Manifest
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
File: CE964F98379F0320A7191E6D6788800535885928.mft (raw, json)
Hash identifier: jHA10ficdbywGJ1YZtxaxvmaoboE8sfaLRBTPhxjZR4=
Subject key identifier: 88:9F:61:8C:75:1B:18:D0:CD:4F:C8:B6:B6:FC:9F:EE:F0:61:B9:5F
Authority key identifier: CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28
Certificate issuer: /CN=ce964f98379f0320a7191e6d6788800535885928
Certificate serial: 2CD68D49F811496BB0189388419F4FCE41AB003C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
Manifest number: 6A
Signing time: Wed 05 Nov 2025 08:56:17 +0000
Manifest this update: Wed 05 Nov 2025 08:51:17 +0000
Manifest next update: Thu 06 Nov 2025 11:15:17 +0000
Files and hashes: 1: CE964F98379F0320A7191E6D6788800535885928.crl (hash: 32E8iYNhxBp9k+bA2QgTyCSxPCnXJmz903+6AzfYeHM=)
2: AS214955.asa (hash: pJ7+xLkRqPDuQTZ4CjdQziRCbw0R4LvxfMvSG4sXOdg=)
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl
rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 11:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:d6:8d:49:f8:11:49:6b:b0:18:93:88:41:9f:4f:ce:41:ab:00:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce964f98379f0320a7191e6d6788800535885928
Validity
Not Before: Nov 5 08:51:17 2025 GMT
Not After : Nov 6 11:15:17 2025 GMT
Subject: CN=889F618C751B18D0CD4FC8B6B6FC9FEEF061B95F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:fd:65:fe:f5:ae:4a:48:32:86:cb:1a:82:5d:
f9:5a:1c:a2:a3:be:d1:70:7e:1e:7b:4f:18:f5:7f:
ba:fd:ab:2f:d9:43:ff:63:ca:50:ec:e2:bf:91:bf:
55:2f:e3:9b:43:31:77:b0:48:26:4f:60:b9:cf:3a:
89:76:b8:17:a0:15:db:5d:4f:4d:e7:56:fe:c0:b0:
28:65:b3:8f:2a:71:9f:e0:6b:64:9d:ca:97:cd:5f:
c1:fb:c5:06:40:69:da:69:90:e0:cb:8c:7e:93:4e:
c7:06:18:29:64:54:41:90:61:89:00:be:3d:5f:b6:
bf:84:7e:ad:40:4d:19:6f:e7:1c:d3:d5:92:4e:c7:
45:6d:07:f3:db:83:02:77:e7:6b:09:91:08:e9:59:
7c:93:41:22:d9:d7:19:b4:1b:f5:fd:9f:29:a2:69:
25:ac:fb:cb:10:ce:6a:52:5d:85:d1:af:50:60:65:
4a:74:df:78:3f:3b:86:ee:fd:98:c9:54:18:66:ba:
b7:8d:c0:ee:95:95:a4:b4:c4:b1:fd:6b:c4:2f:f0:
8b:c6:94:53:42:a4:33:37:43:7c:6d:44:2d:37:9e:
2d:b0:e8:dc:17:80:08:45:4c:70:7c:9f:56:60:a6:
44:d7:aa:cf:09:70:b5:09:97:19:bf:a4:b7:27:38:
86:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9F:61:8C:75:1B:18:D0:CD:4F:C8:B6:B6:FC:9F:EE:F0:61:B9:5F
X509v3 Authority Key Identifier:
keyid:CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:ac:5f:bf:1d:f1:53:c8:08:c4:24:78:8e:9e:e3:43:f5:9b:
57:72:94:ce:7a:9d:91:48:c0:ad:2d:ee:52:87:e7:7f:35:9b:
58:2e:11:ed:bd:08:27:c4:e3:3b:e2:b2:e1:48:e2:2d:9a:b0:
50:ba:71:ba:4b:9d:ed:e8:d3:10:d7:fc:8a:c7:07:66:11:5f:
3d:34:98:f0:96:5b:a0:e7:3e:b9:fd:70:0d:d3:9b:f1:94:57:
87:f8:7f:51:66:f4:b4:72:a3:aa:b9:5e:cd:4b:e0:c4:95:21:
19:d8:21:f1:ec:9b:6c:05:52:16:89:fe:10:62:83:a5:ca:56:
ca:37:61:86:ed:c8:94:78:94:a2:ef:28:0f:54:97:e9:6a:8e:
aa:1c:1f:1f:9b:3a:20:c3:17:4c:75:1e:5c:29:5b:4f:4a:6d:
f3:55:79:bc:7a:3a:97:c5:92:e2:2f:21:e5:79:d6:55:a6:d6:
a0:ed:a4:f4:f4:4f:ae:47:e1:e7:16:2d:b4:be:aa:d8:a7:b1:
e2:1b:b9:d3:16:32:0b:11:9c:24:73:53:2e:eb:cd:8e:5a:c0:
d6:2b:aa:ed:fa:8e:c5:be:6e:37:5b:e2:15:b5:52:f3:b9:a5:
3d:d0:9a:3a:14:ad:4f:24:a1:0b:34:36:6a:1a:79:02:a7:81:
7f:47:93:28
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIULNaNSfgRSWuwGJOIQZ9PzkGrADwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2U5NjRmOTgzNzlmMDMyMGE3MTkxZTZkNjc4ODgwMDUz
NTg4NTkyODAeFw0yNTExMDUwODUxMTdaFw0yNTExMDYxMTE1MTdaMDMxMTAvBgNV
BAMTKDg4OUY2MThDNzUxQjE4RDBDRDRGQzhCNkI2RkM5RkVFRjA2MUI5NUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd/WX+9a5KSDKGyxqCXflaHKKj
vtFwfh57Txj1f7r9qy/ZQ/9jylDs4r+Rv1Uv45tDMXewSCZPYLnPOol2uBegFdtd
T03nVv7AsChls48qcZ/ga2SdypfNX8H7xQZAadppkODLjH6TTscGGClkVEGQYYkA
vj1ftr+Efq1ATRlv5xzT1ZJOx0VtB/PbgwJ352sJkQjpWXyTQSLZ1xm0G/X9nymi
aSWs+8sQzmpSXYXRr1BgZUp033g/O4bu/ZjJVBhmureNwO6VlaS0xLH9a8Qv8IvG
lFNCpDM3Q3xtRC03ni2w6NwXgAhFTHB8n1ZgpkTXqs8JcLUJlxm/pLcnOIa1AgMB
AAGjggJHMIICQzAdBgNVHQ4EFgQUiJ9hjHUbGNDNT8i2tvyf7vBhuV8wHwYDVR0j
BBgwFoAUzpZPmDefAyCnGR5tZ4iABTWIWSgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvM2Y5OWU2NmQtNGM3Yi00MTMwLTkxZDUtNGZiZDg0MzU3
NzkyLzAvQ0U5NjRGOTgzNzlGMDMyMEE3MTkxRTZENjc4ODgwMDUzNTg4NTkyOC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3pwWlBtRGVmQXlDbkdSNXRaNGlBQlRX
SVdTZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zZjk5ZTY2ZC00
YzdiLTQxMzAtOTFkNS00ZmJkODQzNTc3OTIvMC9DRTk2NEY5ODM3OUYwMzIwQTcx
OTFFNkQ2Nzg4ODAwNTM1ODg1OTI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH
AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaqxfvx3xU8gIxCR4jp7j
Q/WbV3KUznqdkUjArS3uUofnfzWbWC4R7b0IJ8TjO+Ky4UjiLZqwULpxukud7ejT
ENf8iscHZhFfPTSY8JZboOc+uf1wDdOb8ZRXh/h/UWb0tHKjqrlezUvgxJUhGdgh
8eybbAVSFon+EGKDpcpWyjdhhu3IlHiUou8oD1SX6WqOqhwfH5s6IMMXTHUeXClb
T0pt81V5vHo6l8WS4i8h5XnWVabWoO2k9PRPrkfh5xYttL6q2Kex4hu50xYyCxGc
JHNTLuvNjlrA1iuq7fqOxb5uN1viFbVS87mlPdCaOhStTyShCzQ2ahp5AqeBf0eT
KA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 22:43:37 2025 by rpki-client