Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
File: zQwDKJL2la9ME_sKyoBD0Xsbl78.mft (raw, json)
Hash identifier: e80YVsG3IRqYBanWYgASe1zw1GhwG3lRFpLemZS9+E8=
Subject key identifier: 30:8E:D5:24:71:7D:6B:0B:55:05:58:73:FE:EA:EA:06:84:F1:59:67
Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
Certificate issuer: /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Certificate serial: 019A4DE20B72AE4AE0E2F6D51DEF79BDE455
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
Manifest number: 0AAE
Signing time: Tue 04 Nov 2025 08:00:50 +0000
Manifest this update: Tue 04 Nov 2025 08:00:50 +0000
Manifest next update: Wed 05 Nov 2025 08:00:50 +0000
Files and hashes: 1: zQwDKJL2la9ME_sKyoBD0Xsbl78.crl (hash: S0JPC+sGHl8T496LWYxKpQX08UqVG7pmpP+F71Gec/0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e2:0b:72:ae:4a:e0:e2:f6:d5:1d:ef:79:bd:e4:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf
Validity
Not Before: Nov 4 08:00:50 2025 GMT
Not After : Nov 5 08:00:50 2025 GMT
Subject: CN=308ed524717d6b0b55055873feeaea0684f15967
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7f:36:80:8d:ad:f3:b7:b4:67:e8:f0:96:fd:
24:35:52:0b:b3:61:f4:6b:58:18:3e:80:dc:37:41:
6d:07:11:80:5d:7e:2b:c5:73:eb:67:47:77:b1:a3:
bc:fd:41:dd:92:eb:33:51:c2:08:22:14:52:7b:06:
a1:56:c0:33:f5:36:db:14:a8:93:50:2d:43:e9:13:
53:35:d3:01:34:be:bc:d2:1d:25:0f:ba:69:ca:55:
ad:b1:41:ca:fe:c8:6e:24:10:62:aa:d7:84:fe:38:
96:0c:0a:0e:a0:54:23:41:cb:9b:a0:ca:b6:e8:71:
cc:c4:03:a9:4e:00:27:6f:dd:24:6c:30:82:6e:e2:
73:55:39:78:67:ca:63:6d:e2:5d:4c:34:c2:fd:f1:
61:2c:82:4f:7c:b2:8a:1e:5f:12:0f:33:17:15:e4:
7d:4f:13:ee:69:18:7e:ea:5a:e7:ee:52:0b:f9:24:
68:ba:e1:bf:87:33:eb:d0:e5:b6:ac:a4:f9:39:38:
64:e2:c2:2c:d2:58:9e:47:7c:b2:53:82:20:8f:2f:
c3:04:e1:21:5c:fe:18:0c:aa:57:91:49:79:5b:5e:
66:a7:23:14:14:52:f0:36:3e:25:82:04:68:6c:82:
4a:c0:63:d4:f0:f7:46:69:7a:79:5d:8b:7e:ff:b4:
62:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:8E:D5:24:71:7D:6B:0B:55:05:58:73:FE:EA:EA:06:84:F1:59:67
X509v3 Authority Key Identifier:
keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:01:4b:64:fe:ae:8f:f0:ac:0b:7b:9f:73:50:24:4c:24:c0:
6f:f2:75:01:f7:3f:c2:fc:1a:8b:5e:64:6d:a6:5b:d9:46:7a:
94:a4:8e:e6:0d:64:7a:44:44:b0:c3:93:fa:44:21:d7:eb:6e:
3e:46:6e:02:6d:17:dd:d5:3c:83:c5:3d:fa:56:14:c7:08:aa:
49:3b:14:8c:1e:1c:c7:13:0d:52:3c:9e:96:b2:a1:df:84:db:
b7:05:9b:9b:2d:01:b0:28:ce:d4:e5:10:e5:56:74:d5:cf:6e:
ec:db:79:31:29:bc:bd:99:cc:be:08:55:0d:dc:03:f2:ea:51:
18:71:e7:30:de:f0:ff:16:76:fb:6e:9d:ac:bb:61:3d:69:2d:
c4:7a:5b:c7:14:81:18:c6:ad:63:61:cf:6d:26:13:68:78:0a:
ea:ca:6f:5a:ce:96:06:71:37:64:73:34:73:de:c2:18:3d:01:
9d:99:26:e7:2b:40:8e:91:c7:66:48:93:f1:15:5b:ca:d8:a7:
2e:d4:07:bd:31:05:5f:b5:a1:6a:bc:98:81:76:fc:9f:0e:3a:
ba:1d:21:c8:a0:b4:9e:57:3f:ed:bb:11:da:27:65:e3:3c:48:
ac:9c:f8:91:42:5d:48:e0:06:5b:30:dd:4b:d6:bb:b9:29:ff:
74:92:61:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4gtyrkrg4vbVHe95veRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix
Yjk3YmYwHhcNMjUxMTA0MDgwMDUwWhcNMjUxMTA1MDgwMDUwWjAzMTEwLwYDVQQD
EygzMDhlZDUyNDcxN2Q2YjBiNTUwNTU4NzNmZWVhZWEwNjg0ZjE1OTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2X82gI2t87e0Z+jwlv0kNVILs2H0
a1gYPoDcN0FtBxGAXX4rxXPrZ0d3saO8/UHdkuszUcIIIhRSewahVsAz9TbbFKiT
UC1D6RNTNdMBNL680h0lD7ppylWtsUHK/shuJBBiqteE/jiWDAoOoFQjQcuboMq2
6HHMxAOpTgAnb90kbDCCbuJzVTl4Z8pjbeJdTDTC/fFhLIJPfLKKHl8SDzMXFeR9
TxPuaRh+6lrn7lIL+SRouuG/hzPr0OW2rKT5OThk4sIs0lieR3yyU4Igjy/DBOEh
XP4YDKpXkUl5W15mpyMUFFLwNj4lggRobIJKwGPU8PdGaXp5XYt+/7RiUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDCO1SRxfWsLVQVYc/7q6gaE8VlnMB8GA1UdIwQY
MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt
MzUyNzZiNzk3NWFlLzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl
LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAngFLZP6u
j/CsC3ufc1AkTCTAb/J1Afc/wvwai15kbaZb2UZ6lKSO5g1kekREsMOT+kQh1+tu
PkZuAm0X3dU8g8U9+lYUxwiqSTsUjB4cxxMNUjyelrKh34TbtwWbmy0BsCjO1OUQ
5VZ01c9u7Nt5MSm8vZnMvghVDdwD8upRGHHnMN7w/xZ2+26drLthPWktxHpbxxSB
GMatY2HPbSYTaHgK6spvWs6WBnE3ZHM0c97CGD0BnZkm5ytAjpHHZkiT8RVbytin
LtQHvTEFX7WharyYgXb8nw46uh0hyKC0nlc/7bsR2idl4zxIrJz4kUJdSOAGWzDd
S9a7uSn/dJJhDg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:56:28 2025 by rpki-client