Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
File: zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json)
Hash identifier: gRo601090UftSViDOOYh2GmpdWHAlJFFXKGNo6fqZTo=
Subject key identifier: 05:B3:96:F1:C6:02:1E:7E:9D:72:94:35:4C:0F:22:FF:59:32:6E:F6
Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
Certificate issuer: /CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Certificate serial: 019A4EF5BC5E2AAC6AE4B23C40D134DEF6CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
Manifest number: 0686
Signing time: Tue 04 Nov 2025 13:01:58 +0000
Manifest this update: Tue 04 Nov 2025 13:01:58 +0000
Manifest next update: Wed 05 Nov 2025 13:01:58 +0000
Files and hashes: 1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: da4+8DMhzDO9DCf3Fz3zcEPYB9O+B5ADvGSywyJpFSE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:bc:5e:2a:ac:6a:e4:b2:3c:40:d1:34:de:f6:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631
Validity
Not Before: Nov 4 13:01:58 2025 GMT
Not After : Nov 5 13:01:58 2025 GMT
Subject: CN=05b396f1c6021e7e9d7294354c0f22ff59326ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:36:72:7b:51:bc:14:98:9e:b5:1a:18:6d:af:
24:09:03:97:65:c0:d9:bd:bb:79:a5:56:e8:1b:0a:
49:ad:1a:b9:c4:68:b5:0b:a9:6f:b7:5d:8f:4c:72:
47:3a:59:1d:85:0b:26:2c:6e:f1:63:1c:a2:43:12:
c5:d1:69:11:b3:30:df:b8:2d:ce:80:2a:92:12:38:
22:cf:6f:c6:ff:63:9a:95:82:af:ad:ae:76:e4:0e:
c8:5d:ec:ea:f1:de:20:d3:33:ad:4c:cf:96:22:2e:
c0:fb:10:bf:92:55:aa:ce:6c:45:df:2a:98:ac:d0:
6f:01:3a:03:d3:1b:e6:6b:01:c5:7c:66:43:85:a6:
14:ae:33:3a:52:9f:f4:1c:cd:25:50:d5:40:99:5f:
e1:31:8d:42:fd:b8:b4:73:29:9f:72:bd:6f:b0:2d:
97:04:9a:8f:3d:66:03:9d:1b:d0:9c:3f:8f:b2:15:
9b:37:9e:b5:c6:aa:ae:28:6d:89:52:c7:07:6d:85:
b2:a9:74:4d:cb:e2:b9:e7:e9:a6:28:05:d5:d6:a6:
3a:31:f8:f0:93:e8:cf:74:00:47:d9:2b:c9:79:3d:
c5:d7:2e:fd:0d:75:65:5f:66:11:bf:b8:51:1e:1f:
b7:93:49:ab:1d:39:3a:fc:d6:fc:e9:ac:73:b6:b6:
46:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B3:96:F1:C6:02:1E:7E:9D:72:94:35:4C:0F:22:FF:59:32:6E:F6
X509v3 Authority Key Identifier:
keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:ea:36:5c:3c:07:e3:ec:12:35:e4:8e:f9:f7:6e:d1:76:63:
62:a1:67:6d:81:3d:20:19:d0:66:69:a7:8c:d4:9c:01:14:c5:
41:6a:57:f5:5f:20:2e:5f:cb:4b:8c:10:15:b0:60:06:05:7e:
00:3f:d1:a0:74:53:cd:53:3f:9b:10:e2:1d:24:87:f6:6b:17:
05:82:a3:7a:07:42:5e:63:ce:69:0b:c0:24:c4:74:cb:b5:61:
68:96:d9:e3:21:14:65:02:b8:e8:42:94:3c:82:da:f5:ff:d9:
92:15:d3:aa:dc:a9:20:b5:98:01:12:35:78:79:42:f7:6a:5f:
fb:47:b7:5e:33:a0:54:6e:28:7b:8e:d1:a3:15:a5:0a:d9:d4:
55:75:2c:78:e8:ff:fe:8e:ed:76:fe:24:f7:18:f2:c4:81:66:
f7:cf:aa:f4:d0:e9:de:9f:0d:ea:83:79:91:e2:78:ae:5c:0c:
ad:43:b6:67:a7:9e:c5:3b:c9:6d:ef:8a:08:99:89:b3:e8:ba:
9d:8e:15:78:12:c9:d5:be:28:72:15:42:a9:da:b1:bd:43:90:
31:d2:54:75:06:66:db:51:6d:61:14:d9:d7:05:da:ef:b4:df:
a4:56:03:a9:a6:7c:d5:2e:e4:f6:4e:08:fa:dc:9b:ae:e5:13:
c2:5c:31:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9bxeKqxq5LI8QNE03vbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1
ZjI2MzEwHhcNMjUxMTA0MTMwMTU4WhcNMjUxMTA1MTMwMTU4WjAzMTEwLwYDVQQD
EygwNWIzOTZmMWM2MDIxZTdlOWQ3Mjk0MzU0YzBmMjJmZjU5MzI2ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzZye1G8FJietRoYba8kCQOXZcDZ
vbt5pVboGwpJrRq5xGi1C6lvt12PTHJHOlkdhQsmLG7xYxyiQxLF0WkRszDfuC3O
gCqSEjgiz2/G/2OalYKvra525A7IXezq8d4g0zOtTM+WIi7A+xC/klWqzmxF3yqY
rNBvAToD0xvmawHFfGZDhaYUrjM6Up/0HM0lUNVAmV/hMY1C/bi0cymfcr1vsC2X
BJqPPWYDnRvQnD+PshWbN561xqquKG2JUscHbYWyqXRNy+K55+mmKAXV1qY6Mfjw
k+jPdABH2SvJeT3F1y79DXVlX2YRv7hRHh+3k0mrHTk6/Nb86axztrZG9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAWzlvHGAh5+nXKUNUwPIv9ZMm72MB8GA1UdIwQY
MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt
MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx
LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYuo2XDwH
4+wSNeSO+fdu0XZjYqFnbYE9IBnQZmmnjNScARTFQWpX9V8gLl/LS4wQFbBgBgV+
AD/RoHRTzVM/mxDiHSSH9msXBYKjegdCXmPOaQvAJMR0y7VhaJbZ4yEUZQK46EKU
PILa9f/ZkhXTqtypILWYARI1eHlC92pf+0e3XjOgVG4oe47RoxWlCtnUVXUseOj/
/o7tdv4k9xjyxIFm98+q9NDp3p8N6oN5keJ4rlwMrUO2Z6eexTvJbe+KCJmJs+i6
nY4VeBLJ1b4ochVCqdqxvUOQMdJUdQZm21FtYRTZ1wXa77TfpFYDqaZ81S7k9k4I
+tybruUTwlwxfw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:37:15 2025 by rpki-client