Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
File: zfQLRgtIuPNm_sXKObMcOAxkWjI.mft (raw, json)
Hash identifier: qNiVb4E2EJ3+BRvHMcM0Ggdrm6pSYCkKUsyQ8wgymQQ=
Subject key identifier: 78:88:A8:AF:5B:EB:9A:D0:17:6D:BA:FA:85:02:A1:44:0A:28:0D:AE
Authority key identifier: CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32
Certificate issuer: /CN=cdf40b460b48b8f366fec5ca39b31c380c645a32
Certificate serial: 0199FCFD8C35B4B908DECB8E2532F207496B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
Manifest number: 01A9
Signing time: Sun 19 Oct 2025 15:01:38 +0000
Manifest this update: Sun 19 Oct 2025 15:01:38 +0000
Manifest next update: Mon 20 Oct 2025 15:01:38 +0000
Files and hashes: 1: zfQLRgtIuPNm_sXKObMcOAxkWjI.crl (hash: KVwI0CaqcbbSXaOeUfWXH12KPEzlimIbbECV07a0xSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:8c:35:b4:b9:08:de:cb:8e:25:32:f2:07:49:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdf40b460b48b8f366fec5ca39b31c380c645a32
Validity
Not Before: Oct 19 15:01:38 2025 GMT
Not After : Oct 20 15:01:38 2025 GMT
Subject: CN=7888a8af5beb9ad0176dbafa8502a1440a280dae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c3:9c:d3:5d:f3:c6:06:8d:9d:54:6c:68:6d:
da:f7:49:df:30:ff:db:ae:2e:8b:51:f0:f1:a2:1a:
9d:a7:a1:4f:41:f0:8d:54:fb:a9:17:e1:0e:a1:26:
e6:2f:ec:f3:cf:e9:b1:13:11:59:7a:ea:ff:64:dc:
be:48:e1:95:e5:ac:41:09:7c:f1:03:22:6b:c3:fb:
97:3e:ca:01:63:a2:9c:92:3d:44:2f:21:84:2a:9c:
cd:fc:47:56:30:2d:1c:2e:e9:53:25:78:aa:94:78:
57:28:1e:03:8e:cd:85:9b:b9:99:a3:cd:74:4d:e4:
e4:40:6c:7f:67:a1:4e:02:47:1b:0f:13:08:e7:c7:
21:25:78:20:f7:f1:42:26:02:d7:cf:1f:40:96:6b:
ee:49:e9:65:63:ee:9a:8e:6f:80:0f:84:16:ea:c9:
2f:61:d1:61:45:45:9c:48:70:5f:f8:8e:ff:f4:ef:
32:ee:c2:8c:b5:01:ac:66:97:80:a6:05:83:27:53:
d0:d7:be:e6:11:ca:68:1f:d3:17:4a:ac:49:7c:a3:
92:26:30:39:b4:cf:53:d2:b7:9f:c5:34:39:a2:55:
70:7a:ab:41:42:74:1d:21:ce:13:a3:c6:0a:62:ab:
46:23:b3:f0:e6:18:53:ee:e2:56:dd:62:52:35:b9:
86:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:88:A8:AF:5B:EB:9A:D0:17:6D:BA:FA:85:02:A1:44:0A:28:0D:AE
X509v3 Authority Key Identifier:
keyid:CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:19:b4:5a:d2:39:f2:25:5d:57:a1:73:7b:f5:e2:a5:d6:9f:
ac:bd:28:49:9c:e0:0e:d0:d4:b4:9c:f1:15:f2:13:d7:e4:db:
c4:10:7b:88:ff:c5:b4:13:0a:62:56:ad:74:04:58:95:10:92:
a8:59:a7:df:be:2d:a5:7c:fa:38:a1:90:d2:3b:7b:2f:2b:7f:
2b:6c:5d:cf:cf:ca:f2:05:81:cf:64:90:52:1f:28:35:f9:56:
1f:93:fd:bc:c8:c8:8a:3e:1e:96:e3:2a:5e:5b:26:2b:c7:a0:
de:f2:27:44:3a:00:71:2f:9a:40:31:b5:41:ba:10:0d:df:f7:
aa:be:ec:18:f9:73:c8:99:45:6d:c5:96:b0:c7:dc:62:70:c1:
29:cb:fe:5a:24:b2:7c:e9:57:01:75:2a:30:5c:76:74:2f:48:
57:52:ab:8f:0c:f3:f8:46:d5:77:4c:9d:43:4e:a9:17:d3:8c:
90:58:d2:e5:e5:7b:2a:57:9f:7f:ed:19:29:08:4f:7f:28:c4:
38:de:d3:8e:a8:0f:d7:2d:9b:c5:5d:50:4c:84:71:39:0f:5f:
f3:5a:27:5b:5f:32:70:e9:2b:dc:cd:2f:71:5e:26:c0:f8:c4:
ae:45:78:5e:30:7e:d7:74:c7:57:83:22:bb:0d:75:eb:42:c9:
70:4b:15:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/Yw1tLkI3suOJTLyB0lrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZjQwYjQ2MGI0OGI4ZjM2NmZlYzVjYTM5YjMxYzM4MGM2
NDVhMzIwHhcNMjUxMDE5MTUwMTM4WhcNMjUxMDIwMTUwMTM4WjAzMTEwLwYDVQQD
Eyg3ODg4YThhZjViZWI5YWQwMTc2ZGJhZmE4NTAyYTE0NDBhMjgwZGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8Oc013zxgaNnVRsaG3a90nfMP/b
ri6LUfDxohqdp6FPQfCNVPupF+EOoSbmL+zzz+mxExFZeur/ZNy+SOGV5axBCXzx
AyJrw/uXPsoBY6Kckj1ELyGEKpzN/EdWMC0cLulTJXiqlHhXKB4Djs2Fm7mZo810
TeTkQGx/Z6FOAkcbDxMI58chJXgg9/FCJgLXzx9AlmvuSellY+6ajm+AD4QW6skv
YdFhRUWcSHBf+I7/9O8y7sKMtQGsZpeApgWDJ1PQ177mEcpoH9MXSqxJfKOSJjA5
tM9T0refxTQ5olVweqtBQnQdIc4To8YKYqtGI7Pw5hhT7uJW3WJSNbmGnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHiIqK9b65rQF226+oUCoUQKKA2uMB8GA1UdIwQY
MBaAFM30C0YLSLjzZv7FyjmzHDgMZFoyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYt
YTdlZjFkY2ZkNWYxLzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYtYTdlZjFkY2ZkNWYx
LzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxm0WtI5
8iVdV6Fze/XipdafrL0oSZzgDtDUtJzxFfIT1+TbxBB7iP/FtBMKYlatdARYlRCS
qFmn374tpXz6OKGQ0jt7Lyt/K2xdz8/K8gWBz2SQUh8oNflWH5P9vMjIij4eluMq
XlsmK8eg3vInRDoAcS+aQDG1QboQDd/3qr7sGPlzyJlFbcWWsMfcYnDBKcv+WiSy
fOlXAXUqMFx2dC9IV1Krjwzz+EbVd0ydQ06pF9OMkFjS5eV7Kleff+0ZKQhPfyjE
ON7TjqgP1y2bxV1QTIRxOQ9f81onW18ycOkr3M0vcV4mwPjErkV4XjB+13THV4Mi
uw1160LJcEsVNw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:03:12 2025 by rpki-client