Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
File: MtOVxX39MMDNLDD0IziuTBSnUKE.mft (raw, json)
Hash identifier: KqhhT2YoudB312KIrmD6gyA8DPXubFa/NLfj1qQ1OpE=
Subject key identifier: CC:1B:4E:10:09:40:48:35:E0:AE:01:65:08:09:7A:E0:51:E2:C9:1C
Authority key identifier: 32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1
Certificate issuer: /CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1
Certificate serial: 0199FBEAF2CE2C59AFA5769EA922384174CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
Manifest number: 0BCB
Signing time: Sun 19 Oct 2025 10:01:42 +0000
Manifest this update: Sun 19 Oct 2025 10:01:42 +0000
Manifest next update: Mon 20 Oct 2025 10:01:42 +0000
Files and hashes: 1: MtOVxX39MMDNLDD0IziuTBSnUKE.crl (hash: Uo1eOn/cz+RZ900PDXOK6pW4znnm1lAzzi+yaBYg3kI=)
2: n5cNfAezq-PA0qRMQcD4Vk_fATk.roa (hash: 3AWrOq42owDA1epXEWxZ5qyQ/E7NiBYhiJKMNg3oKTI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:ea:f2:ce:2c:59:af:a5:76:9e:a9:22:38:41:74:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1
Validity
Not Before: Oct 19 10:01:42 2025 GMT
Not After : Oct 20 10:01:42 2025 GMT
Subject: CN=cc1b4e1009404835e0ae016508097ae051e2c91c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:79:53:6b:2f:21:cf:5d:c6:8d:51:d3:b2:9f:
cd:de:30:68:31:d2:f6:b7:0f:70:2a:a9:e2:51:3d:
6f:bf:05:0c:3d:74:d5:b3:7d:a3:8b:eb:56:43:6b:
d4:2f:1b:87:af:e7:e4:dd:ac:2e:7a:1c:63:2a:08:
31:61:78:f6:c6:b0:1f:0e:b1:f4:3f:2a:03:93:a4:
e6:a5:2f:73:0d:44:59:08:fd:c2:cf:cd:99:e8:53:
9e:f7:3a:76:21:c8:82:87:e4:65:6d:70:0e:f2:41:
e6:2c:5e:40:63:a2:5f:a4:6f:a6:0f:3d:77:3f:00:
ee:d5:e3:ee:8c:35:50:21:17:f8:73:13:54:8d:3c:
25:d4:75:63:1a:1a:0f:3d:31:a2:8c:5d:23:8c:26:
0e:c5:50:53:4d:bb:c0:d5:3d:e2:12:22:4d:6c:75:
66:06:6d:07:58:2b:46:bf:15:4b:50:0f:b2:d6:88:
0a:5b:48:14:5d:20:9e:d4:19:e2:86:77:f2:a2:ef:
a4:02:4d:44:a8:58:49:54:dd:12:05:ab:66:67:19:
db:cc:a7:23:87:b1:ea:f2:2b:21:8b:9b:e8:da:67:
25:97:a1:4d:4f:57:d5:7e:44:1f:09:ca:ab:ae:6a:
e5:3b:d1:e9:3e:d9:03:ac:b6:86:17:34:c9:12:4b:
54:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1B:4E:10:09:40:48:35:E0:AE:01:65:08:09:7A:E0:51:E2:C9:1C
X509v3 Authority Key Identifier:
keyid:32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:ee:40:7e:ca:c8:31:08:3b:6f:2e:c4:d0:0e:93:0b:62:e9:
bd:d7:85:9b:46:e3:cf:e3:b6:5a:25:64:48:15:d2:83:66:81:
21:a7:33:d0:fd:77:08:c8:d9:ea:8e:9e:62:fd:c4:aa:eb:88:
95:87:05:f0:75:8b:77:70:88:fe:12:67:a7:70:79:8d:a9:28:
08:41:b2:34:26:66:ae:9a:f2:49:c2:23:dd:83:63:0d:a4:52:
a5:82:07:ab:21:61:fa:94:6d:e9:80:aa:b0:c9:d2:4e:25:c7:
5b:db:43:43:13:98:c6:a7:79:27:04:1b:ab:a7:92:1d:8b:11:
fa:c2:8d:d9:d5:e3:f3:c4:c4:84:32:3b:c2:e8:46:7e:99:9f:
2a:56:54:5c:58:45:dd:6a:57:ab:46:65:4d:10:84:89:a0:95:
96:c5:57:64:fc:e9:9a:08:c1:f5:9f:41:40:b8:3a:7d:51:04:
7c:df:47:62:fe:71:97:7a:0d:8b:88:26:07:ff:ae:9a:80:84:
2e:66:c6:bd:2c:53:6c:8b:84:ea:00:d0:10:20:53:6d:90:82:
3b:84:07:60:72:05:bf:e5:22:79:f9:52:2c:cf:6d:b1:0c:b4:
ce:5b:57:b8:58:be:c7:94:d7:b1:d6:d9:99:1c:ab:63:63:87:
29:44:e6:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76vLOLFmvpXaeqSI4QXTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyZDM5NWM1N2RmZDMwYzBjZDJjMzBmNDIzMzhhZTRjMTRh
NzUwYTEwHhcNMjUxMDE5MTAwMTQyWhcNMjUxMDIwMTAwMTQyWjAzMTEwLwYDVQQD
EyhjYzFiNGUxMDA5NDA0ODM1ZTBhZTAxNjUwODA5N2FlMDUxZTJjOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3lTay8hz13GjVHTsp/N3jBoMdL2
tw9wKqniUT1vvwUMPXTVs32ji+tWQ2vULxuHr+fk3awuehxjKggxYXj2xrAfDrH0
PyoDk6TmpS9zDURZCP3Cz82Z6FOe9zp2IciCh+RlbXAO8kHmLF5AY6JfpG+mDz13
PwDu1ePujDVQIRf4cxNUjTwl1HVjGhoPPTGijF0jjCYOxVBTTbvA1T3iEiJNbHVm
Bm0HWCtGvxVLUA+y1ogKW0gUXSCe1Bnihnfyou+kAk1EqFhJVN0SBatmZxnbzKcj
h7Hq8ishi5vo2mcll6FNT1fVfkQfCcqrrmrlO9HpPtkDrLaGFzTJEktU9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwbThAJQEg14K4BZQgJeuBR4skcMB8GA1UdIwQY
MBaAFDLTlcV9/TDAzSww9CM4rkwUp1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUt
MWQ4ZTE5ZGY0YTYyLzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUtMWQ4ZTE5ZGY0YTYy
LzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAee5AfsrI
MQg7by7E0A6TC2LpvdeFm0bjz+O2WiVkSBXSg2aBIacz0P13CMjZ6o6eYv3EquuI
lYcF8HWLd3CI/hJnp3B5jakoCEGyNCZmrpryScIj3YNjDaRSpYIHqyFh+pRt6YCq
sMnSTiXHW9tDQxOYxqd5JwQbq6eSHYsR+sKN2dXj88TEhDI7wuhGfpmfKlZUXFhF
3WpXq0ZlTRCEiaCVlsVXZPzpmgjB9Z9BQLg6fVEEfN9HYv5xl3oNi4gmB/+umoCE
LmbGvSxTbIuE6gDQECBTbZCCO4QHYHIFv+UieflSLM9tsQy0zltXuFi+x5TXsdbZ
mRyrY2OHKUTmoA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:26:51 2025 by rpki-client