Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/d50be2-b9b6-477b-84fc-fbe47ad62aa5/1/Z8i133U8dJrleBD52T87pRrgXVw.mft
File: Z8i133U8dJrleBD52T87pRrgXVw.mft (raw, json)
Hash identifier: QxbDB27qjQzo7P3DgJqrVJd3n9gn2DsCX5MspqGhaNA=
Subject key identifier: AC:0A:59:B7:A3:90:2B:DD:1F:90:63:42:BC:8D:B0:2C:34:48:90:8C
Authority key identifier: 67:C8:B5:DF:75:3C:74:9A:E5:78:10:F9:D9:3F:3B:A5:1A:E0:5D:5C
Certificate issuer: /CN=67c8b5df753c749ae57810f9d93f3ba51ae05d5c
Certificate serial: 019A71B8B2AE65B6EF06B5444AFE8C499C9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8i133U8dJrleBD52T87pRrgXVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/d50be2-b9b6-477b-84fc-fbe47ad62aa5/1/Z8i133U8dJrleBD52T87pRrgXVw.mft
Manifest number: 101B
Signing time: Tue 11 Nov 2025 07:02:00 +0000
Manifest this update: Tue 11 Nov 2025 07:02:00 +0000
Manifest next update: Wed 12 Nov 2025 07:02:00 +0000
Files and hashes: 1: Z8i133U8dJrleBD52T87pRrgXVw.crl (hash: CC8F01k3318bUH0BO9BU7v38VgkacD+I+tBwkW4rk6s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/d50be2-b9b6-477b-84fc-fbe47ad62aa5/1/Z8i133U8dJrleBD52T87pRrgXVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/d50be2-b9b6-477b-84fc-fbe47ad62aa5/1/Z8i133U8dJrleBD52T87pRrgXVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z8i133U8dJrleBD52T87pRrgXVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:b2:ae:65:b6:ef:06:b5:44:4a:fe:8c:49:9c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67c8b5df753c749ae57810f9d93f3ba51ae05d5c
Validity
Not Before: Nov 11 07:02:00 2025 GMT
Not After : Nov 12 07:02:00 2025 GMT
Subject: CN=ac0a59b7a3902bdd1f906342bc8db02c3448908c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b9:b5:3a:bb:f6:69:cb:3a:75:e5:00:b4:4a:
2d:60:b2:9b:b6:b4:09:4f:c4:57:3e:bc:44:cb:de:
6e:d8:f3:ed:af:f6:18:6f:c5:6f:4c:1e:cd:28:39:
f0:41:6c:3a:20:ed:f7:0c:ef:99:0c:d4:df:47:7b:
fd:a7:50:e5:ed:84:a7:bc:77:9b:13:45:c4:60:24:
41:71:82:fe:cd:87:e0:f8:5f:ec:70:4c:8f:c0:e9:
03:17:c9:81:e8:65:f2:ad:e1:3f:33:be:c0:de:ba:
73:1b:a9:13:d7:55:71:03:61:e3:9a:bb:29:5c:96:
d0:8a:c1:5a:ad:92:c4:be:fd:ad:e1:e1:69:79:7e:
0a:b5:63:7a:41:7f:ea:b8:1a:f3:b4:9b:05:92:d0:
63:e8:5e:8e:14:cf:1b:d9:27:af:bd:c2:e7:12:e8:
1e:18:2e:03:59:a6:78:3f:3a:d7:18:9f:e3:d7:da:
ec:ea:5d:93:3e:61:4f:77:36:60:3f:57:48:7a:30:
97:af:e8:66:66:97:71:94:30:eb:fa:cb:c0:3a:7d:
41:fd:5b:38:4d:aa:41:39:f0:1f:da:d8:de:22:db:
0e:f1:d8:ae:bc:75:b1:d5:f8:a1:23:91:85:5c:24:
d3:97:e6:c8:ea:44:09:fc:5e:bf:95:9b:74:da:0b:
25:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0A:59:B7:A3:90:2B:DD:1F:90:63:42:BC:8D:B0:2C:34:48:90:8C
X509v3 Authority Key Identifier:
keyid:67:C8:B5:DF:75:3C:74:9A:E5:78:10:F9:D9:3F:3B:A5:1A:E0:5D:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8i133U8dJrleBD52T87pRrgXVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d50be2-b9b6-477b-84fc-fbe47ad62aa5/1/Z8i133U8dJrleBD52T87pRrgXVw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/d50be2-b9b6-477b-84fc-fbe47ad62aa5/1/Z8i133U8dJrleBD52T87pRrgXVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:39:5f:94:fc:80:1d:b9:fb:f8:45:56:b6:b6:84:46:79:af:
e6:24:d0:a9:b5:64:79:a4:98:7b:78:df:02:9e:ba:36:27:41:
f7:63:bc:1f:7b:ba:c9:be:74:56:3e:39:26:4f:01:82:fc:ac:
75:38:d0:1f:cb:7b:8a:1f:8d:22:42:c8:99:32:ca:ee:f2:f1:
9e:f9:74:0f:74:0e:68:c0:02:52:8d:b0:bf:2f:ad:b7:2c:7c:
1d:24:a5:bb:04:86:a8:e7:fa:42:f9:22:59:9b:06:66:09:81:
50:31:7d:4f:ad:5c:bc:12:3d:71:31:f2:34:83:79:da:7f:b3:
d2:ff:42:4e:d3:7d:d1:fd:98:e0:9a:1a:db:a2:7d:5d:9a:80:
ef:e6:5d:8c:44:94:11:af:38:cc:86:0a:2f:07:7b:ed:34:46:
6b:2f:9a:b6:ae:7c:bc:81:04:bb:f6:d1:53:8b:56:58:b8:89:
2e:64:ce:a3:41:87:7e:bc:7f:dc:25:37:0d:35:08:1b:35:c2:
a2:98:1b:8e:26:22:7c:a9:55:20:ed:3c:06:e5:d8:71:df:c0:
b1:7b:40:3b:a8:c8:35:93:20:b2:bd:9a:06:3d:6a:48:e3:2b:
29:3a:8d:97:e7:6e:a8:d9:c2:ff:0a:fa:11:89:86:f8:47:9f:
6f:ac:d4:28
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLKuZbbvBrVESv6MSZyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YzhiNWRmNzUzYzc0OWFlNTc4MTBmOWQ5M2YzYmE1MWFl
MDVkNWMwHhcNMjUxMTExMDcwMjAwWhcNMjUxMTEyMDcwMjAwWjAzMTEwLwYDVQQD
EyhhYzBhNTliN2EzOTAyYmRkMWY5MDYzNDJiYzhkYjAyYzM0NDg5MDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rm1Orv2acs6deUAtEotYLKbtrQJ
T8RXPrxEy95u2PPtr/YYb8VvTB7NKDnwQWw6IO33DO+ZDNTfR3v9p1Dl7YSnvHeb
E0XEYCRBcYL+zYfg+F/scEyPwOkDF8mB6GXyreE/M77A3rpzG6kT11VxA2Hjmrsp
XJbQisFarZLEvv2t4eFpeX4KtWN6QX/quBrztJsFktBj6F6OFM8b2SevvcLnEuge
GC4DWaZ4PzrXGJ/j19rs6l2TPmFPdzZgP1dIejCXr+hmZpdxlDDr+svAOn1B/Vs4
TapBOfAf2tjeItsO8diuvHWx1fihI5GFXCTTl+bI6kQJ/F6/lZt02gsl7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKwKWbejkCvdH5BjQryNsCw0SJCMMB8GA1UdIwQY
MBaAFGfItd91PHSa5XgQ+dk/O6Ua4F1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjhpMTMzVThkSnJsZUJENTJUODdwUnJnWFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9kNTBiZTItYjliNi00NzdiLTg0ZmMt
ZmJlNDdhZDYyYWE1LzEvWjhpMTMzVThkSnJsZUJENTJUODdwUnJnWFZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9kNTBiZTItYjliNi00NzdiLTg0ZmMtZmJlNDdhZDYyYWE1
LzEvWjhpMTMzVThkSnJsZUJENTJUODdwUnJnWFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAjlflPyA
Hbn7+EVWtraERnmv5iTQqbVkeaSYe3jfAp66NidB92O8H3u6yb50Vj45Jk8Bgvys
dTjQH8t7ih+NIkLImTLK7vLxnvl0D3QOaMACUo2wvy+ttyx8HSSluwSGqOf6Qvki
WZsGZgmBUDF9T61cvBI9cTHyNIN52n+z0v9CTtN90f2Y4Joa26J9XZqA7+ZdjESU
Ea84zIYKLwd77TRGay+atq58vIEEu/bRU4tWWLiJLmTOo0GHfrx/3CU3DTUIGzXC
opgbjiYifKlVIO08BuXYcd/AsXtAO6jINZMgsr2aBj1qSOMrKTqNl+duqNnC/wr6
EYmG+Eefb6zUKA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:03 2025 by rpki-client