Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
File: cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft (raw, json)
Hash identifier: imnpRFtAFvIddRSJDrtnx4IvWlc18Hne2Wd9HNihMAg=
Subject key identifier: 5B:18:33:C2:00:E3:6F:3D:73:94:7A:6D:26:6F:28:59:F7:09:FC:4F
Authority key identifier: 71:92:F3:56:0C:15:B9:4D:1E:F4:97:72:68:45:D7:86:78:6B:C7:62
Certificate issuer: /CN=7192f3560c15b94d1ef497726845d786786bc762
Certificate serial: 019A71B85D14CD4436684744F00343632869
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
Manifest number: 0E53
Signing time: Tue 11 Nov 2025 07:01:38 +0000
Manifest this update: Tue 11 Nov 2025 07:01:38 +0000
Manifest next update: Wed 12 Nov 2025 07:01:38 +0000
Files and hashes: 1: cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl (hash: HZcZ9JxwUy3Z4sPCcXZAPKbLKDFG+//tEofGHQUsA/o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:5d:14:cd:44:36:68:47:44:f0:03:43:63:28:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7192f3560c15b94d1ef497726845d786786bc762
Validity
Not Before: Nov 11 07:01:38 2025 GMT
Not After : Nov 12 07:01:38 2025 GMT
Subject: CN=5b1833c200e36f3d73947a6d266f2859f709fc4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:0c:ca:fa:24:5d:02:6b:fe:75:c2:66:3f:
2b:9f:0b:f5:10:74:db:97:3d:d1:f7:2b:a7:33:df:
8f:94:90:1b:4b:52:1f:55:d8:d9:d0:b4:53:9a:7b:
60:4f:b1:14:6f:d2:d8:7b:7d:d7:65:17:70:00:c2:
15:c6:8a:da:16:79:ac:1d:04:a8:96:d0:09:c4:90:
51:7a:0f:80:ed:96:cb:47:ce:6c:20:77:2b:cb:c5:
29:66:82:7d:34:2f:f0:fc:9c:f4:91:26:75:fa:30:
fa:4c:e7:a4:5c:12:db:ac:74:51:72:31:25:4b:f9:
67:24:b0:da:9b:84:8c:2b:06:77:35:49:6f:9f:fc:
bc:10:ce:8f:56:a7:4c:fa:e7:db:03:c8:8f:5c:63:
0e:28:52:26:00:36:84:f1:1e:66:df:cd:a6:91:4d:
f0:db:e0:bf:27:19:33:4d:da:dc:24:2b:46:f0:b0:
da:b9:f2:61:9e:e7:80:2b:f6:f0:4b:c2:1e:a3:73:
a3:c0:be:77:3a:13:d2:4a:f1:9c:71:5b:8e:b7:78:
1a:08:dc:c3:77:b4:55:1b:3c:40:a6:f0:b3:65:13:
8e:21:3d:54:c1:a4:9c:ca:f9:bf:34:4d:56:59:a6:
7e:ce:c7:6c:df:db:51:08:1c:75:6d:af:42:9e:a4:
59:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:18:33:C2:00:E3:6F:3D:73:94:7A:6D:26:6F:28:59:F7:09:FC:4F
X509v3 Authority Key Identifier:
keyid:71:92:F3:56:0C:15:B9:4D:1E:F4:97:72:68:45:D7:86:78:6B:C7:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZLzVgwVuU0e9JdyaEXXhnhrx2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/69a034-b508-42e8-99e8-75ee24a3f96b/1/cZLzVgwVuU0e9JdyaEXXhnhrx2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:6d:48:59:7b:2f:31:c7:20:11:ae:01:9b:bc:03:68:6e:08:
7c:d7:c4:cb:95:4a:59:b1:a4:ce:f9:59:eb:7a:79:5d:96:e9:
ae:b7:99:9a:51:de:10:87:66:3d:ca:7a:57:f0:8a:59:b2:b3:
e0:31:4d:12:3e:f3:01:43:a6:a4:4d:54:58:d0:f0:b6:48:36:
b4:83:0b:ed:ab:36:98:2b:d4:ca:b3:b1:12:de:08:c4:03:d8:
9a:ac:f8:14:b4:99:44:52:b0:1f:b4:fb:8a:65:a6:21:04:57:
c3:80:69:e2:d1:00:4a:df:7a:a9:24:0e:32:80:13:6d:24:cb:
b6:dd:40:41:88:a9:00:a0:ab:24:88:75:f2:3f:77:5d:75:72:
7f:0e:c3:5a:97:ab:a2:54:89:f9:0d:f5:da:c1:2c:47:99:84:
d3:00:be:cf:22:65:b5:b6:74:db:da:bc:66:8a:0e:5d:b5:73:
48:33:31:28:96:65:9e:49:e5:eb:13:fa:0f:f1:b3:1a:f0:54:
e2:47:7c:31:50:16:ff:04:ba:e6:6c:f6:cc:a0:5a:76:81:3a:
f5:9b:84:37:96:58:61:f2:df:2c:46:89:cc:b0:11:5e:bb:0f:
59:7c:2d:72:1a:b4:3d:bd:b1:1b:1c:30:7d:51:16:05:75:6e:
08:67:05:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuF0UzUQ2aEdE8ANDYyhpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxOTJmMzU2MGMxNWI5NGQxZWY0OTc3MjY4NDVkNzg2Nzg2
YmM3NjIwHhcNMjUxMTExMDcwMTM4WhcNMjUxMTEyMDcwMTM4WjAzMTEwLwYDVQQD
Eyg1YjE4MzNjMjAwZTM2ZjNkNzM5NDdhNmQyNjZmMjg1OWY3MDlmYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGgMyvokXQJr/nXCZj8rnwv1EHTb
lz3R9yunM9+PlJAbS1IfVdjZ0LRTmntgT7EUb9LYe33XZRdwAMIVxoraFnmsHQSo
ltAJxJBReg+A7ZbLR85sIHcry8UpZoJ9NC/w/Jz0kSZ1+jD6TOekXBLbrHRRcjEl
S/lnJLDam4SMKwZ3NUlvn/y8EM6PVqdM+ufbA8iPXGMOKFImADaE8R5m382mkU3w
2+C/JxkzTdrcJCtG8LDaufJhnueAK/bwS8Ieo3OjwL53OhPSSvGccVuOt3gaCNzD
d7RVGzxApvCzZROOIT1UwaScyvm/NE1WWaZ+zsds39tRCBx1ba9CnqRZhwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFsYM8IA4289c5R6bSZvKFn3CfxPMB8GA1UdIwQY
MBaAFHGS81YMFblNHvSXcmhF14Z4a8diMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82OWEwMzQtYjUwOC00MmU4LTk5ZTgt
NzVlZTI0YTNmOTZiLzEvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82OWEwMzQtYjUwOC00MmU4LTk5ZTgtNzVlZTI0YTNmOTZi
LzEvY1pMelZnd1Z1VTBlOUpkeWFFWFhobmhyeDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnW1IWXsv
MccgEa4Bm7wDaG4IfNfEy5VKWbGkzvlZ63p5XZbprreZmlHeEIdmPcp6V/CKWbKz
4DFNEj7zAUOmpE1UWNDwtkg2tIML7as2mCvUyrOxEt4IxAPYmqz4FLSZRFKwH7T7
imWmIQRXw4Bp4tEASt96qSQOMoATbSTLtt1AQYipAKCrJIh18j93XXVyfw7DWper
olSJ+Q312sEsR5mE0wC+zyJltbZ029q8ZooOXbVzSDMxKJZlnknl6xP6D/GzGvBU
4kd8MVAW/wS65mz2zKBadoE69ZuEN5ZYYfLfLEaJzLARXrsPWXwtchq0Pb2xGxww
fVEWBXVuCGcFtQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:25 2025 by rpki-client