Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.mft
File: d1szbD5Il6UrOcOtquzOxr9wzn0.mft (raw, json)
Hash identifier: JJiSACszdEa1dcIoO/L+oHbqedh8nE7w8VFm73//AkM=
Subject key identifier: C0:DB:0E:F5:BF:F8:AA:F5:D7:48:E5:8D:3F:24:0D:A6:5C:DE:3E:9A
Authority key identifier: 77:5B:33:6C:3E:48:97:A5:2B:39:C3:AD:AA:EC:CE:C6:BF:70:CE:7D
Certificate issuer: /CN=775b336c3e4897a52b39c3adaaeccec6bf70ce7d
Certificate serial: 019A725C6DD7492E43F65BB4A5E53DB062A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d1szbD5Il6UrOcOtquzOxr9wzn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.mft
Manifest number: 1643
Signing time: Tue 11 Nov 2025 10:00:51 +0000
Manifest this update: Tue 11 Nov 2025 10:00:51 +0000
Manifest next update: Wed 12 Nov 2025 10:00:51 +0000
Files and hashes: 1: 1-jRnyFGmEx1CVoLDNNDO26bccvY.roa (hash: 23QvIcsUor9KhcMI2prwonWuUHDRgDZgiqunE4RPe6c=)
2: d1szbD5Il6UrOcOtquzOxr9wzn0.crl (hash: 9Mh+8E9AV5DtSn3P0sVTuLUrZ0yVrD1oWNO2lI4pXa8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/d1szbD5Il6UrOcOtquzOxr9wzn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:6d:d7:49:2e:43:f6:5b:b4:a5:e5:3d:b0:62:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=775b336c3e4897a52b39c3adaaeccec6bf70ce7d
Validity
Not Before: Nov 11 10:00:51 2025 GMT
Not After : Nov 12 10:00:51 2025 GMT
Subject: CN=c0db0ef5bff8aaf5d748e58d3f240da65cde3e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f9:d2:da:6a:6b:aa:4a:21:6b:4c:3b:93:d0:
23:88:c9:7d:76:31:5a:b0:89:45:20:03:d0:22:8f:
f4:ac:b8:7e:97:35:eb:51:0a:db:b4:82:18:84:33:
d5:2a:7c:dd:c5:b7:ec:58:29:f1:5f:1c:1c:12:75:
f7:3f:c7:7e:1e:4f:78:42:b6:4b:6f:79:eb:73:8e:
ae:c5:22:ce:0d:c0:3a:5f:de:7c:3f:de:70:79:1b:
76:a6:6f:a8:5b:4e:31:11:fa:76:f0:5e:9e:aa:1a:
49:26:5f:e8:c6:e9:38:45:4a:3b:de:3c:b1:7e:bf:
87:09:d8:a3:1e:2f:63:14:fd:0f:43:6e:50:6e:b7:
65:a6:81:bf:b5:26:39:9f:24:e0:8b:63:30:9f:36:
58:76:9b:91:d7:15:1b:99:12:b6:bf:a5:e3:bc:18:
52:1c:e5:ce:27:27:46:09:1a:28:5d:b8:f2:cb:7c:
33:c1:39:dc:8c:b5:e6:14:54:22:ac:ef:38:da:56:
b0:df:b7:81:34:30:6a:07:ac:4e:7a:37:1a:59:18:
ff:c1:c6:dc:f7:3d:d7:be:1e:25:3e:5e:9b:ee:0f:
03:7d:18:fb:ca:67:d6:74:58:e0:98:93:81:f8:23:
1b:fe:dd:bb:42:30:dd:d0:04:8f:f0:bd:4e:84:1b:
49:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:DB:0E:F5:BF:F8:AA:F5:D7:48:E5:8D:3F:24:0D:A6:5C:DE:3E:9A
X509v3 Authority Key Identifier:
keyid:77:5B:33:6C:3E:48:97:A5:2B:39:C3:AD:AA:EC:CE:C6:BF:70:CE:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1szbD5Il6UrOcOtquzOxr9wzn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/00476a-8ac7-456c-b93d-3dc14170d62a/1/d1szbD5Il6UrOcOtquzOxr9wzn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:f3:0b:61:f8:2f:b0:db:26:b6:bd:9e:a5:d9:89:ce:92:67:
3f:2d:81:7f:f4:ba:35:2f:31:59:a7:58:f4:3d:06:23:fa:e1:
1b:84:7e:ea:e3:4b:0a:58:4a:15:8a:52:5c:45:83:6b:76:bc:
8b:79:ab:a2:95:48:b5:77:bd:61:68:62:20:61:08:82:e9:6b:
d6:f6:de:b9:cc:bc:0e:ed:0c:24:eb:cf:dc:11:b0:59:e1:dc:
a9:e0:e0:97:04:cc:d7:89:8c:54:45:20:ce:44:be:7c:90:68:
20:28:6f:e2:80:26:cd:ed:36:4e:a9:3f:2f:c3:c2:51:41:0c:
5f:7f:1e:6b:70:42:cb:9b:8b:c5:ee:8a:14:e3:0d:5b:6e:80:
32:11:62:13:98:4f:f5:cb:c0:34:01:17:e5:fd:e6:d6:b3:d3:
95:d2:dd:92:b6:02:4a:d5:55:1e:a2:c7:2b:0b:37:07:c9:03:
ef:22:81:1c:0e:09:49:07:39:9d:a9:d3:62:97:84:42:1e:44:
c8:e5:b7:4b:24:4a:3b:ee:fc:8d:30:cc:a6:50:4f:0c:6f:e9:
40:c2:f6:ff:f7:ef:74:61:3b:fc:35:86:43:94:93:f3:bb:95:
4e:d8:1d:80:7e:de:02:58:fa:3e:fc:06:a2:75:5a:51:f1:56:
0b:48:30:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXG3XSS5D9lu0peU9sGKjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NWIzMzZjM2U0ODk3YTUyYjM5YzNhZGFhZWNjZWM2YmY3
MGNlN2QwHhcNMjUxMTExMTAwMDUxWhcNMjUxMTEyMTAwMDUxWjAzMTEwLwYDVQQD
EyhjMGRiMGVmNWJmZjhhYWY1ZDc0OGU1OGQzZjI0MGRhNjVjZGUzZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5PnS2mprqkoha0w7k9AjiMl9djFa
sIlFIAPQIo/0rLh+lzXrUQrbtIIYhDPVKnzdxbfsWCnxXxwcEnX3P8d+Hk94QrZL
b3nrc46uxSLODcA6X958P95weRt2pm+oW04xEfp28F6eqhpJJl/oxuk4RUo73jyx
fr+HCdijHi9jFP0PQ25QbrdlpoG/tSY5nyTgi2MwnzZYdpuR1xUbmRK2v6XjvBhS
HOXOJydGCRooXbjyy3wzwTncjLXmFFQirO842law37eBNDBqB6xOejcaWRj/wcbc
9z3Xvh4lPl6b7g8DfRj7ymfWdFjgmJOB+CMb/t27QjDd0ASP8L1OhBtJ+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMDbDvW/+Kr110jljT8kDaZc3j6aMB8GA1UdIwQY
MBaAFHdbM2w+SJelKznDrarszsa/cM59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDFzemJENUlsNlVyT2NPdHF1ek94cjl3em4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMDQ3NmEtOGFjNy00NTZjLWI5M2Qt
M2RjMTQxNzBkNjJhLzEvZDFzemJENUlsNlVyT2NPdHF1ek94cjl3em4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMDQ3NmEtOGFjNy00NTZjLWI5M2QtM2RjMTQxNzBkNjJh
LzEvZDFzemJENUlsNlVyT2NPdHF1ek94cjl3em4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApfMLYfgv
sNsmtr2epdmJzpJnPy2Bf/S6NS8xWadY9D0GI/rhG4R+6uNLClhKFYpSXEWDa3a8
i3mropVItXe9YWhiIGEIgulr1vbeucy8Du0MJOvP3BGwWeHcqeDglwTM14mMVEUg
zkS+fJBoIChv4oAmze02Tqk/L8PCUUEMX38ea3BCy5uLxe6KFOMNW26AMhFiE5hP
9cvANAEX5f3m1rPTldLdkrYCStVVHqLHKws3B8kD7yKBHA4JSQc5nanTYpeEQh5E
yOW3SyRKO+78jTDMplBPDG/pQML2//fvdGE7/DWGQ5ST87uVTtgdgH7eAlj6PvwG
onVaUfFWC0gwZQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:09 2025 by rpki-client