Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
File: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json)
Hash identifier: 5u49fCFLEzTmtQKJiIKfY8RNzWMUaQgjb0w5arCCh4A=
Subject key identifier: 2A:D9:F6:25:CE:19:6C:F4:BA:17:52:00:C0:C5:CC:51:90:D6:B4:ED
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 019A714A3258FD0B412CECBD3782763272AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 05:01:19 +0000
Manifest this update: Tue 11 Nov 2025 05:01:19 +0000
Manifest next update: Wed 12 Nov 2025 05:01:19 +0000
Files and hashes: 1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: PT3TSZdie8V+fzfTYD22KSrNMTl+xcYzn6y8ZJ8g9e0=)
2: uFIkyOKWSzQfZzP96vWM093yaBY.roa (hash: TWsqJU2I8/yV3h8FtJmMbNc3AlR1EJP1BU5hPExE0mk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:32:58:fd:0b:41:2c:ec:bd:37:82:76:32:72:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Nov 11 05:01:19 2025 GMT
Not After : Nov 12 05:01:19 2025 GMT
Subject: CN=2ad9f625ce196cf4ba175200c0c5cc5190d6b4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d0:8b:5f:5e:03:af:fb:7d:ca:68:25:4d:fe:
0f:f8:ba:13:c5:54:a2:b1:51:68:f0:2b:95:56:37:
8f:f2:fb:ad:5c:1b:2e:1c:6b:ea:d9:b1:6d:95:af:
66:f4:a9:32:08:3a:6b:4e:27:53:8c:60:d2:dc:92:
9b:d6:f4:9c:89:7d:80:f0:b9:57:2f:bc:90:5b:39:
9f:48:9d:99:1b:42:32:cd:00:89:54:d0:7d:33:32:
bb:eb:c1:08:f3:3b:83:5d:4e:77:10:6d:b0:70:4b:
52:eb:69:3b:41:2a:7b:2c:4c:f1:8f:df:69:69:8f:
ab:fb:f8:25:87:78:61:7b:d9:05:a3:6a:7e:32:69:
2b:82:3e:fd:cc:a2:89:bc:e5:9c:0a:97:00:d4:4a:
87:19:8f:7d:e4:b6:4e:f6:1f:f2:2e:17:d8:18:4d:
2a:c3:60:da:70:6a:d5:af:d2:25:c7:ee:23:11:f7:
6d:95:13:15:0e:63:6e:6c:35:ad:37:3f:d7:19:19:
b5:ba:25:7f:8c:06:9b:47:37:1d:6f:a7:c7:15:bb:
52:1d:d5:36:99:25:d0:b6:e0:f3:23:46:1a:1f:39:
6e:e9:77:4f:bd:74:4d:3e:10:6c:bb:e6:50:5e:6b:
0d:81:99:d0:a7:fa:bf:50:73:3c:48:f3:bb:33:92:
3c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:D9:F6:25:CE:19:6C:F4:BA:17:52:00:C0:C5:CC:51:90:D6:B4:ED
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
47:74:5b:40:87:d1:ec:2a:6e:89:97:cb:9d:52:c6:3c:f4:05:
94:69:20:9a:fa:37:9f:5c:63:53:6a:45:5a:69:5f:47:b9:b5:
19:96:aa:1a:03:f8:72:3c:68:47:a8:21:aa:f7:39:eb:47:3d:
b0:3a:36:4f:a7:8e:8b:b7:38:d7:8d:29:87:e4:2e:38:c0:f2:
51:a0:fa:e8:da:79:68:22:19:51:0e:d0:ee:1b:c7:7a:f9:fc:
45:b9:eb:8b:a3:47:d4:07:56:0b:42:8c:01:94:d5:73:3a:fd:
c0:14:e5:16:1e:c2:77:5b:a4:cc:bf:a8:0c:57:27:cf:4f:c8:
90:02:91:28:84:33:9d:3d:ca:a8:c1:54:34:22:0e:97:f4:a2:
ad:b0:10:19:5f:ff:1b:45:24:9f:6b:b9:0e:b4:64:13:2a:15:
01:97:c1:97:7c:f4:0d:6a:4f:71:97:71:55:83:d2:87:0f:cb:
4d:5b:f2:eb:dc:d4:4f:ae:0d:7a:88:0d:76:6d:c9:86:98:5e:
95:9a:06:5d:4f:9b:70:f3:64:77:9d:a4:19:4b:df:ba:56:db:
cb:5b:60:29:b1:6d:09:26:96:06:44:99:32:92:07:d3:0b:c3:
df:e2:24:22:9d:5e:ae:4c:ba:93:1a:7b:3c:e4:36:b5:7f:ce:
41:3f:17:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSjJY/QtBLOy9N4J2MnKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjUxMTExMDUwMTE5WhcNMjUxMTEyMDUwMTE5WjAzMTEwLwYDVQQD
EygyYWQ5ZjYyNWNlMTk2Y2Y0YmExNzUyMDBjMGM1Y2M1MTkwZDZiNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytCLX14Dr/t9ymglTf4P+LoTxVSi
sVFo8CuVVjeP8vutXBsuHGvq2bFtla9m9KkyCDprTidTjGDS3JKb1vSciX2A8LlX
L7yQWzmfSJ2ZG0IyzQCJVNB9MzK768EI8zuDXU53EG2wcEtS62k7QSp7LEzxj99p
aY+r+/glh3hhe9kFo2p+Mmkrgj79zKKJvOWcCpcA1EqHGY995LZO9h/yLhfYGE0q
w2DacGrVr9Ilx+4jEfdtlRMVDmNubDWtNz/XGRm1uiV/jAabRzcdb6fHFbtSHdU2
mSXQtuDzI0YaHzlu6XdPvXRNPhBsu+ZQXmsNgZnQp/q/UHM8SPO7M5I8LQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCrZ9iXOGWz0uhdSAMDFzFGQ1rTtMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR3RbQIfR
7CpuiZfLnVLGPPQFlGkgmvo3n1xjU2pFWmlfR7m1GZaqGgP4cjxoR6ghqvc560c9
sDo2T6eOi7c4140ph+QuOMDyUaD66Np5aCIZUQ7Q7hvHevn8Rbnri6NH1AdWC0KM
AZTVczr9wBTlFh7Cd1ukzL+oDFcnz0/IkAKRKIQznT3KqMFUNCIOl/SirbAQGV//
G0Ukn2u5DrRkEyoVAZfBl3z0DWpPcZdxVYPShw/LTVvy69zUT64NeogNdm3Jhphe
lZoGXU+bcPNkd52kGUvfulbby1tgKbFtCSaWBkSZMpIH0wvD3+IkIp1erky6kxp7
POQ2tX/OQT8Xew==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:23 2025 by rpki-client