Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7c91ca-55f7-43a4-b950-8dc94e89bf03/1/md6y4fhaF9okDPyBbZcsheQR5iQ.mft
File: md6y4fhaF9okDPyBbZcsheQR5iQ.mft (raw, json)
Hash identifier: l7VN6Elbcpp7nJuBbGk6kFTln4IZpmyXHuAGJjGBCOY=
Subject key identifier: B7:1C:8F:32:80:B7:D2:F0:62:54:CF:A8:CF:27:34:2E:B7:28:F1:D5
Authority key identifier: 99:DE:B2:E1:F8:5A:17:DA:24:0C:FC:81:6D:97:2C:85:E4:11:E6:24
Certificate issuer: /CN=99deb2e1f85a17da240cfc816d972c85e411e624
Certificate serial: 019A72936E9F96F2F908B7AE6596A259B3D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/md6y4fhaF9okDPyBbZcsheQR5iQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7c91ca-55f7-43a4-b950-8dc94e89bf03/1/md6y4fhaF9okDPyBbZcsheQR5iQ.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 11:00:55 +0000
Manifest this update: Tue 11 Nov 2025 11:00:55 +0000
Manifest next update: Wed 12 Nov 2025 11:00:55 +0000
Files and hashes: 1: G9mF37Fb91r0jC33-YcK9r4IAmk.roa (hash: MaEVR8Nlqavgaakwb2T4C4sUXoGT+mVODKAXw14Vucs=)
2: md6y4fhaF9okDPyBbZcsheQR5iQ.crl (hash: K/Ah2YF6PtL7uBSs2j/KrJlrl1ktdc6P/oq8LaMg+is=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/7c91ca-55f7-43a4-b950-8dc94e89bf03/1/md6y4fhaF9okDPyBbZcsheQR5iQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/7c91ca-55f7-43a4-b950-8dc94e89bf03/1/md6y4fhaF9okDPyBbZcsheQR5iQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/md6y4fhaF9okDPyBbZcsheQR5iQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:6e:9f:96:f2:f9:08:b7:ae:65:96:a2:59:b3:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99deb2e1f85a17da240cfc816d972c85e411e624
Validity
Not Before: Nov 11 11:00:55 2025 GMT
Not After : Nov 12 11:00:55 2025 GMT
Subject: CN=b71c8f3280b7d2f06254cfa8cf27342eb728f1d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f3:89:2f:77:d0:5f:8e:13:fe:b1:1d:4c:83:
81:90:32:e2:9d:2b:da:c1:ba:2d:ef:48:e1:dc:88:
98:df:16:61:3e:ae:d5:6e:02:cb:b5:a9:1d:76:a0:
82:6d:91:7d:d9:59:d2:74:b8:f3:0c:16:e5:a6:50:
3f:08:8b:7a:8d:9c:5f:02:4b:91:8e:b3:9f:e7:fa:
75:0f:a8:23:53:28:46:a4:2b:58:2c:0e:29:35:4d:
8f:8b:e1:b9:7d:57:7a:e2:ae:3d:f0:40:6d:19:fa:
33:b7:d0:e5:09:21:32:1a:01:2b:3b:b6:66:16:65:
89:6e:3a:8e:cf:85:f1:19:f3:82:7e:db:63:57:41:
ec:04:c4:e1:cf:a8:3f:aa:c0:eb:37:f3:74:a5:05:
3f:e2:2f:95:a7:be:a7:1e:cb:b7:2e:14:b5:ec:d8:
44:39:26:f5:26:da:44:7c:35:6b:da:9d:37:d3:82:
8f:56:6b:af:9e:13:e2:48:9e:0d:52:75:9b:af:b1:
2e:d8:89:4e:f8:29:42:0e:dc:fa:ec:b3:99:21:f1:
4d:8f:7e:2f:c7:ab:54:d6:64:44:47:dd:94:8a:4c:
2e:55:2a:b3:32:d4:ca:eb:0e:91:78:5a:e0:2d:5c:
10:ed:ab:05:12:4e:17:c0:8d:89:fc:87:1f:a1:c1:
1f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:1C:8F:32:80:B7:D2:F0:62:54:CF:A8:CF:27:34:2E:B7:28:F1:D5
X509v3 Authority Key Identifier:
keyid:99:DE:B2:E1:F8:5A:17:DA:24:0C:FC:81:6D:97:2C:85:E4:11:E6:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/md6y4fhaF9okDPyBbZcsheQR5iQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7c91ca-55f7-43a4-b950-8dc94e89bf03/1/md6y4fhaF9okDPyBbZcsheQR5iQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7c91ca-55f7-43a4-b950-8dc94e89bf03/1/md6y4fhaF9okDPyBbZcsheQR5iQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:08:96:00:3b:06:b8:62:18:d2:90:f4:25:a5:0a:0f:66:12:
04:dd:b0:bd:fe:1b:dc:3d:9b:29:83:95:08:e7:e0:ba:eb:bb:
ac:e9:ae:15:4f:1b:e5:ec:e8:8b:ae:69:bc:48:df:90:87:89:
04:3e:eb:38:15:04:b5:db:39:cf:ee:eb:10:40:ba:97:2e:7f:
f8:6e:36:82:21:99:b7:ea:32:11:f8:2d:32:29:aa:bf:c2:03:
58:f9:cd:8a:e6:8f:4d:a9:1a:8a:ec:dc:14:cc:38:22:38:9e:
b4:74:27:43:9c:a8:6a:f8:8c:cb:cd:04:c0:5b:c1:10:1a:6e:
fe:99:2e:b8:9f:0b:bc:ea:0c:79:0c:14:c6:5b:90:62:39:c3:
1c:4c:12:3f:c9:99:f3:6d:30:60:ca:92:82:ca:39:24:16:2d:
79:b8:32:45:0b:b9:9b:37:45:63:f0:d8:fa:e5:e8:7b:fc:62:
d0:5a:75:0b:4c:31:d0:2a:7a:23:17:b0:35:bd:e7:92:87:33:
34:64:4b:65:fa:98:be:55:63:34:84:b8:4c:37:e3:0e:df:ae:
40:31:9e:b4:88:aa:2b:44:3e:fe:70:53:a5:e7:8b:5c:b0:40:
ed:5f:55:20:c0:99:15:95:35:4a:75:1c:45:6a:f3:30:8f:3f:
90:7d:70:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk26flvL5CLeuZZaiWbPYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGViMmUxZjg1YTE3ZGEyNDBjZmM4MTZkOTcyYzg1ZTQx
MWU2MjQwHhcNMjUxMTExMTEwMDU1WhcNMjUxMTEyMTEwMDU1WjAzMTEwLwYDVQQD
EyhiNzFjOGYzMjgwYjdkMmYwNjI1NGNmYThjZjI3MzQyZWI3MjhmMWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvOJL3fQX44T/rEdTIOBkDLinSva
wbot70jh3IiY3xZhPq7VbgLLtakddqCCbZF92VnSdLjzDBblplA/CIt6jZxfAkuR
jrOf5/p1D6gjUyhGpCtYLA4pNU2Pi+G5fVd64q498EBtGfozt9DlCSEyGgErO7Zm
FmWJbjqOz4XxGfOCfttjV0HsBMThz6g/qsDrN/N0pQU/4i+Vp76nHsu3LhS17NhE
OSb1JtpEfDVr2p0304KPVmuvnhPiSJ4NUnWbr7Eu2IlO+ClCDtz67LOZIfFNj34v
x6tU1mRER92UikwuVSqzMtTK6w6ReFrgLVwQ7asFEk4XwI2J/IcfocEfBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLccjzKAt9LwYlTPqM8nNC63KPHVMB8GA1UdIwQY
MBaAFJnesuH4WhfaJAz8gW2XLIXkEeYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWQ2eTRmaGFGOW9rRFB5QmJaY3NoZVFSNWlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83YzkxY2EtNTVmNy00M2E0LWI5NTAt
OGRjOTRlODliZjAzLzEvbWQ2eTRmaGFGOW9rRFB5QmJaY3NoZVFSNWlRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83YzkxY2EtNTVmNy00M2E0LWI5NTAtOGRjOTRlODliZjAz
LzEvbWQ2eTRmaGFGOW9rRFB5QmJaY3NoZVFSNWlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhgiWADsG
uGIY0pD0JaUKD2YSBN2wvf4b3D2bKYOVCOfguuu7rOmuFU8b5ezoi65pvEjfkIeJ
BD7rOBUEtds5z+7rEEC6ly5/+G42giGZt+oyEfgtMimqv8IDWPnNiuaPTakaiuzc
FMw4IjietHQnQ5yoaviMy80EwFvBEBpu/pkuuJ8LvOoMeQwUxluQYjnDHEwSP8mZ
820wYMqSgso5JBYtebgyRQu5mzdFY/DY+uXoe/xi0Fp1C0wx0Cp6IxewNb3nkocz
NGRLZfqYvlVjNIS4TDfjDt+uQDGetIiqK0Q+/nBTpeeLXLBA7V9VIMCZFZU1SnUc
RWrzMI8/kH1wZg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:19:07 2025 by rpki-client