Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: 8gvkz+WOM9T2dGH44/WByPn6hlG53srjdK9hbsmT274=
Subject key identifier: D5:C3:75:36:74:04:C5:A3:E8:72:EA:D8:0D:11:62:76:19:60:A5:70
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 0199FA6A1A318F95CFA71458E0AAAE6A20B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 09DD
Signing time: Sun 19 Oct 2025 03:01:21 +0000
Manifest this update: Sun 19 Oct 2025 03:01:21 +0000
Manifest next update: Mon 20 Oct 2025 03:01:21 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: Sjmd8TwkLZwyX8r8wF/gpiDC63Zx3PthB1urAu/0wHk=)
2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fa:6a:1a:31:8f:95:cf:a7:14:58:e0:aa:ae:6a:20:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Oct 19 03:01:21 2025 GMT
Not After : Oct 20 03:01:21 2025 GMT
Subject: CN=d5c375367404c5a3e872ead80d1162761960a570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b5:12:a3:a6:ee:85:e9:55:b5:7a:62:f3:42:
e8:05:26:1d:bc:59:18:9b:5b:76:bc:79:63:96:03:
86:14:a5:b7:91:73:07:50:0f:cc:d1:03:1a:f7:f2:
fe:73:95:5d:30:bf:65:9a:c4:2a:3d:c9:a9:51:ad:
ae:4e:d3:c9:4a:bc:38:d2:6a:99:3a:21:42:d3:e6:
23:6f:a5:0f:a7:df:e7:71:61:b9:6a:50:df:08:58:
8d:b8:37:88:d2:76:58:bd:8c:9e:07:02:54:c2:bb:
1d:05:75:f9:a2:82:7a:5d:9a:b5:90:bf:a5:5e:60:
8f:96:7b:02:9a:cb:a2:bf:0d:97:d7:52:63:67:d8:
5a:ae:d9:a7:74:23:f8:7f:c4:36:ed:b3:35:20:bf:
72:8e:90:39:8a:f4:ae:c0:49:f0:27:70:0d:94:96:
82:26:8b:36:95:34:83:d7:de:c9:e2:4e:2f:fa:de:
ba:8b:fa:8b:33:db:98:01:0a:e4:0f:9e:89:07:ff:
7e:49:a2:90:70:57:0b:fe:46:a3:5d:80:08:0e:a1:
04:0b:49:72:2a:69:0a:35:e3:7d:5b:7b:e6:b9:bc:
37:52:92:ba:e6:ea:e5:93:b7:91:ba:13:eb:94:8b:
88:f4:a1:e5:3a:34:dc:8a:6a:b6:ff:5b:6e:a8:31:
da:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C3:75:36:74:04:C5:A3:E8:72:EA:D8:0D:11:62:76:19:60:A5:70
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ad:fe:50:c6:db:ab:ac:f0:c2:51:e4:90:92:bc:b7:e8:ba:f8:
b1:ea:b5:02:b8:a7:3b:3d:15:52:4c:76:70:a9:17:14:4a:20:
17:4e:02:01:ed:13:bd:25:7c:8e:e7:84:db:40:d9:39:e9:3b:
23:82:8a:03:1a:90:c8:b2:20:53:d7:ff:ec:21:75:e9:ba:c4:
bc:27:ec:b3:f8:8f:e9:d1:cf:f8:e9:c6:7f:d7:ec:59:8c:61:
0c:3b:06:4a:e2:08:dd:ba:f8:f6:a9:20:ad:64:c4:58:25:b5:
7f:ff:e0:91:a7:ea:0d:4c:12:61:7e:7f:8a:b7:9e:93:ac:3a:
60:96:16:6c:a0:f8:45:75:cd:82:9f:87:34:c0:82:8a:b2:84:
58:17:8b:49:5f:96:34:ee:6d:49:d1:8c:c8:4c:55:f0:d6:67:
07:50:e7:fe:ac:f0:5a:39:c8:a2:a8:33:12:5a:67:9b:6f:5a:
7a:51:39:ab:66:9f:21:70:78:b8:26:65:02:f8:8e:c9:64:0d:
cf:73:fa:a0:2c:b8:8c:70:7a:30:3c:bd:a2:6b:7a:3d:29:b6:
b9:80:59:7e:06:e2:eb:1c:92:2b:88:0a:ff:94:36:b3:73:d7:
c1:65:37:ab:23:96:12:f8:9f:50:af:70:00:2b:c0:c2:06:58:
20:f2:cd:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn6ahoxj5XPpxRY4KquaiCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjUxMDE5MDMwMTIxWhcNMjUxMDIwMDMwMTIxWjAzMTEwLwYDVQQD
EyhkNWMzNzUzNjc0MDRjNWEzZTg3MmVhZDgwZDExNjI3NjE5NjBhNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7LUSo6buhelVtXpi80LoBSYdvFkY
m1t2vHljlgOGFKW3kXMHUA/M0QMa9/L+c5VdML9lmsQqPcmpUa2uTtPJSrw40mqZ
OiFC0+Yjb6UPp9/ncWG5alDfCFiNuDeI0nZYvYyeBwJUwrsdBXX5ooJ6XZq1kL+l
XmCPlnsCmsuivw2X11JjZ9hartmndCP4f8Q27bM1IL9yjpA5ivSuwEnwJ3ANlJaC
Jos2lTSD197J4k4v+t66i/qLM9uYAQrkD56JB/9+SaKQcFcL/kajXYAIDqEEC0ly
KmkKNeN9W3vmubw3UpK65urlk7eRuhPrlIuI9KHlOjTcimq2/1tuqDHakQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNXDdTZ0BMWj6HLq2A0RYnYZYKVwMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArf5Qxtur
rPDCUeSQkry36Lr4seq1ArinOz0VUkx2cKkXFEogF04CAe0TvSV8jueE20DZOek7
I4KKAxqQyLIgU9f/7CF16brEvCfss/iP6dHP+OnGf9fsWYxhDDsGSuII3br49qkg
rWTEWCW1f//gkafqDUwSYX5/ireek6w6YJYWbKD4RXXNgp+HNMCCirKEWBeLSV+W
NO5tSdGMyExV8NZnB1Dn/qzwWjnIoqgzElpnm29aelE5q2afIXB4uCZlAviOyWQN
z3P6oCy4jHB6MDy9omt6PSm2uYBZfgbi6xySK4gK/5Q2s3PXwWU3qyOWEvifUK9w
ACvAwgZYIPLN0g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 13:01:11 2025 by rpki-client