Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
File: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft (raw, json)
Hash identifier: ln2bUCn+RGMw/tD2jUXDINc9pxhsFVbYOVtHmBTA5+A=
Subject key identifier: 24:F0:E0:CE:F3:46:82:9F:E6:3A:B0:7C:C7:A7:01:26:75:51:CB:02
Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090
Certificate serial: 0199FAA150B6BE1006644E48CB9284390B88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
Manifest number: 0AD7
Signing time: Sun 19 Oct 2025 04:01:39 +0000
Manifest this update: Sun 19 Oct 2025 04:01:39 +0000
Manifest next update: Mon 20 Oct 2025 04:01:39 +0000
Files and hashes: 1: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl (hash: kxGLiD+HvtTSlvCpgR6RjFKqwiUK5SsNDxB70SiTZMg=)
2: IoDHlDbNXO3jlcqfipIcULBON5A.roa (hash: KOgCTDaSahbElR1Ol4oBVrEjOtYhS4W0VzXtKth8BeM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 04:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:a1:50:b6:be:10:06:64:4e:48:cb:92:84:39:0b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d333f72d9e294543825be63729f8034a4517090
Validity
Not Before: Oct 19 04:01:39 2025 GMT
Not After : Oct 20 04:01:39 2025 GMT
Subject: CN=24f0e0cef346829fe63ab07cc7a701267551cb02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:82:05:ce:ab:08:88:66:00:64:5e:05:b2:1a:
33:c3:dd:7f:4f:41:5c:e8:3a:77:d8:d5:ff:c6:3b:
89:10:5c:03:c8:60:b6:75:ab:0c:be:a7:aa:11:3b:
3c:55:81:23:cf:46:61:20:4e:61:ef:4e:6a:1b:70:
ff:82:f0:39:69:e8:95:54:fb:5f:b3:07:83:fa:c3:
16:65:bc:24:94:b9:b8:49:10:89:e2:50:cb:a2:a4:
b5:fa:69:e5:88:fe:d8:37:c8:15:36:96:e1:55:a5:
a4:c8:bf:9c:0d:a4:ca:9d:ea:79:f5:e8:19:4a:a0:
f0:ac:f3:86:34:68:25:89:f2:86:01:84:2c:80:be:
8b:82:c2:5d:9f:32:50:3a:0c:5f:7d:5a:c6:98:bd:
9e:98:73:17:8f:ec:a8:67:5d:d0:2f:48:7d:15:f8:
8e:c9:0e:f1:95:95:2e:df:25:86:25:7d:b2:ae:68:
36:2c:1a:d1:b1:08:6f:d4:61:05:40:e7:15:f9:7a:
97:7f:62:ce:6c:b3:1a:84:51:3d:e2:0f:4f:25:c5:
63:72:da:df:d8:8e:74:f1:24:86:f2:07:87:d7:70:
0a:cf:50:49:9c:7c:e7:06:f0:71:e1:cd:17:b3:f7:
82:b0:8b:ba:41:30:3b:ae:23:af:d1:6e:44:5d:82:
54:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F0:E0:CE:F3:46:82:9F:E6:3A:B0:7C:C7:A7:01:26:75:51:CB:02
X509v3 Authority Key Identifier:
keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:09:34:09:bf:cb:3d:ea:5a:6a:82:80:bb:6c:e7:c4:a0:6e:
50:85:85:3f:04:97:d3:7f:47:f4:d0:6a:08:36:d1:31:e0:94:
5c:2a:6c:89:3e:67:f9:bd:c0:af:cc:c3:0a:c8:47:ce:82:45:
22:55:2a:e0:e9:97:39:43:45:59:fd:83:f0:71:fb:a7:f9:34:
6b:c2:1f:a1:84:43:a9:94:32:a4:e0:b1:20:f6:fb:35:f1:9d:
60:79:be:93:8a:11:38:06:1e:16:a2:d0:8d:10:e5:d3:19:08:
d9:ee:ac:a0:39:a9:c0:ab:8c:2a:dd:eb:89:46:0a:f4:37:d6:
55:26:69:b7:d7:70:c2:32:b8:ff:09:e0:18:7f:49:3e:5d:ce:
ab:59:47:32:6a:ed:09:03:d4:48:22:7b:e7:81:92:24:ff:69:
4e:a4:46:67:f3:2b:24:43:c6:20:5a:44:f6:e6:07:93:84:55:
6b:57:7b:ae:a7:c3:c3:e0:1b:9c:22:98:54:f9:d3:44:55:af:
6a:0d:97:fd:54:4a:b2:09:bd:7e:eb:e6:bd:21:46:c1:9a:75:
28:a2:f2:4e:02:71:23:d5:c0:7d:a6:73:f4:90:97:23:cc:33:
e6:e5:84:0b:6a:f4:d9:bd:7b:10:e7:2c:8b:c6:a1:04:c3:51:
5f:df:b0:0f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6oVC2vhAGZE5Iy5KEOQuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1
MTcwOTAwHhcNMjUxMDE5MDQwMTM5WhcNMjUxMDIwMDQwMTM5WjAzMTEwLwYDVQQD
EygyNGYwZTBjZWYzNDY4MjlmZTYzYWIwN2NjN2E3MDEyNjc1NTFjYjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14IFzqsIiGYAZF4Fshozw91/T0Fc
6Dp32NX/xjuJEFwDyGC2dasMvqeqETs8VYEjz0ZhIE5h705qG3D/gvA5aeiVVPtf
sweD+sMWZbwklLm4SRCJ4lDLoqS1+mnliP7YN8gVNpbhVaWkyL+cDaTKnep59egZ
SqDwrPOGNGglifKGAYQsgL6LgsJdnzJQOgxffVrGmL2emHMXj+yoZ13QL0h9FfiO
yQ7xlZUu3yWGJX2yrmg2LBrRsQhv1GEFQOcV+XqXf2LObLMahFE94g9PJcVjctrf
2I508SSG8geH13AKz1BJnHznBvBx4c0Xs/eCsIu6QTA7riOv0W5EXYJUKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCTw4M7zRoKf5jqwfMenASZ1UcsCMB8GA1UdIwQY
MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt
ODk0ZGZhNWRmMDE3LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3
LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIgk0Cb/L
PepaaoKAu2znxKBuUIWFPwSX039H9NBqCDbRMeCUXCpsiT5n+b3Ar8zDCshHzoJF
IlUq4OmXOUNFWf2D8HH7p/k0a8IfoYRDqZQypOCxIPb7NfGdYHm+k4oROAYeFqLQ
jRDl0xkI2e6soDmpwKuMKt3riUYK9DfWVSZpt9dwwjK4/wngGH9JPl3Oq1lHMmrt
CQPUSCJ754GSJP9pTqRGZ/MrJEPGIFpE9uYHk4RVa1d7rqfDw+AbnCKYVPnTRFWv
ag2X/VRKsgm9fuvmvSFGwZp1KKLyTgJxI9XAfaZz9JCXI8wz5uWEC2r02b17EOcs
i8ahBMNRX9+wDw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:14:15 2025 by rpki-client