Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
File: zT5kktRzFSDB7tvNopZ5UArAg6s.mft (raw, json)
Hash identifier: MsJ/XHLuXW7AHuN87XWCfY51DqiZOQV0J/9XT1V/iGs=
Subject key identifier: DE:BC:63:BF:78:B8:91:D3:CF:55:EE:C3:32:76:8F:8A:C6:D8:30:D0
Authority key identifier: CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB
Certificate issuer: /CN=cd3e6492d4731520c1eedbcda29679500ac083ab
Certificate serial: 019A4E18905000C48D16703129C75ED69CF8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
Manifest number: 05DA
Signing time: Tue 04 Nov 2025 09:00:23 +0000
Manifest this update: Tue 04 Nov 2025 09:00:23 +0000
Manifest next update: Wed 05 Nov 2025 09:00:23 +0000
Files and hashes: 1: COOSirhVHTLVRSIt4NAQH8L8vr4.roa (hash: tu1lQ0uqkhi4vcEmV6leM3hmh+odZkH5lyLz+npAcNE=)
2: zT5kktRzFSDB7tvNopZ5UArAg6s.crl (hash: RrILki8xNTIVtySCpCV0TehGmclXGx7qO38h8vaAm98=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:90:50:00:c4:8d:16:70:31:29:c7:5e:d6:9c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd3e6492d4731520c1eedbcda29679500ac083ab
Validity
Not Before: Nov 4 09:00:23 2025 GMT
Not After : Nov 5 09:00:23 2025 GMT
Subject: CN=debc63bf78b891d3cf55eec332768f8ac6d830d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:37:0e:59:89:9e:63:26:0a:77:4a:57:e0:df:
64:e2:72:e8:a3:9c:77:91:09:75:19:b5:e9:70:39:
56:7a:75:61:c5:a9:eb:4b:2e:81:55:82:d2:f3:64:
3a:f6:68:5c:fb:47:3c:5a:ee:7a:ce:4f:3c:bb:d1:
4a:39:de:24:6e:fe:14:9a:16:6e:8f:f2:8e:04:29:
a3:ab:fb:f2:3f:65:8e:c3:e7:84:75:98:bd:88:d1:
3d:91:ca:ea:60:c7:c5:20:93:6e:b4:62:76:95:4f:
d1:39:d3:d5:93:c3:2d:f5:34:53:ae:5a:f0:31:17:
75:cc:c6:db:23:c1:58:1d:88:78:21:0f:67:00:56:
30:7b:17:3c:d9:75:9d:d5:cd:5f:17:87:e8:5b:91:
ba:1c:e2:a5:5f:03:81:76:4a:5c:77:64:88:1d:7b:
da:b6:c7:02:51:3b:4c:fe:12:ee:d7:d7:eb:32:f0:
a1:3d:9e:2b:77:8a:47:d4:21:48:67:d7:a8:a3:ea:
02:e9:ab:61:24:9f:82:13:54:55:93:0c:39:dd:7d:
51:27:a9:bd:0d:2f:bd:37:52:ca:8f:b4:d4:ea:e2:
c3:85:5f:a3:50:39:5e:73:77:b4:37:a5:bc:23:ed:
70:7b:8b:b8:82:3c:87:05:ee:aa:e7:ba:17:4b:b0:
f6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:BC:63:BF:78:B8:91:D3:CF:55:EE:C3:32:76:8F:8A:C6:D8:30:D0
X509v3 Authority Key Identifier:
keyid:CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:13:11:2d:8e:64:ce:4d:27:61:68:c6:5e:a8:7e:73:3e:7b:
43:d3:cc:ea:cd:05:e6:1d:5e:cc:be:3d:94:6e:81:73:46:4a:
03:a9:6a:c9:4f:d5:aa:7b:dd:3f:dd:75:7b:68:00:00:5d:1a:
e3:a9:30:1e:ba:d4:46:d2:b8:87:cf:e9:88:32:5d:fd:ae:89:
26:2e:89:45:be:a9:ab:d7:69:11:a7:bc:c0:7c:c1:77:24:b0:
b0:3b:d7:72:aa:a5:ef:9f:a1:45:99:34:52:7e:fb:73:2f:18:
d4:78:38:ec:55:8a:75:dc:aa:28:37:30:1f:59:79:99:4f:56:
cb:7f:6d:a1:88:04:10:d0:1e:af:84:2c:6f:24:5b:7e:87:09:
f7:e5:0b:d3:af:0e:1d:9a:be:0c:a4:1a:ac:19:65:78:e5:78:
82:b9:62:aa:d3:dd:53:97:a7:36:01:2b:15:4f:42:ad:30:f5:
b6:fd:9d:96:b2:f2:1a:4e:63:35:b4:af:bb:96:0d:97:6b:8c:
46:14:f4:78:18:16:89:3c:0f:1f:92:6f:0b:89:76:d3:b0:57:
7f:3d:e0:d5:45:ff:18:29:18:99:10:6d:db:d5:06:c0:98:ee:
64:3f:b9:2f:58:f9:c5:16:f7:98:e6:aa:5b:4e:e8:18:88:e9:
20:0d:aa:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGJBQAMSNFnAxKcde1pz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkM2U2NDkyZDQ3MzE1MjBjMWVlZGJjZGEyOTY3OTUwMGFj
MDgzYWIwHhcNMjUxMTA0MDkwMDIzWhcNMjUxMTA1MDkwMDIzWjAzMTEwLwYDVQQD
EyhkZWJjNjNiZjc4Yjg5MWQzY2Y1NWVlYzMzMjc2OGY4YWM2ZDgzMGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjcOWYmeYyYKd0pX4N9k4nLoo5x3
kQl1GbXpcDlWenVhxanrSy6BVYLS82Q69mhc+0c8Wu56zk88u9FKOd4kbv4UmhZu
j/KOBCmjq/vyP2WOw+eEdZi9iNE9kcrqYMfFIJNutGJ2lU/ROdPVk8Mt9TRTrlrw
MRd1zMbbI8FYHYh4IQ9nAFYwexc82XWd1c1fF4foW5G6HOKlXwOBdkpcd2SIHXva
tscCUTtM/hLu19frMvChPZ4rd4pH1CFIZ9eoo+oC6athJJ+CE1RVkww53X1RJ6m9
DS+9N1LKj7TU6uLDhV+jUDlec3e0N6W8I+1we4u4gjyHBe6q57oXS7D2uQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN68Y794uJHTz1XuwzJ2j4rG2DDQMB8GA1UdIwQY
MBaAFM0+ZJLUcxUgwe7bzaKWeVAKwIOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUt
Y2ZjZmZhM2MwNjY1LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUtY2ZjZmZhM2MwNjY1
LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKhMRLY5k
zk0nYWjGXqh+cz57Q9PM6s0F5h1ezL49lG6Bc0ZKA6lqyU/VqnvdP911e2gAAF0a
46kwHrrURtK4h8/piDJd/a6JJi6JRb6pq9dpEae8wHzBdySwsDvXcqql75+hRZk0
Un77cy8Y1Hg47FWKddyqKDcwH1l5mU9Wy39toYgEENAer4QsbyRbfocJ9+UL068O
HZq+DKQarBlleOV4grliqtPdU5enNgErFU9CrTD1tv2dlrLyGk5jNbSvu5YNl2uM
RhT0eBgWiTwPH5JvC4l207BXfz3g1UX/GCkYmRBt29UGwJjuZD+5L1j5xRb3mOaq
W07oGIjpIA2qjQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:31 2025 by rpki-client