Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
File: d9LZKEIxBOXDSA4htKPtFJiyon4.mft (raw, json)
Hash identifier: U02C7kbpm4PCF0HeFqnPSzZWoz8BAp+Ezlsccgy8sdk=
Subject key identifier: 49:5A:2D:E8:5B:FC:7D:7E:6D:FA:F4:8F:F8:B5:7D:E7:6E:CD:9B:53
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 0199FBEB034C44DD8596D11846533158DD80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
Manifest number: 0C5A
Signing time: Sun 19 Oct 2025 10:01:47 +0000
Manifest this update: Sun 19 Oct 2025 10:01:47 +0000
Manifest next update: Mon 20 Oct 2025 10:01:47 +0000
Files and hashes: 1: HX3f5FZnDXBVPEnE5bxp-46XcDI.roa (hash: Cn4L/fOgVlSahDb0v8tdmodjivbISS4FJEJArlg0b+Y=)
2: d9LZKEIxBOXDSA4htKPtFJiyon4.crl (hash: KvUgX53GP3witbj8Wm80SZLVd2VuwyRczZtjggis4n0=)
3: jKFJgU1IkNXTMlJ4fb3SLPhpIEs.roa (hash: gVNSWZlrE4CqYnhrjWkiPYyY6GBkTGDHd/hL4ezDiUs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:03:4c:44:dd:85:96:d1:18:46:53:31:58:dd:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Oct 19 10:01:47 2025 GMT
Not After : Oct 20 10:01:47 2025 GMT
Subject: CN=495a2de85bfc7d7e6dfaf48ff8b57de76ecd9b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1f:4b:c7:95:80:32:56:b3:87:f0:7b:89:66:
83:bf:46:8e:8f:97:4b:67:8b:0f:46:c1:f1:10:d3:
97:89:7a:76:38:ae:da:da:4a:6c:67:9d:d0:bf:c2:
74:89:82:08:32:3c:a6:0c:a4:54:29:eb:87:69:6f:
49:1b:21:b6:b9:01:5f:11:0e:42:2d:d3:a0:5e:ac:
2c:9c:94:d3:d0:88:b7:7e:45:82:b3:61:91:2a:6c:
4c:e3:a9:59:ea:c6:90:73:72:fc:a0:fb:e5:68:50:
b5:83:ac:e8:bd:1a:49:40:e3:b3:fe:b7:9d:fd:02:
f6:7d:04:3c:e9:63:fd:98:04:93:98:9c:91:33:08:
a9:eb:2a:b5:c2:f8:6c:0e:dd:12:2e:7a:17:b3:ca:
75:cf:0b:c6:ef:d9:32:0b:bb:25:e9:87:bc:6a:f2:
b7:90:06:a9:d9:40:13:0f:8e:8f:02:72:6e:21:9a:
33:51:67:59:6d:ff:af:de:38:d2:1d:91:b4:6d:7a:
8b:e6:c9:65:29:b7:32:96:e6:1b:25:26:7f:6a:99:
03:9c:ee:7c:d3:e0:26:3e:d9:00:c6:fb:18:fa:1f:
8e:d1:1a:98:10:ba:38:f9:86:76:44:90:61:1e:77:
8d:07:6c:f2:af:a3:d5:c4:c3:49:b2:57:54:0f:20:
63:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:5A:2D:E8:5B:FC:7D:7E:6D:FA:F4:8F:F8:B5:7D:E7:6E:CD:9B:53
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:21:9c:70:e2:96:1f:86:93:8b:79:13:2a:bb:22:c3:9a:28:
cf:16:4b:1f:51:9d:cf:3b:8a:52:c5:c4:15:44:78:05:89:65:
77:bb:ff:a6:39:69:38:53:73:fd:34:0c:1a:fb:89:3a:ea:77:
e5:93:1c:22:d0:55:c8:39:74:87:e7:65:42:ee:2a:ad:e5:62:
ff:24:66:4d:9b:e1:87:0c:a2:d9:88:b3:8d:05:e6:0b:8c:28:
8b:4e:96:2f:32:18:83:fd:96:9e:f3:9d:cf:ef:b6:9b:a3:1d:
7f:90:3d:ff:00:c9:72:f8:80:71:a7:3c:9c:e1:98:c0:9a:3d:
a2:ba:2f:70:d8:eb:fc:f1:8b:59:ff:e0:16:be:38:a5:1d:34:
33:df:eb:c5:c9:b3:19:9f:02:79:80:df:5e:40:9a:1e:ee:cf:
5a:b0:9b:4a:c5:d0:44:f9:ba:f1:4c:16:c8:6f:07:c3:15:7d:
3e:a0:e3:36:e4:ac:2a:c0:4a:9e:f8:62:0a:10:7e:54:2d:ca:
1e:3b:52:71:6d:30:2f:9e:d5:f3:97:d4:a2:88:fd:0f:39:ad:
06:06:f7:6c:dd:ef:1f:4a:62:d1:ea:73:ab:5a:e4:34:f1:52:
cc:21:d6:c3:c0:bb:c6:03:bd:5f:15:a4:0b:b9:50:d1:6f:84:
b2:8e:d6:9c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn76wNMRN2FltEYRlMxWN2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjUxMDE5MTAwMTQ3WhcNMjUxMDIwMTAwMTQ3WjAzMTEwLwYDVQQD
Eyg0OTVhMmRlODViZmM3ZDdlNmRmYWY0OGZmOGI1N2RlNzZlY2Q5YjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx9Lx5WAMlazh/B7iWaDv0aOj5dL
Z4sPRsHxENOXiXp2OK7a2kpsZ53Qv8J0iYIIMjymDKRUKeuHaW9JGyG2uQFfEQ5C
LdOgXqwsnJTT0Ii3fkWCs2GRKmxM46lZ6saQc3L8oPvlaFC1g6zovRpJQOOz/red
/QL2fQQ86WP9mASTmJyRMwip6yq1wvhsDt0SLnoXs8p1zwvG79kyC7sl6Ye8avK3
kAap2UATD46PAnJuIZozUWdZbf+v3jjSHZG0bXqL5sllKbcyluYbJSZ/apkDnO58
0+AmPtkAxvsY+h+O0RqYELo4+YZ2RJBhHneNB2zyr6PVxMNJsldUDyBjTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFElaLehb/H1+bfr0j/i1feduzZtTMB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIiGccOKW
H4aTi3kTKrsiw5oozxZLH1GdzzuKUsXEFUR4BYlld7v/pjlpOFNz/TQMGvuJOup3
5ZMcItBVyDl0h+dlQu4qreVi/yRmTZvhhwyi2YizjQXmC4woi06WLzIYg/2WnvOd
z++2m6Mdf5A9/wDJcviAcac8nOGYwJo9orovcNjr/PGLWf/gFr44pR00M9/rxcmz
GZ8CeYDfXkCaHu7PWrCbSsXQRPm68UwWyG8HwxV9PqDjNuSsKsBKnvhiChB+VC3K
HjtScW0wL57V85fUooj9DzmtBgb3bN3vH0pi0epzq1rkNPFSzCHWw8C7xgO9XxWk
C7lQ0W+Eso7WnA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:01:13 2025 by rpki-client