Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.mft
File: 1ftSajPzZqqJRhiOXTJr3ORuLEA.mft (raw, json)
Hash identifier: 5iLXtRWYzoTUURimvOk3qorbbdpiJQjooaMgSq+uOdI=
Subject key identifier: 08:7E:B4:11:38:1B:95:94:CC:9E:C4:1A:6A:39:9D:76:1C:66:5B:26
Authority key identifier: D5:FB:52:6A:33:F3:66:AA:89:46:18:8E:5D:32:6B:DC:E4:6E:2C:40
Certificate issuer: /CN=d5fb526a33f366aa8946188e5d326bdce46e2c40
Certificate serial: 019A72257BA122C012B6FFE8F38D2AB75D88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.mft
Manifest number: 0989
Signing time: Tue 11 Nov 2025 09:00:50 +0000
Manifest this update: Tue 11 Nov 2025 09:00:50 +0000
Manifest next update: Wed 12 Nov 2025 09:00:50 +0000
Files and hashes: 1: 1ftSajPzZqqJRhiOXTJr3ORuLEA.crl (hash: ysOznZFLJVpAgh4lRVUB+vZ3adftW8PIBu9DAo2zi2s=)
2: qfUgWmjDBIJJxDCL7jiouOIMq6E.roa (hash: 8LoPzts8EEAcumqZ7LuONp4lduak/H5FziwN8+pOFJE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7b:a1:22:c0:12:b6:ff:e8:f3:8d:2a:b7:5d:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5fb526a33f366aa8946188e5d326bdce46e2c40
Validity
Not Before: Nov 11 09:00:50 2025 GMT
Not After : Nov 12 09:00:50 2025 GMT
Subject: CN=087eb411381b9594cc9ec41a6a399d761c665b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:00:89:32:f9:06:d6:96:46:b8:b3:78:7b:bd:
bc:b1:fe:22:bd:17:fc:c4:fc:2c:10:8f:d4:ae:01:
44:7b:da:f5:05:0c:1b:f8:e7:2b:6d:84:55:b0:ff:
fc:41:48:f7:80:2f:f2:10:41:b8:42:cc:00:9a:5e:
48:d2:1b:82:29:2b:3d:f0:48:3b:3d:05:c5:88:69:
34:99:70:46:88:52:94:f1:e6:c4:45:67:b7:4d:32:
b2:10:fe:39:1b:6c:7a:7f:59:86:f6:95:bd:2f:9d:
14:b4:6b:12:66:a0:b8:49:56:0c:f8:10:fc:a6:61:
10:93:18:7a:0c:16:39:c4:f2:e9:39:5d:23:55:34:
58:ed:b8:a6:65:c6:f4:f5:1f:2e:eb:18:f1:06:ed:
12:a4:bc:37:1c:41:99:9a:86:83:3b:4a:bc:3e:f8:
b4:3c:d4:5c:aa:2a:4c:47:d2:d0:76:6e:f2:1c:f8:
8d:ef:16:58:64:e6:ce:38:3f:04:6d:0b:87:57:8f:
78:a4:34:9d:04:45:ad:58:be:e2:0b:c6:41:53:15:
4f:ce:9d:c0:72:56:86:d2:60:f8:d1:13:5f:72:c1:
0e:ec:54:9e:97:4f:d1:70:de:46:42:a9:66:27:bf:
e9:5f:16:a6:0d:2c:01:c9:67:a4:43:1a:42:fb:34:
3a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7E:B4:11:38:1B:95:94:CC:9E:C4:1A:6A:39:9D:76:1C:66:5B:26
X509v3 Authority Key Identifier:
keyid:D5:FB:52:6A:33:F3:66:AA:89:46:18:8E:5D:32:6B:DC:E4:6E:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ftSajPzZqqJRhiOXTJr3ORuLEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/4a27cb-8cd6-45cc-8246-0e9d3eca44c2/1/1ftSajPzZqqJRhiOXTJr3ORuLEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5b:71:c6:25:77:b0:a3:79:90:e7:32:b4:7c:bc:34:0f:1a:fc:
b1:d1:10:48:1c:34:7e:d1:d2:ad:35:96:2a:5d:ef:7f:45:2b:
75:a1:63:ab:11:d4:b3:0c:6a:bb:3d:af:78:ca:36:7d:db:d8:
c8:e9:a2:f0:b5:df:d3:e4:99:0b:a8:54:33:58:e1:e3:98:8d:
23:19:7c:80:37:d9:6a:eb:54:8a:79:5d:99:f1:88:24:c5:7e:
67:fc:07:08:86:b8:2e:0c:76:ce:2a:aa:e9:23:54:bd:2e:8d:
d0:74:92:1e:76:03:45:e0:3a:de:3c:82:66:f7:8f:a7:f6:7b:
7b:73:e2:c5:e4:56:bb:b0:1b:4a:86:0b:4a:f4:ed:04:88:8c:
eb:6e:fa:8f:b2:e5:ea:7f:36:40:93:14:1a:c4:66:d3:5f:d1:
69:a2:f5:94:df:81:82:f1:0e:ac:bd:cf:71:d0:cb:9b:8f:5c:
de:ab:19:bf:26:7c:5b:b7:dd:a7:70:f5:b2:fb:22:3c:68:5c:
62:8a:8c:41:be:0d:9a:f4:45:16:11:9f:45:4f:77:ac:7b:81:
bf:da:a2:69:44:20:7a:42:6c:eb:96:e8:e2:8a:9b:cd:de:2d:
6c:5f:9f:43:1b:71:b5:41:f5:9d:5d:47:55:e4:76:5b:64:59:
e7:3e:9f:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXuhIsAStv/o840qt12IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZmI1MjZhMzNmMzY2YWE4OTQ2MTg4ZTVkMzI2YmRjZTQ2
ZTJjNDAwHhcNMjUxMTExMDkwMDUwWhcNMjUxMTEyMDkwMDUwWjAzMTEwLwYDVQQD
EygwODdlYjQxMTM4MWI5NTk0Y2M5ZWM0MWE2YTM5OWQ3NjFjNjY1YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwCJMvkG1pZGuLN4e728sf4ivRf8
xPwsEI/UrgFEe9r1BQwb+OcrbYRVsP/8QUj3gC/yEEG4QswAml5I0huCKSs98Eg7
PQXFiGk0mXBGiFKU8ebERWe3TTKyEP45G2x6f1mG9pW9L50UtGsSZqC4SVYM+BD8
pmEQkxh6DBY5xPLpOV0jVTRY7bimZcb09R8u6xjxBu0SpLw3HEGZmoaDO0q8Pvi0
PNRcqipMR9LQdm7yHPiN7xZYZObOOD8EbQuHV494pDSdBEWtWL7iC8ZBUxVPzp3A
claG0mD40RNfcsEO7FSel0/RcN5GQqlmJ7/pXxamDSwByWekQxpC+zQ69QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAh+tBE4G5WUzJ7EGmo5nXYcZlsmMB8GA1UdIwQY
MBaAFNX7Umoz82aqiUYYjl0ya9zkbixAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80YTI3Y2ItOGNkNi00NWNjLTgyNDYt
MGU5ZDNlY2E0NGMyLzEvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80YTI3Y2ItOGNkNi00NWNjLTgyNDYtMGU5ZDNlY2E0NGMy
LzEvMWZ0U2FqUHpacXFKUmhpT1hUSnIzT1J1TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW3HGJXew
o3mQ5zK0fLw0Dxr8sdEQSBw0ftHSrTWWKl3vf0UrdaFjqxHUswxquz2veMo2fdvY
yOmi8LXf0+SZC6hUM1jh45iNIxl8gDfZautUinldmfGIJMV+Z/wHCIa4Lgx2ziqq
6SNUvS6N0HSSHnYDReA63jyCZvePp/Z7e3PixeRWu7AbSoYLSvTtBIiM6276j7Ll
6n82QJMUGsRm01/RaaL1lN+BgvEOrL3PcdDLm49c3qsZvyZ8W7fdp3D1svsiPGhc
YoqMQb4NmvRFFhGfRU93rHuBv9qiaUQgekJs65bo4oqbzd4tbF+fQxtxtUH1nV1H
VeR2W2RZ5z6fnQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:45:08 2025 by rpki-client