Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/5a6d3c-17da-44d3-a402-86236bac1308/1/0d2oMnacMWgfglaFFHNorzoR9vg.mft
File: 0d2oMnacMWgfglaFFHNorzoR9vg.mft (raw, json)
Hash identifier: riPLFnsWRc/TpA1NaIQ270zlD60osAELj9OU7ShXFO4=
Subject key identifier: F5:D9:B3:F6:2E:CD:0A:69:0F:76:C7:D1:40:F5:F5:69:92:E4:F3:94
Authority key identifier: D1:DD:A8:32:76:9C:31:68:1F:82:56:85:14:73:68:AF:3A:11:F6:F8
Certificate issuer: /CN=d1dda832769c31681f825685147368af3a11f6f8
Certificate serial: 019A71EEE1B11115C5F6717EA3E9299E6430
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0d2oMnacMWgfglaFFHNorzoR9vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/5a6d3c-17da-44d3-a402-86236bac1308/1/0d2oMnacMWgfglaFFHNorzoR9vg.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 08:01:11 +0000
Manifest this update: Tue 11 Nov 2025 08:01:11 +0000
Manifest next update: Wed 12 Nov 2025 08:01:11 +0000
Files and hashes: 1: 0d2oMnacMWgfglaFFHNorzoR9vg.crl (hash: UVozMSORsTtKUwbPOyVj466F5+hZjrkT11MJNKFF6tI=)
2: b7sNWlzHmaj36hpl7542OiFeLhk.roa (hash: r2LdfaqH2ThvketoRQBfUQ9ZRTad2+2P2sxQXJTCIiQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/5a6d3c-17da-44d3-a402-86236bac1308/1/0d2oMnacMWgfglaFFHNorzoR9vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/5a6d3c-17da-44d3-a402-86236bac1308/1/0d2oMnacMWgfglaFFHNorzoR9vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/0d2oMnacMWgfglaFFHNorzoR9vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:e1:b1:11:15:c5:f6:71:7e:a3:e9:29:9e:64:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1dda832769c31681f825685147368af3a11f6f8
Validity
Not Before: Nov 11 08:01:11 2025 GMT
Not After : Nov 12 08:01:11 2025 GMT
Subject: CN=f5d9b3f62ecd0a690f76c7d140f5f56992e4f394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:d8:87:99:e0:26:dc:d9:c8:ef:bb:82:cd:41:
0e:cc:70:ac:2b:e6:ca:6d:0a:91:79:b6:72:36:dd:
8f:02:6e:9f:94:bf:c6:15:2d:3a:ae:fe:c2:b2:fd:
d6:b4:10:ba:ff:84:4a:7f:3d:fb:7c:cb:0a:6a:43:
85:aa:f4:64:0a:69:0c:e8:ad:15:fa:35:06:1d:82:
fd:c7:0c:68:79:b6:92:1b:e2:b1:9a:54:3f:02:a8:
8d:d9:5d:34:18:59:d4:dc:02:61:4d:2d:0b:6c:8a:
46:14:d8:4b:e9:43:af:1e:7a:dc:b4:0a:d4:70:25:
54:40:3a:5d:d4:42:3e:14:4c:b4:48:73:6c:09:f2:
e0:20:7d:6c:42:c4:33:a9:21:f3:35:48:e8:36:45:
5a:df:c2:b1:0a:65:f7:6a:19:57:87:cf:12:0e:4e:
f3:e8:01:80:34:7a:0d:8f:ac:86:84:2b:7a:bf:f9:
4e:b3:62:51:9f:30:37:21:9f:3a:a8:fd:1d:24:50:
5a:12:67:e8:98:23:44:d9:51:a6:34:f4:f5:ae:89:
aa:5c:36:27:a0:6a:83:0c:9d:f9:d6:68:36:62:4c:
d4:65:df:ea:df:7c:d3:c8:71:12:04:be:10:72:35:
c6:90:51:84:26:94:13:c4:88:6f:bb:e5:6b:34:4d:
f2:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D9:B3:F6:2E:CD:0A:69:0F:76:C7:D1:40:F5:F5:69:92:E4:F3:94
X509v3 Authority Key Identifier:
keyid:D1:DD:A8:32:76:9C:31:68:1F:82:56:85:14:73:68:AF:3A:11:F6:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d2oMnacMWgfglaFFHNorzoR9vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a6d3c-17da-44d3-a402-86236bac1308/1/0d2oMnacMWgfglaFFHNorzoR9vg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/5a6d3c-17da-44d3-a402-86236bac1308/1/0d2oMnacMWgfglaFFHNorzoR9vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:26:9e:c4:97:2d:8a:29:a9:31:bd:5f:2e:6b:d9:3d:92:38:
96:3d:b3:5c:b7:43:2f:ce:8d:8e:c9:ac:1b:47:85:52:c6:29:
cd:62:f2:31:9f:aa:dd:f0:ae:96:da:82:e6:71:bc:e4:79:20:
e3:45:07:93:10:34:24:86:74:95:9b:af:08:7e:5c:ea:6b:ba:
40:1c:d0:9a:08:c4:0f:02:cb:d2:fb:4d:34:05:35:95:84:d5:
47:f1:e8:4b:98:64:60:ab:9b:6e:7c:90:f9:1d:67:44:d2:a0:
f6:52:67:45:ce:9e:3f:ba:90:66:12:7b:08:58:e0:90:0c:74:
d5:f5:da:2c:ac:0f:04:e7:d9:97:10:c4:67:fb:ce:14:1b:d2:
2e:cd:ab:8f:18:85:fc:90:56:7f:c4:c8:59:cd:ef:c4:1a:71:
48:11:32:45:13:3b:c8:dc:b0:98:75:55:cb:f6:77:0a:74:8a:
68:69:f9:ea:e8:7e:e5:ec:be:06:45:87:d0:31:ce:b0:ca:ba:
3b:81:95:0b:ec:93:80:3f:0d:71:b8:8d:f7:0c:9b:1d:08:0d:
69:6b:06:36:65:b4:43:5b:40:b9:b1:8e:6d:4e:de:77:83:10:
3e:bd:da:78:0e:b6:5a:05:33:07:7b:4b:74:9d:bd:81:ab:ea:
33:d0:a3:c0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7uGxERXF9nF+o+kpnmQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZGRhODMyNzY5YzMxNjgxZjgyNTY4NTE0NzM2OGFmM2Ex
MWY2ZjgwHhcNMjUxMTExMDgwMTExWhcNMjUxMTEyMDgwMTExWjAzMTEwLwYDVQQD
EyhmNWQ5YjNmNjJlY2QwYTY5MGY3NmM3ZDE0MGY1ZjU2OTkyZTRmMzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6diHmeAm3NnI77uCzUEOzHCsK+bK
bQqRebZyNt2PAm6flL/GFS06rv7Csv3WtBC6/4RKfz37fMsKakOFqvRkCmkM6K0V
+jUGHYL9xwxoebaSG+KxmlQ/AqiN2V00GFnU3AJhTS0LbIpGFNhL6UOvHnrctArU
cCVUQDpd1EI+FEy0SHNsCfLgIH1sQsQzqSHzNUjoNkVa38KxCmX3ahlXh88SDk7z
6AGANHoNj6yGhCt6v/lOs2JRnzA3IZ86qP0dJFBaEmfomCNE2VGmNPT1romqXDYn
oGqDDJ351mg2YkzUZd/q33zTyHESBL4QcjXGkFGEJpQTxIhvu+VrNE3ycwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXZs/YuzQppD3bH0UD19WmS5POUMB8GA1UdIwQY
MBaAFNHdqDJ2nDFoH4JWhRRzaK86Efb4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGQyb01uYWNNV2dmZ2xhRkZITm9yem9SOXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81YTZkM2MtMTdkYS00NGQzLWE0MDIt
ODYyMzZiYWMxMzA4LzEvMGQyb01uYWNNV2dmZ2xhRkZITm9yem9SOXZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81YTZkM2MtMTdkYS00NGQzLWE0MDItODYyMzZiYWMxMzA4
LzEvMGQyb01uYWNNV2dmZ2xhRkZITm9yem9SOXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACiaexJct
iimpMb1fLmvZPZI4lj2zXLdDL86NjsmsG0eFUsYpzWLyMZ+q3fCultqC5nG85Hkg
40UHkxA0JIZ0lZuvCH5c6mu6QBzQmgjEDwLL0vtNNAU1lYTVR/HoS5hkYKubbnyQ
+R1nRNKg9lJnRc6eP7qQZhJ7CFjgkAx01fXaLKwPBOfZlxDEZ/vOFBvSLs2rjxiF
/JBWf8TIWc3vxBpxSBEyRRM7yNywmHVVy/Z3CnSKaGn56uh+5ey+BkWH0DHOsMq6
O4GVC+yTgD8NcbiN9wybHQgNaWsGNmW0Q1tAubGObU7ed4MQPr3aeA62WgUzB3tL
dJ29gavqM9CjwA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:49:31 2025 by rpki-client