Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
File: RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft (raw, json)
Hash identifier: T5OZqIACcscXqnUziN49HZee7H8us75MkvlYtClktxA=
Subject key identifier: 09:98:02:33:E0:11:38:B8:3F:0B:03:8B:F3:87:AD:DA:B5:C9:93:82
Authority key identifier: 44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
Certificate issuer: /CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Certificate serial: 019A7225887789AD3E40957A9DB6F19E64DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:00:53 +0000
Manifest this update: Tue 11 Nov 2025 09:00:53 +0000
Manifest next update: Wed 12 Nov 2025 09:00:53 +0000
Files and hashes: 1: RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl (hash: 6Azmb4Gvzd7QATw7EBquEK7TGA9rNR/r456BDO11Izw=)
2: ZmJk3i0UqR_uJ_XLaSjGUe2aH00.roa (hash: BCwdh7j1ZUyJ+mVEfLtfrzwX+n9rg9YN807VJjPHsUE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:88:77:89:ad:3e:40:95:7a:9d:b6:f1:9e:64:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44f610f872cf31b7c3224cd2c1669c9968350b7a
Validity
Not Before: Nov 11 09:00:53 2025 GMT
Not After : Nov 12 09:00:53 2025 GMT
Subject: CN=09980233e01138b83f0b038bf387addab5c99382
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:78:75:20:cc:25:3b:ca:1a:79:a3:26:62:
5b:b1:c1:3b:90:cd:51:ee:fc:d3:30:a1:75:7f:f1:
44:86:7f:05:b7:6e:e4:22:8e:f7:d9:50:2b:a2:a0:
a3:b1:1f:25:82:a4:41:49:86:89:b9:7f:8a:63:e1:
3c:b6:84:f0:83:d7:f2:36:1c:63:c4:c5:8b:3f:83:
00:d5:d6:af:58:01:68:1d:14:d8:78:72:fd:4c:dc:
23:f6:0b:b9:14:d1:cf:70:40:a3:14:b8:db:3d:e0:
5e:93:cb:ad:94:06:08:35:b6:04:0e:3f:12:a2:65:
8c:ae:9b:c2:d2:f7:99:b1:83:64:2d:4b:e9:cb:15:
66:83:b7:ee:21:4e:9b:72:57:33:84:e6:09:3b:d2:
28:07:5d:bf:74:42:23:a9:74:f7:f2:a6:cf:7b:f2:
ef:16:39:0a:99:0a:9b:1d:bf:8e:d0:66:8a:9e:21:
77:bd:e0:31:5a:e6:3f:be:a0:ee:69:c3:21:6e:e4:
c2:70:22:38:df:70:ea:c0:32:28:32:7c:2f:4a:fd:
30:d0:31:cd:c6:fa:c5:5c:f6:4f:6c:ef:ca:bb:70:
65:53:5b:c4:c8:7d:99:f0:7f:78:57:52:9d:53:9a:
a7:5a:9f:f0:78:4b:89:ab:58:27:1f:f7:bd:a3:5f:
3f:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:98:02:33:E0:11:38:B8:3F:0B:03:8B:F3:87:AD:DA:B5:C9:93:82
X509v3 Authority Key Identifier:
keyid:44:F6:10:F8:72:CF:31:B7:C3:22:4C:D2:C1:66:9C:99:68:35:0B:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPYQ-HLPMbfDIkzSwWacmWg1C3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/7253f0-d825-4dab-801f-9b509e5931f9/1/RPYQ-HLPMbfDIkzSwWacmWg1C3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:9f:30:c7:8f:1a:32:56:a6:cf:51:70:74:3e:ad:40:3a:c4:
e5:cf:71:bd:72:9a:ee:18:4d:62:3b:54:56:05:59:40:c9:25:
52:9a:eb:8f:d5:fb:2b:b7:e0:d4:73:36:5e:87:8e:ee:b1:87:
3d:a9:ae:c2:9a:24:83:3f:44:03:9f:13:85:8d:bb:cc:63:cf:
b1:12:c6:f1:c6:5a:6b:01:e3:9b:3a:ab:2f:fc:2f:9b:06:a9:
d9:00:d6:7a:15:ee:89:85:e1:3e:e7:06:fa:99:05:61:be:de:
cc:a6:be:8a:9e:b4:74:07:07:ff:0d:70:83:9a:f4:cc:b7:50:
a8:5a:ce:52:eb:77:3a:b2:ba:1b:b3:dd:8c:f6:06:28:d7:4b:
ec:9c:5b:0b:76:4c:1a:41:40:6c:0e:81:7d:1a:2c:ce:ca:c5:
33:4b:7a:98:19:bd:70:f5:28:d8:e4:c7:76:7f:9a:91:12:1a:
dd:24:98:6c:26:09:13:71:80:32:5e:7e:77:d0:02:d1:95:1a:
b0:69:6a:07:93:d3:63:6e:eb:f5:58:e6:1c:52:dd:ae:be:fd:
bc:b7:29:57:9e:f4:db:66:e8:24:60:03:a7:72:80:c4:6f:a1:
dc:1e:f1:eb:7d:e2:66:2f:3a:6b:9e:65:a4:9b:a1:88:d9:67:
c8:da:bb:eb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYh3ia0+QJV6nbbxnmTdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZjYxMGY4NzJjZjMxYjdjMzIyNGNkMmMxNjY5Yzk5Njgz
NTBiN2EwHhcNMjUxMTExMDkwMDUzWhcNMjUxMTEyMDkwMDUzWjAzMTEwLwYDVQQD
EygwOTk4MDIzM2UwMTEzOGI4M2YwYjAzOGJmMzg3YWRkYWI1Yzk5MzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo94dSDMJTvKGnmjJmJbscE7kM1R
7vzTMKF1f/FEhn8Ft27kIo732VAroqCjsR8lgqRBSYaJuX+KY+E8toTwg9fyNhxj
xMWLP4MA1davWAFoHRTYeHL9TNwj9gu5FNHPcECjFLjbPeBek8utlAYINbYEDj8S
omWMrpvC0veZsYNkLUvpyxVmg7fuIU6bclczhOYJO9IoB12/dEIjqXT38qbPe/Lv
FjkKmQqbHb+O0GaKniF3veAxWuY/vqDuacMhbuTCcCI433DqwDIoMnwvSv0w0DHN
xvrFXPZPbO/Ku3BlU1vEyH2Z8H94V1KdU5qnWp/weEuJq1gnH/e9o18/+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAmYAjPgETi4PwsDi/OHrdq1yZOCMB8GA1UdIwQY
MBaAFET2EPhyzzG3wyJM0sFmnJloNQt6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYt
OWI1MDllNTkzMWY5LzEvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MjUzZjAtZDgyNS00ZGFiLTgwMWYtOWI1MDllNTkzMWY5
LzEvUlBZUS1ITFBNYmZESWt6U3dXYWNtV2cxQzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALZ8wx48a
Mlamz1FwdD6tQDrE5c9xvXKa7hhNYjtUVgVZQMklUprrj9X7K7fg1HM2XoeO7rGH
Pamuwpokgz9EA58ThY27zGPPsRLG8cZaawHjmzqrL/wvmwap2QDWehXuiYXhPucG
+pkFYb7ezKa+ip60dAcH/w1wg5r0zLdQqFrOUut3OrK6G7PdjPYGKNdL7JxbC3ZM
GkFAbA6BfRoszsrFM0t6mBm9cPUo2OTHdn+akRIa3SSYbCYJE3GAMl5+d9AC0ZUa
sGlqB5PTY27r9VjmHFLdrr79vLcpV57022boJGADp3KAxG+h3B7x633iZi86a55l
pJuhiNlnyNq76w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:40 2025 by rpki-client