Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft
File: 0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft (raw, json)
Hash identifier: tKKAqBhjrF8XeRSjqfq4nWT6n+SIRknSy0sq3usk+1U=
Subject key identifier: 3F:7D:CA:E3:0A:CA:63:1F:C4:C3:21:79:8B:42:EC:E7:02:C7:44:AA
Authority key identifier: D2:B3:6A:D2:8E:52:1E:DA:B4:B4:DE:A3:49:A2:77:72:D4:B2:A7:BE
Certificate issuer: /CN=d2b36ad28e521edab4b4dea349a27772d4b2a7be
Certificate serial: 019A71EE724FDB5845ADCDDA1B7B275F3689
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft
Manifest number: 1463
Signing time: Tue 11 Nov 2025 08:00:43 +0000
Manifest this update: Tue 11 Nov 2025 08:00:43 +0000
Manifest next update: Wed 12 Nov 2025 08:00:43 +0000
Files and hashes: 1: 0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl (hash: m5mPPUsU38kgpNA9+NjOKKQknG2QV6oZg4QDSaQPMAs=)
2: 5tz1cuLC3Spal7LSIEjI-Qlcl6U.roa (hash: XSoR4/ODhnGd0USG7NRxHx6V9kNwJuT3OUfa19EcNCE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft
rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:72:4f:db:58:45:ad:cd:da:1b:7b:27:5f:36:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2b36ad28e521edab4b4dea349a27772d4b2a7be
Validity
Not Before: Nov 11 08:00:43 2025 GMT
Not After : Nov 12 08:00:43 2025 GMT
Subject: CN=3f7dcae30aca631fc4c321798b42ece702c744aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0c:be:9c:9c:d4:00:d3:14:48:61:95:57:f6:
bc:72:e8:8e:01:91:eb:c9:c2:a9:94:e7:f9:11:fe:
1e:12:4d:25:7c:d9:b8:2b:c4:7c:de:b3:f0:b1:8e:
24:eb:5b:59:79:9f:44:d7:64:5b:4e:b2:e1:f8:e6:
67:b0:cb:98:a4:4b:dc:71:89:21:16:4b:1d:df:e2:
85:67:2c:a6:76:cf:1e:b2:1c:c2:15:3f:22:f0:9b:
b6:1f:6a:97:10:08:a0:f0:ba:99:e9:72:87:13:d2:
aa:40:4f:9d:4b:87:84:11:2b:fd:34:90:6c:60:e8:
d3:2f:e5:a3:9e:e9:72:4a:f4:e3:e3:4c:4d:bf:98:
64:71:d8:de:19:d8:f5:64:bf:81:70:1c:34:47:e9:
66:ea:78:20:5d:51:7d:71:b5:e2:75:de:1f:38:ea:
03:1b:dd:47:ec:93:43:52:1d:1b:a6:eb:8a:c4:2f:
bd:18:a9:35:74:9f:dc:0f:8f:42:4d:33:79:74:92:
13:96:25:02:05:e5:9d:5e:17:c0:fd:2b:cc:35:41:
ef:c1:7e:2f:1f:09:22:c2:72:aa:e0:1c:13:43:e8:
81:1d:b2:30:23:43:38:c0:ed:78:24:73:11:e8:c5:
e4:c6:70:a1:6e:ed:ad:20:ed:b5:06:c3:69:86:45:
92:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:7D:CA:E3:0A:CA:63:1F:C4:C3:21:79:8B:42:EC:E7:02:C7:44:AA
X509v3 Authority Key Identifier:
keyid:D2:B3:6A:D2:8E:52:1E:DA:B4:B4:DE:A3:49:A2:77:72:D4:B2:A7:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0rNq0o5SHtq0tN6jSaJ3ctSyp74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/3a9a0b-d424-4eca-a938-92a877bb19f7/1/0rNq0o5SHtq0tN6jSaJ3ctSyp74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:0b:20:b7:bb:8b:b2:78:9e:70:0c:68:4d:06:b8:1e:13:bb:
f2:49:99:ff:5a:11:15:3a:48:c1:be:4d:f2:5c:d2:72:13:2e:
cd:6b:34:1c:73:cb:d3:34:fd:37:d2:25:95:79:0d:ab:21:4e:
5f:7e:44:09:0b:9b:4d:16:4a:40:ed:08:49:fa:a1:33:5c:92:
c2:71:66:74:57:dd:2d:4a:42:3b:74:52:9a:b6:cf:f2:70:44:
91:b8:21:c8:11:5e:7c:ad:81:ba:f0:58:fd:82:aa:3e:3c:14:
e2:a9:fc:bb:ae:06:d8:c4:5e:ab:2c:7d:aa:d7:97:f8:b5:e2:
0b:ab:04:f3:5a:c8:41:b4:a2:6f:4f:ae:2b:61:71:9b:b0:af:
f1:b3:92:bc:01:f8:7e:d4:38:31:42:66:e5:cc:6e:a1:2c:f2:
ef:d4:0f:7f:28:d3:63:84:26:31:f1:11:1d:b4:2c:6d:2d:e3:
68:ff:7c:d3:0c:22:3d:51:b9:82:92:e3:1d:6e:b1:f3:f2:98:
3c:f8:35:92:2c:c1:15:fe:74:37:29:83:d4:9a:32:7b:51:49:
ab:1d:c8:08:c0:8f:16:a9:69:ff:08:cc:c4:f9:b1:56:8b:cd:
8b:cd:35:d3:b4:81:ba:3a:d9:76:14:f3:ab:dc:c3:35:75:fa:
d9:d6:91:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7nJP21hFrc3aG3snXzaJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYjM2YWQyOGU1MjFlZGFiNGI0ZGVhMzQ5YTI3NzcyZDRi
MmE3YmUwHhcNMjUxMTExMDgwMDQzWhcNMjUxMTEyMDgwMDQzWjAzMTEwLwYDVQQD
EygzZjdkY2FlMzBhY2E2MzFmYzRjMzIxNzk4YjQyZWNlNzAyYzc0NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwy+nJzUANMUSGGVV/a8cuiOAZHr
ycKplOf5Ef4eEk0lfNm4K8R83rPwsY4k61tZeZ9E12RbTrLh+OZnsMuYpEvccYkh
Fksd3+KFZyymds8eshzCFT8i8Ju2H2qXEAig8LqZ6XKHE9KqQE+dS4eEESv9NJBs
YOjTL+WjnulySvTj40xNv5hkcdjeGdj1ZL+BcBw0R+lm6nggXVF9cbXidd4fOOoD
G91H7JNDUh0bpuuKxC+9GKk1dJ/cD49CTTN5dJITliUCBeWdXhfA/SvMNUHvwX4v
HwkiwnKq4BwTQ+iBHbIwI0M4wO14JHMR6MXkxnChbu2tIO21BsNphkWSXQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD99yuMKymMfxMMheYtC7OcCx0SqMB8GA1UdIwQY
MBaAFNKzatKOUh7atLTeo0mid3LUsqe+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHJOcTBvNVNIdHEwdE42alNhSjNjdFN5cDc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zYTlhMGItZDQyNC00ZWNhLWE5Mzgt
OTJhODc3YmIxOWY3LzEvMHJOcTBvNVNIdHEwdE42alNhSjNjdFN5cDc0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8zYTlhMGItZDQyNC00ZWNhLWE5MzgtOTJhODc3YmIxOWY3
LzEvMHJOcTBvNVNIdHEwdE42alNhSjNjdFN5cDc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiwsgt7uL
sniecAxoTQa4HhO78kmZ/1oRFTpIwb5N8lzSchMuzWs0HHPL0zT9N9IllXkNqyFO
X35ECQubTRZKQO0ISfqhM1ySwnFmdFfdLUpCO3RSmrbP8nBEkbghyBFefK2BuvBY
/YKqPjwU4qn8u64G2MReqyx9qteX+LXiC6sE81rIQbSib0+uK2Fxm7Cv8bOSvAH4
ftQ4MUJm5cxuoSzy79QPfyjTY4QmMfERHbQsbS3jaP980wwiPVG5gpLjHW6x8/KY
PPg1kizBFf50NymD1Joye1FJqx3ICMCPFqlp/wjMxPmxVovNi80107SBujrZdhTz
q9zDNXX62daR9g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:09:43 2025 by rpki-client