Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
File: RDTtvhtBAbKKviMvK88qAUiXglo.mft (raw, json)
Hash identifier: sYO+utitmXBgk5tiKv/3ONyqirGwpga1pfXDUIg0hlg=
Subject key identifier: 24:31:97:92:89:56:1C:0E:C5:40:ED:3E:F8:12:DA:F9:4B:3C:D1:0F
Authority key identifier: 44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
Certificate issuer: /CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Certificate serial: 0199FC214F3BB5221B75C8FFE56F3FB5CA12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
Manifest number: 10CD
Signing time: Sun 19 Oct 2025 11:01:05 +0000
Manifest this update: Sun 19 Oct 2025 11:01:05 +0000
Manifest next update: Mon 20 Oct 2025 11:01:05 +0000
Files and hashes: 1: MBnjR0q6eR7PujQYuvXc6EY3kbo.roa (hash: HNqzyjDd+TtlMN5tniTDAwjj1tssNX0++6C4Wyg438o=)
2: RDTtvhtBAbKKviMvK88qAUiXglo.crl (hash: jmH/HM11NZtRfuOiMXFd/UvvgeHbhkCx9nuiqBvB/O8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:4f:3b:b5:22:1b:75:c8:ff:e5:6f:3f:b5:ca:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Validity
Not Before: Oct 19 11:01:05 2025 GMT
Not After : Oct 20 11:01:05 2025 GMT
Subject: CN=2431979289561c0ec540ed3ef812daf94b3cd10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:40:9d:2e:28:4b:21:37:9f:5a:67:32:20:e7:
a9:8b:0a:b4:00:2b:da:6c:4d:3a:2a:a4:29:6c:05:
60:6d:40:20:b5:83:43:b9:0a:07:65:e8:10:6c:38:
ee:66:ef:32:2a:d9:47:75:5b:e1:f5:9b:a9:26:51:
5b:9a:15:f4:45:10:2e:32:e8:13:f3:22:3b:27:33:
b2:24:ca:d5:75:e0:8b:a2:ac:e5:a8:94:ea:2b:89:
51:53:88:7a:c2:2a:4b:fe:3c:be:4d:84:5f:38:38:
fd:82:83:8d:1c:f5:8b:a5:65:2d:a6:75:91:44:ae:
71:21:ec:80:1b:5a:02:87:4b:a7:ee:f6:96:5d:92:
e6:40:03:34:bc:48:6a:00:4d:16:22:f0:98:5f:0e:
92:35:24:f6:d0:62:cb:15:8d:cc:d9:ef:5c:9f:36:
7f:0d:0f:51:2b:6a:48:5c:63:4a:9b:4f:c6:77:e3:
32:ea:ef:f5:97:c1:4a:ac:b1:1f:f1:1a:53:ad:24:
00:cd:6a:20:82:3f:06:0e:2e:39:a4:82:57:6f:4a:
e9:c4:26:3d:05:f5:93:1d:9b:1e:1c:dc:c6:70:31:
8b:0f:58:8a:4e:99:23:da:06:ae:36:ba:ed:61:a3:
24:36:47:dd:97:28:95:a1:45:26:64:fe:d2:c1:e8:
19:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:31:97:92:89:56:1C:0E:C5:40:ED:3E:F8:12:DA:F9:4B:3C:D1:0F
X509v3 Authority Key Identifier:
keyid:44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:c3:2d:c3:2b:76:82:f8:ce:dc:33:21:e8:01:4c:0c:f7:43:
74:2d:97:7c:cf:77:7e:54:52:aa:45:c2:f1:b5:07:69:97:d8:
61:bb:ab:c2:d1:5b:ab:e6:ae:7b:45:be:c6:08:02:bd:1e:d6:
3b:d0:64:af:37:24:c8:9e:b1:15:61:87:37:3e:fe:ef:90:b2:
82:69:86:3a:cf:96:f0:42:e5:62:8d:8e:2a:02:ea:e3:b5:c5:
1a:df:ba:55:0e:35:d6:ae:3f:32:c1:22:34:74:ed:14:1b:db:
db:84:2d:6e:97:8b:24:17:2c:b9:84:5c:a9:d4:15:77:35:18:
5d:f1:b4:96:04:12:32:03:3d:47:f1:75:00:9f:22:43:89:22:
df:59:04:77:bc:8b:22:68:d5:dd:17:76:29:e8:87:ff:8d:99:
e6:fe:a6:30:d1:64:33:6c:32:f2:6e:91:68:8c:14:9d:41:be:
dc:2f:1c:44:7b:8c:78:70:a9:dc:9b:de:5d:f6:9c:0e:8a:df:
79:12:18:8d:fb:09:91:7b:f1:85:14:e5:a1:de:0e:ef:ac:f8:
fc:58:a3:28:b9:05:14:29:d0:3e:d4:0a:9f:45:76:e6:66:a6:
f5:1d:0d:b2:01:a2:88:6c:bb:55:34:13:ed:b9:66:43:dc:da:
6c:48:12:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IU87tSIbdcj/5W8/tcoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzRlZGJlMWI0MTAxYjI4YWJlMjMyZjJiY2YyYTAxNDg5
NzgyNWEwHhcNMjUxMDE5MTEwMTA1WhcNMjUxMDIwMTEwMTA1WjAzMTEwLwYDVQQD
EygyNDMxOTc5Mjg5NTYxYzBlYzU0MGVkM2VmODEyZGFmOTRiM2NkMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUCdLihLITefWmcyIOepiwq0ACva
bE06KqQpbAVgbUAgtYNDuQoHZegQbDjuZu8yKtlHdVvh9ZupJlFbmhX0RRAuMugT
8yI7JzOyJMrVdeCLoqzlqJTqK4lRU4h6wipL/jy+TYRfODj9goONHPWLpWUtpnWR
RK5xIeyAG1oCh0un7vaWXZLmQAM0vEhqAE0WIvCYXw6SNST20GLLFY3M2e9cnzZ/
DQ9RK2pIXGNKm0/Gd+My6u/1l8FKrLEf8RpTrSQAzWoggj8GDi45pIJXb0rpxCY9
BfWTHZseHNzGcDGLD1iKTpkj2gauNrrtYaMkNkfdlyiVoUUmZP7SwegZcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCQxl5KJVhwOxUDtPvgS2vlLPNEPMB8GA1UdIwQY
MBaAFEQ07b4bQQGyir4jLyvPKgFIl4JaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDkt
MTBjYWY1NDk4NmZmLzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDktMTBjYWY1NDk4NmZm
LzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8Mtwyt2
gvjO3DMh6AFMDPdDdC2XfM93flRSqkXC8bUHaZfYYburwtFbq+aue0W+xggCvR7W
O9BkrzckyJ6xFWGHNz7+75CygmmGOs+W8ELlYo2OKgLq47XFGt+6VQ411q4/MsEi
NHTtFBvb24QtbpeLJBcsuYRcqdQVdzUYXfG0lgQSMgM9R/F1AJ8iQ4ki31kEd7yL
ImjV3Rd2KeiH/42Z5v6mMNFkM2wy8m6RaIwUnUG+3C8cRHuMeHCp3JveXfacDorf
eRIYjfsJkXvxhRTlod4O76z4/FijKLkFFCnQPtQKn0V25mam9R0NsgGiiGy7VTQT
7blmQ9zabEgSlw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:07:48 2025 by rpki-client