Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
File: so7x9PiCePTfGec-M4HOzXjgacE.mft (raw, json)
Hash identifier: JfOCbeh9riK4/ksA0o6LYTcApXWrnFdulg7GjvYtp9I=
Subject key identifier: EC:4E:65:1A:58:08:FA:73:CF:74:B8:B3:61:69:73:FF:EC:AE:C0:49
Authority key identifier: B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1
Certificate issuer: /CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1
Certificate serial: 019A7293306D730B7C426B16043425DB476E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
Manifest number: 03C8
Signing time: Tue 11 Nov 2025 11:00:40 +0000
Manifest this update: Tue 11 Nov 2025 11:00:40 +0000
Manifest next update: Wed 12 Nov 2025 11:00:40 +0000
Files and hashes: 1: ZWC54UPrMHyZ6gth2IDDnRYsMDY.roa (hash: 4Yk1QA2QugshfW9geeysUTQ4Sub4Aja/bv1m3JJnrLU=)
2: so7x9PiCePTfGec-M4HOzXjgacE.crl (hash: OcCJ3fSIAx6pN4LnlOuTHOUkdsAH8yz30LccJWRe2Tk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:30:6d:73:0b:7c:42:6b:16:04:34:25:db:47:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b28ef1f4f88278f4df19e73e3381cecd78e069c1
Validity
Not Before: Nov 11 11:00:40 2025 GMT
Not After : Nov 12 11:00:40 2025 GMT
Subject: CN=ec4e651a5808fa73cf74b8b3616973ffecaec049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f2:f2:36:92:bf:fe:b5:c3:36:e6:42:09:ba:
8a:2f:14:00:65:62:93:8c:9a:04:6e:4b:ff:91:c1:
48:40:b9:cd:4a:28:e1:3d:e8:fb:5a:1b:36:40:23:
62:32:19:ff:9e:19:f0:7e:1f:6e:7d:37:63:07:bf:
5a:19:0e:af:11:ba:55:96:66:b6:1e:2e:f4:86:36:
a3:60:a5:cc:42:02:bc:de:3c:b2:15:a0:f3:cd:7d:
d4:2e:a2:d2:31:7a:14:22:dc:cc:4a:32:59:8a:b5:
b9:17:30:13:fe:63:af:c6:0f:51:2e:09:22:77:0d:
65:13:f8:ec:93:4e:fd:e1:05:6b:fc:4e:8b:d4:72:
66:a6:63:ac:25:3f:ac:7c:da:56:d7:b0:3f:78:4c:
38:59:6e:68:2c:ac:df:d4:4f:c3:72:35:4c:6d:be:
1e:47:03:9f:2c:fe:41:60:bb:90:a0:80:3c:65:f1:
0f:ac:3e:2d:b7:36:26:8a:4a:09:09:2d:53:3d:4d:
4d:2f:85:85:bd:7c:1f:19:94:c6:1a:84:e3:9c:56:
7b:53:fc:cf:aa:6d:11:cb:a3:fa:88:72:6f:6f:47:
f7:0c:2d:d0:50:19:87:91:fa:a6:c3:66:71:e1:f2:
ac:ac:7e:c7:13:9d:1e:fa:1f:06:60:cf:82:fa:66:
dc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4E:65:1A:58:08:FA:73:CF:74:B8:B3:61:69:73:FF:EC:AE:C0:49
X509v3 Authority Key Identifier:
keyid:B2:8E:F1:F4:F8:82:78:F4:DF:19:E7:3E:33:81:CE:CD:78:E0:69:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/so7x9PiCePTfGec-M4HOzXjgacE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/1f051b-e735-49b8-bc6d-9ef0a59927b1/1/so7x9PiCePTfGec-M4HOzXjgacE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
44:22:ba:fe:06:5c:c2:a5:d5:fa:1d:72:25:5e:67:3a:a5:b8:
4f:58:d9:4b:bc:52:01:8f:01:b7:c8:b0:b8:bb:f9:83:33:e9:
97:7c:d5:7b:f9:fc:33:8e:8b:6d:34:14:bb:75:0e:ef:20:65:
d5:a5:36:16:8c:3d:f1:a6:63:69:34:fc:62:f1:3d:0d:7f:5a:
cb:95:54:93:41:96:e7:9c:48:8b:74:07:90:d3:a7:c9:47:f2:
96:0d:e2:31:1b:9f:00:9e:50:d8:7a:fa:46:80:7e:dc:bc:06:
28:4b:6a:80:8f:eb:aa:1e:df:f7:34:7e:c1:50:2e:40:ed:35:
6a:65:17:d5:80:23:58:3b:7c:70:c4:28:e2:04:90:45:09:38:
53:fa:e3:df:66:60:28:eb:e8:6f:10:db:9a:23:bb:f1:5e:89:
4d:a9:43:be:d8:4d:88:fe:3c:39:92:dc:97:66:79:7f:d7:bb:
45:6b:6e:2e:5b:ea:55:1b:3a:65:a7:10:4f:88:91:be:39:2d:
c9:0a:57:d4:14:3e:5c:ac:88:1b:5f:06:19:28:84:a3:04:de:
3f:3a:87:26:1e:79:27:87:58:1c:20:cc:99:dd:85:22:ba:db:
ab:82:4f:14:bc:ec:36:c1:f4:77:50:e2:6e:1b:db:04:54:65:
82:79:a3:81
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpykzBtcwt8QmsWBDQl20duMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOGVmMWY0Zjg4Mjc4ZjRkZjE5ZTczZTMzODFjZWNkNzhl
MDY5YzEwHhcNMjUxMTExMTEwMDQwWhcNMjUxMTEyMTEwMDQwWjAzMTEwLwYDVQQD
EyhlYzRlNjUxYTU4MDhmYTczY2Y3NGI4YjM2MTY5NzNmZmVjYWVjMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvLyNpK//rXDNuZCCbqKLxQAZWKT
jJoEbkv/kcFIQLnNSijhPej7Whs2QCNiMhn/nhnwfh9ufTdjB79aGQ6vEbpVlma2
Hi70hjajYKXMQgK83jyyFaDzzX3ULqLSMXoUItzMSjJZirW5FzAT/mOvxg9RLgki
dw1lE/jsk0794QVr/E6L1HJmpmOsJT+sfNpW17A/eEw4WW5oLKzf1E/DcjVMbb4e
RwOfLP5BYLuQoIA8ZfEPrD4ttzYmikoJCS1TPU1NL4WFvXwfGZTGGoTjnFZ7U/zP
qm0Ry6P6iHJvb0f3DC3QUBmHkfqmw2Zx4fKsrH7HE50e+h8GYM+C+mbcfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOxOZRpYCPpzz3S4s2Fpc//srsBJMB8GA1UdIwQY
MBaAFLKO8fT4gnj03xnnPjOBzs144GnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQt
OWVmMGE1OTkyN2IxLzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8xZjA1MWItZTczNS00OWI4LWJjNmQtOWVmMGE1OTkyN2Ix
LzEvc283eDlQaUNlUFRmR2VjLU00SE96WGpnYWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARCK6/gZc
wqXV+h1yJV5nOqW4T1jZS7xSAY8Bt8iwuLv5gzPpl3zVe/n8M46LbTQUu3UO7yBl
1aU2Fow98aZjaTT8YvE9DX9ay5VUk0GW55xIi3QHkNOnyUfylg3iMRufAJ5Q2Hr6
RoB+3LwGKEtqgI/rqh7f9zR+wVAuQO01amUX1YAjWDt8cMQo4gSQRQk4U/rj32Zg
KOvobxDbmiO78V6JTalDvthNiP48OZLcl2Z5f9e7RWtuLlvqVRs6ZacQT4iRvjkt
yQpX1BQ+XKyIG18GGSiEowTePzqHJh55J4dYHCDMmd2FIrrbq4JPFLzsNsH0d1Di
bhvbBFRlgnmjgQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:54 2025 by rpki-client