Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.mft
File: du6ffY5dGMUIhPgzeK5Iui_NpuI.mft (raw, json)
Hash identifier: 8wBJgQ3SR/lNDOIdZE35urINmjEJPOarfFEEbQXe9cM=
Subject key identifier: A5:B0:06:B9:CF:7D:75:BC:B9:A6:03:8F:BA:53:60:C2:0D:39:BA:49
Authority key identifier: 76:EE:9F:7D:8E:5D:18:C5:08:84:F8:33:78:AE:48:BA:2F:CD:A6:E2
Certificate issuer: /CN=76ee9f7d8e5d18c50884f83378ae48ba2fcda6e2
Certificate serial: 019A72938A08FB35A6E7D5314F12106DEFB6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.mft
Manifest number: 1277
Signing time: Tue 11 Nov 2025 11:01:03 +0000
Manifest this update: Tue 11 Nov 2025 11:01:03 +0000
Manifest next update: Wed 12 Nov 2025 11:01:03 +0000
Files and hashes: 1: du6ffY5dGMUIhPgzeK5Iui_NpuI.crl (hash: WrxreNvAO/hAhtZnZBB1k5j/Aw0XcvOXcBKUUeJ6yhc=)
2: mXqLLr6nY4_O8xCSHszNUcdYNRQ.roa (hash: mR7ch814nod8YJeRcpIlHri0tj0aQVOIDu8w+ijK6HU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:8a:08:fb:35:a6:e7:d5:31:4f:12:10:6d:ef:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ee9f7d8e5d18c50884f83378ae48ba2fcda6e2
Validity
Not Before: Nov 11 11:01:03 2025 GMT
Not After : Nov 12 11:01:03 2025 GMT
Subject: CN=a5b006b9cf7d75bcb9a6038fba5360c20d39ba49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:71:36:f3:8e:32:0c:4e:9d:fc:87:7c:2f:e8:
68:c9:71:38:d4:0c:3d:f3:40:2a:53:18:aa:2b:77:
f7:40:5e:fa:7d:8a:74:9f:78:a9:ac:53:37:15:1e:
a0:e5:ac:0e:9f:86:ba:37:3c:f5:47:53:4f:fd:89:
64:f3:44:3c:de:cd:c6:e3:a7:3c:da:4f:10:55:6c:
0c:f2:00:dd:cc:db:48:79:f1:73:ce:31:64:27:f1:
fb:e5:ec:d9:cc:b6:b5:f2:e2:44:a1:e7:e9:59:87:
5e:01:83:b8:dc:cc:6c:77:38:c0:4c:3c:57:a1:2f:
9b:b4:59:ab:55:83:0f:76:89:c3:f0:b7:3b:8a:04:
a7:67:35:99:d8:e4:7a:ed:61:f2:a7:8b:4c:ba:7a:
1c:7e:7a:3a:21:2e:89:01:4a:89:5b:87:6e:92:0b:
83:a4:e2:a3:71:ff:74:94:6f:64:17:1d:d0:c2:c0:
34:84:71:58:3c:7f:a7:3d:4e:9c:00:5e:28:70:f7:
7a:d1:49:0b:74:80:08:a7:f7:24:de:5c:7e:fc:42:
3a:89:af:57:92:a8:6e:e5:4b:1d:88:0d:49:a3:72:
2b:1d:d3:06:41:77:c9:98:12:20:2b:80:25:72:30:
ab:f5:3f:e6:d9:d9:8b:f0:ee:5b:36:a4:cf:df:f3:
35:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B0:06:B9:CF:7D:75:BC:B9:A6:03:8F:BA:53:60:C2:0D:39:BA:49
X509v3 Authority Key Identifier:
keyid:76:EE:9F:7D:8E:5D:18:C5:08:84:F8:33:78:AE:48:BA:2F:CD:A6:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/du6ffY5dGMUIhPgzeK5Iui_NpuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/aa3b42-b601-40b4-b299-bf8e960fe0ad/1/du6ffY5dGMUIhPgzeK5Iui_NpuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:08:07:12:cf:fe:a4:8f:b8:c3:24:c4:fe:28:1f:2a:66:67:
82:a0:10:70:37:d0:3f:7e:f3:bd:a8:2e:c0:2b:e7:90:36:ac:
47:97:e8:a5:a1:87:62:7c:98:1a:1f:ca:81:cf:3e:30:e6:b6:
b6:0d:67:5c:96:d5:c6:fc:a7:33:1b:c6:4a:88:e0:5b:e2:a3:
46:f5:c6:2b:47:c5:a3:46:62:d1:b9:88:ce:57:9a:c9:9b:5a:
c0:1f:16:95:8a:bd:4f:c7:ed:2a:f7:23:74:e6:8d:d1:b4:19:
ba:dc:f4:fb:82:af:6d:21:46:03:cc:ef:37:e8:0f:ad:23:6d:
aa:21:22:f2:38:fa:b4:d7:14:49:8c:1f:8f:64:46:4d:ac:22:
d7:3a:91:d0:bb:90:7a:ae:79:85:e7:5e:d4:df:84:ef:69:c3:
25:93:79:54:f5:70:6d:65:54:ab:85:72:1e:39:e0:43:67:d0:
a1:6f:b3:dc:30:c6:b4:67:c7:89:59:51:af:2a:57:5c:da:ed:
9e:00:1f:76:d5:bf:3b:13:e0:f1:f9:f8:cf:20:e9:83:c4:56:
b2:bd:1f:c9:a7:49:5c:b4:de:3d:3e:72:f8:d7:95:3a:20:b9:
49:ad:33:de:eb:24:3d:74:7d:7b:b1:5d:61:33:1a:57:96:b9:
24:ec:3e:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk4oI+zWm59UxTxIQbe+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZWU5ZjdkOGU1ZDE4YzUwODg0ZjgzMzc4YWU0OGJhMmZj
ZGE2ZTIwHhcNMjUxMTExMTEwMTAzWhcNMjUxMTEyMTEwMTAzWjAzMTEwLwYDVQQD
EyhhNWIwMDZiOWNmN2Q3NWJjYjlhNjAzOGZiYTUzNjBjMjBkMzliYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnE2844yDE6d/Id8L+hoyXE41Aw9
80AqUxiqK3f3QF76fYp0n3iprFM3FR6g5awOn4a6Nzz1R1NP/Ylk80Q83s3G46c8
2k8QVWwM8gDdzNtIefFzzjFkJ/H75ezZzLa18uJEoefpWYdeAYO43MxsdzjATDxX
oS+btFmrVYMPdonD8Lc7igSnZzWZ2OR67WHyp4tMunocfno6IS6JAUqJW4dukguD
pOKjcf90lG9kFx3QwsA0hHFYPH+nPU6cAF4ocPd60UkLdIAIp/ck3lx+/EI6ia9X
kqhu5UsdiA1Jo3IrHdMGQXfJmBIgK4AlcjCr9T/m2dmL8O5bNqTP3/M13QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKWwBrnPfXW8uaYDj7pTYMINObpJMB8GA1UdIwQY
MBaAFHbun32OXRjFCIT4M3iuSLovzabiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHU2ZmZZNWRHTVVJaFBnemVLNUl1aV9OcHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hYTNiNDItYjYwMS00MGI0LWIyOTkt
YmY4ZTk2MGZlMGFkLzEvZHU2ZmZZNWRHTVVJaFBnemVLNUl1aV9OcHVJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hYTNiNDItYjYwMS00MGI0LWIyOTktYmY4ZTk2MGZlMGFk
LzEvZHU2ZmZZNWRHTVVJaFBnemVLNUl1aV9OcHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQgHEs/+
pI+4wyTE/igfKmZngqAQcDfQP37zvaguwCvnkDasR5fopaGHYnyYGh/Kgc8+MOa2
tg1nXJbVxvynMxvGSojgW+KjRvXGK0fFo0Zi0bmIzleayZtawB8WlYq9T8ftKvcj
dOaN0bQZutz0+4KvbSFGA8zvN+gPrSNtqiEi8jj6tNcUSYwfj2RGTawi1zqR0LuQ
eq55hede1N+E72nDJZN5VPVwbWVUq4VyHjngQ2fQoW+z3DDGtGfHiVlRrypXXNrt
ngAfdtW/OxPg8fn4zyDpg8RWsr0fyadJXLTePT5y+NeVOiC5Sa0z3uskPXR9e7Fd
YTMaV5a5JOw+mw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:41:44 2025 by rpki-client