Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json)
Hash identifier: AchE+yVgMozF71lbtBomrGIOx4YEI/FR4lrJR7emqHg=
Subject key identifier: 20:8D:A6:FD:DE:54:36:A2:1F:BE:86:8D:C8:BC:65:E2:B9:5D:AC:60
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 019A70DC45017B4C88B77ED1B381B4815EFC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
Manifest number: 0B0F
Signing time: Tue 11 Nov 2025 03:01:14 +0000
Manifest this update: Tue 11 Nov 2025 03:01:14 +0000
Manifest next update: Wed 12 Nov 2025 03:01:14 +0000
Files and hashes: 1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: tjavAAbt6aBKxdaW9GyIVVGmGFXklEN56wfskfR3dfA=)
2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:45:01:7b:4c:88:b7:7e:d1:b3:81:b4:81:5e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Nov 11 03:01:14 2025 GMT
Not After : Nov 12 03:01:14 2025 GMT
Subject: CN=208da6fdde5436a21fbe868dc8bc65e2b95dac60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:97:de:55:e9:56:44:cf:52:96:91:b4:da:1d:
d0:94:26:e3:18:56:83:67:9b:da:84:0a:67:80:6d:
fe:06:a8:03:34:c3:7c:d0:2e:0e:bb:ce:8b:ca:0a:
db:0b:fc:de:dc:00:dc:85:3d:7f:43:17:2b:aa:11:
cf:50:b2:f4:82:ec:46:e5:f3:c8:9a:17:8b:77:f3:
cf:d0:5b:6b:a8:f2:1e:aa:e2:3a:0e:54:f5:24:9f:
64:c1:5a:5c:16:e9:42:38:4e:42:ad:26:42:70:1d:
41:1d:aa:8f:7d:8f:d3:55:99:f8:e1:5b:ba:a7:2b:
85:02:20:a0:d3:bc:19:8c:c6:26:9a:0f:cc:12:e3:
2e:e2:bb:7c:bd:64:63:a2:59:3d:75:40:ea:e5:9d:
41:8b:f9:ee:de:e6:b2:cf:97:20:37:a0:fb:2d:06:
3f:11:d2:c3:40:2e:2d:28:3b:80:90:07:12:13:ca:
c0:3b:bb:5a:be:1c:1f:b5:0b:bb:5d:ac:99:db:ab:
f5:58:ae:a7:c8:36:65:60:04:3a:50:47:8c:1c:5c:
bb:8b:46:b3:66:3d:00:b1:07:39:20:e1:55:b1:41:
6e:14:bf:60:43:1a:5f:02:76:00:a7:be:07:71:19:
31:44:04:2c:5b:af:99:df:f3:33:a7:34:c7:36:c3:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:8D:A6:FD:DE:54:36:A2:1F:BE:86:8D:C8:BC:65:E2:B9:5D:AC:60
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
53:a0:bf:16:1d:8f:31:fe:36:26:30:45:a1:c6:c0:76:ea:8d:
2b:3f:14:bc:4a:9f:59:4d:38:a3:52:6d:67:13:d8:b8:92:f5:
42:08:b5:ef:bd:46:10:75:60:e5:a7:9b:0d:43:73:57:9c:08:
55:89:23:f7:a5:b5:fd:4a:08:d6:03:d3:bf:9f:53:63:20:65:
9c:f2:33:08:c0:33:03:79:4e:45:34:b6:7c:93:1b:8b:01:e5:
78:6c:db:7b:d1:74:41:c3:14:17:80:ee:99:fa:c1:8c:af:af:
ef:23:d9:9a:64:5e:3e:1a:59:39:6f:76:6e:6c:c4:67:17:88:
6b:80:5c:24:97:ab:c0:8d:5d:6e:9b:0f:c1:a6:1d:8f:23:06:
33:7e:65:1a:99:94:1e:88:72:2f:aa:68:67:05:b6:53:b1:dc:
5b:45:ca:d1:fe:27:3e:ac:e1:b6:a7:1c:5c:47:66:e9:08:9f:
65:06:73:1f:f1:56:95:7d:c2:ce:08:2d:d9:40:b7:9b:16:ce:
52:60:2d:69:b2:19:cd:6d:c1:87:6d:1f:01:db:df:8e:ec:65:
ea:66:92:f9:8a:91:35:39:fc:de:6a:18:72:a5:79:e2:fb:c0:
ba:f8:8c:e1:74:0d:7d:35:94:42:27:bb:1f:7b:dd:43:3f:bd:
2f:72:69:24
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3EUBe0yIt37Rs4G0gV78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjUxMTExMDMwMTE0WhcNMjUxMTEyMDMwMTE0WjAzMTEwLwYDVQQD
EygyMDhkYTZmZGRlNTQzNmEyMWZiZTg2OGRjOGJjNjVlMmI5NWRhYzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpfeVelWRM9SlpG02h3QlCbjGFaD
Z5vahApngG3+BqgDNMN80C4Ou86LygrbC/ze3ADchT1/QxcrqhHPULL0guxG5fPI
mheLd/PP0FtrqPIequI6DlT1JJ9kwVpcFulCOE5CrSZCcB1BHaqPfY/TVZn44Vu6
pyuFAiCg07wZjMYmmg/MEuMu4rt8vWRjolk9dUDq5Z1Bi/nu3uayz5cgN6D7LQY/
EdLDQC4tKDuAkAcSE8rAO7tavhwftQu7XayZ26v1WK6nyDZlYAQ6UEeMHFy7i0az
Zj0AsQc5IOFVsUFuFL9gQxpfAnYAp74HcRkxRAQsW6+Z3/MzpzTHNsNEGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCNpv3eVDaiH76Gjci8ZeK5XaxgMB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU6C/Fh2P
Mf42JjBFocbAduqNKz8UvEqfWU04o1JtZxPYuJL1Qgi1771GEHVg5aebDUNzV5wI
VYkj96W1/UoI1gPTv59TYyBlnPIzCMAzA3lORTS2fJMbiwHleGzbe9F0QcMUF4Du
mfrBjK+v7yPZmmRePhpZOW92bmzEZxeIa4BcJJerwI1dbpsPwaYdjyMGM35lGpmU
HohyL6poZwW2U7HcW0XK0f4nPqzhtqccXEdm6QifZQZzH/FWlX3Czggt2UC3mxbO
UmAtabIZzW3Bh20fAdvfjuxl6maS+YqRNTn83moYcqV54vvAuviM4XQNfTWUQie7
H3vdQz+9L3JpJA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:25 2025 by rpki-client