Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft
File: ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft (raw, json)
Hash identifier: oUMmS4H4Zmt+Bg2CWdc0g00oYM9qEDoZ3slFCqP+nv8=
Subject key identifier: 88:29:7E:C8:F4:A2:69:2E:C0:EC:FE:1D:D3:77:CE:0C:67:E7:C3:93
Authority key identifier: AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1
Certificate issuer: /CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1
Certificate serial: 0199FEEC11EBC4667DBE370B5A83D3F0EF0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft
Manifest number: 0AF1
Signing time: Mon 20 Oct 2025 00:01:47 +0000
Manifest this update: Mon 20 Oct 2025 00:01:47 +0000
Manifest next update: Tue 21 Oct 2025 00:01:47 +0000
Files and hashes: 1: 6f9DfsZDUzdPo3_6eNoeG4QK_-I.roa (hash: 4tclq8R1V/fdbnM4AvEGc3ZJVkHqia0uVMOBrni8yPk=)
2: ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl (hash: W88MYwwtechZ+y/OGR3jWPRZT0lWJJF5RfNcgVAeWBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:ec:11:eb:c4:66:7d:be:37:0b:5a:83:d3:f0:ef:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af21dd2f772a5bb47925c28bb5d16cd930f206b1
Validity
Not Before: Oct 20 00:01:47 2025 GMT
Not After : Oct 21 00:01:47 2025 GMT
Subject: CN=88297ec8f4a2692ec0ecfe1dd377ce0c67e7c393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:54:4a:dc:5a:4d:61:24:ca:9b:15:ee:ae:7e:
19:1e:07:b4:14:f2:cb:96:72:c8:d7:c7:aa:94:74:
00:fa:a4:6a:d0:d4:fc:17:ab:8c:9b:57:d7:2a:cf:
fc:31:09:c9:64:25:7c:e1:e5:c6:a9:b8:d7:02:de:
32:75:fa:3f:e1:82:99:69:60:bd:44:4a:bf:78:06:
c4:fb:79:39:c4:63:59:44:7d:05:e7:63:38:77:51:
9f:fb:e1:db:e9:6e:b0:43:05:fd:96:3a:ed:17:ca:
28:b7:15:e1:24:66:a5:a7:38:20:ef:ae:e7:53:4f:
52:a4:aa:00:0f:ec:ea:eb:78:19:e4:84:db:01:fd:
3f:e0:a8:33:f8:cf:92:c2:db:56:29:cc:ea:29:c2:
a3:ca:de:0b:e9:e6:bc:93:74:f8:1d:72:7a:f4:b9:
9f:f5:a5:8b:ff:a0:c4:ca:d9:49:7a:2c:27:51:16:
ec:1c:9c:0d:c7:9a:9e:f0:4a:d8:05:36:43:10:77:
68:c3:ed:01:99:80:75:68:88:07:ef:c8:83:01:f9:
c8:eb:5c:c0:7c:c0:9c:f3:72:02:9a:0f:e1:a3:12:
a1:e3:2d:f9:31:ce:d8:80:b8:e5:35:e8:ab:29:12:
d4:b4:43:32:64:c3:dc:cd:b9:51:d1:79:4f:31:65:
df:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:29:7E:C8:F4:A2:69:2E:C0:EC:FE:1D:D3:77:CE:0C:67:E7:C3:93
X509v3 Authority Key Identifier:
keyid:AF:21:DD:2F:77:2A:5B:B4:79:25:C2:8B:B5:D1:6C:D9:30:F2:06:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ryHdL3cqW7R5JcKLtdFs2TDyBrE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/07badd-ff3f-4886-abf1-552e51542d4d/1/ryHdL3cqW7R5JcKLtdFs2TDyBrE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b5:39:03:21:c1:73:00:db:2e:0c:1f:f8:5d:9e:e4:1d:2a:fd:
41:9e:60:49:e9:ed:cc:44:16:58:96:6d:39:6d:2c:d5:23:2a:
b0:bd:2b:92:b4:23:63:e9:5f:c1:54:86:e7:cc:ca:5a:b3:a4:
bb:88:fb:7e:1b:b1:bf:79:2f:61:19:d1:e4:7f:6b:22:82:bc:
3b:4d:d2:c6:5d:8c:88:5b:4b:bb:18:87:8c:8e:f3:6e:a8:fb:
68:ec:23:c2:75:2e:dc:aa:8e:59:c0:5b:48:0a:7c:de:eb:fc:
8c:d8:89:43:c9:b4:bc:42:98:d1:86:52:ae:ef:12:26:23:f5:
44:fb:8a:a5:0d:62:7b:8e:fd:70:ea:c9:4e:a7:7f:dd:31:64:
14:3c:86:17:2a:76:fb:26:35:81:3c:ad:24:c5:7a:2d:83:e9:
ad:ca:30:56:2e:24:4f:2a:f5:7b:cf:ca:d2:ee:2a:3b:29:d6:
8f:cd:23:39:a6:87:97:0f:72:c9:58:b9:37:b7:38:40:3b:e5:
13:7f:3a:7d:e5:47:43:df:00:e6:36:86:81:48:40:88:5c:c8:
5b:e8:10:9d:e4:53:55:23:f5:bb:42:ff:e4:8b:19:5e:fb:a8:
ea:06:5b:fe:d2:25:a4:45:01:9b:02:e6:1c:8b:f0:23:d0:4a:
41:e3:29:4c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+7BHrxGZ9vjcLWoPT8O8PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMjFkZDJmNzcyYTViYjQ3OTI1YzI4YmI1ZDE2Y2Q5MzBm
MjA2YjEwHhcNMjUxMDIwMDAwMTQ3WhcNMjUxMDIxMDAwMTQ3WjAzMTEwLwYDVQQD
Eyg4ODI5N2VjOGY0YTI2OTJlYzBlY2ZlMWRkMzc3Y2UwYzY3ZTdjMzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1RK3FpNYSTKmxXurn4ZHge0FPLL
lnLI18eqlHQA+qRq0NT8F6uMm1fXKs/8MQnJZCV84eXGqbjXAt4ydfo/4YKZaWC9
REq/eAbE+3k5xGNZRH0F52M4d1Gf++Hb6W6wQwX9ljrtF8ootxXhJGalpzgg767n
U09SpKoAD+zq63gZ5ITbAf0/4Kgz+M+SwttWKczqKcKjyt4L6ea8k3T4HXJ69Lmf
9aWL/6DEytlJeiwnURbsHJwNx5qe8ErYBTZDEHdow+0BmYB1aIgH78iDAfnI61zA
fMCc83ICmg/hoxKh4y35Mc7YgLjlNeirKRLUtEMyZMPczblR0XlPMWXf6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIgpfsj0omkuwOz+HdN3zgxn58OTMB8GA1UdIwQY
MBaAFK8h3S93Klu0eSXCi7XRbNkw8gaxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEt
NTUyZTUxNTQyZDRkLzEvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8wN2JhZGQtZmYzZi00ODg2LWFiZjEtNTUyZTUxNTQyZDRk
LzEvcnlIZEwzY3FXN1I1SmNLTHRkRnMyVER5QnJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtTkDIcFz
ANsuDB/4XZ7kHSr9QZ5gSentzEQWWJZtOW0s1SMqsL0rkrQjY+lfwVSG58zKWrOk
u4j7fhuxv3kvYRnR5H9rIoK8O03Sxl2MiFtLuxiHjI7zbqj7aOwjwnUu3KqOWcBb
SAp83uv8jNiJQ8m0vEKY0YZSru8SJiP1RPuKpQ1ie479cOrJTqd/3TFkFDyGFyp2
+yY1gTytJMV6LYPprcowVi4kTyr1e8/K0u4qOynWj80jOaaHlw9yyVi5N7c4QDvl
E386feVHQ98A5jaGgUhAiFzIW+gQneRTVSP1u0L/5IsZXvuo6gZb/tIlpEUBmwLm
HIvwI9BKQeMpTA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:41:32 2025 by rpki-client