Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json)
Hash identifier: QqTW+ENyK3WjFgNetFjjJiBohJx33j6OAqidfcpCLiQ=
Subject key identifier: 72:14:6A:58:BB:9F:D8:83:20:3E:97:C8:90:CC:74:7B:F3:03:E2:D2
Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Certificate serial: 0199FB7D11A6353BC160BCEAEC2195818A31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
Manifest number: 0A
Signing time: Sun 19 Oct 2025 08:01:41 +0000
Manifest this update: Sun 19 Oct 2025 08:01:41 +0000
Manifest next update: Mon 20 Oct 2025 08:01:41 +0000
Files and hashes: 1: 5wnQts3aHCqK4LPQTc1TSV8LlF8.roa (hash: k5nmC2X9nRpfsHKs8VUO+zQKfKvAMmG2gTrsovLYmdc=)
2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: 7ZzutuCOnplo8mXq3sxxM9RCixD0fV/KQj17L5SIVOM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:7d:11:a6:35:3b:c1:60:bc:ea:ec:21:95:81:8a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663
Validity
Not Before: Oct 19 08:01:41 2025 GMT
Not After : Oct 20 08:01:41 2025 GMT
Subject: CN=72146a58bb9fd883203e97c890cc747bf303e2d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3e:81:8e:b8:61:40:c0:2a:7e:5f:e8:c8:35:
c7:3e:c6:bf:5c:2a:fe:34:01:7d:71:29:1d:99:36:
93:c2:f8:75:ea:aa:50:82:55:bf:aa:32:bf:85:d1:
8e:07:bd:2b:cd:c0:e7:d6:07:e3:4b:0e:1d:52:94:
c5:7b:77:b6:b0:ab:50:7f:5e:01:77:fc:f6:5e:cd:
cc:10:13:7d:41:c4:09:87:6d:8c:36:eb:d0:41:b9:
20:87:41:c1:ec:de:ae:3b:d7:18:7d:78:8e:24:41:
63:0e:92:bf:e7:bd:76:1e:fe:50:02:9c:5b:ab:8f:
1c:27:4b:7c:f0:4b:e9:df:31:15:3a:74:66:ad:6b:
f2:23:2f:25:0a:44:b3:c3:7c:da:c0:81:84:d5:72:
73:07:66:e2:63:bd:93:b8:99:9a:bb:52:9e:1f:f2:
47:24:c3:37:dd:54:fa:47:2c:7b:ec:92:81:7b:88:
fb:55:3d:c6:50:09:c4:ab:ba:5f:8c:62:71:e3:e0:
29:5a:8f:92:57:e3:55:1f:13:2e:ce:db:ec:e8:c3:
19:3c:7a:96:34:0f:db:96:3d:3d:5e:42:c1:ed:83:
74:45:9f:c6:75:ee:6d:f4:49:35:ca:b9:66:e9:96:
70:25:63:35:e8:81:00:90:9a:40:5b:4e:75:59:9e:
7e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:14:6A:58:BB:9F:D8:83:20:3E:97:C8:90:CC:74:7B:F3:03:E2:D2
X509v3 Authority Key Identifier:
keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:67:b9:9a:30:e7:2c:1a:f4:1e:8c:e5:8a:26:8b:1e:a9:74:
ce:92:65:b0:5b:45:c0:ff:b1:74:f6:09:93:84:e8:07:3f:db:
ee:1a:82:27:50:c4:b6:1d:38:ea:85:81:34:55:d2:8e:ab:69:
6f:e8:a7:38:36:38:85:c3:b1:4f:e1:c2:a0:33:52:54:84:00:
c8:8b:03:c5:c5:18:be:47:eb:3f:e7:1f:94:14:e7:5f:f8:02:
94:55:28:3c:c9:4b:67:ae:3c:94:5f:51:67:16:9a:8b:28:93:
14:b5:1c:f4:e7:7e:85:50:96:93:f1:95:b2:d1:61:94:86:03:
2a:2a:73:7d:e1:4f:9f:6e:e3:40:f4:56:64:8a:4e:ac:f2:73:
f7:2e:b4:aa:a5:72:a1:af:3f:af:84:a5:bc:8e:63:c1:22:6f:
94:65:cf:ae:2f:b7:71:b6:2d:69:0f:ca:85:7b:f8:68:cc:61:
b2:d1:88:58:93:e0:ae:6f:12:43:73:65:07:ee:4e:e6:4f:6f:
d3:c7:3b:d0:ac:21:08:fe:50:6d:40:16:79:58:0c:56:2b:91:
ba:e8:50:c3:38:7f:37:74:73:4f:bb:87:82:d9:39:a8:cc:ce:
35:38:16:ae:46:78:98:88:88:2d:fd:bd:55:99:50:81:d6:4a:
a7:68:e3:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7fRGmNTvBYLzq7CGVgYoxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1
ZTk2NjMwHhcNMjUxMDE5MDgwMTQxWhcNMjUxMDIwMDgwMTQxWjAzMTEwLwYDVQQD
Eyg3MjE0NmE1OGJiOWZkODgzMjAzZTk3Yzg5MGNjNzQ3YmYzMDNlMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj6BjrhhQMAqfl/oyDXHPsa/XCr+
NAF9cSkdmTaTwvh16qpQglW/qjK/hdGOB70rzcDn1gfjSw4dUpTFe3e2sKtQf14B
d/z2Xs3MEBN9QcQJh22MNuvQQbkgh0HB7N6uO9cYfXiOJEFjDpK/5712Hv5QApxb
q48cJ0t88Evp3zEVOnRmrWvyIy8lCkSzw3zawIGE1XJzB2biY72TuJmau1KeH/JH
JMM33VT6Ryx77JKBe4j7VT3GUAnEq7pfjGJx4+ApWo+SV+NVHxMuztvs6MMZPHqW
NA/blj09XkLB7YN0RZ/Gde5t9Ek1yrlm6ZZwJWM16IEAkJpAW051WZ5+AwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHIUali7n9iDID6XyJDMdHvzA+LSMB8GA1UdIwQY
MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt
MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl
LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZGe5mjDn
LBr0HozliiaLHql0zpJlsFtFwP+xdPYJk4ToBz/b7hqCJ1DEth046oWBNFXSjqtp
b+inODY4hcOxT+HCoDNSVIQAyIsDxcUYvkfrP+cflBTnX/gClFUoPMlLZ648lF9R
ZxaaiyiTFLUc9Od+hVCWk/GVstFhlIYDKipzfeFPn27jQPRWZIpOrPJz9y60qqVy
oa8/r4SlvI5jwSJvlGXPri+3cbYtaQ/KhXv4aMxhstGIWJPgrm8SQ3NlB+5O5k9v
08c70KwhCP5QbUAWeVgMViuRuuhQwzh/N3RzT7uHgtk5qMzONTgWrkZ4mIiILf29
VZlQgdZKp2jjzQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:04:33 2025 by rpki-client