Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
File: RyyyiCCZANGvGpmLsDnsdX5JPdU.mft (raw, json)
Hash identifier: ECDegqQyi98rIpKZy1ZvtWBO238MPN8lzMTlwJXsq6Y=
Subject key identifier: 03:41:85:64:8C:FE:57:01:FC:43:DB:BD:6B:F7:76:EC:EE:CD:2E:1D
Authority key identifier: 47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
Certificate issuer: /CN=472cb288209900d1af1a998bb039ec757e493dd5
Certificate serial: 019A70DC4646A0C6E37FC2F3D4F3BAA0D966
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
Manifest number: 0947
Signing time: Tue 11 Nov 2025 03:01:15 +0000
Manifest this update: Tue 11 Nov 2025 03:01:15 +0000
Manifest next update: Wed 12 Nov 2025 03:01:15 +0000
Files and hashes: 1: RyyyiCCZANGvGpmLsDnsdX5JPdU.crl (hash: HlZ2UJ3j8ktcfwI2/etiQJEOjSD5EfmAWWdOSyb99Jc=)
2: S3dIMaIh62_y7HmBxhlxOM_ScHc.roa (hash: wYfLcBDYpc1piz/XiUHEld94m4pY4RAv7rF1GCt4/I0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:46:46:a0:c6:e3:7f:c2:f3:d4:f3:ba:a0:d9:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=472cb288209900d1af1a998bb039ec757e493dd5
Validity
Not Before: Nov 11 03:01:15 2025 GMT
Not After : Nov 12 03:01:15 2025 GMT
Subject: CN=034185648cfe5701fc43dbbd6bf776eceecd2e1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:82:87:23:21:df:af:06:44:75:c2:99:a9:eb:
31:3d:66:f0:51:30:c7:82:e4:50:01:de:96:bf:c9:
7e:1c:7d:50:55:7e:45:74:7e:6b:69:b3:cf:24:40:
4f:22:44:c8:57:ef:91:8c:37:2b:bd:13:a0:6b:6c:
35:fe:af:1c:3b:62:d3:df:48:21:97:b7:76:46:f3:
88:f4:b8:2c:e4:30:d9:67:42:ca:d2:56:e2:5b:8b:
ac:d0:0c:40:b1:b0:28:26:26:51:26:4e:0d:1e:c8:
3d:d5:06:3f:25:8b:5c:3c:5e:c2:e2:ed:9f:86:d6:
0a:7f:bf:e6:51:df:68:4d:39:c1:97:89:78:11:29:
8d:c2:e7:b9:3f:5b:7c:d1:8b:06:60:a1:1d:0a:1f:
d8:fb:9a:c4:6a:80:a5:df:27:a3:50:ac:36:0f:76:
6a:38:6e:f2:ba:3e:16:a0:95:fa:9c:83:45:0b:69:
7f:2f:38:31:34:db:b2:c4:20:23:ab:4c:25:95:b1:
b2:c4:f7:92:b6:b9:f3:b9:d5:49:a9:a8:0e:1d:48:
90:df:67:ff:e1:8d:9e:4d:9f:06:16:03:a3:ef:da:
77:a2:46:2f:25:e5:cd:2a:4d:4a:ec:42:3f:5c:32:
53:52:01:3a:56:c5:1a:44:6f:3e:fc:04:2d:7b:7c:
44:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:41:85:64:8C:FE:57:01:FC:43:DB:BD:6B:F7:76:EC:EE:CD:2E:1D
X509v3 Authority Key Identifier:
keyid:47:2C:B2:88:20:99:00:D1:AF:1A:99:8B:B0:39:EC:75:7E:49:3D:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyyyiCCZANGvGpmLsDnsdX5JPdU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/f9b6b9-b787-4e28-b0bf-aa902dbae928/1/RyyyiCCZANGvGpmLsDnsdX5JPdU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:36:54:29:0a:04:15:be:48:2f:c0:36:a4:3c:07:36:36:c7:
24:22:b4:ca:6f:a1:f8:09:a6:0c:88:6f:e2:11:09:c7:8b:ed:
f9:5e:0c:64:e2:b9:d9:6c:3b:9d:df:b1:6b:00:3e:cb:71:c2:
1b:84:6e:36:25:0b:36:22:09:b0:41:f0:3b:8f:bb:71:2a:c3:
e6:e1:aa:ed:35:09:21:ae:5e:fc:8c:fe:1c:af:e9:16:56:49:
a2:7b:f9:19:b9:64:82:de:59:d0:58:b4:d9:24:69:7b:9a:91:
93:5b:03:b7:d9:aa:b3:55:13:7e:a5:b2:44:70:c7:59:5f:dd:
00:7a:e0:5e:1e:ca:7c:5f:27:aa:70:17:2f:cb:77:6a:ea:38:
3f:01:20:64:0a:78:00:84:1b:f9:86:17:b3:11:cd:ad:ce:cf:
43:42:b7:b5:c5:e1:eb:a8:ed:d2:ec:3c:f3:6e:84:54:f1:3d:
32:cd:b4:0a:3b:07:8f:48:ec:b9:30:60:cd:66:93:3f:f0:91:
c6:4a:00:41:56:7e:8c:e8:03:a7:02:d3:5a:28:47:3d:cb:7b:
6e:f2:eb:3b:03:71:64:12:2a:ea:1e:96:89:5b:b6:03:ff:a6:
21:ae:80:51:c8:07:c5:ca:ba:13:6d:68:22:81:0d:7a:b1:a9:
88:de:1f:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3EZGoMbjf8Lz1PO6oNlmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MmNiMjg4MjA5OTAwZDFhZjFhOTk4YmIwMzllYzc1N2U0
OTNkZDUwHhcNMjUxMTExMDMwMTE1WhcNMjUxMTEyMDMwMTE1WjAzMTEwLwYDVQQD
EygwMzQxODU2NDhjZmU1NzAxZmM0M2RiYmQ2YmY3NzZlY2VlY2QyZTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYKHIyHfrwZEdcKZqesxPWbwUTDH
guRQAd6Wv8l+HH1QVX5FdH5rabPPJEBPIkTIV++RjDcrvROga2w1/q8cO2LT30gh
l7d2RvOI9Lgs5DDZZ0LK0lbiW4us0AxAsbAoJiZRJk4NHsg91QY/JYtcPF7C4u2f
htYKf7/mUd9oTTnBl4l4ESmNwue5P1t80YsGYKEdCh/Y+5rEaoCl3yejUKw2D3Zq
OG7yuj4WoJX6nINFC2l/LzgxNNuyxCAjq0wllbGyxPeStrnzudVJqagOHUiQ32f/
4Y2eTZ8GFgOj79p3okYvJeXNKk1K7EI/XDJTUgE6VsUaRG8+/AQte3xETwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFANBhWSM/lcB/EPbvWv3duzuzS4dMB8GA1UdIwQY
MBaAFEcssoggmQDRrxqZi7A57HV+ST3VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYt
YWE5MDJkYmFlOTI4LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9mOWI2YjktYjc4Ny00ZTI4LWIwYmYtYWE5MDJkYmFlOTI4
LzEvUnl5eWlDQ1pBTkd2R3BtTHNEbnNkWDVKUGRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlzZUKQoE
Fb5IL8A2pDwHNjbHJCK0ym+h+AmmDIhv4hEJx4vt+V4MZOK52Ww7nd+xawA+y3HC
G4RuNiULNiIJsEHwO4+7cSrD5uGq7TUJIa5e/Iz+HK/pFlZJonv5Gblkgt5Z0Fi0
2SRpe5qRk1sDt9mqs1UTfqWyRHDHWV/dAHrgXh7KfF8nqnAXL8t3auo4PwEgZAp4
AIQb+YYXsxHNrc7PQ0K3tcXh66jt0uw8826EVPE9Ms20CjsHj0jsuTBgzWaTP/CR
xkoAQVZ+jOgDpwLTWihHPct7bvLrOwNxZBIq6h6WiVu2A/+mIa6AUcgHxcq6E21o
IoENerGpiN4fzQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:41 2025 by rpki-client