Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json)
Hash identifier: hxCn4qUp+6nu9i+rUgTQXyiCd8efra6Zq06WxJs8OpA=
Subject key identifier: 21:28:6A:2E:BE:70:56:50:F9:45:9B:59:39:7E:BC:5E:54:49:9D:9F
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 019A73015E319D45743F34254B32DA9663B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
Manifest number: 0D20
Signing time: Tue 11 Nov 2025 13:01:00 +0000
Manifest this update: Tue 11 Nov 2025 13:01:00 +0000
Manifest next update: Wed 12 Nov 2025 13:01:00 +0000
Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: kW4i200kRpX9NWiwRxRNKDf0XiGa34OzeAZqjNcUyh8=)
2: DQo4EErqs46yA4QIpyLHGlOprVU.roa (hash: jpEUtUNk7NIqvU0XQCmCZgYXNkApAZ2zVdQgWdhDGWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:5e:31:9d:45:74:3f:34:25:4b:32:da:96:63:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Nov 11 13:01:00 2025 GMT
Not After : Nov 12 13:01:00 2025 GMT
Subject: CN=21286a2ebe705650f9459b59397ebc5e54499d9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:f2:62:bb:c9:ec:b6:cf:2b:69:fe:2f:75:
72:50:9c:44:83:b3:53:79:f0:08:3f:b3:0c:bb:f5:
d1:ad:34:f7:6f:da:5c:37:8b:ef:ce:5f:44:a3:57:
31:45:3a:99:ad:57:22:e1:01:ff:5c:87:fd:ba:53:
09:11:28:90:a5:2e:1b:28:ae:f0:31:fb:66:52:47:
a3:64:09:37:8d:5f:b5:2e:29:61:dd:73:83:8f:25:
b6:4e:2f:8f:8c:70:2e:10:d2:52:69:ed:39:b7:9e:
3e:3e:87:b5:94:9f:c2:59:20:84:ab:dc:f7:47:c3:
0e:c2:28:99:a0:a3:7f:99:b4:b6:58:0e:d0:5e:c2:
75:6e:60:d3:b5:69:cd:c1:95:6f:bc:16:fb:25:b2:
e5:64:1f:08:16:4c:a8:7e:35:12:32:e3:5c:8a:ca:
09:c5:54:8e:62:19:83:dd:cc:4e:26:c6:10:a5:3d:
96:aa:bd:c9:25:60:7f:d0:06:81:b2:16:33:3b:cf:
4c:50:48:06:96:d3:35:33:2d:34:9f:00:ea:99:bf:
57:d8:ca:51:ed:70:af:c0:33:cb:6c:65:9f:2f:e6:
46:ce:ca:7e:0a:6a:0d:bb:7f:47:91:83:e6:31:05:
f5:19:94:f1:ef:18:26:28:66:8c:5a:24:13:03:63:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:28:6A:2E:BE:70:56:50:F9:45:9B:59:39:7E:BC:5E:54:49:9D:9F
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
20:c9:92:af:14:18:ff:13:1b:c6:51:81:bc:08:d8:3b:85:69:
d7:c2:f6:2c:e8:02:06:ae:41:4e:4e:62:1b:01:7d:6a:c0:f8:
b6:02:f1:7f:4d:1f:47:7e:9f:bb:7e:3a:15:45:52:31:1c:c1:
ac:5c:21:e8:bf:ac:f1:ff:bf:64:8b:84:bd:a6:fd:74:21:57:
51:e1:e2:62:c3:95:b6:47:03:26:cc:16:45:b6:bf:0f:e1:34:
93:f0:61:0a:09:3d:78:6b:7e:e5:c2:3c:71:12:cf:ee:bf:50:
57:db:15:44:1e:c6:d7:a4:84:fe:87:58:a5:12:1b:30:c0:e0:
aa:5d:c3:20:a6:d4:f3:ca:45:ef:ba:a6:f0:bf:91:83:d0:bd:
0b:88:9a:f6:89:b5:f7:6b:4a:03:27:67:71:9a:cc:18:84:94:
9b:f1:b6:76:f9:b5:16:6c:6a:f2:86:00:b5:5f:a7:13:91:43:
ea:88:44:24:d0:de:ac:68:8f:06:23:44:ec:93:d4:9b:59:6c:
c1:4a:03:e9:18:ba:09:dc:91:8f:c7:9c:83:23:51:31:cd:0d:
ec:d5:b5:d7:d4:51:21:b9:32:eb:12:27:9f:9f:a8:85:04:8a:
7c:67:76:34:b4:71:56:30:5b:42:2c:95:4b:5d:e1:db:f4:23:
0c:99:2e:ce
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAV4xnUV0PzQlSzLalmO0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjUxMTExMTMwMTAwWhcNMjUxMTEyMTMwMTAwWjAzMTEwLwYDVQQD
EygyMTI4NmEyZWJlNzA1NjUwZjk0NTliNTkzOTdlYmM1ZTU0NDk5ZDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0HyYrvJ7LbPK2n+L3VyUJxEg7NT
efAIP7MMu/XRrTT3b9pcN4vvzl9Eo1cxRTqZrVci4QH/XIf9ulMJESiQpS4bKK7w
MftmUkejZAk3jV+1Lilh3XODjyW2Ti+PjHAuENJSae05t54+Poe1lJ/CWSCEq9z3
R8MOwiiZoKN/mbS2WA7QXsJ1bmDTtWnNwZVvvBb7JbLlZB8IFkyofjUSMuNcisoJ
xVSOYhmD3cxOJsYQpT2Wqr3JJWB/0AaBshYzO89MUEgGltM1My00nwDqmb9X2MpR
7XCvwDPLbGWfL+ZGzsp+CmoNu39HkYPmMQX1GZTx7xgmKGaMWiQTA2NTuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCEoai6+cFZQ+UWbWTl+vF5USZ2fMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIMmSrxQY
/xMbxlGBvAjYO4Vp18L2LOgCBq5BTk5iGwF9asD4tgLxf00fR36fu346FUVSMRzB
rFwh6L+s8f+/ZIuEvab9dCFXUeHiYsOVtkcDJswWRba/D+E0k/BhCgk9eGt+5cI8
cRLP7r9QV9sVRB7G16SE/odYpRIbMMDgql3DIKbU88pF77qm8L+Rg9C9C4ia9om1
92tKAydncZrMGISUm/G2dvm1Fmxq8oYAtV+nE5FD6ohEJNDerGiPBiNE7JPUm1ls
wUoD6Ri6CdyRj8ecgyNRMc0N7NW119RRIbky6xInn5+ohQSKfGd2NLRxVjBbQiyV
S13h2/QjDJkuzg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:51:31 2025 by rpki-client