Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
File: M7Zai666T_YhSS6-5vweiK2yGwM.mft (raw, json)
Hash identifier: gnDzuclPKdk+Ryd4RzIVNR4N8YL81o4fflPc6oktkyU=
Subject key identifier: 98:08:2F:77:FF:CF:9E:60:65:73:76:9B:3E:22:C4:CF:33:0A:E7:FF
Authority key identifier: 33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
Certificate issuer: /CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Certificate serial: 0199FC584B01B7A2B7D28841B3D43A06D50F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
Manifest number: 02FA
Signing time: Sun 19 Oct 2025 12:01:08 +0000
Manifest this update: Sun 19 Oct 2025 12:01:08 +0000
Manifest next update: Mon 20 Oct 2025 12:01:08 +0000
Files and hashes: 1: KOqyp8DhhZD3JH6K0j1zl6aQKBk.roa (hash: CehIyyDTNH2XPwU/dxmXRsBi9Cc/OKe00kUQqRs/maU=)
2: M7Zai666T_YhSS6-5vweiK2yGwM.crl (hash: E1cmUXS8WnsY/yCkvBlib+2t40K3nngCosYwzAsmV7w=)
3: YCOxnrJZzRohN18jKfSDMAOgQUI.roa (hash: /PrVwAluwlwegI08mKBtFGWqwyRlaqAj4wNKvuzMcSU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:58:4b:01:b7:a2:b7:d2:88:41:b3:d4:3a:06:d5:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33b65a8baeba4ff621492ebee6fc1e88adb21b03
Validity
Not Before: Oct 19 12:01:08 2025 GMT
Not After : Oct 20 12:01:08 2025 GMT
Subject: CN=98082f77ffcf9e606573769b3e22c4cf330ae7ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:61:05:6f:9b:65:c1:f8:1d:af:51:ce:72:ec:
ac:b4:99:1a:88:47:8f:17:84:36:f8:16:6e:94:b3:
7e:1a:ec:86:8d:97:53:63:cd:96:ff:b4:71:db:67:
c8:a2:d6:be:e4:fa:d8:13:30:b8:b6:64:9f:e8:46:
0f:04:9d:be:62:bd:bd:79:ca:67:c1:89:8c:72:a0:
c5:ed:57:5b:6a:6e:e0:f6:31:42:c6:7e:63:c3:75:
7f:77:c3:92:df:9d:12:54:9c:94:e2:e3:b5:36:c1:
71:17:d0:97:c9:ea:70:10:53:50:9b:18:76:d0:42:
13:81:7e:cb:e5:bf:d5:86:db:f5:db:1f:23:3b:d1:
a5:12:2b:d0:ea:45:07:4c:5c:ac:75:d2:39:7a:f4:
ed:b0:87:fe:6d:e2:df:31:cd:a0:11:90:4b:cc:5a:
1a:2c:bd:da:3d:fe:01:cc:a9:6c:35:d3:bf:82:5f:
cb:be:ee:a0:9f:3c:55:9c:53:78:fa:88:77:bd:9f:
12:83:19:c6:cd:f5:b1:90:13:71:2c:a4:8e:24:4a:
1f:a2:e0:c3:c6:13:21:fd:0f:98:d6:cf:fe:e1:d9:
d8:80:ee:55:48:e2:d8:a1:81:8d:bf:7d:ba:ed:88:
0a:96:74:13:b1:2f:4b:e8:7c:f8:55:5d:42:f1:44:
79:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:08:2F:77:FF:CF:9E:60:65:73:76:9B:3E:22:C4:CF:33:0A:E7:FF
X509v3 Authority Key Identifier:
keyid:33:B6:5A:8B:AE:BA:4F:F6:21:49:2E:BE:E6:FC:1E:88:AD:B2:1B:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M7Zai666T_YhSS6-5vweiK2yGwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/aabc6c-0456-4935-a469-d547185512de/1/M7Zai666T_YhSS6-5vweiK2yGwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7e:ad:3d:7c:f3:5b:32:2b:0d:a2:3e:ab:01:c8:19:72:49:46:
e3:41:eb:12:95:ed:d6:bd:54:af:4a:b0:cd:2b:26:d8:a6:f0:
72:85:63:9d:78:d9:8b:a9:99:ab:9d:29:fd:68:10:21:4b:6f:
e7:de:59:53:2a:cf:3d:32:9f:37:11:cb:94:43:71:00:08:70:
c7:e6:c0:d5:81:eb:39:07:13:a5:60:66:02:d0:8b:2b:fa:6a:
f9:12:d0:26:05:b5:de:dc:3c:37:a5:bf:7c:7c:db:fa:00:12:
c6:a4:30:5a:d5:5e:79:c4:d0:9e:46:56:a6:aa:2d:5b:11:7e:
a7:b6:0b:3c:0a:36:90:64:42:f6:05:80:6d:78:01:cf:f7:b1:
34:4a:a4:ca:38:b0:a2:ea:67:cd:cd:62:dd:19:35:43:5a:c9:
b4:2b:07:bd:20:7a:db:cf:7a:14:5a:c4:2e:86:3f:74:e3:19:
d7:4a:97:d8:5d:1f:e5:7b:d6:cb:f5:74:37:f5:26:8e:57:35:
eb:03:e5:32:ea:6f:c9:0e:1f:29:85:15:71:c5:5a:4f:9b:e3:
e0:f4:16:d2:41:f9:8d:e8:a6:06:b4:a4:6f:58:88:4d:4f:35:
ac:1b:e6:89:e1:48:8d:50:53:72:f7:a8:b2:c4:79:ac:2b:fb:
c0:c4:11:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8WEsBt6K30ohBs9Q6BtUPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYjY1YThiYWViYTRmZjYyMTQ5MmViZWU2ZmMxZTg4YWRi
MjFiMDMwHhcNMjUxMDE5MTIwMTA4WhcNMjUxMDIwMTIwMTA4WjAzMTEwLwYDVQQD
Eyg5ODA4MmY3N2ZmY2Y5ZTYwNjU3Mzc2OWIzZTIyYzRjZjMzMGFlN2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGEFb5tlwfgdr1HOcuystJkaiEeP
F4Q2+BZulLN+GuyGjZdTY82W/7Rx22fIota+5PrYEzC4tmSf6EYPBJ2+Yr29ecpn
wYmMcqDF7Vdbam7g9jFCxn5jw3V/d8OS350SVJyU4uO1NsFxF9CXyepwEFNQmxh2
0EITgX7L5b/Vhtv12x8jO9GlEivQ6kUHTFysddI5evTtsIf+beLfMc2gEZBLzFoa
LL3aPf4BzKlsNdO/gl/Lvu6gnzxVnFN4+oh3vZ8SgxnGzfWxkBNxLKSOJEofouDD
xhMh/Q+Y1s/+4dnYgO5VSOLYoYGNv3267YgKlnQTsS9L6Hz4VV1C8UR5pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJgIL3f/z55gZXN2mz4ixM8zCuf/MB8GA1UdIwQY
MBaAFDO2Wouuuk/2IUkuvub8HoitshsDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0Njkt
ZDU0NzE4NTUxMmRlLzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hYWJjNmMtMDQ1Ni00OTM1LWE0NjktZDU0NzE4NTUxMmRl
LzEvTTdaYWk2NjZUX1loU1M2LTV2d2VpSzJ5R3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfq09fPNb
MisNoj6rAcgZcklG40HrEpXt1r1Ur0qwzSsm2KbwcoVjnXjZi6mZq50p/WgQIUtv
595ZUyrPPTKfNxHLlENxAAhwx+bA1YHrOQcTpWBmAtCLK/pq+RLQJgW13tw8N6W/
fHzb+gASxqQwWtVeecTQnkZWpqotWxF+p7YLPAo2kGRC9gWAbXgBz/exNEqkyjiw
oupnzc1i3Rk1Q1rJtCsHvSB62896FFrELoY/dOMZ10qX2F0f5XvWy/V0N/Umjlc1
6wPlMupvyQ4fKYUVccVaT5vj4PQW0kH5jeimBrSkb1iITU81rBvmieFIjVBTcveo
ssR5rCv7wMQRFw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:41:27 2025 by rpki-client