Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
File: M7Zai666T_YhSS6-5vweiK2yGwM.mft (raw, json)
Hash identifier: CX29lJZodRErk2+bZMJknRhJRzOtlEAq0c/7hPiTUt0=
Subject key identifier: B7:90:3C:D5:39:18:99:F6:9D:36:F9:5E:D2:52:17:E3:6E:58:7A:28
Authority key identifier: 33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
Certificate issuer: /CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Certificate serial: 019A4D73B35C22C7CB2487D968D7B048785E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
Manifest number: 0324
Signing time: Tue 04 Nov 2025 06:00:19 +0000
Manifest this update: Tue 04 Nov 2025 06:00:19 +0000
Manifest next update: Wed 05 Nov 2025 06:00:19 +0000
Files and hashes: 1: KOqyp8DhhZD3JH6K0j1zl6aQKBk.roa (hash: CehIyyDTNH2XPwU/dxmXRsBi9Cc/OKe00kUQqRs/maU=)
2: M7Zai666T_YhSS6-5vweiK2yGwM.crl (hash: R8XJ7XmcIXyTIwJr72NyS9CwYlhKUksAJfxOlG9Y7pE=)
3: YCOxnrJZzRohN18jKfSDMAOgQUI.roa (hash: /PrVwAluwlwegI08mKBtFGWqwyRlaqAj4wNKvuzMcSU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:b3:5c:22:c7:cb:24:87:d9:68:d7:b0:48:78:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Validity
Not Before: Nov 4 06:00:19 2025 GMT
Not After : Nov 5 06:00:19 2025 GMT
Subject: CN=b7903cd5391899f69d36f95ed25217e36e587a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:fa:b9:51:e6:5f:e7:6a:12:6b:31:1c:cf:7b:
be:6c:5b:91:25:36:51:c3:50:71:1d:6c:01:a2:5c:
ce:12:5e:cd:78:b8:3f:cd:63:62:59:66:b9:4f:c3:
cb:1a:21:20:0f:3e:91:aa:70:b2:f5:5f:a1:dd:7a:
62:50:af:f3:9e:59:77:2b:c1:8d:de:1e:36:83:a7:
48:c0:85:f0:ce:c9:47:f2:a5:ea:32:9d:68:53:a8:
ee:67:12:98:d7:2f:82:ee:23:ea:ca:a2:72:da:75:
aa:31:6e:40:40:4f:45:9e:74:7d:77:91:7a:dd:18:
23:f5:6f:6c:4f:dc:dd:6d:5c:87:5f:40:53:85:54:
59:81:06:e1:25:06:e9:9d:d7:aa:71:fb:66:5a:9f:
8f:5b:2b:d7:e1:b1:b2:44:ca:b0:4f:48:0e:5c:ea:
71:6a:46:7d:3a:16:c3:aa:51:ea:a1:28:21:a4:b0:
8d:6e:16:b1:67:c5:96:50:37:41:57:14:a5:5c:82:
1f:73:3d:5b:17:8a:94:93:c6:0c:e0:a5:0d:12:16:
e6:52:b3:eb:c8:ac:1d:bf:80:e1:7a:0d:d7:0d:4e:
c6:d1:ec:34:ab:78:25:ab:94:fa:52:86:11:4a:41:
31:65:83:15:cf:56:b7:ed:87:fd:da:96:69:a4:e5:
a6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:90:3C:D5:39:18:99:F6:9D:36:F9:5E:D2:52:17:E3:6E:58:7A:28
X509v3 Authority Key Identifier:
keyid:33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:b5:26:60:c7:2b:cd:d1:e8:92:8c:e6:05:c9:5a:3e:5a:16:
d2:08:3a:34:28:32:27:6f:cb:66:56:5d:85:13:0c:1f:38:3b:
0e:d4:c5:2a:10:bb:44:1e:d7:07:ef:9d:51:f6:b4:14:42:04:
81:a3:cb:66:ac:46:82:3a:7e:f8:03:e0:cd:63:f7:98:c0:2a:
c0:aa:c6:fc:6b:e6:7f:28:11:16:62:b2:18:38:ce:d5:19:16:
90:c0:db:8f:70:a9:45:72:a2:91:c7:ae:13:9c:e8:73:69:42:
56:75:1e:c9:a4:67:00:68:be:c5:32:96:ac:e7:9b:41:fb:1f:
3d:35:27:c1:04:13:39:23:1b:62:79:3f:e9:2e:4b:1a:b3:b8:
ce:f8:60:49:e0:54:bd:87:4d:21:a9:d3:2b:c2:8b:0c:80:a6:
78:ba:e8:c8:e3:a3:fd:c8:71:6a:90:18:88:6d:82:bc:f8:bf:
05:d0:61:28:b0:aa:6d:ba:37:83:0b:c4:79:eb:6a:74:28:eb:
be:94:bc:2d:1e:4b:11:0c:b4:e1:18:1d:79:4a:19:37:4f:af:
f0:a3:92:d5:ce:51:82:aa:1e:c1:da:2b:2d:86:28:1a:7d:d2:
10:4a:8b:b9:23:43:62:5a:9b:db:da:04:a0:34:10:04:8b:e7:
19:ba:d8:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc7NcIsfLJIfZaNewSHheMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjY1YThiYWViYTRmZjYyMTQ5MmViZWU2ZmMxZTg4YWRi
MjFiMDMwHhcNMjUxMTA0MDYwMDE5WhcNMjUxMTA1MDYwMDE5WjAzMTEwLwYDVQQD
EyhiNzkwM2NkNTM5MTg5OWY2OWQzNmY5NWVkMjUyMTdlMzZlNTg3YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPq5UeZf52oSazEcz3u+bFuRJTZR
w1BxHWwBolzOEl7NeLg/zWNiWWa5T8PLGiEgDz6RqnCy9V+h3XpiUK/znll3K8GN
3h42g6dIwIXwzslH8qXqMp1oU6juZxKY1y+C7iPqyqJy2nWqMW5AQE9FnnR9d5F6
3Rgj9W9sT9zdbVyHX0BThVRZgQbhJQbpndeqcftmWp+PWyvX4bGyRMqwT0gOXOpx
akZ9OhbDqlHqoSghpLCNbhaxZ8WWUDdBVxSlXIIfcz1bF4qUk8YM4KUNEhbmUrPr
yKwdv4Dheg3XDU7G0ew0q3glq5T6UoYRSkExZYMVz1a37Yf92pZppOWmTwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLeQPNU5GJn2nTb5XtJSF+NuWHooMB8GA1UdIwQY
MBaAFDO2Wouuuk/2IUkuvub8HoitshsDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0Njkt
ZDU0NzE4NTUxMmRlLzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0NjktZDU0NzE4NTUxMmRl
LzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrUmYMcr
zdHokozmBclaPloW0gg6NCgyJ2/LZlZdhRMMHzg7DtTFKhC7RB7XB++dUfa0FEIE
gaPLZqxGgjp++APgzWP3mMAqwKrG/GvmfygRFmKyGDjO1RkWkMDbj3CpRXKikceu
E5zoc2lCVnUeyaRnAGi+xTKWrOebQfsfPTUnwQQTOSMbYnk/6S5LGrO4zvhgSeBU
vYdNIanTK8KLDICmeLroyOOj/chxapAYiG2CvPi/BdBhKLCqbbo3gwvEeetqdCjr
vpS8LR5LEQy04RgdeUoZN0+v8KOS1c5RgqoewdorLYYoGn3SEEqLuSNDYlqb29oE
oDQQBIvnGbrYmw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:54:44 2025 by rpki-client