Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
File: 2ZaAKfEkCW6rlV35t6gciMszOgU.mft (raw, json)
Hash identifier: 5Nqy/cfgMUx/a3JwxrUrFY8e/13LZ2vUtneIEj3JgEo=
Subject key identifier: 0A:5A:3E:C4:52:AE:D9:FB:26:6F:49:E5:B7:E1:17:51:A9:AC:76:7D
Authority key identifier: D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
Certificate issuer: /CN=d9968029f124096eab955df9b7a81c88cb333a05
Certificate serial: 019A4D73A528C40C440FCAE5C7024BADE9CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
Manifest number: 0EC0
Signing time: Tue 04 Nov 2025 06:00:15 +0000
Manifest this update: Tue 04 Nov 2025 06:00:15 +0000
Manifest next update: Wed 05 Nov 2025 06:00:15 +0000
Files and hashes: 1: 2ZaAKfEkCW6rlV35t6gciMszOgU.crl (hash: AHt31ooCJgCOv+RYTIbWIRZHrxM9w0l5itGxYqQOQr4=)
2: anoG2QxpBajiR81r5Nnqj0baENo.roa (hash: KO9yPbtejqfpWJpsarLnmq3okmJ48dSkW7G2+vLUOFY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:a5:28:c4:0c:44:0f:ca:e5:c7:02:4b:ad:e9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9968029f124096eab955df9b7a81c88cb333a05
Validity
Not Before: Nov 4 06:00:15 2025 GMT
Not After : Nov 5 06:00:15 2025 GMT
Subject: CN=0a5a3ec452aed9fb266f49e5b7e11751a9ac767d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:c0:d0:66:6f:c7:c4:94:16:07:f8:30:8a:
9d:9c:55:e8:c6:3c:f7:dd:10:b0:da:c6:78:0d:7e:
8f:74:47:d4:69:04:be:6c:10:66:86:21:87:76:65:
a0:ef:9f:b0:ac:7b:88:a1:9f:96:53:4f:a3:db:0f:
eb:5d:e0:15:9a:cc:cb:ad:49:6a:52:09:26:7e:a2:
61:ad:6e:92:c9:d2:be:52:4e:84:b5:d1:82:9f:76:
aa:ad:38:8c:01:32:16:a6:9a:68:1b:ac:88:2d:3f:
01:b7:95:e6:b8:d8:e5:71:b7:36:ff:cc:76:5c:e7:
9e:01:29:0b:30:3b:56:44:92:d9:fc:0b:fb:29:33:
e3:cb:a0:0a:5c:b4:29:49:ac:0f:19:40:04:d3:47:
8d:04:a8:8f:c2:e5:5c:54:dc:1c:cb:96:0b:73:56:
12:fe:7e:4c:2e:69:56:8b:61:45:0f:ad:d8:bb:3b:
1c:34:77:ac:8a:cc:cc:e3:9c:78:43:c5:c8:00:a8:
5a:d2:1e:36:61:fe:74:c2:63:e7:d2:66:6a:97:05:
80:26:40:b6:35:31:79:29:40:4a:88:2c:99:7a:79:
38:15:23:4c:8b:da:92:e6:54:05:39:3a:6f:9b:74:
e9:ef:2a:cb:37:99:b2:6e:04:9e:b7:a1:7d:4b:33:
bf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:5A:3E:C4:52:AE:D9:FB:26:6F:49:E5:B7:E1:17:51:A9:AC:76:7D
X509v3 Authority Key Identifier:
keyid:D9:96:80:29:F1:24:09:6E:AB:95:5D:F9:B7:A8:1C:88:CB:33:3A:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZaAKfEkCW6rlV35t6gciMszOgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/27a1bc-b258-405f-9f93-6eea12205720/1/2ZaAKfEkCW6rlV35t6gciMszOgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b1:7a:4f:05:58:c8:d0:bf:c4:59:86:66:e1:7f:59:9e:da:dd:
ee:96:fc:1a:73:03:5f:80:d9:50:42:99:1f:7d:d6:04:a7:ce:
df:8d:61:e8:0d:47:f2:6f:0a:61:ba:70:cb:9d:5f:16:d7:cd:
79:7f:4f:aa:71:ee:42:b8:af:6e:c8:44:1c:98:36:7f:88:67:
6f:f3:85:00:67:7a:ce:28:75:5a:c9:33:09:57:2b:88:e4:38:
6d:a8:1a:49:8d:1a:13:1e:86:be:01:95:12:88:90:28:46:97:
58:f2:ce:8b:7c:9f:7c:96:f6:6f:a6:6b:d1:ca:08:e5:10:45:
64:cf:cc:06:8f:0b:2d:1d:23:09:5a:f0:fe:66:dc:e5:d0:55:
31:ba:2a:73:e1:9f:f4:3c:da:df:f3:1a:a2:87:ba:1f:87:79:
8e:74:37:3e:2c:91:36:42:79:82:b3:d0:24:9c:bc:14:97:c2:
ab:c4:c5:16:d0:ac:9e:ad:ff:7b:0a:8b:79:79:a5:c1:cf:27:
50:4c:33:82:05:16:b2:6c:60:e6:f2:9e:a2:49:92:4d:cd:f8:
81:c1:9d:68:86:2b:3f:97:26:bd:d0:03:53:98:1a:7a:34:c6:
1e:8b:89:53:c5:99:f1:a2:71:a4:37:1a:9a:3f:fa:f8:44:ba:
72:fa:e2:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc6UoxAxED8rlxwJLrenNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OTY4MDI5ZjEyNDA5NmVhYjk1NWRmOWI3YTgxYzg4Y2Iz
MzNhMDUwHhcNMjUxMTA0MDYwMDE1WhcNMjUxMTA1MDYwMDE1WjAzMTEwLwYDVQQD
EygwYTVhM2VjNDUyYWVkOWZiMjY2ZjQ5ZTViN2UxMTc1MWE5YWM3NjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/XA0GZvx8SUFgf4MIqdnFXoxjz3
3RCw2sZ4DX6PdEfUaQS+bBBmhiGHdmWg75+wrHuIoZ+WU0+j2w/rXeAVmszLrUlq
UgkmfqJhrW6SydK+Uk6EtdGCn3aqrTiMATIWpppoG6yILT8Bt5XmuNjlcbc2/8x2
XOeeASkLMDtWRJLZ/Av7KTPjy6AKXLQpSawPGUAE00eNBKiPwuVcVNwcy5YLc1YS
/n5MLmlWi2FFD63YuzscNHesiszM45x4Q8XIAKha0h42Yf50wmPn0mZqlwWAJkC2
NTF5KUBKiCyZenk4FSNMi9qS5lQFOTpvm3Tp7yrLN5mybgSet6F9SzO/IQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFApaPsRSrtn7Jm9J5bfhF1GprHZ9MB8GA1UdIwQY
MBaAFNmWgCnxJAluq5Vd+beoHIjLMzoFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMt
NmVlYTEyMjA1NzIwLzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8yN2ExYmMtYjI1OC00MDVmLTlmOTMtNmVlYTEyMjA1NzIw
LzEvMlphQUtmRWtDVzZybFYzNXQ2Z2NpTXN6T2dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsXpPBVjI
0L/EWYZm4X9Zntrd7pb8GnMDX4DZUEKZH33WBKfO341h6A1H8m8KYbpwy51fFtfN
eX9PqnHuQrivbshEHJg2f4hnb/OFAGd6zih1WskzCVcriOQ4bagaSY0aEx6GvgGV
EoiQKEaXWPLOi3yffJb2b6Zr0coI5RBFZM/MBo8LLR0jCVrw/mbc5dBVMboqc+Gf
9Dza3/Maooe6H4d5jnQ3PiyRNkJ5grPQJJy8FJfCq8TFFtCsnq3/ewqLeXmlwc8n
UEwzggUWsmxg5vKeokmSTc34gcGdaIYrP5cmvdADU5gaejTGHouJU8WZ8aJxpDca
mj/6+ES6cvri6g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:59:05 2025 by rpki-client