Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/8507be-e8d4-45e2-9ea9-1514fae15107/1/dK6PGUm6f0vCM-bCF6hBjKThEys.mft
File: dK6PGUm6f0vCM-bCF6hBjKThEys.mft (raw, json)
Hash identifier: GB7iO/vTcA+YuBpweYAVHqRtJKuuVZ46ZYDRFQrJ3Fs=
Subject key identifier: 5D:53:94:E9:E6:C0:31:C2:AF:BE:F4:41:87:4D:34:98:8A:5A:19:D0
Authority key identifier: 74:AE:8F:19:49:BA:7F:4B:C2:33:E6:C2:17:A8:41:8C:A4:E1:13:2B
Certificate issuer: /CN=74ae8f1949ba7f4bc233e6c217a8418ca4e1132b
Certificate serial: 019A71B80B50A331D8B34CD0F38B705D1D0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK6PGUm6f0vCM-bCF6hBjKThEys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/8507be-e8d4-45e2-9ea9-1514fae15107/1/dK6PGUm6f0vCM-bCF6hBjKThEys.mft
Manifest number: 4A
Signing time: Tue 11 Nov 2025 07:01:18 +0000
Manifest this update: Tue 11 Nov 2025 07:01:18 +0000
Manifest next update: Wed 12 Nov 2025 07:01:18 +0000
Files and hashes: 1: dK6PGUm6f0vCM-bCF6hBjKThEys.crl (hash: 2mVueZ7Yvra3V2B6fKXD8B/JX7vY+LF4sfU/X+Jial8=)
2: s5e-ZlSvSg6pPTZMod93h6uXFpI.roa (hash: OsYWmyTzqnpOCUuLjSbv55rjF6rP9l3X0fvalm8CtqY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/8507be-e8d4-45e2-9ea9-1514fae15107/1/dK6PGUm6f0vCM-bCF6hBjKThEys.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/8507be-e8d4-45e2-9ea9-1514fae15107/1/dK6PGUm6f0vCM-bCF6hBjKThEys.mft
rsync://rpki.ripe.net/repository/DEFAULT/dK6PGUm6f0vCM-bCF6hBjKThEys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:0b:50:a3:31:d8:b3:4c:d0:f3:8b:70:5d:1d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74ae8f1949ba7f4bc233e6c217a8418ca4e1132b
Validity
Not Before: Nov 11 07:01:18 2025 GMT
Not After : Nov 12 07:01:18 2025 GMT
Subject: CN=5d5394e9e6c031c2afbef441874d34988a5a19d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:11:83:13:e8:4f:31:94:2d:73:b4:f0:7d:dd:
8d:4c:a1:cf:91:1b:41:d9:d8:b7:ea:f3:d4:c6:72:
35:54:8a:dc:dc:09:c9:99:0c:2d:fd:32:0c:5c:d4:
8f:92:3b:7b:68:70:22:f4:57:42:2f:2b:d9:10:91:
c9:b4:85:46:25:f9:7c:c2:bb:d3:d5:fa:49:6f:a7:
4c:cd:83:4d:41:f2:83:ec:bb:57:d8:e1:78:b0:68:
57:25:40:b3:64:93:ef:6a:2d:c8:ac:a7:68:a3:cb:
2c:f1:04:43:12:2a:9c:5b:c5:16:ee:72:ab:d1:9d:
d4:be:70:01:4f:85:e4:11:b0:7e:8d:d7:27:1f:2f:
8a:89:e2:79:32:7a:70:a6:8b:d1:2c:b7:44:e5:45:
d0:42:4e:5a:42:d4:b3:fb:70:87:23:a0:c8:c5:2f:
9d:27:69:ea:aa:a2:14:0a:e1:c3:e2:01:a4:3c:22:
d4:3a:46:5b:6b:6f:5b:95:22:58:6e:24:af:5b:8d:
82:c5:ad:69:c7:1c:b3:70:28:11:58:86:97:81:4b:
0c:0c:8f:58:f6:0c:d3:94:a1:5a:39:5a:77:7e:b1:
10:fa:80:31:25:43:31:5d:f7:74:7c:53:cf:24:98:
51:f9:70:4e:fb:81:c0:0e:be:fa:6a:18:46:d0:e6:
49:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:53:94:E9:E6:C0:31:C2:AF:BE:F4:41:87:4D:34:98:8A:5A:19:D0
X509v3 Authority Key Identifier:
keyid:74:AE:8F:19:49:BA:7F:4B:C2:33:E6:C2:17:A8:41:8C:A4:E1:13:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK6PGUm6f0vCM-bCF6hBjKThEys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8507be-e8d4-45e2-9ea9-1514fae15107/1/dK6PGUm6f0vCM-bCF6hBjKThEys.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/8507be-e8d4-45e2-9ea9-1514fae15107/1/dK6PGUm6f0vCM-bCF6hBjKThEys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:84:97:fe:56:cb:fa:dc:5b:f1:46:fb:2c:78:59:51:fd:be:
d6:1e:0c:e1:d2:3e:07:92:20:60:18:73:0b:22:73:f7:99:b3:
84:b1:ae:7c:d0:19:72:94:fe:7d:7e:02:79:cf:cc:35:43:1f:
0f:7a:87:94:cd:3e:38:85:02:ef:9a:cd:17:97:1c:71:84:7e:
1a:73:63:51:61:6c:df:68:4c:8a:ee:c3:83:94:a4:98:87:74:
f5:b0:c8:01:17:4c:01:ae:23:ee:cf:32:04:51:30:bd:81:ff:
01:ec:5d:a5:f1:a0:ad:d2:1b:13:43:44:f5:12:95:c0:41:84:
97:ab:eb:8f:29:97:62:ef:84:43:09:35:f4:65:a6:67:d2:3f:
83:b1:fc:aa:52:35:bd:7d:e7:e7:72:40:46:de:8f:a7:dc:f5:
27:64:ed:29:5f:3a:3a:e6:fb:aa:5e:c4:3b:9f:4c:52:fe:6f:
32:9c:95:bb:a9:a5:20:f5:f5:18:14:8e:e8:d4:29:8f:9d:d9:
28:ed:f6:43:36:5e:6a:60:cf:f2:50:64:03:75:f1:d7:2e:9d:
8e:84:fd:ed:64:fd:b9:0e:72:7f:6e:e7:58:6f:a1:1d:4f:12:
52:ce:7e:2d:2f:48:23:4f:63:7e:ec:40:bc:3f:f6:c9:ba:c6:
ae:88:a6:90
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuAtQozHYs0zQ84twXR0LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWU4ZjE5NDliYTdmNGJjMjMzZTZjMjE3YTg0MThjYTRl
MTEzMmIwHhcNMjUxMTExMDcwMTE4WhcNMjUxMTEyMDcwMTE4WjAzMTEwLwYDVQQD
Eyg1ZDUzOTRlOWU2YzAzMWMyYWZiZWY0NDE4NzRkMzQ5ODhhNWExOWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhGDE+hPMZQtc7Twfd2NTKHPkRtB
2di36vPUxnI1VIrc3AnJmQwt/TIMXNSPkjt7aHAi9FdCLyvZEJHJtIVGJfl8wrvT
1fpJb6dMzYNNQfKD7LtX2OF4sGhXJUCzZJPvai3IrKdoo8ss8QRDEiqcW8UW7nKr
0Z3UvnABT4XkEbB+jdcnHy+KieJ5MnpwpovRLLdE5UXQQk5aQtSz+3CHI6DIxS+d
J2nqqqIUCuHD4gGkPCLUOkZba29blSJYbiSvW42Cxa1pxxyzcCgRWIaXgUsMDI9Y
9gzTlKFaOVp3frEQ+oAxJUMxXfd0fFPPJJhR+XBO+4HADr76ahhG0OZJaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF1TlOnmwDHCr770QYdNNJiKWhnQMB8GA1UdIwQY
MBaAFHSujxlJun9LwjPmwheoQYyk4RMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2UEdVbTZmMHZDTS1iQ0Y2aEJqS1RoRXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy84NTA3YmUtZThkNC00NWUyLTllYTkt
MTUxNGZhZTE1MTA3LzEvZEs2UEdVbTZmMHZDTS1iQ0Y2aEJqS1RoRXlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy84NTA3YmUtZThkNC00NWUyLTllYTktMTUxNGZhZTE1MTA3
LzEvZEs2UEdVbTZmMHZDTS1iQ0Y2aEJqS1RoRXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ4SX/lbL
+txb8Ub7LHhZUf2+1h4M4dI+B5IgYBhzCyJz95mzhLGufNAZcpT+fX4Cec/MNUMf
D3qHlM0+OIUC75rNF5cccYR+GnNjUWFs32hMiu7Dg5SkmId09bDIARdMAa4j7s8y
BFEwvYH/AexdpfGgrdIbE0NE9RKVwEGEl6vrjymXYu+EQwk19GWmZ9I/g7H8qlI1
vX3n53JARt6Pp9z1J2TtKV86Oub7ql7EO59MUv5vMpyVu6mlIPX1GBSO6NQpj53Z
KO32QzZeamDP8lBkA3Xx1y6djoT97WT9uQ5yf27nWG+hHU8SUs5+LS9II09jfuxA
vD/2ybrGroimkA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:13 2025 by rpki-client