Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
File: zUBlln3sCStfyQFS5KlTObodIok.mft (raw, json)
Hash identifier: RQ6f6/HvBgQgwc7IamFBhJDRnlQ1NHPXLCfOixXVNrc=
Subject key identifier: AB:2B:00:9D:11:FC:9C:5B:68:3A:A1:38:98:F5:AC:23:C6:07:E3:BE
Authority key identifier: CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
Certificate issuer: /CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Certificate serial: 0199FCC6BCDFDB492EC31B9D7818D5EF8CE1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
Manifest number: 0D38
Signing time: Sun 19 Oct 2025 14:01:46 +0000
Manifest this update: Sun 19 Oct 2025 14:01:46 +0000
Manifest next update: Mon 20 Oct 2025 14:01:46 +0000
Files and hashes: 1: O_Eyba2hWiJ1G1yko5jMVf-Hi74.roa (hash: 6Ep9rh8riGcgqLK1eN8d8mtWbuCz5+WFjzg4sxJvKMw=)
2: zUBlln3sCStfyQFS5KlTObodIok.crl (hash: YHDWWmdQOZ1F0CepQ27YRcL+WsLWNq0Ub6OW2e4pPXQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:c6:bc:df:db:49:2e:c3:1b:9d:78:18:d5:ef:8c:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd4065967dec092b5fc90152e4a95339ba1d2289
Validity
Not Before: Oct 19 14:01:46 2025 GMT
Not After : Oct 20 14:01:46 2025 GMT
Subject: CN=ab2b009d11fc9c5b683aa13898f5ac23c607e3be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ab:51:e6:92:1a:8e:92:3e:a1:00:29:aa:85:
e2:3e:5c:2f:c6:c3:51:60:c7:a5:d4:bc:96:98:8b:
cd:39:c9:0e:d6:b8:ab:d1:a6:9d:7a:49:47:02:d3:
a0:25:5b:38:c4:b5:b4:97:de:9b:2d:c8:50:4c:5a:
d7:c4:55:e8:cb:2b:75:2f:be:7d:53:12:c6:44:ce:
94:64:05:b5:1c:9f:98:8c:41:75:5a:86:76:b7:6e:
57:e7:0c:b8:ad:76:60:47:d7:6e:60:70:74:43:64:
48:12:b0:29:68:f1:04:cf:41:28:aa:6f:b3:24:64:
a7:12:b3:1b:ed:80:95:f4:fc:28:fa:e5:a5:48:a7:
fe:2f:af:a8:d8:9e:5c:68:56:66:69:5c:69:ff:0b:
dc:fc:2a:12:ed:68:0f:80:0e:ae:0c:4e:ed:c8:f2:
d5:0b:27:5f:1b:54:f6:ad:0a:aa:65:47:49:d0:8c:
78:34:33:96:2d:1f:1b:fe:ae:e9:5f:10:e0:3d:59:
6e:48:f1:f0:f4:e3:eb:a2:ef:96:3d:48:cc:6f:66:
ed:12:bf:51:87:95:61:27:e3:5f:93:f8:48:1d:92:
d6:43:2c:b8:3b:52:78:d9:9d:7d:ca:28:f8:07:52:
89:35:c7:fb:6d:a9:d8:34:18:9c:9e:6e:51:08:19:
ff:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2B:00:9D:11:FC:9C:5B:68:3A:A1:38:98:F5:AC:23:C6:07:E3:BE
X509v3 Authority Key Identifier:
keyid:CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2a:3c:df:30:f4:2e:eb:6b:83:43:2c:c4:cd:f3:7f:b5:80:d8:
57:2f:95:ed:f3:de:6d:d7:91:e6:5b:dd:76:de:5b:c4:8d:26:
d6:19:ad:07:aa:5f:bb:c5:72:00:9d:d7:31:c9:64:39:48:f0:
ef:bb:e0:05:87:75:e7:05:f4:3b:38:54:68:b1:f3:42:a9:8a:
b4:ac:07:0c:ae:1f:ae:51:90:1a:77:73:f7:b3:99:78:7d:ad:
56:7d:fa:53:80:2e:89:cd:7e:44:38:94:2f:33:ab:4e:d7:05:
d7:e5:e8:c1:f2:7d:7c:a8:2f:79:06:34:e2:10:ba:19:ac:6b:
8f:8b:ac:85:0c:1f:30:c3:eb:c1:7f:9c:71:2a:6e:6c:ab:a0:
e6:48:b9:03:1a:9a:fb:c5:4a:10:65:b4:4a:5a:c1:cd:c7:4f:
ff:ec:f1:03:18:83:b8:a2:d1:98:fe:14:86:c4:ee:50:55:9e:
88:0c:14:c6:e3:46:e6:0a:ee:9d:66:82:4b:ad:4b:82:fe:f6:
92:3a:b0:fa:05:ce:71:61:52:8d:3c:7a:cd:b7:68:61:16:d1:
47:8b:92:03:f9:ed:b7:3d:1d:da:ac:61:8a:5a:e5:f3:6a:bd:
be:3f:15:78:09:05:bd:20:ce:61:91:9e:3a:04:86:52:32:57:
a7:60:10:f2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8xrzf20kuwxudeBjV74zhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNDA2NTk2N2RlYzA5MmI1ZmM5MDE1MmU0YTk1MzM5YmEx
ZDIyODkwHhcNMjUxMDE5MTQwMTQ2WhcNMjUxMDIwMTQwMTQ2WjAzMTEwLwYDVQQD
EyhhYjJiMDA5ZDExZmM5YzViNjgzYWExMzg5OGY1YWMyM2M2MDdlM2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoatR5pIajpI+oQApqoXiPlwvxsNR
YMel1LyWmIvNOckO1rir0aadeklHAtOgJVs4xLW0l96bLchQTFrXxFXoyyt1L759
UxLGRM6UZAW1HJ+YjEF1WoZ2t25X5wy4rXZgR9duYHB0Q2RIErApaPEEz0Eoqm+z
JGSnErMb7YCV9Pwo+uWlSKf+L6+o2J5caFZmaVxp/wvc/CoS7WgPgA6uDE7tyPLV
CydfG1T2rQqqZUdJ0Ix4NDOWLR8b/q7pXxDgPVluSPHw9OProu+WPUjMb2btEr9R
h5VhJ+Nfk/hIHZLWQyy4O1J42Z19yij4B1KJNcf7banYNBicnm5RCBn/7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsrAJ0R/JxbaDqhOJj1rCPGB+O+MB8GA1UdIwQY
MBaAFM1AZZZ97AkrX8kBUuSpUzm6HSKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2Qt
ZWRjZWY3NDUxZWY0LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2QtZWRjZWY3NDUxZWY0
LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKjzfMPQu
62uDQyzEzfN/tYDYVy+V7fPebdeR5lvddt5bxI0m1hmtB6pfu8VyAJ3XMclkOUjw
77vgBYd15wX0OzhUaLHzQqmKtKwHDK4frlGQGndz97OZeH2tVn36U4Auic1+RDiU
LzOrTtcF1+XowfJ9fKgveQY04hC6Gaxrj4ushQwfMMPrwX+ccSpubKug5ki5Axqa
+8VKEGW0SlrBzcdP/+zxAxiDuKLRmP4UhsTuUFWeiAwUxuNG5grunWaCS61Lgv72
kjqw+gXOcWFSjTx6zbdoYRbRR4uSA/nttz0d2qxhilrl82q9vj8VeAkFvSDOYZGe
OgSGUjJXp2AQ8g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:07:19 2025 by rpki-client