Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
File: sFcIRcI56ZkcibxcUEMekIeGDE0.mft (raw, json)
Hash identifier: 4Vai7Zj6Pfsr/BTPGFtDRmEdpVEWNuy2Lav8k+fa6C0=
Subject key identifier: 68:42:20:BE:1E:E9:EC:82:EF:42:B3:EC:D2:8F:13:28:FF:1E:19:FF
Authority key identifier: B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
Certificate issuer: /CN=b0570845c239e9991c89bc5c50431e9087860c4d
Certificate serial: 0199FD6AD30B3943E0FAFE43EAEA9984E6FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
Manifest number: 015D
Signing time: Sun 19 Oct 2025 17:01:00 +0000
Manifest this update: Sun 19 Oct 2025 17:01:00 +0000
Manifest next update: Mon 20 Oct 2025 17:01:00 +0000
Files and hashes: 1: n2C0sjvTrbF7unBNdsXDONkHwzQ.roa (hash: jLl0pdc61DzddqyTuR7Io8Gkj/xajAEL7bTJB3EuzC8=)
2: sFcIRcI56ZkcibxcUEMekIeGDE0.crl (hash: LGjirN1SlY3wSmoU0IZ0JkdqHvLBp7RZIJ0YihRidZ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:6a:d3:0b:39:43:e0:fa:fe:43:ea:ea:99:84:e6:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0570845c239e9991c89bc5c50431e9087860c4d
Validity
Not Before: Oct 19 17:01:00 2025 GMT
Not After : Oct 20 17:01:00 2025 GMT
Subject: CN=684220be1ee9ec82ef42b3ecd28f1328ff1e19ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6a:4a:15:4a:94:d9:5c:39:cd:ea:e0:0c:ab:
28:bd:2c:14:87:01:4e:b1:57:50:e6:92:f2:16:be:
60:b0:9b:a0:0f:4e:46:8d:0b:54:50:37:1c:3f:37:
6d:71:8b:9e:25:aa:88:ac:b2:c8:0a:7d:7d:26:12:
a5:20:f1:0a:2b:b2:a7:d0:87:31:f2:b5:f2:eb:d5:
dc:7a:0e:92:89:35:a7:fb:cc:ce:0b:91:b6:b5:66:
95:bc:8f:98:4b:0a:97:3e:c2:c7:23:8d:94:d0:46:
f6:c6:a0:de:a7:39:fd:72:29:6f:b1:67:fc:2b:bb:
bf:3a:f5:40:c0:54:ee:21:03:d0:7d:6e:d0:61:a2:
26:5d:ce:21:4b:f5:d0:39:d1:46:a1:df:0c:6b:50:
33:e1:e4:4d:ef:ac:94:d8:92:f5:62:fc:b1:7d:50:
3b:d7:30:95:e8:95:47:32:42:77:54:44:12:b3:e1:
1a:3f:b4:42:4c:9a:31:3f:41:63:88:14:0b:f9:85:
1c:c9:6c:d1:eb:96:89:a7:82:6e:cd:01:d9:ea:28:
36:07:ea:de:18:71:7b:50:37:09:46:20:ec:1b:19:
e3:4f:e2:6b:0d:5a:5d:18:e2:cd:04:3a:93:d1:6a:
18:36:94:5e:01:bc:70:85:7e:c4:ca:fd:9d:1f:ba:
f3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:42:20:BE:1E:E9:EC:82:EF:42:B3:EC:D2:8F:13:28:FF:1E:19:FF
X509v3 Authority Key Identifier:
keyid:B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4d:71:84:42:91:8b:59:6f:80:1a:c9:9c:00:5d:7e:4e:a3:5c:
ae:3c:e3:69:84:3f:85:6c:44:32:1d:18:12:47:9e:da:5c:b6:
db:65:14:75:cc:da:87:6a:00:1a:e5:be:7a:b4:87:45:56:97:
75:02:cc:b4:98:41:60:7b:21:03:7c:7d:f4:80:fc:0f:c2:57:
1b:05:ac:86:d6:4c:4d:ff:0d:c8:b0:42:57:3e:21:28:95:96:
98:89:c2:ed:82:d5:d2:96:44:1e:a9:da:29:50:a1:ef:a4:2d:
bb:6c:12:8e:31:70:3e:fa:e7:0e:de:58:b6:6c:87:95:30:d7:
43:b5:5a:17:44:8d:0c:25:45:4a:6b:29:e3:1e:c0:df:7a:31:
63:a8:81:0d:5d:73:b9:1c:12:66:ab:14:a1:3c:e4:24:0e:ac:
7b:e7:45:9d:c5:fc:6b:b2:5a:54:8c:7a:d5:99:8f:97:05:48:
dc:1e:40:f6:9d:a5:5f:7e:3f:06:a8:99:ca:f0:e3:02:e1:fe:
5e:d7:60:11:db:f5:af:c6:04:d2:56:18:5b:22:1a:1a:b1:a1:
b9:48:68:a4:66:17:7e:9a:39:cf:32:5b:c1:9e:44:a8:c3:60:
03:7e:88:49:2a:53:74:93:fe:3e:4c:ae:00:e0:96:77:c6:1b:
30:d3:b7:53
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn9atMLOUPg+v5D6uqZhOb/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTcwODQ1YzIzOWU5OTkxYzg5YmM1YzUwNDMxZTkwODc4
NjBjNGQwHhcNMjUxMDE5MTcwMTAwWhcNMjUxMDIwMTcwMTAwWjAzMTEwLwYDVQQD
Eyg2ODQyMjBiZTFlZTllYzgyZWY0MmIzZWNkMjhmMTMyOGZmMWUxOWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2pKFUqU2Vw5zergDKsovSwUhwFO
sVdQ5pLyFr5gsJugD05GjQtUUDccPzdtcYueJaqIrLLICn19JhKlIPEKK7Kn0Icx
8rXy69Xceg6SiTWn+8zOC5G2tWaVvI+YSwqXPsLHI42U0Eb2xqDepzn9cilvsWf8
K7u/OvVAwFTuIQPQfW7QYaImXc4hS/XQOdFGod8Ma1Az4eRN76yU2JL1YvyxfVA7
1zCV6JVHMkJ3VEQSs+EaP7RCTJoxP0FjiBQL+YUcyWzR65aJp4JuzQHZ6ig2B+re
GHF7UDcJRiDsGxnjT+JrDVpdGOLNBDqT0WoYNpReAbxwhX7Eyv2dH7rzBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGhCIL4e6eyC70Kz7NKPEyj/Hhn/MB8GA1UdIwQY
MBaAFLBXCEXCOemZHIm8XFBDHpCHhgxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEt
NDZjYTI2YWZmNTQ1LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEtNDZjYTI2YWZmNTQ1
LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATXGEQpGL
WW+AGsmcAF1+TqNcrjzjaYQ/hWxEMh0YEkee2ly222UUdczah2oAGuW+erSHRVaX
dQLMtJhBYHshA3x99ID8D8JXGwWshtZMTf8NyLBCVz4hKJWWmInC7YLV0pZEHqna
KVCh76Qtu2wSjjFwPvrnDt5YtmyHlTDXQ7VaF0SNDCVFSmsp4x7A33oxY6iBDV1z
uRwSZqsUoTzkJA6se+dFncX8a7JaVIx61ZmPlwVI3B5A9p2lX34/BqiZyvDjAuH+
XtdgEdv1r8YE0lYYWyIaGrGhuUhopGYXfpo5zzJbwZ5EqMNgA36ISSpTdJP+Pkyu
AOCWd8YbMNO3Uw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:53:10 2025 by rpki-client