Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
File: duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json)
Hash identifier: XyQjB81cnY8wUtqhnT3SKy+zy1Y9AWuOKOBc9oiiNzs=
Subject key identifier: 2A:DE:7B:8C:2A:65:7D:F6:59:7F:BC:70:44:0B:7B:A8:1B:60:14:28
Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
Certificate issuer: /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Certificate serial: 0199FC8FBA3F9E3610BC4ABB2224FD604C19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
Manifest number: 16E3
Signing time: Sun 19 Oct 2025 13:01:41 +0000
Manifest this update: Sun 19 Oct 2025 13:01:41 +0000
Manifest next update: Mon 20 Oct 2025 13:01:41 +0000
Files and hashes: 1: Bia10WQI4xw0UI_i-ndQUbuN950.roa (hash: cjV4yJiHMdoyYcYcYJ8yPol8C2FCborf12L6f+mp+8Y=)
2: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: LMhrOk+4IJRzu9aVC+Lhty4F9cVzGrW9T/oRV90pQ6s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:ba:3f:9e:36:10:bc:4a:bb:22:24:fd:60:4c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Validity
Not Before: Oct 19 13:01:41 2025 GMT
Not After : Oct 20 13:01:41 2025 GMT
Subject: CN=2ade7b8c2a657df6597fbc70440b7ba81b601428
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ea:67:57:65:41:cf:11:6c:04:1e:19:46:e6:
a4:71:3f:27:48:a4:8f:8b:e6:dd:7e:cb:46:50:e9:
f2:10:bc:0f:ec:dd:89:79:3d:b0:f5:31:24:ac:6d:
5a:a5:b3:1a:69:84:81:13:e2:2b:9a:48:60:fd:0d:
ed:60:5e:57:ac:e7:ab:af:5c:41:36:92:3d:2f:62:
55:ce:32:d4:ca:cf:74:cb:bd:a0:46:26:7a:e3:f8:
dd:0b:6b:77:4f:d2:8c:60:30:e1:ec:af:dd:7a:62:
94:e1:79:da:bf:a4:63:17:b1:f4:69:2c:29:43:3d:
e6:01:67:23:33:a0:a0:20:d8:f1:c1:85:4a:c1:61:
7a:09:62:b3:a5:d1:55:c2:13:d1:94:d3:06:f6:9f:
01:1e:c5:18:f1:60:96:d8:b2:fd:ad:a9:91:a6:9b:
8d:8c:41:8a:61:42:b5:8b:60:f7:48:98:91:ec:7e:
8c:27:8b:ee:ec:cc:f3:50:b7:f2:96:f2:3e:fd:81:
ce:ba:95:e3:73:07:6e:b2:e6:53:3e:a7:58:1f:5e:
b7:82:49:df:2a:a1:94:11:6b:7b:56:4d:14:6a:c0:
ab:0f:d7:90:ac:52:33:05:b2:75:14:b7:bb:52:84:
16:e8:91:59:cc:b8:88:46:94:a4:cc:98:1e:aa:b9:
cc:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:DE:7B:8C:2A:65:7D:F6:59:7F:BC:70:44:0B:7B:A8:1B:60:14:28
X509v3 Authority Key Identifier:
keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
30:09:71:46:3f:b8:b6:5c:33:19:e7:fa:b6:0e:30:be:b6:1b:
3e:ae:ea:e7:a8:12:51:5b:2a:fd:f2:d9:fb:31:c5:21:e7:41:
a0:92:b4:63:3d:98:8e:ad:54:fb:f5:40:90:23:14:03:66:4c:
3c:e1:f0:f3:df:a1:44:08:74:4f:2c:54:54:c3:5c:d6:b4:da:
12:59:26:3b:5f:f1:7c:d3:57:2d:4b:18:c6:8f:7e:b6:c8:d0:
28:79:81:f7:22:a0:b3:1c:63:ef:af:cb:12:c8:1b:7d:a9:e5:
b7:48:88:e6:fe:c4:55:5f:f8:c3:33:a3:b0:53:9a:76:4f:83:
5e:eb:6b:4c:2d:31:71:fd:8a:a2:22:59:51:27:87:86:e9:52:
fe:34:40:d5:3a:47:0a:d8:e3:3f:50:ca:d6:f8:a5:6c:30:6e:
5a:01:2c:5f:bd:e0:48:6b:6f:b4:b3:74:e5:80:6d:2f:e2:ad:
04:6f:76:47:43:31:e5:30:74:7c:39:b6:10:59:38:51:61:63:
6f:a7:74:41:39:d4:82:91:0d:94:13:8f:de:4c:5f:25:35:6b:
d3:05:5e:b6:04:d9:fe:e3:19:05:47:a0:bd:3c:bf:bc:da:44:
9d:c0:fb:54:e0:29:68:fa:31:e9:03:42:a6:ab:a7:56:b7:ff:
dd:e3:1f:06
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j7o/njYQvEq7IiT9YEwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0
MDg0NGQwHhcNMjUxMDE5MTMwMTQxWhcNMjUxMDIwMTMwMTQxWjAzMTEwLwYDVQQD
EygyYWRlN2I4YzJhNjU3ZGY2NTk3ZmJjNzA0NDBiN2JhODFiNjAxNDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOpnV2VBzxFsBB4ZRuakcT8nSKSP
i+bdfstGUOnyELwP7N2JeT2w9TEkrG1apbMaaYSBE+Irmkhg/Q3tYF5XrOerr1xB
NpI9L2JVzjLUys90y72gRiZ64/jdC2t3T9KMYDDh7K/demKU4Xnav6RjF7H0aSwp
Qz3mAWcjM6CgINjxwYVKwWF6CWKzpdFVwhPRlNMG9p8BHsUY8WCW2LL9ramRppuN
jEGKYUK1i2D3SJiR7H6MJ4vu7MzzULfylvI+/YHOupXjcwdusuZTPqdYH163gknf
KqGUEWt7Vk0UasCrD9eQrFIzBbJ1FLe7UoQW6JFZzLiIRpSkzJgeqrnMdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCree4wqZX32WX+8cEQLe6gbYBQoMB8GA1UdIwQY
MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et
NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm
LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMAlxRj+4
tlwzGef6tg4wvrYbPq7q56gSUVsq/fLZ+zHFIedBoJK0Yz2Yjq1U+/VAkCMUA2ZM
POHw89+hRAh0TyxUVMNc1rTaElkmO1/xfNNXLUsYxo9+tsjQKHmB9yKgsxxj76/L
Esgbfanlt0iI5v7EVV/4wzOjsFOadk+DXutrTC0xcf2KoiJZUSeHhulS/jRA1TpH
CtjjP1DK1vilbDBuWgEsX73gSGtvtLN05YBtL+KtBG92R0Mx5TB0fDm2EFk4UWFj
b6d0QTnUgpENlBOP3kxfJTVr0wVetgTZ/uMZBUegvTy/vNpEncD7VOApaPox6QNC
pqunVrf/3eMfBg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:31:38 2025 by rpki-client