Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
File: czsHKLegVDWEws0LSLdHjEGU7wo.mft (raw, json)
Hash identifier: YWm2EvVuLq/jndvURqFfAbxGPCqX2bZxZY2M+A3DyrY=
Subject key identifier: E8:68:F4:E0:17:95:58:7A:E2:08:56:2E:A2:6C:CC:DB:6E:DF:F7:53
Authority key identifier: 73:3B:07:28:B7:A0:54:35:84:C2:CD:0B:48:B7:47:8C:41:94:EF:0A
Certificate issuer: /CN=733b0728b7a0543584c2cd0b48b7478c4194ef0a
Certificate serial: 0199FBEB4BEB3C79841005446D05A2AB5D91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
Manifest number: 0819
Signing time: Sun 19 Oct 2025 10:02:05 +0000
Manifest this update: Sun 19 Oct 2025 10:02:05 +0000
Manifest next update: Mon 20 Oct 2025 10:02:05 +0000
Files and hashes: 1: 0o1YRHDHs6Y_Qq6pCAQcKlyWFz8.roa (hash: nsMIKNS3OeQBs34bWYRCT4THehdiZrvKLdywuELl5UY=)
2: U5txbLmFPtaoMKOU1TbkV_FaGV8.roa (hash: z+0QM51o7tqW6/RjLGXF1BwNrcfJdd2i6D7WxQKXfAc=)
3: czsHKLegVDWEws0LSLdHjEGU7wo.crl (hash: oW3HrjRO1hbj1rOP5cvFlfkgnNBCO/jQEiC/7zoqYfQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:4b:eb:3c:79:84:10:05:44:6d:05:a2:ab:5d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=733b0728b7a0543584c2cd0b48b7478c4194ef0a
Validity
Not Before: Oct 19 10:02:05 2025 GMT
Not After : Oct 20 10:02:05 2025 GMT
Subject: CN=e868f4e01795587ae208562ea26cccdb6edff753
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:99:9e:fb:c1:c8:8a:0b:13:f1:a8:48:c0:84:
d5:f6:99:2f:1b:9c:7d:48:02:b7:0c:f7:a8:3f:35:
59:19:44:d7:44:de:28:91:a5:ed:a1:9f:d3:2f:40:
75:00:e7:70:ef:fa:1b:e4:f8:55:92:b9:29:66:29:
db:a9:d1:81:1d:fa:fb:01:e1:94:2e:35:df:e5:33:
50:ca:63:a0:bd:1a:c0:11:77:0c:58:f8:1c:26:df:
95:3d:c4:fc:58:58:07:c5:4a:f1:84:60:cc:83:d2:
e5:93:b5:7f:24:76:ed:3b:4c:1d:bb:95:8a:ff:39:
ad:e9:96:fc:db:4d:ad:fb:97:d0:14:75:5a:83:47:
c5:d7:4d:a7:0b:92:b3:45:34:39:7a:ba:59:ae:e5:
97:78:19:1f:a0:a0:2c:95:18:4c:98:f8:62:d2:4d:
f8:75:e8:9e:ed:39:55:fd:5c:ac:77:62:b4:2f:ed:
cc:cc:80:34:1b:8f:50:fb:5f:be:2c:25:9f:3e:eb:
f6:21:f6:53:4b:cd:0e:75:f3:d9:92:4c:61:07:7e:
6d:c5:63:82:8f:37:c9:67:97:64:f7:3f:60:a3:04:
88:85:e2:59:36:65:8a:37:65:48:b4:5b:10:17:b0:
c1:88:d8:f5:98:3c:a0:8c:f6:a8:e6:42:53:eb:00:
c5:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:68:F4:E0:17:95:58:7A:E2:08:56:2E:A2:6C:CC:DB:6E:DF:F7:53
X509v3 Authority Key Identifier:
keyid:73:3B:07:28:B7:A0:54:35:84:C2:CD:0B:48:B7:47:8C:41:94:EF:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czsHKLegVDWEws0LSLdHjEGU7wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/a834da-1cca-4017-90b8-daee0aeafb2b/1/czsHKLegVDWEws0LSLdHjEGU7wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:e1:93:c5:f9:d2:dc:f4:2f:b7:01:70:e5:0e:a9:d9:31:e1:
a6:d2:14:b1:1e:01:54:6e:fa:18:9b:6b:81:8f:ec:7c:45:46:
21:48:9d:fe:0d:47:57:47:99:98:87:8d:97:a0:a1:c6:12:37:
83:7a:70:ca:f5:c3:73:7a:69:91:33:f1:89:6f:f5:f5:1b:a9:
fc:21:ed:39:2c:ea:92:d1:51:d6:8f:5b:da:82:8f:5c:f0:da:
e3:16:d1:6c:30:85:08:f2:50:53:54:a1:f8:52:f2:89:e4:73:
3d:15:bd:f8:0f:db:08:ec:5b:29:bd:4a:c4:83:8a:57:92:e2:
97:37:2c:f8:b6:c1:0b:39:d1:e5:2b:93:f5:7e:5f:4d:33:6f:
d5:68:4d:9c:c6:77:36:fe:2f:df:00:ac:08:b7:3a:61:77:97:
76:f7:9b:17:f1:03:f7:45:ef:df:18:e8:ab:4b:68:00:e3:2e:
24:ec:e3:d5:15:87:c1:aa:84:f7:69:96:19:22:8e:99:cd:98:
50:ef:42:1b:57:bb:95:d5:c8:32:b8:37:aa:d5:45:7a:e9:0e:
26:2a:21:ba:77:b3:fb:23:3b:d9:46:fd:67:2a:25:8d:67:2d:
4f:9f:00:23:ed:de:a9:f7:f3:8b:52:35:e6:1b:73:5a:eb:d8:
76:dc:f0:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn760vrPHmEEAVEbQWiq12RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczM2IwNzI4YjdhMDU0MzU4NGMyY2QwYjQ4Yjc0NzhjNDE5
NGVmMGEwHhcNMjUxMDE5MTAwMjA1WhcNMjUxMDIwMTAwMjA1WjAzMTEwLwYDVQQD
EyhlODY4ZjRlMDE3OTU1ODdhZTIwODU2MmVhMjZjY2NkYjZlZGZmNzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJme+8HIigsT8ahIwITV9pkvG5x9
SAK3DPeoPzVZGUTXRN4okaXtoZ/TL0B1AOdw7/ob5PhVkrkpZinbqdGBHfr7AeGU
LjXf5TNQymOgvRrAEXcMWPgcJt+VPcT8WFgHxUrxhGDMg9Llk7V/JHbtO0wdu5WK
/zmt6Zb8202t+5fQFHVag0fF102nC5KzRTQ5erpZruWXeBkfoKAslRhMmPhi0k34
deie7TlV/Vysd2K0L+3MzIA0G49Q+1++LCWfPuv2IfZTS80OdfPZkkxhB35txWOC
jzfJZ5dk9z9gowSIheJZNmWKN2VItFsQF7DBiNj1mDygjPao5kJT6wDFDQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOho9OAXlVh64ghWLqJszNtu3/dTMB8GA1UdIwQY
MBaAFHM7Byi3oFQ1hMLNC0i3R4xBlO8KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9hODM0ZGEtMWNjYS00MDE3LTkwYjgt
ZGFlZTBhZWFmYjJiLzEvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9hODM0ZGEtMWNjYS00MDE3LTkwYjgtZGFlZTBhZWFmYjJi
LzEvY3pzSEtMZWdWRFdFd3MwTFNMZEhqRUdVN3dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPuGTxfnS
3PQvtwFw5Q6p2THhptIUsR4BVG76GJtrgY/sfEVGIUid/g1HV0eZmIeNl6ChxhI3
g3pwyvXDc3ppkTPxiW/19Rup/CHtOSzqktFR1o9b2oKPXPDa4xbRbDCFCPJQU1Sh
+FLyieRzPRW9+A/bCOxbKb1KxIOKV5Lilzcs+LbBCznR5SuT9X5fTTNv1WhNnMZ3
Nv4v3wCsCLc6YXeXdvebF/ED90Xv3xjoq0toAOMuJOzj1RWHwaqE92mWGSKOmc2Y
UO9CG1e7ldXIMrg3qtVFeukOJiohunez+yM72Ub9ZyoljWctT58AI+3eqffzi1I1
5htzWuvYdtzwGQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:05:41 2025 by rpki-client