Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
File: D5x3odzbju1izTyoClFE3E4kP04.mft (raw, json)
Hash identifier: M/sgWSMx2vn3KTyeGRkd7EIRpCZ64KCASs4OI0d44uU=
Subject key identifier: E3:0F:8E:46:91:63:3B:BF:4B:FB:92:3C:6C:D9:67:01:A5:88:02:5A
Authority key identifier: 0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
Certificate issuer: /CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Certificate serial: 0199FFC7E30680A3D0E293975EE5284E3088
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
Manifest number: 16EF
Signing time: Mon 20 Oct 2025 04:01:53 +0000
Manifest this update: Mon 20 Oct 2025 04:01:53 +0000
Manifest next update: Tue 21 Oct 2025 04:01:53 +0000
Files and hashes: 1: D5x3odzbju1izTyoClFE3E4kP04.crl (hash: 8mkGOoYiBZK2A6o1gYrQFvEJ7m1cvLkHmBoE4jcp2tA=)
2: EU9ZI9FwGK9Je2LIHv8oyryDbQ0.roa (hash: lg1hblUtV5bfdjAsYpP/FKql2pfxKFHlS2JkI4euny0=)
3: UttiV2rZhXbpiEroK90NOoWzeyo.roa (hash: clJAUfrgzlJXm2cn+fD7HIKwQaoQPkMOMFf6DpqSgo0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:c7:e3:06:80:a3:d0:e2:93:97:5e:e5:28:4e:30:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9c77a1dcdb8eed62cd3ca80a5144dc4e243f4e
Validity
Not Before: Oct 20 04:01:53 2025 GMT
Not After : Oct 21 04:01:53 2025 GMT
Subject: CN=e30f8e4691633bbf4bfb923c6cd96701a588025a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:56:6e:69:76:42:89:8c:ee:da:54:e9:29:fd:
1e:57:77:33:1e:40:74:2a:0c:68:ec:36:89:38:4a:
ec:8d:29:6c:cb:ee:13:e5:6e:f1:50:7e:59:aa:0f:
82:87:5e:6a:11:81:4b:1b:fa:94:65:89:1d:ae:a3:
30:70:9a:0d:b9:35:d3:84:75:9a:b1:d0:f4:65:8a:
5b:c8:cb:f6:88:cd:c7:7b:78:3c:49:a2:39:f6:ad:
1d:95:70:85:fc:4a:a3:3f:0c:b1:fc:81:c1:d5:ff:
a5:06:a1:f2:84:6d:c4:8d:af:88:78:27:b6:db:73:
d6:92:3c:9e:d9:6a:18:85:ab:fb:e5:89:55:cc:f5:
85:5e:9b:35:ef:e9:c8:62:82:6b:9d:78:c3:aa:22:
7a:d4:02:ef:23:a3:f4:94:2e:2c:19:05:95:44:eb:
8d:92:8e:32:da:be:8d:4e:77:f0:f9:5c:fa:50:0f:
85:e6:32:57:3b:f0:99:d5:6d:fc:57:fe:e7:61:1a:
fa:a5:60:c7:3e:0e:fc:b8:7a:6b:51:33:a3:bb:49:
ae:b0:f0:cf:96:7c:6a:f9:35:25:94:ff:a0:b2:2d:
6c:d2:d7:c1:01:62:60:ba:7b:aa:0b:65:55:89:1f:
29:9b:7b:ad:bb:a6:8e:f0:89:d9:84:2d:95:b4:f3:
29:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:0F:8E:46:91:63:3B:BF:4B:FB:92:3C:6C:D9:67:01:A5:88:02:5A
X509v3 Authority Key Identifier:
keyid:0F:9C:77:A1:DC:DB:8E:ED:62:CD:3C:A8:0A:51:44:DC:4E:24:3F:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5x3odzbju1izTyoClFE3E4kP04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/9d0e14-113b-4cba-8308-acc56977b6f4/1/D5x3odzbju1izTyoClFE3E4kP04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:f4:48:1e:77:c2:f7:42:0e:51:6f:b9:3e:15:fe:95:74:3b:
6a:a7:b3:5e:28:4d:75:d7:f3:8e:5e:6c:69:9d:1c:d4:d6:4d:
80:0b:4a:84:54:73:ac:18:04:15:6d:09:f4:03:f4:1a:92:74:
9a:6f:74:f3:a1:c7:a1:c7:a6:22:46:f8:24:90:7c:1d:01:f6:
56:c4:ea:30:ef:d0:dd:a2:fd:6d:09:b6:eb:cd:1e:9a:5f:41:
4c:9c:b6:41:b8:ef:01:45:ae:3c:6f:5f:a8:25:25:e4:6b:bb:
f1:96:1e:c5:ce:2b:bb:eb:90:c1:9f:dd:7d:3b:64:f2:87:a9:
00:03:c7:f6:35:fe:97:d8:f8:10:ff:0a:93:db:13:22:03:4d:
cb:c0:79:21:33:e8:a3:16:59:5e:8c:3b:bc:f9:bf:b6:56:ce:
1c:b0:82:25:45:e1:0b:d8:df:f4:e5:cf:4b:f8:fd:01:fd:e8:
9c:8b:b1:24:a5:9c:de:23:08:78:48:ca:4a:41:51:9e:f8:3a:
66:c7:3a:9f:9b:c4:60:a1:5f:cc:2c:7f:6c:39:c3:9d:dc:4e:
47:35:48:82:be:3c:ae:e8:a1:3b:aa:c3:73:6e:f5:0e:75:e4:
fd:5f:66:97:60:aa:0f:66:1a:5f:03:cc:08:75:d6:2f:72:4e:
bc:35:4e:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/x+MGgKPQ4pOXXuUoTjCIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWM3N2ExZGNkYjhlZWQ2MmNkM2NhODBhNTE0NGRjNGUy
NDNmNGUwHhcNMjUxMDIwMDQwMTUzWhcNMjUxMDIxMDQwMTUzWjAzMTEwLwYDVQQD
EyhlMzBmOGU0NjkxNjMzYmJmNGJmYjkyM2M2Y2Q5NjcwMWE1ODgwMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVZuaXZCiYzu2lTpKf0eV3czHkB0
Kgxo7DaJOErsjSlsy+4T5W7xUH5Zqg+Ch15qEYFLG/qUZYkdrqMwcJoNuTXThHWa
sdD0ZYpbyMv2iM3He3g8SaI59q0dlXCF/EqjPwyx/IHB1f+lBqHyhG3Eja+IeCe2
23PWkjye2WoYhav75YlVzPWFXps17+nIYoJrnXjDqiJ61ALvI6P0lC4sGQWVROuN
ko4y2r6NTnfw+Vz6UA+F5jJXO/CZ1W38V/7nYRr6pWDHPg78uHprUTOju0musPDP
lnxq+TUllP+gsi1s0tfBAWJgunuqC2VViR8pm3utu6aO8InZhC2VtPMpxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOMPjkaRYzu/S/uSPGzZZwGliAJaMB8GA1UdIwQY
MBaAFA+cd6Hc247tYs08qApRRNxOJD9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgt
YWNjNTY5NzdiNmY0LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85ZDBlMTQtMTEzYi00Y2JhLTgzMDgtYWNjNTY5NzdiNmY0
LzEvRDV4M29kemJqdTFpelR5b0NsRkUzRTRrUDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEfRIHnfC
90IOUW+5PhX+lXQ7aqezXihNddfzjl5saZ0c1NZNgAtKhFRzrBgEFW0J9AP0GpJ0
mm9086HHocemIkb4JJB8HQH2VsTqMO/Q3aL9bQm2680eml9BTJy2QbjvAUWuPG9f
qCUl5Gu78ZYexc4ru+uQwZ/dfTtk8oepAAPH9jX+l9j4EP8Kk9sTIgNNy8B5ITPo
oxZZXow7vPm/tlbOHLCCJUXhC9jf9OXPS/j9Af3onIuxJKWc3iMIeEjKSkFRnvg6
Zsc6n5vEYKFfzCx/bDnDndxORzVIgr48ruihO6rDc271DnXk/V9ml2CqD2YaXwPM
CHXWL3JOvDVO/A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:16:03 2025 by rpki-client