Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
File: 0zWMPscfwZpqyYRrr03lmDY1cpM.mft (raw, json)
Hash identifier: b4kmAiretGCLgMnyqIpuwnQetCPit4zTWjvhPG5km4o=
Subject key identifier: 2A:67:99:99:55:45:15:4A:E5:E6:FE:6D:DE:61:22:AD:1B:D4:F8:1E
Authority key identifier: D3:35:8C:3E:C7:1F:C1:9A:6A:C9:84:6B:AF:4D:E5:98:36:35:72:93
Certificate issuer: /CN=d3358c3ec71fc19a6ac9846baf4de59836357293
Certificate serial: 019A71B7B75E4E85BCA47C97BF625DC1EA7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zWMPscfwZpqyYRrr03lmDY1cpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
Manifest number: 16B0
Signing time: Tue 11 Nov 2025 07:00:56 +0000
Manifest this update: Tue 11 Nov 2025 07:00:56 +0000
Manifest next update: Wed 12 Nov 2025 07:00:56 +0000
Files and hashes: 1: 0zWMPscfwZpqyYRrr03lmDY1cpM.crl (hash: onuekRYK3maiC0gtsYzV/imtsc6H9WJxm1CBQYPcUTs=)
2: LYl-ckZTCA5UyIouoIve31n38qY.roa (hash: vPSTPP2+IXPu60S6+w3ugZNedqIYo00aGNP955WAY1c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0zWMPscfwZpqyYRrr03lmDY1cpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:b7:5e:4e:85:bc:a4:7c:97:bf:62:5d:c1:ea:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3358c3ec71fc19a6ac9846baf4de59836357293
Validity
Not Before: Nov 11 07:00:56 2025 GMT
Not After : Nov 12 07:00:56 2025 GMT
Subject: CN=2a6799995545154ae5e6fe6dde6122ad1bd4f81e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:af:06:4c:f9:c5:3f:63:36:a9:fe:99:25:b5:
ff:34:80:66:de:99:77:69:07:c6:52:27:87:8d:ff:
45:55:5f:df:df:82:e5:a5:24:83:a6:6c:de:f0:57:
9e:34:f5:71:36:8b:95:9c:60:87:0e:77:2a:2b:c1:
b5:bf:88:b2:cf:2f:d5:12:3b:a7:ee:46:ed:ad:a4:
c9:66:81:95:68:86:62:cd:7c:c7:f5:ec:5a:82:6d:
d2:63:59:44:9c:40:7a:4f:fc:de:e5:93:1a:c1:28:
e2:b5:30:43:56:15:d6:bf:16:a9:78:5e:4b:32:99:
a4:ff:4f:42:20:ff:b6:7d:fb:07:7d:bf:53:7d:02:
b7:c3:07:eb:bb:d0:1a:d1:06:c0:54:07:6f:7a:d3:
09:0d:35:8c:c1:16:ba:02:71:3d:7e:ea:ca:94:07:
06:7d:c2:1d:4a:6c:52:2b:25:b6:af:d4:14:e4:b5:
c4:7a:c5:68:b1:a7:8f:0e:d4:b7:d6:4d:6d:4a:07:
39:e9:ee:e7:66:30:1a:3a:d9:74:33:45:83:3e:bc:
50:cb:a0:dc:e4:4c:7c:e6:cf:dd:a9:f9:e1:0c:ad:
67:ea:c5:1f:14:c4:69:2f:64:7d:79:32:e1:f3:38:
34:08:3d:71:72:29:bd:07:f6:59:bc:69:49:bc:0f:
a2:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:67:99:99:55:45:15:4A:E5:E6:FE:6D:DE:61:22:AD:1B:D4:F8:1E
X509v3 Authority Key Identifier:
keyid:D3:35:8C:3E:C7:1F:C1:9A:6A:C9:84:6B:AF:4D:E5:98:36:35:72:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zWMPscfwZpqyYRrr03lmDY1cpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d01d58-5418-4217-89ae-23a84eedd956/1/0zWMPscfwZpqyYRrr03lmDY1cpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:9c:97:14:c0:bc:67:89:89:90:1f:8c:9f:86:ac:c7:16:07:
c4:29:cf:64:18:d4:b4:23:60:bd:cb:c0:5c:f7:67:c8:80:03:
a8:a9:e8:d7:23:48:45:07:3b:ae:25:db:4d:59:ad:c1:90:b3:
81:4f:13:8b:e9:0f:49:69:64:a6:10:24:34:23:5a:0c:26:39:
2f:0e:01:31:9a:c9:2a:aa:49:5e:bf:d9:b0:12:d4:78:c2:ed:
43:73:6d:df:55:7d:22:19:54:f4:61:5d:cd:8c:a8:54:94:b1:
0c:36:fc:c9:a1:61:b7:4b:9e:d8:5f:74:45:ce:02:79:76:f9:
4a:7f:5a:96:bb:7c:55:11:15:2a:96:98:55:5b:36:54:db:3f:
80:dd:13:e9:13:c0:51:b1:bd:60:0e:f7:a0:92:5e:fa:d7:d2:
ba:6d:37:f2:a0:d3:39:50:37:09:23:0d:68:d2:89:d2:b2:c5:
a8:f6:d1:ee:fe:98:bf:96:53:52:8f:b1:8d:63:a7:82:34:9e:
a2:01:ff:b2:e0:20:f8:ca:1d:3d:ed:06:80:63:98:9c:6f:c1:
0a:bf:f8:e7:67:dc:b0:39:e1:52:3a:9a:f5:4d:d5:f1:a8:47:
40:93:48:a5:7d:7e:b9:a4:18:ce:31:e5:93:9a:8f:f9:3e:62:
5f:30:fe:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt7deToW8pHyXv2Jdwep/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMzU4YzNlYzcxZmMxOWE2YWM5ODQ2YmFmNGRlNTk4MzYz
NTcyOTMwHhcNMjUxMTExMDcwMDU2WhcNMjUxMTEyMDcwMDU2WjAzMTEwLwYDVQQD
EygyYTY3OTk5OTU1NDUxNTRhZTVlNmZlNmRkZTYxMjJhZDFiZDRmODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK8GTPnFP2M2qf6ZJbX/NIBm3pl3
aQfGUieHjf9FVV/f34LlpSSDpmze8FeeNPVxNouVnGCHDncqK8G1v4iyzy/VEjun
7kbtraTJZoGVaIZizXzH9exagm3SY1lEnEB6T/ze5ZMawSjitTBDVhXWvxapeF5L
Mpmk/09CIP+2ffsHfb9TfQK3wwfru9Aa0QbAVAdvetMJDTWMwRa6AnE9furKlAcG
fcIdSmxSKyW2r9QU5LXEesVosaePDtS31k1tSgc56e7nZjAaOtl0M0WDPrxQy6Dc
5Ex85s/dqfnhDK1n6sUfFMRpL2R9eTLh8zg0CD1xcim9B/ZZvGlJvA+iewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpnmZlVRRVK5eb+bd5hIq0b1PgeMB8GA1UdIwQY
MBaAFNM1jD7HH8GaasmEa69N5Zg2NXKTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHpXTVBzY2Z3WnBxeVlScnIwM2xtRFkxY3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kMDFkNTgtNTQxOC00MjE3LTg5YWUt
MjNhODRlZWRkOTU2LzEvMHpXTVBzY2Z3WnBxeVlScnIwM2xtRFkxY3BNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9kMDFkNTgtNTQxOC00MjE3LTg5YWUtMjNhODRlZWRkOTU2
LzEvMHpXTVBzY2Z3WnBxeVlScnIwM2xtRFkxY3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIJyXFMC8
Z4mJkB+Mn4asxxYHxCnPZBjUtCNgvcvAXPdnyIADqKno1yNIRQc7riXbTVmtwZCz
gU8Ti+kPSWlkphAkNCNaDCY5Lw4BMZrJKqpJXr/ZsBLUeMLtQ3Nt31V9IhlU9GFd
zYyoVJSxDDb8yaFht0ue2F90Rc4CeXb5Sn9alrt8VREVKpaYVVs2VNs/gN0T6RPA
UbG9YA73oJJe+tfSum038qDTOVA3CSMNaNKJ0rLFqPbR7v6Yv5ZTUo+xjWOngjSe
ogH/suAg+ModPe0GgGOYnG/BCr/452fcsDnhUjqa9U3V8ahHQJNIpX1+uaQYzjHl
k5qP+T5iXzD+Gw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:53 2025 by rpki-client