Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft
File: 6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft (raw, json)
Hash identifier: vvG8oHKQVNVZxJIa2sn62CBAREdqMx3KEWFjtzRIojY=
Subject key identifier: CD:3C:44:10:8D:A8:DB:71:49:1D:DA:9C:3A:E9:1F:66:29:8C:C7:54
Authority key identifier: EA:1E:CF:AD:FA:FD:4F:E1:4C:BD:C2:21:B9:15:9E:E9:61:8E:FE:89
Certificate issuer: /CN=ea1ecfadfafd4fe14cbdc221b9159ee9618efe89
Certificate serial: 019A722585E432E7FDE2D6A96602493A5198
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6h7Prfr9T-FMvcIhuRWe6WGO_ok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft
Manifest number: A7
Signing time: Tue 11 Nov 2025 09:00:52 +0000
Manifest this update: Tue 11 Nov 2025 09:00:52 +0000
Manifest next update: Wed 12 Nov 2025 09:00:52 +0000
Files and hashes: 1: 6h7Prfr9T-FMvcIhuRWe6WGO_ok.crl (hash: Y7ciLpYHKSueCbnFXlAPnPWmH25WG5oGEOe/+2cQvFo=)
2: pqo0TVIkWRzSNUY9ZM-DKBIuqHI.roa (hash: LE3ROsTHxCh32pw3rOkJiWiuchaEH2tULrKqdyCWHwI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft
rsync://rpki.ripe.net/repository/DEFAULT/6h7Prfr9T-FMvcIhuRWe6WGO_ok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:85:e4:32:e7:fd:e2:d6:a9:66:02:49:3a:51:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea1ecfadfafd4fe14cbdc221b9159ee9618efe89
Validity
Not Before: Nov 11 09:00:52 2025 GMT
Not After : Nov 12 09:00:52 2025 GMT
Subject: CN=cd3c44108da8db71491dda9c3ae91f66298cc754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:b5:11:3d:24:6a:be:28:21:1c:2b:b3:85:e8:
28:3b:3e:fe:e8:09:e1:f3:b3:ed:90:f9:8f:c9:e5:
31:39:cd:d8:6c:cd:ea:f9:a6:21:11:1f:67:c3:6a:
9b:77:49:1f:01:ed:40:65:90:22:07:c7:c7:59:4b:
2b:8d:53:86:78:f5:bc:de:65:fb:12:f7:ba:5a:66:
b4:2b:0d:77:6b:35:28:55:c1:02:ee:6b:4c:a2:20:
9a:72:b4:86:f0:67:ba:57:08:b7:8a:48:7c:f8:b2:
ad:99:e3:fc:ae:17:95:d3:4d:26:22:2e:22:96:c4:
b7:d6:ec:28:ff:8f:18:28:66:0c:09:63:bf:9a:6f:
db:33:6e:4f:13:df:d1:31:ce:7d:65:a3:cc:0e:92:
64:cb:71:4e:23:39:ae:46:f8:0b:17:e1:2f:9e:7f:
0f:41:ae:5a:65:f5:cf:a4:fe:5e:15:e6:64:1f:8f:
fd:66:31:59:fc:06:8c:db:a7:d6:41:75:88:2f:0f:
df:ce:49:18:15:83:3a:c3:4a:51:0f:b6:33:2c:d6:
33:96:19:28:bd:a8:02:85:c6:d7:2d:65:14:e5:20:
04:d1:bd:1d:6b:16:4b:31:b2:4a:49:34:5c:f3:f7:
7d:f5:66:36:61:46:1f:42:9e:5d:2d:82:d1:59:0c:
8a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3C:44:10:8D:A8:DB:71:49:1D:DA:9C:3A:E9:1F:66:29:8C:C7:54
X509v3 Authority Key Identifier:
keyid:EA:1E:CF:AD:FA:FD:4F:E1:4C:BD:C2:21:B9:15:9E:E9:61:8E:FE:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6h7Prfr9T-FMvcIhuRWe6WGO_ok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/021eaa-1cf0-41cb-b95b-162a82729f73/1/6h7Prfr9T-FMvcIhuRWe6WGO_ok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
df:d3:05:27:b7:35:b0:cd:83:80:94:f9:dd:fc:d2:02:48:07:
83:12:34:9f:75:01:a1:a6:c6:91:6b:53:8d:36:37:07:7d:9a:
9d:1c:c0:52:2d:12:e0:10:ff:08:6c:ca:ad:56:38:ee:dd:cf:
0e:95:07:6a:4e:6d:18:1f:a1:b0:e2:96:6e:9d:9b:02:99:a1:
32:bf:54:9f:be:44:bc:7a:e3:e0:b2:e6:79:18:b0:20:80:13:
b3:32:08:1c:24:85:3c:98:7b:03:03:e1:f5:1c:e7:a5:e9:2f:
9e:eb:82:d9:cf:d3:8b:ce:46:94:be:32:f8:90:e7:49:2f:ff:
15:87:84:99:73:81:b8:0d:4b:09:ac:49:36:19:4e:c0:3e:8d:
93:ab:39:6c:d4:0a:3c:cd:7a:3f:84:98:5c:de:72:33:81:39:
f1:b0:1a:15:31:6e:4c:20:df:8f:92:4f:fb:8d:4a:2e:a7:6f:
c2:07:d5:fe:7b:df:1b:6d:6e:2e:35:9e:70:23:72:7b:3c:cd:
79:68:a9:e3:d6:28:09:6f:59:ea:94:2e:7d:5f:6e:7c:66:4d:
fc:e7:e7:4a:f8:d9:4a:ad:ed:0d:45:ee:76:70:87:f2:4b:82:
4e:61:23:86:21:f8:49:17:d0:79:29:a0:ea:5c:3b:d0:57:65:
5b:f5:96:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYXkMuf94tapZgJJOlGYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhMWVjZmFkZmFmZDRmZTE0Y2JkYzIyMWI5MTU5ZWU5NjE4
ZWZlODkwHhcNMjUxMTExMDkwMDUyWhcNMjUxMTEyMDkwMDUyWjAzMTEwLwYDVQQD
EyhjZDNjNDQxMDhkYThkYjcxNDkxZGRhOWMzYWU5MWY2NjI5OGNjNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LURPSRqvighHCuzhegoOz7+6Anh
87PtkPmPyeUxOc3YbM3q+aYhER9nw2qbd0kfAe1AZZAiB8fHWUsrjVOGePW83mX7
Eve6Wma0Kw13azUoVcEC7mtMoiCacrSG8Ge6Vwi3ikh8+LKtmeP8rheV000mIi4i
lsS31uwo/48YKGYMCWO/mm/bM25PE9/RMc59ZaPMDpJky3FOIzmuRvgLF+Evnn8P
Qa5aZfXPpP5eFeZkH4/9ZjFZ/AaM26fWQXWILw/fzkkYFYM6w0pRD7YzLNYzlhko
vagChcbXLWUU5SAE0b0daxZLMbJKSTRc8/d99WY2YUYfQp5dLYLRWQyKcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM08RBCNqNtxSR3anDrpH2YpjMdUMB8GA1UdIwQY
MBaAFOoez636/U/hTL3CIbkVnulhjv6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmg3UHJmcjlULUZNdmNJaHVSV2U2V0dPX29rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wMjFlYWEtMWNmMC00MWNiLWI5NWIt
MTYyYTgyNzI5ZjczLzEvNmg3UHJmcjlULUZNdmNJaHVSV2U2V0dPX29rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wMjFlYWEtMWNmMC00MWNiLWI5NWItMTYyYTgyNzI5Zjcz
LzEvNmg3UHJmcjlULUZNdmNJaHVSV2U2V0dPX29rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA39MFJ7c1
sM2DgJT53fzSAkgHgxI0n3UBoabGkWtTjTY3B32anRzAUi0S4BD/CGzKrVY47t3P
DpUHak5tGB+hsOKWbp2bApmhMr9Un75EvHrj4LLmeRiwIIATszIIHCSFPJh7AwPh
9RznpekvnuuC2c/Ti85GlL4y+JDnSS//FYeEmXOBuA1LCaxJNhlOwD6Nk6s5bNQK
PM16P4SYXN5yM4E58bAaFTFuTCDfj5JP+41KLqdvwgfV/nvfG21uLjWecCNyezzN
eWip49YoCW9Z6pQufV9ufGZN/OfnSvjZSq3tDUXudnCH8kuCTmEjhiH4SRfQeSmg
6lw70FdlW/WWEA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:11 2025 by rpki-client