Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
File: D9zw7HuvNJ6JLVERXCLA29Q1C44.mft (raw, json)
Hash identifier: Dxuey6PBzv4xN+XknQPeUrMSmUFEnw4mJ+ZzHpfCL3M=
Subject key identifier: 70:52:B0:BC:C0:12:7D:49:75:9F:05:AF:FF:E8:96:CF:F2:25:24:E2
Authority key identifier: 0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
Certificate issuer: /CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Certificate serial: 0199FDD91275CDB7E0785704D004A42FA7CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
Manifest number: 039B
Signing time: Sun 19 Oct 2025 19:01:25 +0000
Manifest this update: Sun 19 Oct 2025 19:01:25 +0000
Manifest next update: Mon 20 Oct 2025 19:01:25 +0000
Files and hashes: 1: D9zw7HuvNJ6JLVERXCLA29Q1C44.crl (hash: HLFj/RvwnPGEEuxOEbPRMlWPc1Bd+RV9d8l/E3D+iU0=)
2: LkbZ9NbuqV8kVwW0R6t_W7E36SY.roa (hash: OFwtZ8nR+nHbeTcy4UO/g/3elRZlu1GMxchq0zT/W/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:d9:12:75:cd:b7:e0:78:57:04:d0:04:a4:2f:a7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Validity
Not Before: Oct 19 19:01:25 2025 GMT
Not After : Oct 20 19:01:25 2025 GMT
Subject: CN=7052b0bcc0127d49759f05afffe896cff22524e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:61:7c:36:67:2e:e0:eb:46:13:6f:22:ed:
41:78:55:6b:1b:e6:23:67:06:ec:78:23:1f:e0:d7:
e9:ba:d9:ac:2a:d4:c2:0e:a3:9a:74:a8:98:6d:df:
17:ab:9f:ea:c6:ef:5b:1b:86:dc:61:15:08:6e:b3:
76:83:1c:d9:29:dc:21:59:8b:d2:8e:fd:96:e6:24:
67:d7:05:11:c5:90:d2:89:91:9a:52:72:ba:13:51:
e7:dd:fa:3d:71:7c:db:fc:dc:3b:62:72:c1:11:46:
f0:8f:40:eb:3f:a3:2e:b2:f7:d5:8f:73:7b:42:74:
40:5c:f2:60:68:db:a2:aa:11:78:ed:99:99:01:09:
d3:27:4b:2b:46:18:20:cd:31:57:3f:15:43:18:1d:
f2:73:a7:9f:9f:4a:88:99:18:6e:97:50:73:60:d8:
62:5c:c3:bf:62:e7:41:82:97:b7:d2:c6:e9:2a:70:
ea:ce:b0:dd:d6:38:9a:de:16:c5:3c:ab:aa:91:9e:
dd:e2:ee:8d:de:e3:70:6d:2e:57:0a:94:e3:de:b4:
53:7e:a1:02:0b:b5:87:b3:e0:1c:43:f8:8d:9f:e5:
ce:25:9b:ba:be:c4:de:8d:12:45:f8:b2:d9:b9:bd:
6f:71:97:be:d8:42:de:5e:9b:51:4c:30:d8:3b:c0:
84:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:52:B0:BC:C0:12:7D:49:75:9F:05:AF:FF:E8:96:CF:F2:25:24:E2
X509v3 Authority Key Identifier:
keyid:0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:56:38:ac:39:82:31:4d:64:8e:1e:e2:b6:da:46:ac:46:bb:
82:bc:8f:e6:51:51:04:25:87:df:80:d6:2b:e9:a8:e6:0f:f3:
93:81:e2:57:51:31:47:60:e9:14:42:56:0a:f8:73:3c:00:fc:
07:91:0f:47:50:5b:eb:3e:4c:88:3d:99:8d:08:48:7b:37:a0:
85:56:4a:c4:12:56:c0:64:1f:f9:c4:8b:40:64:9e:5a:9c:ec:
77:77:14:ec:df:f9:1d:9a:ea:ae:25:c4:66:4a:28:80:1c:f1:
27:dc:aa:08:22:2c:1a:23:ee:85:26:d8:d3:c0:a4:fa:01:8a:
2d:d0:6c:37:99:55:bd:a8:f2:03:30:b5:71:89:ff:84:35:03:
30:f7:d4:09:ff:58:11:7f:f1:54:b8:35:35:51:89:09:aa:45:
04:fc:71:50:c9:9a:c8:d4:9b:70:a8:3b:56:5d:b0:9c:58:c0:
4e:68:2d:24:fc:4e:78:09:57:7c:c4:ff:69:b3:3a:ba:33:63:
52:f3:b8:0b:67:14:ae:c0:25:a0:e9:c3:96:71:bb:aa:aa:db:
53:4b:82:a9:43:bc:a5:ba:82:29:9f:34:e9:d2:9b:36:6e:d4:
6a:b0:96:00:e5:77:18:64:a4:ef:1c:35:ea:88:d5:79:ed:8b:
da:5c:d9:cc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn92RJ1zbfgeFcE0ASkL6fKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGNmMGVjN2JhZjM0OWU4OTJkNTExMTVjMjJjMGRiZDQz
NTBiOGUwHhcNMjUxMDE5MTkwMTI1WhcNMjUxMDIwMTkwMTI1WjAzMTEwLwYDVQQD
Eyg3MDUyYjBiY2MwMTI3ZDQ5NzU5ZjA1YWZmZmU4OTZjZmYyMjUyNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkJhfDZnLuDrRhNvIu1BeFVrG+Yj
ZwbseCMf4NfputmsKtTCDqOadKiYbd8Xq5/qxu9bG4bcYRUIbrN2gxzZKdwhWYvS
jv2W5iRn1wURxZDSiZGaUnK6E1Hn3fo9cXzb/Nw7YnLBEUbwj0DrP6MusvfVj3N7
QnRAXPJgaNuiqhF47ZmZAQnTJ0srRhggzTFXPxVDGB3yc6efn0qImRhul1BzYNhi
XMO/YudBgpe30sbpKnDqzrDd1jia3hbFPKuqkZ7d4u6N3uNwbS5XCpTj3rRTfqEC
C7WHs+AcQ/iNn+XOJZu6vsTejRJF+LLZub1vcZe+2ELeXptRTDDYO8CEBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBSsLzAEn1JdZ8Fr//ols/yJSTiMB8GA1UdIwQY
MBaAFA/c8Ox7rzSeiS1REVwiwNvUNQuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2Ut
YjI5NTgzOGFiYmQ5LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2UtYjI5NTgzOGFiYmQ5
LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxFY4rDmC
MU1kjh7ittpGrEa7gryP5lFRBCWH34DWK+mo5g/zk4HiV1ExR2DpFEJWCvhzPAD8
B5EPR1Bb6z5MiD2ZjQhIezeghVZKxBJWwGQf+cSLQGSeWpzsd3cU7N/5HZrqriXE
ZkoogBzxJ9yqCCIsGiPuhSbY08Ck+gGKLdBsN5lVvajyAzC1cYn/hDUDMPfUCf9Y
EX/xVLg1NVGJCapFBPxxUMmayNSbcKg7Vl2wnFjATmgtJPxOeAlXfMT/abM6ujNj
UvO4C2cUrsAloOnDlnG7qqrbU0uCqUO8pbqCKZ806dKbNm7UarCWAOV3GGSk7xw1
6ojVee2L2lzZzA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:41:27 2025 by rpki-client