Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
File: DT66aHPFtQdbPEOff-61SvHxDak.mft (raw, json)
Hash identifier: xsxCAEJ3bqvYE7ePIeg+eWpUUItKc9msaK3osERaZp4=
Subject key identifier: 57:47:82:8A:8F:0A:72:1E:04:89:ED:0D:0F:AA:42:F6:BD:A1:91:0E
Authority key identifier: 0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
Certificate issuer: /CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Certificate serial: 019A72259AFD8C7C970092C6D16581926AAD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
Manifest number: 1726
Signing time: Tue 11 Nov 2025 09:00:58 +0000
Manifest this update: Tue 11 Nov 2025 09:00:58 +0000
Manifest next update: Wed 12 Nov 2025 09:00:58 +0000
Files and hashes: 1: DT66aHPFtQdbPEOff-61SvHxDak.crl (hash: Oh/J/xvbwneglPe2zLTtDGKSdGb4Zr4BTuCAhMAeI9I=)
2: bJFxuWRTLDK11fnMj6JzG9bfGJc.roa (hash: GJmoaYMZlK46RmoyjMRGd4Icb8shLixbmKsjvQhxyu0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:9a:fd:8c:7c:97:00:92:c6:d1:65:81:92:6a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d3eba6873c5b5075b3c439f7feeb54af1f10da9
Validity
Not Before: Nov 11 09:00:58 2025 GMT
Not After : Nov 12 09:00:58 2025 GMT
Subject: CN=5747828a8f0a721e0489ed0d0faa42f6bda1910e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:a8:21:61:b4:fd:e1:94:2f:ab:51:90:51:f7:
4c:66:dc:4f:38:0a:e3:05:ce:dc:f1:90:58:e8:8c:
7d:ed:60:61:97:87:8f:80:76:6d:6a:d8:91:fe:69:
2d:9a:5b:37:65:36:c4:79:0b:c5:83:86:a3:ed:16:
f9:7a:0c:28:a5:f8:77:e1:47:95:62:d1:bc:fd:96:
65:80:2d:a6:5e:f9:b4:4a:9f:dc:cf:cd:78:68:a4:
5d:86:b3:b0:9e:c6:09:99:35:73:82:e0:15:c0:28:
a9:e4:54:39:2c:ee:0c:f5:53:22:40:0a:95:a4:ed:
96:8c:50:b7:ab:0e:75:f0:03:14:98:a6:2d:32:28:
89:e4:46:af:db:69:ab:4c:dd:10:bf:1f:5b:56:fe:
ef:86:ba:c9:e4:ae:38:d0:ac:12:42:49:7f:ac:45:
52:96:53:32:9a:b0:5a:50:be:0e:a7:b6:8b:fa:e4:
6a:75:f9:7b:07:df:f0:7c:83:2f:57:9d:1c:6c:59:
50:79:fd:68:2b:e2:22:06:ba:4d:8b:51:69:2e:92:
43:4e:c0:cb:f2:82:59:2a:c0:ec:60:af:96:4a:c3:
60:d9:96:2d:49:61:be:97:74:eb:91:f3:3a:f9:88:
6d:c9:c7:30:08:8d:5f:28:79:5e:76:62:f1:87:35:
65:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:47:82:8A:8F:0A:72:1E:04:89:ED:0D:0F:AA:42:F6:BD:A1:91:0E
X509v3 Authority Key Identifier:
keyid:0D:3E:BA:68:73:C5:B5:07:5B:3C:43:9F:7F:EE:B5:4A:F1:F1:0D:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DT66aHPFtQdbPEOff-61SvHxDak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/3383f1-0428-464b-bd1e-27998bf17465/1/DT66aHPFtQdbPEOff-61SvHxDak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:df:eb:18:11:75:2d:c1:38:56:62:c6:84:ee:ab:c9:f8:1b:
5b:68:da:e3:ae:4f:66:4c:dd:94:7b:3c:5f:ca:25:d7:3e:40:
56:97:d5:10:d8:a4:59:90:44:c3:14:3a:2e:fd:80:81:27:e0:
bf:b9:36:4c:67:ec:a7:84:f5:53:90:23:2a:13:9f:cb:cd:dd:
f3:f1:b6:16:96:2b:e5:97:11:52:c5:54:3d:b6:79:20:dd:34:
b6:1c:ab:10:db:fc:93:17:5b:2d:77:a8:6a:1c:50:11:cb:36:
46:15:b4:4b:78:a0:6f:b8:a2:a9:66:7f:eb:ab:ab:1f:4f:36:
2b:0a:68:39:c9:60:de:59:79:84:46:29:b7:40:7c:4b:bc:fd:
bf:47:91:7d:6d:88:2d:a1:be:3b:a1:37:f2:61:9a:c0:41:01:
65:6d:19:ef:c5:d5:4c:30:10:2c:3e:35:f7:e4:75:9e:a3:af:
cd:94:ff:6e:3c:f9:e6:3f:1f:d3:d4:32:df:1a:b9:d5:39:d9:
2b:93:aa:9e:96:6c:3c:dc:4c:4d:e9:aa:7e:3e:b2:2f:c5:3d:
f7:4a:37:b9:15:c6:f7:10:f7:62:d2:54:68:f1:7c:c5:c7:33:
32:4f:87:14:54:03:5e:27:d4:bf:bf:97:b3:6e:d1:89:2f:e4:
b1:67:ba:ab
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZr9jHyXAJLG0WWBkmqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkM2ViYTY4NzNjNWI1MDc1YjNjNDM5ZjdmZWViNTRhZjFm
MTBkYTkwHhcNMjUxMTExMDkwMDU4WhcNMjUxMTEyMDkwMDU4WjAzMTEwLwYDVQQD
Eyg1NzQ3ODI4YThmMGE3MjFlMDQ4OWVkMGQwZmFhNDJmNmJkYTE5MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5aghYbT94ZQvq1GQUfdMZtxPOArj
Bc7c8ZBY6Ix97WBhl4ePgHZtatiR/mktmls3ZTbEeQvFg4aj7Rb5egwopfh34UeV
YtG8/ZZlgC2mXvm0Sp/cz814aKRdhrOwnsYJmTVzguAVwCip5FQ5LO4M9VMiQAqV
pO2WjFC3qw518AMUmKYtMiiJ5Eav22mrTN0Qvx9bVv7vhrrJ5K440KwSQkl/rEVS
llMymrBaUL4Op7aL+uRqdfl7B9/wfIMvV50cbFlQef1oK+IiBrpNi1FpLpJDTsDL
8oJZKsDsYK+WSsNg2ZYtSWG+l3TrkfM6+YhtyccwCI1fKHledmLxhzVleQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFdHgoqPCnIeBIntDQ+qQva9oZEOMB8GA1UdIwQY
MBaAFA0+umhzxbUHWzxDn3/utUrx8Q2pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUt
Mjc5OThiZjE3NDY1LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8zMzgzZjEtMDQyOC00NjRiLWJkMWUtMjc5OThiZjE3NDY1
LzEvRFQ2NmFIUEZ0UWRiUEVPZmYtNjFTdkh4RGFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMd/rGBF1
LcE4VmLGhO6ryfgbW2ja465PZkzdlHs8X8ol1z5AVpfVENikWZBEwxQ6Lv2AgSfg
v7k2TGfsp4T1U5AjKhOfy83d8/G2FpYr5ZcRUsVUPbZ5IN00thyrENv8kxdbLXeo
ahxQEcs2RhW0S3igb7iiqWZ/66urH082KwpoOclg3ll5hEYpt0B8S7z9v0eRfW2I
LaG+O6E38mGawEEBZW0Z78XVTDAQLD419+R1nqOvzZT/bjz55j8f09Qy3xq51TnZ
K5OqnpZsPNxMTemqfj6yL8U990o3uRXG9xD3YtJUaPF8xcczMk+HFFQDXifUv7+X
s27RiS/ksWe6qw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:36:11 2025 by rpki-client