Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft
File: kd3H2eAtRMa_jGNcHQcV9uicEBI.mft (raw, json)
Hash identifier: 6bbC2HY8XijQFc9GZIVxwmRxZvXjHP+/eBeHPYSnDmc=
Subject key identifier: 2D:D2:6A:16:82:45:86:F5:3D:C6:2C:51:CF:E4:19:6A:8C:9E:2E:1C
Authority key identifier: 91:DD:C7:D9:E0:2D:44:C6:BF:8C:63:5C:1D:07:15:F6:E8:9C:10:12
Certificate issuer: /CN=91ddc7d9e02d44c6bf8c635c1d0715f6e89c1012
Certificate serial: 019A71EEC12AA6F32EF205CE7A6B39CD132C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft
Manifest number: DA
Signing time: Tue 11 Nov 2025 08:01:03 +0000
Manifest this update: Tue 11 Nov 2025 08:01:03 +0000
Manifest next update: Wed 12 Nov 2025 08:01:03 +0000
Files and hashes: 1: kd3H2eAtRMa_jGNcHQcV9uicEBI.crl (hash: M1+0jqsQtphn2mey1c2KbrHAjea58CGqnJcmAwp3i6M=)
2: s5q2oTWE63BKKJHezuXxV23_1ao.roa (hash: kxGqoLV/rWB0wj/sYCOZiA+1BQk6TjqEiRvVL8/Fnps=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:c1:2a:a6:f3:2e:f2:05:ce:7a:6b:39:cd:13:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91ddc7d9e02d44c6bf8c635c1d0715f6e89c1012
Validity
Not Before: Nov 11 08:01:03 2025 GMT
Not After : Nov 12 08:01:03 2025 GMT
Subject: CN=2dd26a16824586f53dc62c51cfe4196a8c9e2e1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:81:3f:22:4e:6e:d1:e1:1a:55:ee:12:59:54:
2a:f6:9c:f2:49:94:e0:f1:cf:c1:ac:61:01:03:4c:
d1:c4:eb:05:4b:af:5d:1f:1e:dd:4c:57:69:3c:2d:
60:8f:d6:cd:64:f5:43:99:ac:bd:81:cc:e0:a9:bd:
44:e1:e9:c4:91:45:af:94:41:ca:5d:4b:c7:7a:b0:
70:49:f7:4d:9b:a1:c6:02:75:3f:2b:42:b3:11:4b:
81:be:96:8b:f7:3d:57:3c:87:a0:a6:63:0a:4e:ed:
6c:8c:ce:c3:aa:79:dc:bf:cc:34:b9:25:40:a4:43:
9e:36:44:f0:95:60:92:59:57:ae:ac:cd:c8:5b:9f:
3c:d3:a0:b8:77:b5:7c:f8:1d:b5:0c:8f:a0:0d:6c:
29:e7:41:d2:19:54:a0:e1:8a:bb:3a:eb:33:fe:13:
40:59:c4:b7:ee:a0:f5:74:15:b2:4e:b1:10:c6:e8:
bd:82:5a:e1:fa:98:df:63:ac:9c:94:37:65:aa:9b:
33:41:a7:e7:96:ed:f5:f6:c6:fc:e9:85:1f:57:c2:
bc:4e:bb:58:2f:a4:32:51:dc:25:62:74:84:d7:77:
c9:12:05:9a:83:80:81:ad:ff:07:91:c1:3d:d2:be:
bb:ad:27:c1:40:fb:8d:11:4b:cf:f7:45:3d:8c:ca:
b8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D2:6A:16:82:45:86:F5:3D:C6:2C:51:CF:E4:19:6A:8C:9E:2E:1C
X509v3 Authority Key Identifier:
keyid:91:DD:C7:D9:E0:2D:44:C6:BF:8C:63:5C:1D:07:15:F6:E8:9C:10:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:d1:02:d0:42:43:c3:e7:03:de:f0:e3:01:b0:67:9a:ed:1a:
67:9f:05:30:1d:6e:7b:96:9f:c2:bc:97:35:ce:e1:71:1a:03:
40:ae:66:5f:eb:d1:d1:f1:ea:8c:49:37:e3:fe:a2:28:06:6b:
a2:76:5e:f9:06:1a:5a:15:54:29:4d:59:33:5a:4b:f8:e1:3b:
93:d1:ca:80:3c:23:e9:c1:26:81:8b:e4:39:8e:a9:82:dc:47:
b9:f4:0c:24:78:b3:28:36:12:12:2d:f0:63:f6:6a:5b:4c:14:
1e:e0:79:85:63:cd:68:0c:a9:1f:43:a5:09:6e:4f:9d:b9:b3:
1a:e2:5e:35:6a:ec:59:e2:8f:71:55:c7:25:b2:10:cd:7f:9f:
38:1e:ef:50:cb:d4:35:3d:85:41:7c:ff:68:b6:51:b4:dc:b7:
33:d0:56:1c:b5:60:30:1a:63:6e:00:a8:26:8c:81:09:36:a6:
5c:b7:75:24:17:97:e3:04:09:be:60:bb:d0:5c:68:5b:f6:03:
92:10:eb:7e:75:b1:b7:02:1c:8d:98:13:d2:d4:22:5c:56:16:
64:f7:3b:09:6c:ce:2b:9c:ed:1b:1f:37:64:e8:36:cc:c7:9b:
cb:12:72:89:4e:58:8d:98:6d:20:6a:fd:67:d7:57:14:8e:19:
77:4e:6f:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7sEqpvMu8gXOems5zRMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGRjN2Q5ZTAyZDQ0YzZiZjhjNjM1YzFkMDcxNWY2ZTg5
YzEwMTIwHhcNMjUxMTExMDgwMTAzWhcNMjUxMTEyMDgwMTAzWjAzMTEwLwYDVQQD
EygyZGQyNmExNjgyNDU4NmY1M2RjNjJjNTFjZmU0MTk2YThjOWUyZTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YE/Ik5u0eEaVe4SWVQq9pzySZTg
8c/BrGEBA0zRxOsFS69dHx7dTFdpPC1gj9bNZPVDmay9gczgqb1E4enEkUWvlEHK
XUvHerBwSfdNm6HGAnU/K0KzEUuBvpaL9z1XPIegpmMKTu1sjM7Dqnncv8w0uSVA
pEOeNkTwlWCSWVeurM3IW58806C4d7V8+B21DI+gDWwp50HSGVSg4Yq7Ousz/hNA
WcS37qD1dBWyTrEQxui9glrh+pjfY6yclDdlqpszQafnlu319sb86YUfV8K8TrtY
L6QyUdwlYnSE13fJEgWag4CBrf8HkcE90r67rSfBQPuNEUvP90U9jMq4hwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC3SahaCRYb1PcYsUc/kGWqMni4cMB8GA1UdIwQY
MBaAFJHdx9ngLUTGv4xjXB0HFfbonBASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9jN2FmYmMtYjg4NS00NzU1LThkMTUt
ODkzYjhkZDJkMmIwLzEva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9jN2FmYmMtYjg4NS00NzU1LThkMTUtODkzYjhkZDJkMmIw
LzEva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOdEC0EJD
w+cD3vDjAbBnmu0aZ58FMB1ue5afwryXNc7hcRoDQK5mX+vR0fHqjEk34/6iKAZr
onZe+QYaWhVUKU1ZM1pL+OE7k9HKgDwj6cEmgYvkOY6pgtxHufQMJHizKDYSEi3w
Y/ZqW0wUHuB5hWPNaAypH0OlCW5PnbmzGuJeNWrsWeKPcVXHJbIQzX+fOB7vUMvU
NT2FQXz/aLZRtNy3M9BWHLVgMBpjbgCoJoyBCTamXLd1JBeX4wQJvmC70FxoW/YD
khDrfnWxtwIcjZgT0tQiXFYWZPc7CWzOK5ztGx83ZOg2zMebyxJyiU5YjZhtIGr9
Z9dXFI4Zd05vbA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:48 2025 by rpki-client