YTgwHhcNMjUxMDI1MTMwMDM0WhcNMjUxMDI2MTMwMDM0WjAzMTEwLwYDVQQD
Eyg3MGU3MjBjMWE2MWM0NTIwMjU5NTk2YjBjMmEzYWFkMzUwZGRlNzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvFMQzB+GgrjrUGIwWuytsgvjcRt
fKt068K5bwpntHT2tGe2Uf8P1ChZjaoxrC8DdK1ASpqkMvRtpYHml/SzmhmwDdgO
chyDqxfIFJmKXfxPtZqJeKeyOcwGuFzYjDRgayj6zI8p70Ydn7R+lTDItv1ovANw
8t6Qo+iaBAirDzQHSKMRLoBGLQakdv6q0p93DjzWdM5fdUoyt/HQbFReFSbpv/3v
pkcEC8WsQw0r7Lr6Rx4dHmLWgm3v+wRZ3W6t2astFF3ZMb7tefulErTjGjWUSC4m
0IY+TORlrT5CpDu7uszlC+4vMFmc9bvhbAMEh/1JwypVXvONPL8H0CmPZQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHDnIMGmHEUgJZWWsMKjqtNQ3ecsMB8GA1UdIwQY
MBaAFOM9n/2sWOdhKwlRRP7Aa6JYWqaoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTkt
OWNiMjk2MzAxZTY0LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTktOWNiMjk2MzAxZTY0
LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdsXM10on
PgO8SXcsEdG9ad6hGGpwknVM/GABDhrtmw4ipjYjrJRAauA5xuzdr0bKfQjzmKSo
pIIqCsFvHBHwlX0EjhD0C18fx24g+GrUikDWYcNVLngfOCidXMR+WXtDeGikPkhf
VBFmCUCcNl6t69i9ifpOB04PoUO2PfzxAFig/fwT179CjU+kgeEQAS5sIF6mXqMi
1lnFdLCN7oMiJGmUgpxySsnsuT/UZdlrHaI35nTV6b11C2oeH7e9LRUMx0UxkuMQ
vKq+5cd2PHo0eUL9fp4Whn69Sm4i2+90ZA8d8jNjU+jYpB1swkHfpAcppzG58m88
I0cmq7anjBHEWQ==
-----END CERTIFICATE-----
Generated at Sat Oct 25 22:33:23 2025 by rpki-client