Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
File: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft (raw, json)
Hash identifier: Z8KN52MjRNSaBEAFZkmflckLsSL9QOBna1xMnCym6k8=
Subject key identifier: 4E:B2:AE:E3:15:43:52:F4:B8:E4:9F:64:BE:B4:6C:79:B5:16:84:29
Authority key identifier: F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
Certificate issuer: /CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Certificate serial: 019A01EC0E005B5F34FD0497A9A37D84A35F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
Manifest number: 16E7
Signing time: Mon 20 Oct 2025 14:00:38 +0000
Manifest this update: Mon 20 Oct 2025 14:00:38 +0000
Manifest next update: Tue 21 Oct 2025 14:00:38 +0000
Files and hashes: 1: 9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl (hash: 8YFMtKjBFKTGBGU3Smh1SK99FDofwUNShw/ipBmjhUg=)
2: bRo1FpRQdGW3rrEgf9LP2ZyYMbs.roa (hash: ZwgslFPNqU25lgzTk3XOIv2Nozx6fjcmPWKTGmYvfPU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:ec:0e:00:5b:5f:34:fd:04:97:a9:a3:7d:84:a3:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4c64994e24d4aefdc42a8831fe0dce20d604689
Validity
Not Before: Oct 20 14:00:38 2025 GMT
Not After : Oct 21 14:00:38 2025 GMT
Subject: CN=4eb2aee3154352f4b8e49f64beb46c79b5168429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:00:59:01:b1:37:d3:9f:fa:5a:6c:51:be:24:
f4:6c:13:09:9b:fa:1c:7a:54:4f:06:81:c3:64:12:
e7:3b:97:6d:9f:56:4b:e1:a5:6e:12:1a:80:59:73:
98:41:e1:97:e4:99:dc:43:89:3c:bc:72:29:cc:83:
fb:05:6a:a2:88:ee:d0:d9:82:0a:c2:8e:6d:ad:a8:
72:19:8c:58:ef:9d:f8:db:8a:e3:d5:4e:7e:63:50:
2d:ff:fa:c7:08:29:ce:97:8e:84:58:44:2e:33:7f:
39:0a:2f:fa:af:f7:06:97:25:cb:fd:1e:c6:55:4f:
3b:3b:7e:c7:e6:a2:c8:db:36:a9:0e:b6:86:42:b4:
ee:f3:8a:72:ca:cc:50:d4:01:7b:33:e9:0d:32:cd:
5f:80:70:84:9a:d6:83:26:6d:86:ab:89:75:75:c5:
f7:c6:14:c9:34:a3:86:2c:39:ad:05:2d:49:3b:1b:
84:c8:5e:85:80:da:cd:79:9d:83:10:c5:b5:c1:00:
2a:af:13:39:5d:0c:c4:3c:d9:05:bd:2a:4c:07:f6:
f9:84:04:e9:2e:67:b0:e7:41:b8:1a:ee:7f:74:d1:
e9:a8:0b:70:75:67:b7:51:2c:cc:59:c7:03:e5:2c:
99:a5:d6:21:09:6e:68:ec:8f:c0:3f:9c:56:d0:2e:
2b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B2:AE:E3:15:43:52:F4:B8:E4:9F:64:BE:B4:6C:79:B5:16:84:29
X509v3 Authority Key Identifier:
keyid:F4:C6:49:94:E2:4D:4A:EF:DC:42:A8:83:1F:E0:DC:E2:0D:60:46:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9MZJlOJNSu_cQqiDH-Dc4g1gRok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/64658d-d5eb-489b-bc15-3855698fb57f/1/9MZJlOJNSu_cQqiDH-Dc4g1gRok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:e3:4e:ce:34:54:9b:25:53:ea:f5:4b:6e:2c:5a:b2:71:0d:
ca:b9:57:6a:93:1e:62:84:f2:ac:e2:e1:86:c8:33:cd:65:86:
29:79:28:84:b9:6b:ab:63:60:d7:75:3f:b0:64:e6:e9:a8:30:
07:ed:45:49:b2:3f:8f:46:6e:de:02:43:4c:f0:ab:3f:e8:6a:
6b:21:b0:ae:69:60:02:90:81:4c:79:17:ad:4d:9c:3a:9e:5d:
20:d8:9a:94:84:04:64:89:ce:64:70:97:a7:f7:80:da:4c:bd:
3f:9c:22:e3:f4:65:14:97:f7:d9:66:c8:70:03:fd:32:1c:a9:
00:1d:14:84:5d:03:5d:1d:7e:2e:43:f7:34:f2:77:2a:1e:7c:
44:6d:5e:fc:75:07:28:d5:0d:86:f0:42:d9:55:84:d4:a6:0f:
a1:95:da:98:87:ce:77:01:67:bc:2b:04:93:6f:c4:13:2c:2b:
bb:60:d2:bc:76:de:89:bd:17:15:ba:6d:53:ad:46:14:db:3f:
66:11:e1:15:76:78:53:bc:df:cb:5b:fc:cd:84:c6:80:40:e8:
23:e0:b0:d5:f8:c8:0c:b5:c7:40:99:d8:6e:1c:a6:7d:4b:85:
9c:26:26:d6:3f:21:57:1f:2a:96:bf:df:25:99:c1:8f:3b:8f:
bd:ef:a1:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoB7A4AW180/QSXqaN9hKNfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YzY0OTk0ZTI0ZDRhZWZkYzQyYTg4MzFmZTBkY2UyMGQ2
MDQ2ODkwHhcNMjUxMDIwMTQwMDM4WhcNMjUxMDIxMTQwMDM4WjAzMTEwLwYDVQQD
Eyg0ZWIyYWVlMzE1NDM1MmY0YjhlNDlmNjRiZWI0NmM3OWI1MTY4NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgBZAbE305/6WmxRviT0bBMJm/oc
elRPBoHDZBLnO5dtn1ZL4aVuEhqAWXOYQeGX5JncQ4k8vHIpzIP7BWqiiO7Q2YIK
wo5trahyGYxY753424rj1U5+Y1At//rHCCnOl46EWEQuM385Ci/6r/cGlyXL/R7G
VU87O37H5qLI2zapDraGQrTu84pyysxQ1AF7M+kNMs1fgHCEmtaDJm2Gq4l1dcX3
xhTJNKOGLDmtBS1JOxuEyF6FgNrNeZ2DEMW1wQAqrxM5XQzEPNkFvSpMB/b5hATp
Lmew50G4Gu5/dNHpqAtwdWe3USzMWccD5SyZpdYhCW5o7I/AP5xW0C4rgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE6yruMVQ1L0uOSfZL60bHm1FoQpMB8GA1UdIwQY
MBaAFPTGSZTiTUrv3EKogx/g3OINYEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUt
Mzg1NTY5OGZiNTdmLzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy82NDY1OGQtZDVlYi00ODliLWJjMTUtMzg1NTY5OGZiNTdm
LzEvOU1aSmxPSk5TdV9jUXFpREgtRGM0ZzFnUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUuNOzjRU
myVT6vVLbixasnENyrlXapMeYoTyrOLhhsgzzWWGKXkohLlrq2Ng13U/sGTm6agw
B+1FSbI/j0Zu3gJDTPCrP+hqayGwrmlgApCBTHkXrU2cOp5dINialIQEZInOZHCX
p/eA2ky9P5wi4/RlFJf32WbIcAP9MhypAB0UhF0DXR1+LkP3NPJ3Kh58RG1e/HUH
KNUNhvBC2VWE1KYPoZXamIfOdwFnvCsEk2/EEywru2DSvHbeib0XFbptU61GFNs/
ZhHhFXZ4U7zfy1v8zYTGgEDoI+Cw1fjIDLXHQJnYbhymfUuFnCYm1j8hVx8qlr/f
JZnBjzuPve+hDQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:41:40 2025 by rpki-client