Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
File: MFxE6MlhoUUNCqshLw3scX0d77Y.mft (raw, json)
Hash identifier: uqfSam1K0/qbkGzUY/SP/Veq3M/OkpQb7nE3/hXFBHg=
Subject key identifier: 11:47:27:3D:91:88:08:8F:C8:F3:24:4E:4F:56:0B:AD:98:97:10:AC
Authority key identifier: 30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6
Certificate issuer: /CN=305c44e8c961a1450d0aab212f0dec717d1defb6
Certificate serial: 019A71B8FF68D713369AF73626B408DAE09F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 07:02:20 +0000
Manifest this update: Tue 11 Nov 2025 07:02:20 +0000
Manifest next update: Wed 12 Nov 2025 07:02:20 +0000
Files and hashes: 1: MFxE6MlhoUUNCqshLw3scX0d77Y.crl (hash: 36tLcO0DfjJi2oxpVCCaQZx2MUL0hbTDKitQZsuiVck=)
2: mJgdj-dzJHYIwfc18P0iKUu6K8Q.roa (hash: BwFiGax6tDOHoiiFhGtxEO6XUIlUJlP+Zm+e5NhOWpg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:ff:68:d7:13:36:9a:f7:36:26:b4:08:da:e0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=305c44e8c961a1450d0aab212f0dec717d1defb6
Validity
Not Before: Nov 11 07:02:20 2025 GMT
Not After : Nov 12 07:02:20 2025 GMT
Subject: CN=1147273d9188088fc8f3244e4f560bad989710ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8f:14:1d:e1:2e:5f:ae:ec:34:cc:4a:26:71:
ab:a3:d5:e9:55:73:9e:f8:30:30:2b:90:53:ad:c9:
62:7c:14:d5:b2:9c:98:d2:f8:2a:cc:94:8e:69:96:
a6:a3:50:fc:61:1f:00:1e:92:81:91:0b:c6:9e:29:
3d:24:fc:c4:6d:53:c0:96:a5:65:98:f5:6a:1e:6a:
1a:6c:98:02:e9:41:51:47:92:50:c5:66:f6:b1:ae:
90:52:4d:9c:24:7c:46:3c:7b:1e:02:af:c5:9f:c0:
67:3d:42:b5:e0:5b:19:7a:52:8b:ba:4a:b8:df:18:
50:12:06:35:8a:0f:14:ef:b0:47:90:43:38:e5:2a:
bf:49:ab:8b:5f:0d:dc:b6:76:e3:bc:40:61:03:6e:
00:02:c9:e0:12:a1:e0:f6:82:bf:26:ec:e3:ad:91:
86:38:9b:bc:20:bb:d1:bd:c4:39:8e:b2:57:83:13:
ab:ce:fe:08:fb:e5:e6:1a:53:e6:b0:84:4e:14:f7:
64:cf:61:ab:e3:79:b9:12:0d:ed:50:24:46:b4:58:
93:42:38:bd:76:3c:fe:fc:cf:91:0a:7f:fa:d6:ea:
db:56:d0:c6:55:f9:01:29:bd:ef:ca:d3:54:35:15:
26:df:d7:69:93:fe:ec:37:96:5f:c6:06:c7:5c:33:
58:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:47:27:3D:91:88:08:8F:C8:F3:24:4E:4F:56:0B:AD:98:97:10:AC
X509v3 Authority Key Identifier:
keyid:30:5C:44:E8:C9:61:A1:45:0D:0A:AB:21:2F:0D:EC:71:7D:1D:EF:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MFxE6MlhoUUNCqshLw3scX0d77Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2820d1-fd20-4889-834f-d527ce0d9930/1/MFxE6MlhoUUNCqshLw3scX0d77Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:fa:e2:b9:87:31:35:d0:06:18:74:a6:74:f4:d9:89:b3:32:
b6:fe:ed:0e:96:c7:74:14:5f:53:e7:64:87:44:25:63:5b:f0:
7a:9d:15:cc:07:ec:43:d2:c8:95:fc:97:6a:37:5d:f9:78:09:
8b:e1:26:ff:2c:b4:f4:04:80:38:1b:f3:f0:e3:4c:63:46:30:
91:af:e6:aa:e9:f3:e8:84:73:aa:c6:ae:a7:78:0d:d5:66:87:
78:d7:f7:05:1c:d5:fa:7c:2e:ea:e3:de:c0:7d:fe:4a:66:d1:
35:26:cf:20:36:da:33:13:dc:5e:d5:37:bf:b0:5a:a2:9d:d2:
52:44:9a:42:9a:f6:e9:9d:3c:9a:58:e7:99:41:c9:ef:7f:0a:
74:b0:e5:96:0c:b0:b3:ed:ef:8d:59:32:75:e9:9b:3c:5f:ed:
62:41:84:1e:89:ec:2f:ee:a6:d5:3d:2e:91:39:f1:f8:24:48:
ef:dc:5e:e8:e2:55:ed:25:15:56:2c:11:b8:bc:77:93:9d:13:
61:66:87:c7:85:cd:72:c5:b8:de:0c:b7:fe:4d:c6:38:6f:64:
d5:c4:4f:5a:1e:b0:08:99:23:64:6d:ac:c2:cb:a5:da:80:81:
c5:a7:18:f2:32:2e:18:36:be:ac:1c:c1:c5:73:fa:25:26:6a:
3b:6f:15:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuP9o1xM2mvc2JrQI2uCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNWM0NGU4Yzk2MWExNDUwZDBhYWIyMTJmMGRlYzcxN2Qx
ZGVmYjYwHhcNMjUxMTExMDcwMjIwWhcNMjUxMTEyMDcwMjIwWjAzMTEwLwYDVQQD
EygxMTQ3MjczZDkxODgwODhmYzhmMzI0NGU0ZjU2MGJhZDk4OTcxMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o8UHeEuX67sNMxKJnGro9XpVXOe
+DAwK5BTrclifBTVspyY0vgqzJSOaZamo1D8YR8AHpKBkQvGnik9JPzEbVPAlqVl
mPVqHmoabJgC6UFRR5JQxWb2sa6QUk2cJHxGPHseAq/Fn8BnPUK14FsZelKLukq4
3xhQEgY1ig8U77BHkEM45Sq/SauLXw3ctnbjvEBhA24AAsngEqHg9oK/JuzjrZGG
OJu8ILvRvcQ5jrJXgxOrzv4I++XmGlPmsIROFPdkz2Gr43m5Eg3tUCRGtFiTQji9
djz+/M+RCn/61urbVtDGVfkBKb3vytNUNRUm39dpk/7sN5ZfxgbHXDNY3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBFHJz2RiAiPyPMkTk9WC62YlxCsMB8GA1UdIwQY
MBaAFDBcROjJYaFFDQqrIS8N7HF9He+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYt
ZDUyN2NlMGQ5OTMwLzEvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8yODIwZDEtZmQyMC00ODg5LTgzNGYtZDUyN2NlMGQ5OTMw
LzEvTUZ4RTZNbGhvVVVOQ3FzaEx3M3NjWDBkNzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFPriuYcx
NdAGGHSmdPTZibMytv7tDpbHdBRfU+dkh0QlY1vwep0VzAfsQ9LIlfyXajdd+XgJ
i+Em/yy09ASAOBvz8ONMY0Ywka/mqunz6IRzqsaup3gN1WaHeNf3BRzV+nwu6uPe
wH3+SmbRNSbPIDbaMxPcXtU3v7Baop3SUkSaQpr26Z08mljnmUHJ738KdLDllgyw
s+3vjVkydembPF/tYkGEHonsL+6m1T0ukTnx+CRI79xe6OJV7SUVViwRuLx3k50T
YWaHx4XNcsW43gy3/k3GOG9k1cRPWh6wCJkjZG2swsul2oCBxacY8jIuGDa+rBzB
xXP6JSZqO28VMg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:15 2025 by rpki-client