Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/6fa51b-812e-4284-9d17-ad51ba216531/1/309yD7vOaxVdc1fb5xJspWwevnU.mft
File: 309yD7vOaxVdc1fb5xJspWwevnU.mft (raw, json)
Hash identifier: rVAadrcmWNi7vmAH7mdu1pOvU8zRBMDJsUpUwvd1k0s=
Subject key identifier: 25:F1:A4:54:9C:B4:37:12:9D:30:F4:2D:28:70:F4:BC:B8:6C:49:F6
Authority key identifier: DF:4F:72:0F:BB:CE:6B:15:5D:73:57:DB:E7:12:6C:A5:6C:1E:BE:75
Certificate issuer: /CN=df4f720fbbce6b155d7357dbe7126ca56c1ebe75
Certificate serial: 0199FCFD500EB5B257E5D3686BEDBBB65591
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/309yD7vOaxVdc1fb5xJspWwevnU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/6fa51b-812e-4284-9d17-ad51ba216531/1/309yD7vOaxVdc1fb5xJspWwevnU.mft
Manifest number: 028B
Signing time: Sun 19 Oct 2025 15:01:23 +0000
Manifest this update: Sun 19 Oct 2025 15:01:23 +0000
Manifest next update: Mon 20 Oct 2025 15:01:23 +0000
Files and hashes: 1: 309yD7vOaxVdc1fb5xJspWwevnU.crl (hash: WUC04wWYhCh2KysJetevIXR1aOmUD3Zt8Agy6lPAqxU=)
2: qjdo-2hELWfZ5X3xR6fmxm2tvRM.roa (hash: KdwciiToM5teWCqBbT0OWprvk5ot6XdBmfBuE2JH8Q4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/6fa51b-812e-4284-9d17-ad51ba216531/1/309yD7vOaxVdc1fb5xJspWwevnU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/6fa51b-812e-4284-9d17-ad51ba216531/1/309yD7vOaxVdc1fb5xJspWwevnU.mft
rsync://rpki.ripe.net/repository/DEFAULT/309yD7vOaxVdc1fb5xJspWwevnU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:fd:50:0e:b5:b2:57:e5:d3:68:6b:ed:bb:b6:55:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df4f720fbbce6b155d7357dbe7126ca56c1ebe75
Validity
Not Before: Oct 19 15:01:23 2025 GMT
Not After : Oct 20 15:01:23 2025 GMT
Subject: CN=25f1a4549cb437129d30f42d2870f4bcb86c49f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f2:b2:8e:07:4c:bd:3e:a0:02:e1:1b:09:e7:
95:62:7b:b6:ad:4a:65:6e:06:54:37:fa:d6:14:b2:
ce:87:3a:0e:93:a7:e1:86:1b:5e:ce:ad:78:b2:d9:
8a:c8:59:33:e1:f1:95:f6:2c:2c:84:53:31:7c:f4:
e0:12:3b:f4:1f:68:23:64:b5:24:27:7b:af:d7:bb:
74:64:47:98:0d:81:9a:94:6d:5c:eb:90:d7:4e:51:
2b:35:ad:87:08:5d:e8:80:58:55:bb:32:01:28:ad:
59:fa:56:8c:78:30:aa:b8:3d:9b:49:73:8f:25:3a:
1c:ce:bb:8a:ea:e7:f6:95:6c:25:9e:9b:e4:69:8a:
7b:6c:8f:04:1d:11:50:88:0e:d1:1f:4d:fa:f1:99:
0d:0b:c1:96:7a:f9:ff:69:d3:fa:ae:13:e4:e1:60:
be:73:9e:98:eb:43:8d:89:35:9a:f1:f5:c0:0c:1d:
d7:ab:72:15:4b:ca:af:29:85:c4:8e:42:eb:54:99:
70:ee:ae:28:3a:32:7a:7c:21:07:25:c7:f3:3d:ef:
d8:7b:8e:af:da:e8:23:1f:5b:5e:04:a9:58:dc:f3:
1a:f2:ad:ec:6f:ef:e1:c4:15:d2:61:22:6d:6b:55:
9d:cd:b7:10:83:b3:a9:94:ca:38:13:d4:cc:0e:e7:
5f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:F1:A4:54:9C:B4:37:12:9D:30:F4:2D:28:70:F4:BC:B8:6C:49:F6
X509v3 Authority Key Identifier:
keyid:DF:4F:72:0F:BB:CE:6B:15:5D:73:57:DB:E7:12:6C:A5:6C:1E:BE:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/309yD7vOaxVdc1fb5xJspWwevnU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/6fa51b-812e-4284-9d17-ad51ba216531/1/309yD7vOaxVdc1fb5xJspWwevnU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/6fa51b-812e-4284-9d17-ad51ba216531/1/309yD7vOaxVdc1fb5xJspWwevnU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:2d:40:1e:32:8f:b6:9c:4a:2a:8f:b1:cd:2b:49:15:79:a9:
5f:11:7f:59:d3:ce:e7:d4:a2:33:e5:b5:ea:9d:ad:d4:a0:34:
d8:49:4d:76:dd:f5:8d:e2:00:a0:b8:08:51:c8:44:18:28:75:
55:be:6a:39:aa:8c:e7:39:7e:a5:49:8f:ab:d2:01:0c:4d:5f:
5a:b5:73:c0:fa:22:1a:1c:54:76:4f:20:24:73:2c:01:9d:e1:
db:14:38:a7:32:3c:c1:67:ea:14:92:1a:3d:7a:4f:2d:17:95:
3b:03:b0:6e:ec:a0:25:2b:ba:eb:05:55:cc:f5:58:14:e1:fa:
49:bc:5e:c3:56:42:eb:1c:2a:34:92:2b:44:3c:3c:19:ec:76:
c4:77:77:4a:ef:a9:42:c5:7e:41:05:77:de:7d:74:bc:84:f7:
80:a5:a2:f9:31:52:9b:4b:90:85:66:6c:19:35:83:e0:05:16:
00:0b:ac:8f:20:f7:fb:26:03:3c:c0:cf:0f:c0:ec:72:ad:83:
02:8f:18:98:65:9e:2c:f0:31:99:e5:9d:cd:f8:fd:ce:12:b3:
7a:9e:e7:1e:69:94:2c:43:74:8f:12:8f:84:8f:70:98:fb:38:
8a:8e:d2:ea:fe:4b:2e:e1:2a:fd:38:42:9f:77:7d:70:69:3d:
6e:65:ff:b5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8/VAOtbJX5dNoa+27tlWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmNGY3MjBmYmJjZTZiMTU1ZDczNTdkYmU3MTI2Y2E1NmMx
ZWJlNzUwHhcNMjUxMDE5MTUwMTIzWhcNMjUxMDIwMTUwMTIzWjAzMTEwLwYDVQQD
EygyNWYxYTQ1NDljYjQzNzEyOWQzMGY0MmQyODcwZjRiY2I4NmM0OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfKyjgdMvT6gAuEbCeeVYnu2rUpl
bgZUN/rWFLLOhzoOk6fhhhtezq14stmKyFkz4fGV9iwshFMxfPTgEjv0H2gjZLUk
J3uv17t0ZEeYDYGalG1c65DXTlErNa2HCF3ogFhVuzIBKK1Z+laMeDCquD2bSXOP
JToczruK6uf2lWwlnpvkaYp7bI8EHRFQiA7RH0368ZkNC8GWevn/adP6rhPk4WC+
c56Y60ONiTWa8fXADB3Xq3IVS8qvKYXEjkLrVJlw7q4oOjJ6fCEHJcfzPe/Ye46v
2ugjH1teBKlY3PMa8q3sb+/hxBXSYSJta1WdzbcQg7OplMo4E9TMDudfewIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXxpFSctDcSnTD0LShw9Ly4bEn2MB8GA1UdIwQY
MBaAFN9Pcg+7zmsVXXNX2+cSbKVsHr51MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzA5eUQ3dk9heFZkYzFmYjV4SnNwV3dldm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS82ZmE1MWItODEyZS00Mjg0LTlkMTct
YWQ1MWJhMjE2NTMxLzEvMzA5eUQ3dk9heFZkYzFmYjV4SnNwV3dldm5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS82ZmE1MWItODEyZS00Mjg0LTlkMTctYWQ1MWJhMjE2NTMx
LzEvMzA5eUQ3dk9heFZkYzFmYjV4SnNwV3dldm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOC1AHjKP
tpxKKo+xzStJFXmpXxF/WdPO59SiM+W16p2t1KA02ElNdt31jeIAoLgIUchEGCh1
Vb5qOaqM5zl+pUmPq9IBDE1fWrVzwPoiGhxUdk8gJHMsAZ3h2xQ4pzI8wWfqFJIa
PXpPLReVOwOwbuygJSu66wVVzPVYFOH6Sbxew1ZC6xwqNJIrRDw8Gex2xHd3Su+p
QsV+QQV33n10vIT3gKWi+TFSm0uQhWZsGTWD4AUWAAusjyD3+yYDPMDPD8Dscq2D
Ao8YmGWeLPAxmeWdzfj9zhKzep7nHmmULEN0jxKPhI9wmPs4io7S6v5LLuEq/ThC
n3d9cGk9bmX/tQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:05:40 2025 by rpki-client