Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
File: zl1FYESPeKTc3LeRoH2tIWOgjN8.mft (raw, json)
Hash identifier: gfQU6Iogu8gZ+ldJYYW4U9va0DUwjXHyG+d8C6As1XE=
Subject key identifier: EB:D1:52:F3:A2:58:BA:C9:07:4C:C6:7E:EA:05:38:3C:EE:59:DD:BA
Authority key identifier: CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF
Certificate issuer: /CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf
Certificate serial: 019A4D06D6A740E58CBDB3B87C5877E2E68C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
Manifest number: 169F
Signing time: Tue 04 Nov 2025 04:01:25 +0000
Manifest this update: Tue 04 Nov 2025 04:01:25 +0000
Manifest next update: Wed 05 Nov 2025 04:01:25 +0000
Files and hashes: 1: DnVFEpYRkYdsvx6fTEjYM0mnXYg.roa (hash: Q/XnpIbexx4X2BOItVZgFWxgUIF3KGLUNsRlADlMLPI=)
2: zl1FYESPeKTc3LeRoH2tIWOgjN8.crl (hash: lSd9ySUelhLROIuuKg32hamwf9dgkoB3Xnbu1ItkzaM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 04:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:06:d6:a7:40:e5:8c:bd:b3:b8:7c:58:77:e2:e6:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf
Validity
Not Before: Nov 4 04:01:25 2025 GMT
Not After : Nov 5 04:01:25 2025 GMT
Subject: CN=ebd152f3a258bac9074cc67eea05383cee59ddba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:41:26:ab:65:5d:b5:d3:8a:3a:4c:bc:57:57:
d9:67:ca:99:c1:0c:22:f3:9d:e0:16:2a:19:f7:e2:
d6:a5:4d:eb:53:d7:b8:1c:56:b4:ca:13:d9:37:85:
ab:7b:13:43:16:f3:97:a1:83:0f:0b:e6:6a:74:a2:
c2:b5:c6:83:4f:d8:59:bc:4c:72:c8:8d:2c:bd:39:
9e:77:51:88:14:b5:05:2e:e4:1a:81:6a:b4:00:d3:
f6:90:b2:7e:1d:18:2c:bf:a6:47:31:3e:ad:c2:14:
2a:45:9a:53:d1:ae:c0:5a:79:4e:de:e9:c2:c8:d2:
2d:d7:eb:14:20:46:22:ca:6d:76:9b:73:db:21:29:
7d:5e:e6:ad:26:2b:a6:de:cd:8d:9c:93:fa:f6:a4:
a1:f7:8d:38:73:d7:3a:96:d2:dd:6a:be:c1:cb:ef:
29:fd:6d:b6:3a:ca:18:bb:d7:20:92:60:7b:ec:05:
6f:4e:f1:64:a4:84:21:6e:67:b1:66:4c:43:f6:8f:
8c:53:6a:93:25:55:36:99:23:02:e7:7f:6c:f0:3e:
4a:c3:06:1b:9e:53:d5:76:cc:61:10:5d:f1:ae:7d:
4b:6e:16:eb:c1:3c:d7:49:0c:a0:3d:96:b6:fb:a5:
48:bd:dc:56:22:40:34:10:ec:5c:d0:60:a6:aa:9c:
1f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:D1:52:F3:A2:58:BA:C9:07:4C:C6:7E:EA:05:38:3C:EE:59:DD:BA
X509v3 Authority Key Identifier:
keyid:CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:17:3b:4e:7f:89:1c:58:b2:35:29:4d:9a:a6:a4:b9:e0:4e:
e4:43:e9:c3:ab:0e:75:ab:0a:33:34:9f:a4:d1:c8:64:b5:a7:
61:db:28:f5:10:f2:1d:39:ae:35:d9:9d:0f:b6:f4:f9:e3:d6:
78:f3:03:96:c6:fa:10:61:56:04:c2:06:bf:b7:0e:96:4f:3a:
1c:1b:86:8e:a0:c2:15:9d:d5:5f:05:f2:1b:79:0d:26:a6:fa:
3b:1d:8e:22:c0:98:b4:a6:3e:5f:a5:25:49:f6:78:02:82:88:
69:5f:f7:55:3d:6a:49:4f:d2:82:71:57:37:a3:99:c1:f4:19:
f1:e8:e9:39:0e:00:db:2d:a2:13:bb:c9:fe:ec:c2:4e:71:ce:
d5:2d:8d:30:05:52:fa:d7:b4:67:6f:1a:b1:d8:f2:28:36:6f:
88:1f:8c:e4:47:0f:6a:0f:44:0d:32:af:66:a2:2c:f6:4b:44:
9e:6b:7a:b2:e2:4b:17:ab:e0:00:1a:87:87:5d:b8:b2:cd:9f:
cf:66:fa:3d:41:63:2e:1d:6c:8e:5f:3c:82:58:65:59:39:7b:
44:31:d8:d3:1a:eb:e5:ad:36:c8:29:7e:31:5e:59:91:59:db:
c9:df:97:c6:03:31:9a:3c:29:42:bf:82:0b:11:ce:13:38:27:
82:a2:45:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNBtanQOWMvbO4fFh34uaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNWQ0NTYwNDQ4Zjc4YTRkY2RjYjc5MWEwN2RhZDIxNjNh
MDhjZGYwHhcNMjUxMTA0MDQwMTI1WhcNMjUxMTA1MDQwMTI1WjAzMTEwLwYDVQQD
EyhlYmQxNTJmM2EyNThiYWM5MDc0Y2M2N2VlYTA1MzgzY2VlNTlkZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2EEmq2VdtdOKOky8V1fZZ8qZwQwi
853gFioZ9+LWpU3rU9e4HFa0yhPZN4WrexNDFvOXoYMPC+ZqdKLCtcaDT9hZvExy
yI0svTmed1GIFLUFLuQagWq0ANP2kLJ+HRgsv6ZHMT6twhQqRZpT0a7AWnlO3unC
yNIt1+sUIEYiym12m3PbISl9XuatJium3s2NnJP69qSh9404c9c6ltLdar7By+8p
/W22OsoYu9cgkmB77AVvTvFkpIQhbmexZkxD9o+MU2qTJVU2mSMC539s8D5KwwYb
nlPVdsxhEF3xrn1LbhbrwTzXSQygPZa2+6VIvdxWIkA0EOxc0GCmqpwftwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOvRUvOiWLrJB0zGfuoFODzuWd26MB8GA1UdIwQY
MBaAFM5dRWBEj3ik3Ny3kaB9rSFjoIzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQt
NzhkMTE0NGFkOTY3LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQtNzhkMTE0NGFkOTY3
LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPhc7Tn+J
HFiyNSlNmqakueBO5EPpw6sOdasKMzSfpNHIZLWnYdso9RDyHTmuNdmdD7b0+ePW
ePMDlsb6EGFWBMIGv7cOlk86HBuGjqDCFZ3VXwXyG3kNJqb6Ox2OIsCYtKY+X6Ul
SfZ4AoKIaV/3VT1qSU/SgnFXN6OZwfQZ8ejpOQ4A2y2iE7vJ/uzCTnHO1S2NMAVS
+te0Z28asdjyKDZviB+M5EcPag9EDTKvZqIs9ktEnmt6suJLF6vgABqHh124ss2f
z2b6PUFjLh1sjl88glhlWTl7RDHY0xrr5a02yCl+MV5ZkVnbyd+XxgMxmjwpQr+C
CxHOEzgngqJF3g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:18:56 2025 by rpki-client