Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
File: DNScoZAd8CCTDOlx9lzBgKP8voE.mft (raw, json)
Hash identifier: DCHTBI+f1quF52MQVqL099AsBIP5x5SOr1kKRGXlZmA=
Subject key identifier: 0F:D3:D0:6B:F6:9A:8B:4E:B9:30:3D:5B:EA:55:26:BA:39:C3:DB:1F
Authority key identifier: 0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
Certificate issuer: /CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Certificate serial: 019A72CAA76C5A82F70C4FC457596A5593F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 12:01:14 +0000
Manifest this update: Tue 11 Nov 2025 12:01:14 +0000
Manifest next update: Wed 12 Nov 2025 12:01:14 +0000
Files and hashes: 1: DNScoZAd8CCTDOlx9lzBgKP8voE.crl (hash: 7Uqk1P4JOx+4yxR/SKR2ULanG0IpJ/K/zpr75cjQAuY=)
2: IyvCi4bscVz-cDd1e8YDDEn65h8.roa (hash: +ReDdginBUQu4++Dvo5zNIlV1w8CIv08Gg4t44mG608=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:a7:6c:5a:82:f7:0c:4f:c4:57:59:6a:55:93:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cd49ca1901df020930ce971f65cc180a3fcbe81
Validity
Not Before: Nov 11 12:01:14 2025 GMT
Not After : Nov 12 12:01:14 2025 GMT
Subject: CN=0fd3d06bf69a8b4eb9303d5bea5526ba39c3db1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:bd:55:a5:14:e9:c8:cf:c1:90:c0:fd:58:c9:
92:f9:b9:56:83:f3:00:4d:6f:c0:ff:95:70:d8:97:
39:69:3a:6d:1d:aa:cb:ea:88:61:46:65:4c:54:af:
16:c2:92:8d:2c:7c:ea:28:d5:98:6e:90:03:5e:ae:
1f:41:62:a3:0a:5a:c6:ec:aa:51:83:e6:a3:69:fe:
74:86:f1:4c:88:69:68:94:db:d8:f0:87:e3:48:5d:
bc:1e:58:5c:3e:d6:38:82:7e:df:b5:d5:de:bb:04:
8c:f2:2f:d2:2d:f1:29:29:e2:8c:c7:5e:df:7f:da:
0b:23:21:2e:8b:3a:78:ce:87:39:4a:12:e8:b1:82:
a2:79:f2:a4:4b:c3:a7:a4:60:a6:90:e2:52:9c:4a:
da:17:a1:1e:a3:28:92:28:41:b6:b0:cb:91:90:db:
c6:6f:59:68:58:01:3b:ae:f4:31:0a:93:81:e9:1a:
44:59:fd:5f:46:95:5f:a5:09:48:64:e2:f9:99:74:
73:92:44:a2:a9:fd:49:68:73:15:b9:7d:66:84:35:
03:4f:b8:f6:cc:1d:ec:f6:07:c9:05:34:2b:d5:eb:
b4:9f:02:9e:3a:c9:f2:0c:97:20:77:57:3f:97:7b:
34:30:13:09:ec:29:bb:b9:c6:a2:f1:ff:6d:7e:23:
1e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:D3:D0:6B:F6:9A:8B:4E:B9:30:3D:5B:EA:55:26:BA:39:C3:DB:1F
X509v3 Authority Key Identifier:
keyid:0C:D4:9C:A1:90:1D:F0:20:93:0C:E9:71:F6:5C:C1:80:A3:FC:BE:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DNScoZAd8CCTDOlx9lzBgKP8voE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c9ccc9-c405-428f-b773-dd23dc4241fa/1/DNScoZAd8CCTDOlx9lzBgKP8voE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
67:be:67:87:fd:f4:bb:63:b4:75:73:74:0a:5e:3f:cf:7e:f9:
72:5f:60:a5:eb:fc:af:46:fa:e9:c5:ca:74:0b:d4:70:7e:f2:
24:07:d7:71:0b:d8:e9:85:2d:df:75:a0:ad:24:64:d0:00:ab:
da:c4:87:ed:92:d7:ec:9f:d6:65:ad:22:d9:ab:45:e2:cc:50:
2f:e5:27:f9:7b:07:6e:a2:02:5d:16:6d:89:3b:e9:4a:1f:67:
1b:3c:92:82:63:16:5d:54:a4:3c:4c:4b:36:5a:eb:87:b5:ee:
7c:cf:c7:e2:2e:7a:b7:f6:b5:72:c8:6c:5b:54:8e:00:29:95:
8e:e4:0b:95:ce:a4:b2:e7:bf:2c:92:a9:1f:70:9c:56:d9:d3:
ae:5a:05:ba:9e:8b:cc:ab:0e:64:e4:23:1b:e8:b9:29:06:5e:
3e:0c:9a:ec:d0:e7:d9:40:57:c5:06:b9:4a:17:3f:a0:51:66:
99:9a:4f:f6:16:5f:28:1d:9f:8f:27:54:e1:29:43:ff:ff:9e:
08:21:f7:d6:3f:23:44:94:f4:67:55:eb:bc:14:95:62:15:41:
66:9a:10:6f:41:5b:3e:1b:b2:10:ca:b9:8d:23:ca:f5:42:83:
dd:4e:61:73:48:01:88:b5:94:be:6b:3a:29:2e:fb:28:ad:5d:
4d:bb:55:bc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyqdsWoL3DE/EV1lqVZP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZDQ5Y2ExOTAxZGYwMjA5MzBjZTk3MWY2NWNjMTgwYTNm
Y2JlODEwHhcNMjUxMTExMTIwMTE0WhcNMjUxMTEyMTIwMTE0WjAzMTEwLwYDVQQD
EygwZmQzZDA2YmY2OWE4YjRlYjkzMDNkNWJlYTU1MjZiYTM5YzNkYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv71VpRTpyM/BkMD9WMmS+blWg/MA
TW/A/5Vw2Jc5aTptHarL6ohhRmVMVK8WwpKNLHzqKNWYbpADXq4fQWKjClrG7KpR
g+ajaf50hvFMiGlolNvY8IfjSF28HlhcPtY4gn7ftdXeuwSM8i/SLfEpKeKMx17f
f9oLIyEuizp4zoc5ShLosYKiefKkS8OnpGCmkOJSnEraF6EeoyiSKEG2sMuRkNvG
b1loWAE7rvQxCpOB6RpEWf1fRpVfpQlIZOL5mXRzkkSiqf1JaHMVuX1mhDUDT7j2
zB3s9gfJBTQr1eu0nwKeOsnyDJcgd1c/l3s0MBMJ7Cm7ucai8f9tfiMetQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/T0Gv2motOuTA9W+pVJro5w9sfMB8GA1UdIwQY
MBaAFAzUnKGQHfAgkwzpcfZcwYCj/L6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMt
ZGQyM2RjNDI0MWZhLzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jOWNjYzktYzQwNS00MjhmLWI3NzMtZGQyM2RjNDI0MWZh
LzEvRE5TY29aQWQ4Q0NURE9seDlsekJnS1A4dm9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ75nh/30
u2O0dXN0Cl4/z375cl9gpev8r0b66cXKdAvUcH7yJAfXcQvY6YUt33WgrSRk0ACr
2sSH7ZLX7J/WZa0i2atF4sxQL+Un+XsHbqICXRZtiTvpSh9nGzySgmMWXVSkPExL
Nlrrh7XufM/H4i56t/a1cshsW1SOACmVjuQLlc6ksue/LJKpH3CcVtnTrloFup6L
zKsOZOQjG+i5KQZePgya7NDn2UBXxQa5Shc/oFFmmZpP9hZfKB2fjydU4SlD//+e
CCH31j8jRJT0Z1XrvBSVYhVBZpoQb0FbPhuyEMq5jSPK9UKD3U5hc0gBiLWUvms6
KS77KK1dTbtVvA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:28:09 2025 by rpki-client