Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
File: z431Kt_i_Oaulvb-BdFAieAkfO4.mft (raw, json)
Hash identifier: fD0nP2Pu0knEJaJELQiicCN3wt7NtYVSh1X1s3O0zGw=
Subject key identifier: F2:9E:50:97:D5:3E:6A:1F:25:F3:BC:5C:BF:29:38:1B:6B:E1:99:70
Authority key identifier: CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
Certificate issuer: /CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Certificate serial: 019A53ACC4E8EF0A0CF36879B91222362F84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
Manifest number: 0EC4
Signing time: Wed 05 Nov 2025 11:00:22 +0000
Manifest this update: Wed 05 Nov 2025 11:00:22 +0000
Manifest next update: Thu 06 Nov 2025 11:00:22 +0000
Files and hashes: 1: TiwKb7nlOPMc1Vnv8DcKupSD5jY.roa (hash: nQWhe0fyffCN2quQfKSQ56T2rfLrYZUxC64fwkrxixE=)
2: z431Kt_i_Oaulvb-BdFAieAkfO4.crl (hash: EKO8/VqeyjqxHmNxB8J2Lta72r0t4Q3TY9vTpOOm6CA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 11:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:ac:c4:e8:ef:0a:0c:f3:68:79:b9:12:22:36:2f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf8df52adfe2fce6ae96f6fe05d14089e0247cee
Validity
Not Before: Nov 5 11:00:22 2025 GMT
Not After : Nov 6 11:00:22 2025 GMT
Subject: CN=f29e5097d53e6a1f25f3bc5cbf29381b6be19970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:9a:a4:7b:b6:cc:c4:72:1c:42:75:da:1c:48:
60:62:13:73:9b:3a:ca:0d:fd:63:0c:1d:40:00:4b:
64:8f:8f:ea:c5:c8:6d:c2:d1:c0:51:af:17:1d:d3:
4a:6b:c3:fd:52:31:4a:45:d1:03:67:fd:95:fa:8c:
68:79:6a:61:74:96:60:1b:78:94:92:c8:29:75:02:
6a:74:0c:f2:5f:6b:66:71:ae:b0:46:c2:1a:6f:5c:
23:02:ac:56:b5:56:98:37:2a:62:dd:14:aa:06:74:
6c:90:a2:7f:c3:be:ea:a0:b8:44:e5:96:0a:43:fb:
0c:0b:83:4b:68:dd:da:02:57:30:8a:25:20:d6:1d:
7c:19:09:f3:ec:8c:8d:21:f5:8c:01:60:8e:47:ab:
64:ca:38:bf:59:b5:55:0c:ff:06:f7:5e:5a:62:e5:
b3:15:3e:d2:0d:cc:a7:72:77:67:f8:33:13:17:34:
3e:43:c1:fb:32:bc:12:6a:28:b8:b5:f2:d8:aa:97:
80:df:69:d5:48:23:c2:53:a1:8b:14:15:1c:3c:af:
75:99:29:f9:f1:c8:b0:d9:fa:50:6c:90:f0:06:3c:
46:7b:90:d1:e2:bd:f1:95:1f:ab:a1:02:91:44:c9:
f9:b1:6e:c8:a4:3e:fe:d1:6e:c7:9d:80:d6:a6:49:
98:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:9E:50:97:D5:3E:6A:1F:25:F3:BC:5C:BF:29:38:1B:6B:E1:99:70
X509v3 Authority Key Identifier:
keyid:CF:8D:F5:2A:DF:E2:FC:E6:AE:96:F6:FE:05:D1:40:89:E0:24:7C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z431Kt_i_Oaulvb-BdFAieAkfO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/f22743-1898-47e5-96e2-f797e1f544d9/1/z431Kt_i_Oaulvb-BdFAieAkfO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:cd:5a:3d:73:a0:07:fd:ec:4d:60:5b:68:66:6c:5e:5b:d1:
e1:23:2b:10:91:82:95:20:30:48:8e:69:92:d6:e5:2e:08:86:
5d:95:f1:f7:b4:49:0b:72:cd:04:4b:83:a9:a6:f2:5e:18:22:
9f:b0:79:c1:f9:fa:93:2a:85:c1:7b:da:f0:7e:f4:0b:e6:2e:
cf:e8:8f:eb:19:ca:81:99:15:81:de:9c:f1:45:a3:02:16:d8:
ca:69:59:5a:b5:26:23:93:a2:5e:f4:98:cc:51:76:06:50:98:
5a:a5:5e:d3:39:b4:ea:73:ed:a4:50:4f:0d:90:cb:5b:b7:9b:
34:50:6f:4c:1c:56:bd:12:9e:15:31:68:ee:80:f3:6a:db:7c:
36:a6:ad:81:ff:a6:d8:01:cd:68:cb:18:d6:8f:6e:de:05:c4:
af:27:2c:27:d6:26:48:d4:1a:93:cf:bc:18:9d:f0:6f:1d:16:
b8:27:01:e7:51:a3:3b:b3:dc:44:49:33:c0:ef:2e:4d:60:21:
77:00:5a:ed:56:be:3d:ed:bd:1c:d4:87:94:95:5e:6c:b9:35:
ce:4e:1b:e2:e5:da:0c:99:77:7a:88:a6:b0:47:ee:8f:d8:1b:
c1:32:e0:0d:9a:cb:18:3e:82:6a:65:b3:f5:31:46:0b:bd:35:
1f:bd:91:03
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTrMTo7woM82h5uRIiNi+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmOGRmNTJhZGZlMmZjZTZhZTk2ZjZmZTA1ZDE0MDg5ZTAy
NDdjZWUwHhcNMjUxMTA1MTEwMDIyWhcNMjUxMTA2MTEwMDIyWjAzMTEwLwYDVQQD
EyhmMjllNTA5N2Q1M2U2YTFmMjVmM2JjNWNiZjI5MzgxYjZiZTE5OTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA35qke7bMxHIcQnXaHEhgYhNzmzrK
Df1jDB1AAEtkj4/qxchtwtHAUa8XHdNKa8P9UjFKRdEDZ/2V+oxoeWphdJZgG3iU
ksgpdQJqdAzyX2tmca6wRsIab1wjAqxWtVaYNypi3RSqBnRskKJ/w77qoLhE5ZYK
Q/sMC4NLaN3aAlcwiiUg1h18GQnz7IyNIfWMAWCOR6tkyji/WbVVDP8G915aYuWz
FT7SDcyncndn+DMTFzQ+Q8H7MrwSaii4tfLYqpeA32nVSCPCU6GLFBUcPK91mSn5
8ciw2fpQbJDwBjxGe5DR4r3xlR+roQKRRMn5sW7IpD7+0W7HnYDWpkmYKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKeUJfVPmofJfO8XL8pOBtr4ZlwMB8GA1UdIwQY
MBaAFM+N9Srf4vzmrpb2/gXRQIngJHzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTIt
Zjc5N2UxZjU0NGQ5LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mMjI3NDMtMTg5OC00N2U1LTk2ZTItZjc5N2UxZjU0NGQ5
LzEvejQzMUt0X2lfT2F1bHZiLUJkRkFpZUFrZk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHs1aPXOg
B/3sTWBbaGZsXlvR4SMrEJGClSAwSI5pktblLgiGXZXx97RJC3LNBEuDqabyXhgi
n7B5wfn6kyqFwXva8H70C+Yuz+iP6xnKgZkVgd6c8UWjAhbYymlZWrUmI5OiXvSY
zFF2BlCYWqVe0zm06nPtpFBPDZDLW7ebNFBvTBxWvRKeFTFo7oDzatt8Nqatgf+m
2AHNaMsY1o9u3gXErycsJ9YmSNQak8+8GJ3wbx0WuCcB51GjO7PcREkzwO8uTWAh
dwBa7Va+Pe29HNSHlJVebLk1zk4b4uXaDJl3eoimsEfuj9gbwTLgDZrLGD6CamWz
9TFGC701H72RAw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:50:18 2025 by rpki-client