Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json)
Hash identifier: kBqggUHp+URF7aqZ+0IeSvmETitk8Z5FtXdIDZPK3fk=
Subject key identifier: 33:21:C7:2F:C1:28:B0:93:A0:59:D8:9B:0E:F7:9A:DA:05:88:15:36
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 019A70DC8149E907C62DDAC438808FA3F232
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
Manifest number: 03A8
Signing time: Tue 11 Nov 2025 03:01:30 +0000
Manifest this update: Tue 11 Nov 2025 03:01:30 +0000
Manifest next update: Wed 12 Nov 2025 03:01:30 +0000
Files and hashes: 1: 5jBhyCclhjBWCSh1O-0WT6aKzvs.roa (hash: MRjgNDdW46vQb+SgK5+muMmigtF72q9wmhV3HqxuIuc=)
2: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: wU/H2GL1ATLUfoIdK30+M8ET3TB2/z6hbAXu4YbZN3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:81:49:e9:07:c6:2d:da:c4:38:80:8f:a3:f2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: Nov 11 03:01:30 2025 GMT
Not After : Nov 12 03:01:30 2025 GMT
Subject: CN=3321c72fc128b093a059d89b0ef79ada05881536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a8:3e:f8:17:15:8d:68:90:51:76:ed:3c:e1:
2d:1c:64:37:7d:b5:92:04:ec:d5:0d:cc:dc:8c:d1:
e0:cb:9a:ec:18:43:1d:68:90:2b:02:98:63:4e:43:
c6:0f:43:e6:1d:a8:28:0b:73:b9:54:97:f4:7e:8e:
37:eb:2f:9a:0b:84:13:84:66:10:8f:6d:b8:07:f1:
76:8c:88:a3:07:16:81:4d:b4:f3:ff:a9:e1:c4:3f:
15:5a:f7:93:9f:8c:03:b6:f9:d8:fa:42:b3:9b:19:
51:11:86:6c:78:b9:f1:51:24:54:a6:0a:b4:dc:d2:
b0:1b:7b:2d:1a:69:56:ac:fd:d6:c3:81:6b:69:d3:
57:26:f0:3c:b8:dc:74:a4:22:5e:56:51:66:18:9b:
ec:d3:6a:2d:26:7a:53:7c:33:e8:aa:07:f3:08:f3:
9e:20:37:21:79:ca:22:90:82:aa:29:c4:db:17:ae:
54:70:f4:63:0d:28:23:14:f2:f4:e5:1a:3d:60:72:
bb:3d:e5:53:fb:02:c4:e4:d6:19:1f:9f:6a:64:d5:
9a:ed:7e:26:88:6a:cd:a2:c5:36:98:cc:c5:59:b5:
c8:ce:8a:b1:fa:e0:90:45:3a:81:64:23:db:22:ea:
7a:fb:7e:ed:f7:bb:c5:47:f5:b2:cc:01:aa:6a:40:
45:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:21:C7:2F:C1:28:B0:93:A0:59:D8:9B:0E:F7:9A:DA:05:88:15:36
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:c6:79:ca:30:f9:b2:e0:c4:e7:2a:f4:49:ad:d6:be:98:19:
a3:cf:07:da:8b:74:a8:1a:bd:4e:bc:55:76:6c:97:5d:c9:cb:
94:58:23:65:fa:c4:b7:3a:9c:83:04:ae:fd:ba:f0:7e:40:e0:
02:d9:18:30:62:49:aa:0c:5a:59:22:66:94:b0:a0:8c:cf:73:
48:16:74:cb:a1:72:21:97:47:20:4c:7e:98:7b:03:5c:3b:57:
53:3f:88:5f:e1:54:70:38:64:3e:58:f7:d4:9c:e5:71:b8:0f:
56:2c:81:af:31:a0:4e:02:68:5b:17:33:97:1d:a4:a7:62:02:
a2:0c:73:92:b8:d8:af:66:13:2f:6a:c8:1e:9a:e8:f7:2c:0f:
66:04:58:18:f8:e1:10:5e:fe:1e:51:71:f9:c6:24:0b:64:6a:
99:5e:47:e9:bb:ce:90:f1:a5:51:9a:d8:5c:1e:62:4c:0e:bd:
e6:39:e2:82:b9:f2:3f:cd:76:06:75:c2:0f:c7:39:03:b8:84:
11:8c:c5:9c:f4:d5:4e:b1:17:a3:2c:f7:04:0b:fe:29:bc:cb:
f3:cd:29:82:3d:08:d0:ff:76:cd:44:10:56:d0:7e:9a:e1:21:
b0:be:12:43:d0:5d:b0:d8:e6:af:af:b6:12:27:69:f1:69:74:
92:76:b1:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3IFJ6QfGLdrEOICPo/IyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjUxMTExMDMwMTMwWhcNMjUxMTEyMDMwMTMwWjAzMTEwLwYDVQQD
EygzMzIxYzcyZmMxMjhiMDkzYTA1OWQ4OWIwZWY3OWFkYTA1ODgxNTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoag++BcVjWiQUXbtPOEtHGQ3fbWS
BOzVDczcjNHgy5rsGEMdaJArAphjTkPGD0PmHagoC3O5VJf0fo436y+aC4QThGYQ
j224B/F2jIijBxaBTbTz/6nhxD8VWveTn4wDtvnY+kKzmxlREYZseLnxUSRUpgq0
3NKwG3stGmlWrP3Ww4FradNXJvA8uNx0pCJeVlFmGJvs02otJnpTfDPoqgfzCPOe
IDchecoikIKqKcTbF65UcPRjDSgjFPL05Ro9YHK7PeVT+wLE5NYZH59qZNWa7X4m
iGrNosU2mMzFWbXIzoqx+uCQRTqBZCPbIup6+37t97vFR/WyzAGqakBF1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDMhxy/BKLCToFnYmw73mtoFiBU2MB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJcZ5yjD5
suDE5yr0Sa3WvpgZo88H2ot0qBq9TrxVdmyXXcnLlFgjZfrEtzqcgwSu/brwfkDg
AtkYMGJJqgxaWSJmlLCgjM9zSBZ0y6FyIZdHIEx+mHsDXDtXUz+IX+FUcDhkPlj3
1JzlcbgPViyBrzGgTgJoWxczlx2kp2ICogxzkrjYr2YTL2rIHpro9ywPZgRYGPjh
EF7+HlFx+cYkC2RqmV5H6bvOkPGlUZrYXB5iTA695jnigrnyP812BnXCD8c5A7iE
EYzFnPTVTrEXoyz3BAv+KbzL880pgj0I0P92zUQQVtB+muEhsL4SQ9BdsNjmr6+2
Eidp8Wl0knaxNA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:34:56 2025 by rpki-client