Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json)
Hash identifier: ZoSlY1dsrlVvjBFAgOn+A6NpEBWPeLrTUJtt08hHeeE=
Subject key identifier: FE:C4:9F:2C:64:7E:62:70:08:E2:9C:34:2D:D8:B5:5C:7F:A8:EB:F2
Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05
Certificate serial: 019A0BCA806E850EABEBC752D9B79CD53E4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
Manifest number: 0E9E
Signing time: Wed 22 Oct 2025 12:00:11 +0000
Manifest this update: Wed 22 Oct 2025 12:00:11 +0000
Manifest next update: Thu 23 Oct 2025 12:00:11 +0000
Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: EQJIx73zrM9ii1fayvu5ykgwrv4nboe4soQvLkECPfU=)
2: anoG2QxpBajiR81r5Nnqj0baENo.roa (hash: KO9yPbtejqfpWJpsarLnmq3okmJ48dSkW7G2+vLUOFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 12:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:ca:80:6e:85:0e:ab:eb:c7:52:d9:b7:9c:d5:3e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05
Validity
Not Before: Oct 22 12:00:11 2025 GMT
Not After : Oct 23 12:00:11 2025 GMT
Subject: CN=fec49f2c647e627008e29c342dd8b55c7fa8ebf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f2:63:c3:57:30:6d:98:14:97:b8:0a:1e:d3:
cb:ff:eb:b6:8a:84:83:53:06:dc:10:35:b6:bd:22:
7c:d6:5b:43:f7:82:f7:ec:36:d0:52:a3:66:b0:b2:
16:1c:32:69:2d:da:a8:3b:7c:9f:91:43:e9:2a:99:
ef:ec:9e:d5:e8:40:d4:fc:a3:8b:37:97:ee:54:bd:
e7:a5:a0:51:15:d3:13:4e:54:f6:ec:1e:69:6b:a0:
78:d0:34:d5:62:a6:5d:12:ed:9a:80:34:d0:e8:8d:
b9:16:2e:9b:8b:81:50:6b:21:f1:e4:eb:32:78:87:
1c:cf:27:5e:d8:a1:b5:ea:76:44:e4:ad:3b:82:88:
4c:89:b7:b4:ed:18:43:a7:28:a4:42:bf:f3:89:f9:
45:d3:2d:32:ec:21:d0:f2:5d:02:42:59:37:6c:3b:
78:12:03:90:3f:a6:29:26:e2:12:6e:d2:06:3a:e2:
21:f2:db:02:9c:a7:73:cb:48:e2:05:aa:77:6c:12:
78:70:2f:2d:92:00:5f:f0:f5:05:41:97:fd:75:cb:
73:40:21:9b:b2:6f:66:15:72:3f:1b:58:52:c7:cd:
7d:1b:cc:c5:34:e2:e1:f5:a6:fe:ed:61:5a:b8:f9:
b7:0a:d9:8a:68:bb:75:5a:b4:fd:1e:b7:0d:4a:a0:
64:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C4:9F:2C:64:7E:62:70:08:E2:9C:34:2D:D8:B5:5C:7F:A8:EB:F2
X509v3 Authority Key Identifier:
keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:ec:7e:91:d1:11:bf:9b:c2:2a:95:b9:3d:f7:f7:5d:77:7e:
6e:bd:eb:ca:52:5e:a1:34:83:cd:c8:00:bc:6c:61:5d:89:df:
5b:42:f6:d7:66:99:f8:06:71:9c:bc:53:57:53:53:dc:ae:cc:
a6:a5:65:8f:db:29:74:58:07:b8:ae:6f:3a:9c:8b:c8:c7:1f:
f7:e2:02:a1:9b:68:f4:73:16:7a:ff:9f:66:b9:77:6f:80:75:
76:c8:d5:ca:3f:3d:a7:d0:cf:4b:44:5c:11:15:bd:e6:d1:b0:
f9:6b:4e:5e:76:82:6b:97:9e:f1:61:3c:83:f3:81:cb:87:b4:
52:3a:95:f4:39:37:1a:b0:de:e2:17:50:38:6d:80:e1:32:d8:
76:a1:c2:ba:6e:2f:fa:fa:54:13:54:93:a0:35:c3:31:bb:cd:
49:a8:3c:ff:75:f8:26:83:b5:4c:1c:8a:de:39:f5:ae:b2:a0:
3c:81:bc:d5:ff:29:14:68:5e:2d:7d:91:13:3c:0f:05:93:ec:
bb:10:b8:86:a4:ba:d1:68:71:ef:49:5d:84:9b:2a:e1:c9:aa:
a1:87:28:85:61:fb:21:10:49:55:e7:b8:68:b1:ce:03:0f:65:
3e:60:c9:f6:87:74:66:a0:6e:4d:78:d4:1d:68:08:b4:63:a5:
62:a2:37:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoLyoBuhQ6r68dS2bec1T5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz
MzNhMDUwHhcNMjUxMDIyMTIwMDExWhcNMjUxMDIzMTIwMDExWjAzMTEwLwYDVQQD
EyhmZWM0OWYyYzY0N2U2MjcwMDhlMjljMzQyZGQ4YjU1YzdmYThlYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fJjw1cwbZgUl7gKHtPL/+u2ioSD
UwbcEDW2vSJ81ltD94L37DbQUqNmsLIWHDJpLdqoO3yfkUPpKpnv7J7V6EDU/KOL
N5fuVL3npaBRFdMTTlT27B5pa6B40DTVYqZdEu2agDTQ6I25Fi6bi4FQayHx5Osy
eIcczyde2KG16nZE5K07gohMibe07RhDpyikQr/ziflF0y0y7CHQ8l0CQlk3bDt4
EgOQP6YpJuISbtIGOuIh8tsCnKdzy0jiBap3bBJ4cC8tkgBf8PUFQZf9dctzQCGb
sm9mFXI/G1hSx819G8zFNOLh9ab+7WFauPm3CtmKaLt1WrT9HrcNSqBkWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP7EnyxkfmJwCOKcNC3YtVx/qOvyMB8GA1UdIwQY
MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt
NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw
LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApOx+kdER
v5vCKpW5Pff3XXd+br3rylJeoTSDzcgAvGxhXYnfW0L212aZ+AZxnLxTV1NT3K7M
pqVlj9spdFgHuK5vOpyLyMcf9+ICoZto9HMWev+fZrl3b4B1dsjVyj89p9DPS0Rc
ERW95tGw+WtOXnaCa5ee8WE8g/OBy4e0UjqV9Dk3GrDe4hdQOG2A4TLYdqHCum4v
+vpUE1SToDXDMbvNSag8/3X4JoO1TByK3jn1rrKgPIG81f8pFGheLX2REzwPBZPs
uxC4hqS60Whx70ldhJsq4cmqoYcohWH7IRBJVee4aLHOAw9lPmDJ9od0ZqBuTXjU
HWgItGOlYqI3/g==
-----END CERTIFICATE-----
Generated at Wed Oct 22 18:45:21 2025 by rpki-client