Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
File: RDTtvhtBAbKKviMvK88qAUiXglo.mft (raw, json)
Hash identifier: UskPmCioe1NeAwRBD6jvmKeveMlBmH3oslXn9PxP4Ro=
Subject key identifier: 59:2B:ED:8A:1F:C0:44:4B:17:D5:D6:9B:D0:43:3C:EE:85:05:FD:FE
Authority key identifier: 44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
Certificate issuer: /CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Certificate serial: 019A71EEA88268E4B5603C64F871523621E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
Manifest number: 110A
Signing time: Tue 11 Nov 2025 08:00:57 +0000
Manifest this update: Tue 11 Nov 2025 08:00:57 +0000
Manifest next update: Wed 12 Nov 2025 08:00:57 +0000
Files and hashes: 1: MBnjR0q6eR7PujQYuvXc6EY3kbo.roa (hash: HNqzyjDd+TtlMN5tniTDAwjj1tssNX0++6C4Wyg438o=)
2: RDTtvhtBAbKKviMvK88qAUiXglo.crl (hash: 3FfF3PSpVrtcXK2KhsGLYl0UpGgORPKIk1xuB8+i9lQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:a8:82:68:e4:b5:60:3c:64:f8:71:52:36:21:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4434edbe1b4101b28abe232f2bcf2a014897825a
Validity
Not Before: Nov 11 08:00:57 2025 GMT
Not After : Nov 12 08:00:57 2025 GMT
Subject: CN=592bed8a1fc0444b17d5d69bd0433cee8505fdfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:79:24:50:b9:71:06:14:02:86:a0:e3:e8:e7:
92:cd:6d:69:60:b1:59:b6:2d:c1:12:b7:60:98:99:
5d:67:2e:1d:d5:9a:cc:b2:6a:8a:bc:a6:7d:a1:16:
58:33:6b:3c:77:ed:99:9a:03:da:c9:3a:91:30:c0:
48:7f:a7:b8:8b:40:3a:99:6b:fc:f3:08:2e:ec:0a:
81:b3:eb:b9:54:91:93:dc:d8:64:ac:5a:3c:4c:ac:
22:6e:00:c1:07:dd:76:67:52:4c:27:9b:90:59:a3:
01:83:63:42:c8:e0:2d:83:8d:30:16:c6:02:70:8e:
6a:39:88:78:54:ba:e6:fc:c4:fb:70:65:a8:a7:9a:
af:7c:66:45:89:73:1e:59:fb:5c:98:ca:61:08:ee:
b1:37:6f:de:b2:e3:e8:9f:b5:6e:a0:96:b0:f4:6b:
d9:5e:00:b9:73:24:5c:e0:e2:2b:e9:4a:59:f6:aa:
82:55:2f:ab:b6:91:8d:5a:0a:72:86:65:24:4e:42:
8e:80:22:c7:28:55:a3:20:fe:60:06:4c:75:ec:ef:
6d:6f:85:3b:15:0d:0b:3a:e4:22:db:2f:b4:ab:b7:
0b:52:2f:22:a5:06:54:48:68:da:12:b2:27:dd:9a:
00:2c:98:90:fc:62:5a:a9:d8:1c:ec:9f:25:ca:01:
1b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2B:ED:8A:1F:C0:44:4B:17:D5:D6:9B:D0:43:3C:EE:85:05:FD:FE
X509v3 Authority Key Identifier:
keyid:44:34:ED:BE:1B:41:01:B2:8A:BE:23:2F:2B:CF:2A:01:48:97:82:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RDTtvhtBAbKKviMvK88qAUiXglo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/639f64-1df1-46d5-add9-10caf54986ff/1/RDTtvhtBAbKKviMvK88qAUiXglo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:6a:fd:70:25:b3:db:01:69:4c:11:bd:f0:1e:f5:6a:08:24:
c9:32:99:5f:27:8e:0f:19:43:19:3d:24:58:40:1e:d9:46:74:
87:3e:63:bb:08:e3:b9:38:24:7c:ce:98:bc:37:cf:fe:d6:24:
a4:98:a4:f7:07:05:76:c8:0b:28:3a:5e:b2:9c:7b:73:b3:bf:
80:69:ac:82:f1:74:fa:8f:31:96:1b:20:67:59:b7:91:48:30:
4c:08:86:69:b3:86:6f:1c:65:ec:f9:0f:1c:18:3a:d0:69:11:
f1:05:bc:e1:a4:d5:6d:75:22:55:9f:c1:c9:60:7b:91:13:6f:
a7:24:65:b5:d3:19:c5:87:99:28:fc:6c:9d:72:48:ef:6f:9b:
b3:5d:e8:0a:9f:2d:7b:e7:62:b5:fd:6c:28:16:07:00:ff:ef:
cb:c2:5c:5f:a5:2f:e1:c4:29:bd:5d:d6:4d:6d:7a:87:a5:7b:
27:59:de:e6:55:8f:74:ac:9d:64:54:cc:13:eb:10:bb:0b:12:
b3:5d:42:42:17:72:10:8e:a7:b4:12:96:96:5c:7c:c3:9a:18:
90:ce:30:b0:be:16:b8:1a:a3:90:87:e4:25:90:d5:0b:b6:50:
be:44:19:ac:ed:b1:a7:b9:e8:57:f0:03:d9:f3:a1:67:a9:a8:
65:b7:86:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7qiCaOS1YDxk+HFSNiHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MzRlZGJlMWI0MTAxYjI4YWJlMjMyZjJiY2YyYTAxNDg5
NzgyNWEwHhcNMjUxMTExMDgwMDU3WhcNMjUxMTEyMDgwMDU3WjAzMTEwLwYDVQQD
Eyg1OTJiZWQ4YTFmYzA0NDRiMTdkNWQ2OWJkMDQzM2NlZTg1MDVmZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3kkULlxBhQChqDj6OeSzW1pYLFZ
ti3BErdgmJldZy4d1ZrMsmqKvKZ9oRZYM2s8d+2ZmgPayTqRMMBIf6e4i0A6mWv8
8wgu7AqBs+u5VJGT3NhkrFo8TKwibgDBB912Z1JMJ5uQWaMBg2NCyOAtg40wFsYC
cI5qOYh4VLrm/MT7cGWop5qvfGZFiXMeWftcmMphCO6xN2/esuPon7VuoJaw9GvZ
XgC5cyRc4OIr6UpZ9qqCVS+rtpGNWgpyhmUkTkKOgCLHKFWjIP5gBkx17O9tb4U7
FQ0LOuQi2y+0q7cLUi8ipQZUSGjaErIn3ZoALJiQ/GJaqdgc7J8lygEbJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFkr7YofwERLF9XWm9BDPO6FBf3+MB8GA1UdIwQY
MBaAFEQ07b4bQQGyir4jLyvPKgFIl4JaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDkt
MTBjYWY1NDk4NmZmLzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC82MzlmNjQtMWRmMS00NmQ1LWFkZDktMTBjYWY1NDk4NmZm
LzEvUkRUdHZodEJBYktLdmlNdks4OHFBVWlYZ2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWGr9cCWz
2wFpTBG98B71aggkyTKZXyeODxlDGT0kWEAe2UZ0hz5juwjjuTgkfM6YvDfP/tYk
pJik9wcFdsgLKDpespx7c7O/gGmsgvF0+o8xlhsgZ1m3kUgwTAiGabOGbxxl7PkP
HBg60GkR8QW84aTVbXUiVZ/ByWB7kRNvpyRltdMZxYeZKPxsnXJI72+bs13oCp8t
e+ditf1sKBYHAP/vy8JcX6Uv4cQpvV3WTW16h6V7J1ne5lWPdKydZFTME+sQuwsS
s11CQhdyEI6ntBKWllx8w5oYkM4wsL4WuBqjkIfkJZDVC7ZQvkQZrO2xp7noV/AD
2fOhZ6moZbeGaA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:51:39 2025 by rpki-client