Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/bd75a2-fc6e-4a86-9edf-669909e11ce3/1/70Ku0OkbI9DNy_skrIObDb5qoEs.mft
File: 70Ku0OkbI9DNy_skrIObDb5qoEs.mft (raw, json)
Hash identifier: +k/miJ8xfqB1YNcSxtWmY4ySL4NKJnno9eHQdYqcDNk=
Subject key identifier: 2E:5E:4C:EA:CA:97:7C:E2:C3:B0:7D:B0:7D:7D:EB:58:93:0A:B9:1B
Authority key identifier: EF:42:AE:D0:E9:1B:23:D0:CD:CB:FB:24:AC:83:9B:0D:BE:6A:A0:4B
Certificate issuer: /CN=ef42aed0e91b23d0cdcbfb24ac839b0dbe6aa04b
Certificate serial: 019A730131A3290E4D2B080AC7F9B0B344FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/70Ku0OkbI9DNy_skrIObDb5qoEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/bd75a2-fc6e-4a86-9edf-669909e11ce3/1/70Ku0OkbI9DNy_skrIObDb5qoEs.mft
Manifest number: 0C95
Signing time: Tue 11 Nov 2025 13:00:49 +0000
Manifest this update: Tue 11 Nov 2025 13:00:49 +0000
Manifest next update: Wed 12 Nov 2025 13:00:49 +0000
Files and hashes: 1: 70Ku0OkbI9DNy_skrIObDb5qoEs.crl (hash: GuhEVbfMaTvXe1pokf4/+yl21ksTCflxXNxeotF9H70=)
2: FiLJrOB6VSbXcUW10ayq5u0-45c.roa (hash: SVzm6u7ARr2O1cZhcAUWJuayXj1RRfV/z3YIwyKiXZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/bd75a2-fc6e-4a86-9edf-669909e11ce3/1/70Ku0OkbI9DNy_skrIObDb5qoEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/bd75a2-fc6e-4a86-9edf-669909e11ce3/1/70Ku0OkbI9DNy_skrIObDb5qoEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/70Ku0OkbI9DNy_skrIObDb5qoEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:31:a3:29:0e:4d:2b:08:0a:c7:f9:b0:b3:44:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef42aed0e91b23d0cdcbfb24ac839b0dbe6aa04b
Validity
Not Before: Nov 11 13:00:49 2025 GMT
Not After : Nov 12 13:00:49 2025 GMT
Subject: CN=2e5e4ceaca977ce2c3b07db07d7deb58930ab91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:42:81:07:d3:8f:3f:a6:53:00:bf:74:d8:
57:51:a4:ed:d6:2b:d4:cf:12:cb:a2:16:88:38:1e:
df:b2:84:e3:27:35:4e:b2:b8:39:23:04:57:64:98:
e0:a6:09:e4:3e:ee:e4:5a:91:3a:be:a6:07:cb:b9:
04:36:06:fa:cc:02:9f:c0:fb:c8:fd:e7:ec:88:a4:
25:9c:c2:82:63:93:e4:61:7d:17:27:0c:31:d2:1a:
dc:18:d3:fc:57:24:1f:55:4e:ed:d0:8b:3e:d7:63:
f2:72:23:f0:0d:3c:93:f0:42:e7:7c:fd:52:9d:6e:
87:ff:50:c2:ff:50:1b:1e:99:13:9f:3f:ee:5d:45:
85:4d:5b:b9:82:bd:58:b2:78:86:7e:4b:1d:18:c2:
c5:74:6a:8a:49:4a:85:31:79:2f:81:f3:67:b1:e1:
85:cd:ba:83:f2:96:b7:46:41:85:22:fe:c4:67:f2:
3a:40:39:19:bc:47:69:07:19:21:63:3c:e7:ed:6b:
2c:9c:69:2b:16:1c:b4:a5:74:4c:ff:99:1e:07:9d:
7b:25:4a:76:ec:49:43:ad:94:d0:ec:d7:d8:ed:49:
10:fc:42:b2:2a:38:d4:49:7a:4e:ec:32:01:70:1b:
60:e3:68:78:c1:be:fd:6e:bd:fb:f2:bc:6f:fc:da:
9e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:5E:4C:EA:CA:97:7C:E2:C3:B0:7D:B0:7D:7D:EB:58:93:0A:B9:1B
X509v3 Authority Key Identifier:
keyid:EF:42:AE:D0:E9:1B:23:D0:CD:CB:FB:24:AC:83:9B:0D:BE:6A:A0:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/70Ku0OkbI9DNy_skrIObDb5qoEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/bd75a2-fc6e-4a86-9edf-669909e11ce3/1/70Ku0OkbI9DNy_skrIObDb5qoEs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/bd75a2-fc6e-4a86-9edf-669909e11ce3/1/70Ku0OkbI9DNy_skrIObDb5qoEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ae:d2:b1:5f:f1:13:6d:13:c3:ae:ce:db:09:0f:37:3c:99:fc:
63:ec:82:ba:14:d4:04:3d:2b:3d:a0:9a:4e:cf:0d:d9:32:d2:
82:14:19:f8:52:65:5e:c6:99:38:b5:7f:df:da:a1:30:6d:81:
2d:70:0b:e2:ce:9e:14:c6:e0:24:b8:f0:48:27:79:f7:b2:40:
83:2e:b0:39:a9:c4:e0:07:00:b1:6e:f9:a2:7a:16:37:de:41:
71:60:97:34:bf:79:90:2a:49:95:69:a2:d5:72:43:fa:66:3a:
3d:1f:33:8d:f8:64:f1:ec:39:8b:7f:be:af:e7:7b:9e:8b:0c:
00:d6:e1:c8:7b:d1:47:cf:d1:18:a9:1b:98:a7:47:0a:f1:e2:
30:ca:60:73:ce:87:f5:5d:54:7d:5b:3e:d5:3e:26:14:a9:4f:
54:4c:02:55:91:72:75:9f:65:5d:73:86:55:25:53:0f:58:f4:
de:7b:37:58:66:cf:74:8f:f4:82:60:fb:da:e2:5b:3c:22:62:
a2:56:8a:68:34:15:bb:8e:98:06:a6:32:b7:f7:ad:99:a1:3c:
01:fc:44:f8:21:bd:5d:e2:e2:b7:42:5f:79:98:3d:16:c3:81:
25:70:06:db:9e:e9:a4:e5:af:b8:32:e3:36:94:b0:92:62:3c:
15:a3:62:62
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzATGjKQ5NKwgKx/mws0T6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNDJhZWQwZTkxYjIzZDBjZGNiZmIyNGFjODM5YjBkYmU2
YWEwNGIwHhcNMjUxMTExMTMwMDQ5WhcNMjUxMTEyMTMwMDQ5WjAzMTEwLwYDVQQD
EygyZTVlNGNlYWNhOTc3Y2UyYzNiMDdkYjA3ZDdkZWI1ODkzMGFiOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+dCgQfTjz+mUwC/dNhXUaTt1ivU
zxLLohaIOB7fsoTjJzVOsrg5IwRXZJjgpgnkPu7kWpE6vqYHy7kENgb6zAKfwPvI
/efsiKQlnMKCY5PkYX0XJwwx0hrcGNP8VyQfVU7t0Is+12PyciPwDTyT8ELnfP1S
nW6H/1DC/1AbHpkTnz/uXUWFTVu5gr1YsniGfksdGMLFdGqKSUqFMXkvgfNnseGF
zbqD8pa3RkGFIv7EZ/I6QDkZvEdpBxkhYzzn7WssnGkrFhy0pXRM/5keB517JUp2
7ElDrZTQ7NfY7UkQ/EKyKjjUSXpO7DIBcBtg42h4wb79br378rxv/NqeXwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC5eTOrKl3ziw7B9sH1961iTCrkbMB8GA1UdIwQY
MBaAFO9CrtDpGyPQzcv7JKyDmw2+aqBLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzBLdTBPa2JJOUROeV9za3JJT2JEYjVxb0VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9iZDc1YTItZmM2ZS00YTg2LTllZGYt
NjY5OTA5ZTExY2UzLzEvNzBLdTBPa2JJOUROeV9za3JJT2JEYjVxb0VzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9iZDc1YTItZmM2ZS00YTg2LTllZGYtNjY5OTA5ZTExY2Uz
LzEvNzBLdTBPa2JJOUROeV9za3JJT2JEYjVxb0VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArtKxX/ET
bRPDrs7bCQ83PJn8Y+yCuhTUBD0rPaCaTs8N2TLSghQZ+FJlXsaZOLV/39qhMG2B
LXAL4s6eFMbgJLjwSCd597JAgy6wOanE4AcAsW75onoWN95BcWCXNL95kCpJlWmi
1XJD+mY6PR8zjfhk8ew5i3++r+d7nosMANbhyHvRR8/RGKkbmKdHCvHiMMpgc86H
9V1UfVs+1T4mFKlPVEwCVZFydZ9lXXOGVSVTD1j03ns3WGbPdI/0gmD72uJbPCJi
olaKaDQVu46YBqYyt/etmaE8AfxE+CG9XeLit0JfeZg9FsOBJXAG257ppOWvuDLj
NpSwkmI8FaNiYg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:46:48 2025 by rpki-client