Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
File: ss0DX6sYpLeCYURWP2DniYpO8PE.mft (raw, json)
Hash identifier: C6FUu9Mwg+GVKyyH4OtNaqZ/FIaLkFcJ28vsQRl6wbc=
Subject key identifier: BB:1D:B2:DD:21:63:DC:81:F2:08:E0:FB:D1:D2:47:44:B1:33:DF:9F
Authority key identifier: B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1
Certificate issuer: /CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1
Certificate serial: 0199FCFD5F60552E7F89CA500AC5C3DC63AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
Manifest number: 11FF
Signing time: Sun 19 Oct 2025 15:01:27 +0000
Manifest this update: Sun 19 Oct 2025 15:01:27 +0000
Manifest next update: Mon 20 Oct 2025 15:01:27 +0000
Files and hashes: 1: 8ioI1P3WjfVGZeocJzXjV25zEAM.roa (hash: R5/GZ5yigab2BnvLmrfCDXR0klk9Au0FN2fkvOAY+V4=)
2: ss0DX6sYpLeCYURWP2DniYpO8PE.crl (hash: Ggo0vpAb/RXMHC8SYX9BIAEn5z78xLMKux1OEnx2EOc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:5f:60:55:2e:7f:89:ca:50:0a:c5:c3:dc:63:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1
Validity
Not Before: Oct 19 15:01:27 2025 GMT
Not After : Oct 20 15:01:27 2025 GMT
Subject: CN=bb1db2dd2163dc81f208e0fbd1d24744b133df9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b9:83:69:ef:9c:25:67:8a:60:71:91:2d:65:
09:17:de:4a:89:4a:84:69:28:86:92:a5:ea:37:5f:
6c:af:5d:85:dd:e6:30:fc:84:cc:76:cb:57:a2:8b:
e5:8b:57:60:0f:ed:6c:38:58:af:8e:3f:f3:4d:72:
a9:eb:28:e8:49:68:23:d4:c3:70:96:2b:56:1f:3c:
b9:11:1e:58:99:fa:c7:7d:26:eb:9a:e8:7b:ca:90:
58:38:43:d7:ae:7b:bb:c7:93:a7:d1:8c:47:c6:66:
bb:5a:af:53:44:81:d1:41:f4:ca:fd:7a:14:a6:9c:
69:bf:24:af:94:49:1c:ed:1e:49:97:3f:7a:5d:a9:
f4:8a:c4:06:40:69:97:19:79:1a:be:2c:8f:22:b1:
68:fb:02:94:30:8e:54:6f:36:3a:63:e3:01:68:59:
f5:27:68:b7:79:91:7f:b0:98:85:ac:75:b5:65:e5:
9b:2e:49:4e:f3:4f:86:3c:67:ac:85:45:c0:60:ec:
2f:68:34:92:f8:1e:b5:bb:1c:ae:44:56:ec:87:7b:
07:73:de:3e:67:88:a5:ff:83:b9:13:cc:2d:03:7c:
d6:c3:d4:e2:6b:46:c1:d3:e3:88:2a:01:f4:ba:ea:
4c:8f:30:1e:48:ae:5d:89:db:73:2b:80:37:d3:6b:
28:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1D:B2:DD:21:63:DC:81:F2:08:E0:FB:D1:D2:47:44:B1:33:DF:9F
X509v3 Authority Key Identifier:
keyid:B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:db:e1:35:f1:21:ac:5f:bd:e5:16:61:2c:8e:1a:cf:ca:c5:
e4:d8:26:18:90:35:e0:5a:ec:b3:2c:48:93:bf:68:1d:7e:9b:
82:62:cd:78:77:f7:cd:97:00:f8:6d:1a:4c:3e:2d:ae:88:a5:
d0:f1:d1:5c:81:c1:d3:2e:fb:00:e5:34:01:62:35:49:7f:ab:
01:e6:2b:9c:a8:7f:3e:e6:59:02:f2:83:32:d7:34:63:67:a7:
b9:2e:f1:e9:d7:e4:f8:5d:42:c5:fd:73:65:e2:89:92:e3:1c:
17:85:c8:6d:28:9e:d0:45:c0:73:5d:9e:1c:43:ce:d6:d0:a7:
b5:58:f2:e8:af:6c:ac:e8:36:0b:15:d9:dc:65:9d:b2:5f:27:
88:8c:a9:e5:b5:00:5d:a8:74:a3:1b:02:c6:f0:b4:69:04:c1:
52:a5:05:f5:54:26:8a:74:76:9a:34:48:4f:77:a5:2a:40:a7:
5a:f7:07:3b:5d:1d:32:98:08:e9:79:1e:fb:bc:e4:51:61:07:
22:13:7d:95:2b:e6:66:af:c0:76:94:a8:87:23:2f:42:30:e4:
4e:f2:d6:f1:cd:aa:e8:92:db:e7:2f:3b:a1:77:de:b1:62:ba:
06:e6:84:eb:52:8f:52:54:86:ae:7d:0d:34:d3:9b:bd:d3:a1:
26:15:6c:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/V9gVS5/icpQCsXD3GOuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2QwMzVmYWIxOGE0Yjc4MjYxNDQ1NjNmNjBlNzg5OGE0
ZWYwZjEwHhcNMjUxMDE5MTUwMTI3WhcNMjUxMDIwMTUwMTI3WjAzMTEwLwYDVQQD
EyhiYjFkYjJkZDIxNjNkYzgxZjIwOGUwZmJkMWQyNDc0NGIxMzNkZjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bmDae+cJWeKYHGRLWUJF95KiUqE
aSiGkqXqN19sr12F3eYw/ITMdstXoovli1dgD+1sOFivjj/zTXKp6yjoSWgj1MNw
litWHzy5ER5YmfrHfSbrmuh7ypBYOEPXrnu7x5On0YxHxma7Wq9TRIHRQfTK/XoU
ppxpvySvlEkc7R5Jlz96Xan0isQGQGmXGXkaviyPIrFo+wKUMI5UbzY6Y+MBaFn1
J2i3eZF/sJiFrHW1ZeWbLklO80+GPGeshUXAYOwvaDSS+B61uxyuRFbsh3sHc94+
Z4il/4O5E8wtA3zWw9Tia0bB0+OIKgH0uupMjzAeSK5didtzK4A302soaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLsdst0hY9yB8gjg+9HSR0SxM9+fMB8GA1UdIwQY
MBaAFLLNA1+rGKS3gmFEVj9g54mKTvDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMt
ZDQ4NDUwNTIxZGQ5LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMtZDQ4NDUwNTIxZGQ5
LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKdvhNfEh
rF+95RZhLI4az8rF5NgmGJA14FrssyxIk79oHX6bgmLNeHf3zZcA+G0aTD4troil
0PHRXIHB0y77AOU0AWI1SX+rAeYrnKh/PuZZAvKDMtc0Y2enuS7x6dfk+F1Cxf1z
ZeKJkuMcF4XIbSie0EXAc12eHEPO1tCntVjy6K9srOg2CxXZ3GWdsl8niIyp5bUA
Xah0oxsCxvC0aQTBUqUF9VQminR2mjRIT3elKkCnWvcHO10dMpgI6Xke+7zkUWEH
IhN9lSvmZq/AdpSohyMvQjDkTvLW8c2q6JLb5y87oXfesWK6BuaE61KPUlSGrn0N
NNObvdOhJhVsdw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:04:13 2025 by rpki-client