Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
File: mRyTTgj1egPvTro2taTaeYolIgc.mft (raw, json)
Hash identifier: xGBiIXVICmYUR66PDvk5J0m3mLZvwyYni+3VAd7Q0hc=
Subject key identifier: C0:65:0D:F6:3F:5D:B3:B7:14:84:FB:D6:82:DC:D0:1F:8A:CB:98:8D
Authority key identifier: 99:1C:93:4E:08:F5:7A:03:EF:4E:BA:36:B5:A4:DA:79:8A:25:22:07
Certificate issuer: /CN=991c934e08f57a03ef4eba36b5a4da798a252207
Certificate serial: 019A7226593516533DBFF81DEE17D0352E62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 09:01:47 +0000
Manifest this update: Tue 11 Nov 2025 09:01:47 +0000
Manifest next update: Wed 12 Nov 2025 09:01:47 +0000
Files and hashes: 1: db9OeH46tzqgA4Lx9Y7WIwYTuDM.roa (hash: FuLyiACFaT6BITOZPeoXwp9XiYIYBsR3kP7HfHr2tYI=)
2: mRyTTgj1egPvTro2taTaeYolIgc.crl (hash: gPiBm8pyl5JgNCiMOUsU12yHaByQAjTVu8YmHaF6g1E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:59:35:16:53:3d:bf:f8:1d:ee:17:d0:35:2e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=991c934e08f57a03ef4eba36b5a4da798a252207
Validity
Not Before: Nov 11 09:01:47 2025 GMT
Not After : Nov 12 09:01:47 2025 GMT
Subject: CN=c0650df63f5db3b71484fbd682dcd01f8acb988d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5f:2d:8c:06:af:e1:18:d4:a8:17:ce:66:4f:
4f:35:d1:32:d7:02:e6:20:94:b1:6c:f7:09:7f:85:
37:1a:16:5a:b6:df:f5:4b:e0:7e:74:ce:51:ef:a0:
a2:06:81:08:7e:30:76:bc:fc:e8:a7:b9:3b:21:6a:
52:67:01:e6:78:7f:b2:4a:06:b7:4e:01:e9:44:41:
0c:64:e1:0c:b9:a3:7f:be:77:fa:6a:de:49:27:2f:
2a:b2:63:8f:68:89:b7:16:4f:37:0a:a0:b7:e5:b6:
29:99:80:8a:10:03:ce:c5:f6:23:9d:82:e7:72:19:
12:96:22:b1:1a:32:21:d8:5e:db:79:c5:85:de:1a:
0c:b2:1c:a8:48:8d:71:59:4d:00:b7:a5:06:a9:bf:
1b:c9:3f:7a:01:e7:0e:aa:46:eb:16:b4:fb:2f:4a:
f5:f8:a3:87:fa:31:6c:f6:bf:77:0b:69:35:af:4b:
bc:68:5d:e1:10:7f:5f:c6:9c:5b:bf:21:01:b9:07:
b4:fe:8a:50:ed:d3:98:ee:e0:e3:54:c8:c5:c1:9c:
b7:2e:96:87:0f:a4:90:c5:c0:3b:74:e4:a0:d6:23:
18:83:a3:a0:87:a8:8e:75:67:71:1b:57:6b:e4:f5:
c5:3f:c0:9e:76:34:b9:d5:99:8a:fd:fa:38:2b:65:
f4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:65:0D:F6:3F:5D:B3:B7:14:84:FB:D6:82:DC:D0:1F:8A:CB:98:8D
X509v3 Authority Key Identifier:
keyid:99:1C:93:4E:08:F5:7A:03:EF:4E:BA:36:B5:A4:DA:79:8A:25:22:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mRyTTgj1egPvTro2taTaeYolIgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/04c239-8869-46e2-95b7-93b392525175/1/mRyTTgj1egPvTro2taTaeYolIgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:d2:6d:32:48:c7:0d:ed:13:11:9f:25:e2:66:db:e7:2e:2d:
89:a5:18:41:e7:c1:bd:c0:29:b6:ea:9e:3a:71:bb:c8:f5:0a:
b8:3c:00:a2:27:6a:39:5b:90:a3:07:54:f3:7d:71:6a:89:05:
f2:1f:65:05:58:b6:bd:b2:45:eb:bd:01:d8:a1:f0:ab:76:0c:
46:34:e6:84:71:00:92:c1:88:39:35:94:c8:7d:8e:00:c5:01:
c5:34:b8:e7:a2:de:9d:51:86:00:2e:1b:64:3c:ee:34:d2:75:
60:4f:38:6a:b4:7a:93:87:0b:97:29:e4:a4:df:3b:72:c0:b9:
8a:1d:cb:6b:d4:48:6a:0f:3b:37:76:fb:5a:54:99:f2:8f:ff:
5d:8f:77:80:d5:e2:0b:55:96:95:50:84:8a:67:53:81:36:14:
83:9e:be:fd:28:3a:9a:4c:65:0b:db:4b:7d:16:85:70:30:2e:
cb:b0:fa:d4:bb:2e:2f:80:95:f1:76:29:a3:14:3c:04:a7:14:
cf:93:8e:a5:ed:71:24:a2:16:93:6e:55:b1:3d:e9:7e:b9:58:
a0:44:43:4e:32:28:44:67:b3:b9:6b:7b:d5:74:00:3b:91:63:
f3:b5:e1:10:7f:01:70:b3:ac:cd:9e:c6:55:f7:12:45:48:10:
68:8f:b2:18
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlk1FlM9v/gd7hfQNS5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MWM5MzRlMDhmNTdhMDNlZjRlYmEzNmI1YTRkYTc5OGEy
NTIyMDcwHhcNMjUxMTExMDkwMTQ3WhcNMjUxMTEyMDkwMTQ3WjAzMTEwLwYDVQQD
EyhjMDY1MGRmNjNmNWRiM2I3MTQ4NGZiZDY4MmRjZDAxZjhhY2I5ODhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwl8tjAav4RjUqBfOZk9PNdEy1wLm
IJSxbPcJf4U3GhZatt/1S+B+dM5R76CiBoEIfjB2vPzop7k7IWpSZwHmeH+ySga3
TgHpREEMZOEMuaN/vnf6at5JJy8qsmOPaIm3Fk83CqC35bYpmYCKEAPOxfYjnYLn
chkSliKxGjIh2F7becWF3hoMshyoSI1xWU0At6UGqb8byT96AecOqkbrFrT7L0r1
+KOH+jFs9r93C2k1r0u8aF3hEH9fxpxbvyEBuQe0/opQ7dOY7uDjVMjFwZy3LpaH
D6SQxcA7dOSg1iMYg6Ogh6iOdWdxG1dr5PXFP8CedjS51ZmK/fo4K2X0NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMBlDfY/XbO3FIT71oLc0B+Ky5iNMB8GA1UdIwQY
MBaAFJkck04I9XoD7066NrWk2nmKJSIHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC8wNGMyMzktODg2OS00NmUyLTk1Yjct
OTNiMzkyNTI1MTc1LzEvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC8wNGMyMzktODg2OS00NmUyLTk1YjctOTNiMzkyNTI1MTc1
LzEvbVJ5VFRnajFlZ1B2VHJvMnRhVGFlWW9sSWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYNJtMkjH
De0TEZ8l4mbb5y4tiaUYQefBvcAptuqeOnG7yPUKuDwAoidqOVuQowdU831xaokF
8h9lBVi2vbJF670B2KHwq3YMRjTmhHEAksGIOTWUyH2OAMUBxTS456LenVGGAC4b
ZDzuNNJ1YE84arR6k4cLlynkpN87csC5ih3La9RIag87N3b7WlSZ8o//XY93gNXi
C1WWlVCEimdTgTYUg56+/Sg6mkxlC9tLfRaFcDAuy7D61LsuL4CV8XYpoxQ8BKcU
z5OOpe1xJKIWk25VsT3pfrlYoERDTjIoRGezuWt71XQAO5Fj87XhEH8BcLOszZ7G
VfcSRUgQaI+yGA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:12 2025 by rpki-client