Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
File: VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft (raw, json)
Hash identifier: Fg62RjT/7fBm5naQUJ/bkL61fKoj6eCiPJlkp74P4ck=
Subject key identifier: F2:AC:C1:0E:BC:F7:5F:AE:58:EA:8D:57:E6:25:65:0D:84:4F:5B:F2
Authority key identifier: 54:49:5A:2F:41:CD:10:5A:EF:06:F2:87:0A:76:33:98:01:ED:B9:0D
Certificate issuer: /CN=54495a2f41cd105aef06f2870a76339801edb90d
Certificate serial: 019A73DCEE04CA8D88B2F894259C189B7EA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VElaL0HNEFrvBvKHCnYzmAHtuQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
Manifest number: 030F
Signing time: Tue 11 Nov 2025 17:00:49 +0000
Manifest this update: Tue 11 Nov 2025 17:00:49 +0000
Manifest next update: Wed 12 Nov 2025 17:00:49 +0000
Files and hashes: 1: VElaL0HNEFrvBvKHCnYzmAHtuQ0.crl (hash: cMc4WBb4p77FiF9XMfsz/LYTbcv20jG0ZQMmE/sz8CE=)
2: iWKzGh5m2_oz6qvqBjoyFnizgxw.roa (hash: YVbdlpkB57bicqIuUwT2dIakABg210l0QU3avOsuQbo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/VElaL0HNEFrvBvKHCnYzmAHtuQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:dc:ee:04:ca:8d:88:b2:f8:94:25:9c:18:9b:7e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54495a2f41cd105aef06f2870a76339801edb90d
Validity
Not Before: Nov 11 17:00:49 2025 GMT
Not After : Nov 12 17:00:49 2025 GMT
Subject: CN=f2acc10ebcf75fae58ea8d57e625650d844f5bf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f4:64:b8:4c:81:36:f0:cb:f1:6d:34:a6:cf:
c9:5e:5e:6b:75:d1:ce:ad:72:1e:0f:dd:a9:35:e9:
ea:1e:18:c3:18:34:65:5a:bb:fa:13:b7:93:4c:41:
ec:b0:3c:f4:df:93:a6:84:64:af:86:dc:ef:2a:47:
39:c8:98:0f:4a:00:f0:ce:6a:fa:0e:4b:67:51:75:
c9:04:9f:b0:ea:91:4a:6b:88:59:e4:9e:1e:69:c5:
78:bf:2c:b2:41:63:06:30:7d:18:ea:68:62:de:df:
ec:d2:1b:a4:eb:69:0e:41:61:db:ee:9f:42:7f:e4:
23:c0:06:07:c7:4d:ab:d7:32:67:82:90:d5:80:de:
f3:37:37:b1:c1:6d:fa:1d:c0:4c:c0:85:85:84:af:
32:8f:33:f2:46:c8:0b:70:e9:2c:8f:06:87:72:18:
e3:c6:88:5e:86:2e:5c:0c:78:33:f9:eb:3b:18:76:
4c:2f:9f:6f:25:4a:97:29:fd:d4:98:9f:d9:da:35:
c5:cd:b1:ac:e6:f6:56:05:92:ca:b3:d8:27:de:67:
20:24:30:c2:b5:51:ed:66:76:0d:b5:ae:1c:4a:35:
7c:8b:eb:a1:7f:47:02:2f:81:46:30:38:39:da:95:
ec:64:06:ac:d6:bd:35:49:f0:49:bd:a8:2b:b1:34:
4c:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:AC:C1:0E:BC:F7:5F:AE:58:EA:8D:57:E6:25:65:0D:84:4F:5B:F2
X509v3 Authority Key Identifier:
keyid:54:49:5A:2F:41:CD:10:5A:EF:06:F2:87:0A:76:33:98:01:ED:B9:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VElaL0HNEFrvBvKHCnYzmAHtuQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/d67a58-380f-427a-849a-f9940fa1e108/1/VElaL0HNEFrvBvKHCnYzmAHtuQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:08:ae:f3:bf:4e:3d:9c:8c:7c:1c:08:6e:1c:75:8f:cf:31:
b8:12:b5:b7:40:a3:43:4b:6c:0e:4c:53:1c:78:d8:21:99:f6:
e6:6d:74:82:d1:48:2c:8e:4a:e5:9f:ca:02:0f:9d:cb:4a:bc:
e7:d9:8f:a8:eb:27:9c:c3:1a:67:68:e3:43:a6:db:89:ce:fe:
7e:88:b4:fb:af:51:bd:af:3c:48:2f:99:5c:f8:41:1d:b9:1f:
11:54:73:e3:61:9a:19:e2:79:e6:00:47:05:9f:42:c9:77:ab:
e7:9d:1f:8c:02:61:5c:1d:a7:7f:f4:2f:34:da:bd:f1:de:d7:
6e:32:1c:f8:0b:89:5e:11:e3:41:8e:3f:35:92:2f:2d:89:31:
88:4e:af:e4:56:af:28:61:c7:85:65:73:f2:c4:88:12:08:57:
6b:54:4d:5a:23:01:ab:e0:81:ba:3a:34:63:7f:7d:a1:96:23:
e1:68:13:9f:7b:80:2a:55:23:e3:19:e0:9a:a9:20:99:4e:e1:
8e:e9:0b:a2:e5:9f:6e:3e:6e:03:8f:d7:d3:fe:43:a2:d6:92:
da:3b:b6:a1:6f:7e:54:19:75:c4:a7:77:95:84:28:40:9f:6d:
b8:22:f9:95:79:af:1a:03:0a:34:a4:ee:c3:65:f1:f1:f3:20:
2c:07:71:14
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpz3O4Eyo2IsviUJZwYm36lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NDk1YTJmNDFjZDEwNWFlZjA2ZjI4NzBhNzYzMzk4MDFl
ZGI5MGQwHhcNMjUxMTExMTcwMDQ5WhcNMjUxMTEyMTcwMDQ5WjAzMTEwLwYDVQQD
EyhmMmFjYzEwZWJjZjc1ZmFlNThlYThkNTdlNjI1NjUwZDg0NGY1YmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfRkuEyBNvDL8W00ps/JXl5rddHO
rXIeD92pNenqHhjDGDRlWrv6E7eTTEHssDz035OmhGSvhtzvKkc5yJgPSgDwzmr6
DktnUXXJBJ+w6pFKa4hZ5J4eacV4vyyyQWMGMH0Y6mhi3t/s0huk62kOQWHb7p9C
f+QjwAYHx02r1zJngpDVgN7zNzexwW36HcBMwIWFhK8yjzPyRsgLcOksjwaHchjj
xohehi5cDHgz+es7GHZML59vJUqXKf3UmJ/Z2jXFzbGs5vZWBZLKs9gn3mcgJDDC
tVHtZnYNta4cSjV8i+uhf0cCL4FGMDg52pXsZAas1r01SfBJvagrsTRMeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPKswQ6891+uWOqNV+YlZQ2ET1vyMB8GA1UdIwQY
MBaAFFRJWi9BzRBa7wbyhwp2M5gB7bkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkVsYUwwSE5FRnJ2QnZLSENuWXptQUh0dVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9kNjdhNTgtMzgwZi00MjdhLTg0OWEt
Zjk5NDBmYTFlMTA4LzEvVkVsYUwwSE5FRnJ2QnZLSENuWXptQUh0dVEwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9kNjdhNTgtMzgwZi00MjdhLTg0OWEtZjk5NDBmYTFlMTA4
LzEvVkVsYUwwSE5FRnJ2QnZLSENuWXptQUh0dVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiQiu879O
PZyMfBwIbhx1j88xuBK1t0CjQ0tsDkxTHHjYIZn25m10gtFILI5K5Z/KAg+dy0q8
59mPqOsnnMMaZ2jjQ6bbic7+foi0+69Rva88SC+ZXPhBHbkfEVRz42GaGeJ55gBH
BZ9CyXer550fjAJhXB2nf/QvNNq98d7XbjIc+AuJXhHjQY4/NZIvLYkxiE6v5Fav
KGHHhWVz8sSIEghXa1RNWiMBq+CBujo0Y399oZYj4WgTn3uAKlUj4xngmqkgmU7h
jukLouWfbj5uA4/X0/5DotaS2ju2oW9+VBl1xKd3lYQoQJ9tuCL5lXmvGgMKNKTu
w2Xx8fMgLAdxFA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:17 2025 by rpki-client