Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json)
Hash identifier: O1KvOYpV/2Gffsq9lub4UzBfekkwiY01BTPP++0z7o0=
Subject key identifier: A4:52:F9:79:1B:CF:30:04:6F:C0:D1:93:87:01:D6:65:00:89:3E:9D
Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Certificate serial: 019A5451FC00829C3F4B9189B5B6EFC5CF1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
Manifest number: 38
Signing time: Wed 05 Nov 2025 14:00:50 +0000
Manifest this update: Wed 05 Nov 2025 14:00:50 +0000
Manifest next update: Thu 06 Nov 2025 14:00:50 +0000
Files and hashes: 1: 5wnQts3aHCqK4LPQTc1TSV8LlF8.roa (hash: k5nmC2X9nRpfsHKs8VUO+zQKfKvAMmG2gTrsovLYmdc=)
2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: 5eK+ulzUTneowm6sIWqk0mdmm7CpxrB4NQlP+84n5I0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:51:fc:00:82:9c:3f:4b:91:89:b5:b6:ef:c5:cf:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Validity
Not Before: Nov 5 14:00:50 2025 GMT
Not After : Nov 6 14:00:50 2025 GMT
Subject: CN=a452f9791bcf30046fc0d1938701d66500893e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7f:b7:e8:5b:d5:d2:a6:7e:3e:7c:bc:bc:22:
63:9e:be:27:b0:b3:4a:d5:ee:c7:bd:cd:97:f0:0a:
98:9c:ed:e5:c2:ac:c6:d5:b5:d9:55:2b:7f:0f:d3:
02:3a:ab:2e:de:9f:77:2c:b3:11:66:b2:98:9b:3d:
6a:da:06:c9:5a:69:40:3e:f1:77:fd:e0:a8:0a:37:
42:70:0c:c9:5b:0d:47:0a:be:02:74:5c:d8:39:29:
14:ac:1f:50:15:60:14:e9:62:16:20:4d:9f:a8:f9:
97:cb:0f:a9:2b:0f:75:9e:12:40:e6:35:5e:06:74:
8d:a4:5f:2a:f5:15:29:47:25:22:d2:1f:a1:b5:8a:
31:82:cc:0f:3e:dc:ef:0c:2e:4f:51:10:c4:b8:e1:
e8:27:55:a5:d0:b0:4e:08:cc:76:0c:7e:01:7a:b9:
ea:da:ac:31:d9:fd:d8:9f:cf:04:01:b6:89:7a:1d:
26:23:9f:cc:43:02:aa:a0:ac:de:6c:b1:ea:55:ab:
60:c7:9a:b0:ef:a2:c0:5e:9f:45:a1:47:bf:54:67:
0a:af:36:88:62:f1:04:95:9a:f8:c7:25:68:92:d6:
c3:64:be:07:35:55:6a:91:d9:1a:bf:14:d7:86:22:
3b:0f:9f:91:41:c0:b0:59:34:d5:c1:60:78:ed:43:
c7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:52:F9:79:1B:CF:30:04:6F:C0:D1:93:87:01:D6:65:00:89:3E:9D
X509v3 Authority Key Identifier:
keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:62:f9:8b:0e:ff:0f:67:24:30:82:cb:5f:dc:72:81:01:1b:
c5:3f:64:5b:e2:53:98:16:4c:6a:aa:11:ac:9f:10:62:ec:e8:
9c:8c:f0:50:24:53:ed:95:2e:b6:75:89:a3:75:4e:29:1e:75:
cd:88:12:20:0a:c1:52:b5:19:93:3c:5d:98:70:55:cf:d3:09:
b0:58:79:05:33:37:95:8c:d0:e5:26:6c:ba:de:86:20:bd:fa:
95:db:c3:b0:03:d4:a0:d6:fd:47:79:0c:3a:22:b7:53:47:31:
0d:d0:c0:df:21:8c:75:8c:1c:e9:c2:3b:d6:22:52:7b:af:92:
c5:a6:05:19:df:c0:1e:84:0a:3a:e1:e2:84:8b:65:f6:9f:0d:
85:2a:89:29:cc:24:59:90:b1:de:e5:39:c0:5d:8e:9e:58:e9:
d0:a5:3b:44:f2:60:96:ff:e5:52:ae:1e:1b:b6:70:e0:b4:79:
98:ca:1f:14:47:9e:cb:5e:19:d9:c2:4b:2f:8f:9b:6d:a7:c9:
06:92:69:38:7f:6d:47:34:24:71:fa:ff:34:90:cd:d0:8f:35:
58:d7:c4:b1:c4:92:d0:e8:6e:17:fa:26:06:0c:6f:18:92:52:
27:4b:bc:cc:c6:e2:e2:92:9e:10:b2:be:13:97:48:8d:c9:f3:
9c:9a:d9:6a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUUfwAgpw/S5GJtbbvxc8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1
ZTk2NjMwHhcNMjUxMTA1MTQwMDUwWhcNMjUxMTA2MTQwMDUwWjAzMTEwLwYDVQQD
EyhhNDUyZjk3OTFiY2YzMDA0NmZjMGQxOTM4NzAxZDY2NTAwODkzZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1H+36FvV0qZ+Pny8vCJjnr4nsLNK
1e7Hvc2X8AqYnO3lwqzG1bXZVSt/D9MCOqsu3p93LLMRZrKYmz1q2gbJWmlAPvF3
/eCoCjdCcAzJWw1HCr4CdFzYOSkUrB9QFWAU6WIWIE2fqPmXyw+pKw91nhJA5jVe
BnSNpF8q9RUpRyUi0h+htYoxgswPPtzvDC5PURDEuOHoJ1Wl0LBOCMx2DH4Bernq
2qwx2f3Yn88EAbaJeh0mI5/MQwKqoKzebLHqVatgx5qw76LAXp9FoUe/VGcKrzaI
YvEElZr4xyVoktbDZL4HNVVqkdkavxTXhiI7D5+RQcCwWTTVwWB47UPHoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKRS+XkbzzAEb8DRk4cB1mUAiT6dMB8GA1UdIwQY
MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt
MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl
LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJGL5iw7/
D2ckMILLX9xygQEbxT9kW+JTmBZMaqoRrJ8QYuzonIzwUCRT7ZUutnWJo3VOKR51
zYgSIArBUrUZkzxdmHBVz9MJsFh5BTM3lYzQ5SZsut6GIL36ldvDsAPUoNb9R3kM
OiK3U0cxDdDA3yGMdYwc6cI71iJSe6+SxaYFGd/AHoQKOuHihItl9p8NhSqJKcwk
WZCx3uU5wF2Onljp0KU7RPJglv/lUq4eG7Zw4LR5mMofFEeey14Z2cJLL4+bbafJ
BpJpOH9tRzQkcfr/NJDN0I81WNfEscSS0OhuF/omBgxvGJJSJ0u8zMbi4pKeELK+
E5dIjcnznJrZag==
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:44:01 2025 by rpki-client