Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft
File: 1DsiEwqpp3NCVHaewTv-Fx-h4os.mft (raw, json)
Hash identifier: B5iPFMto7kXaZGBnU2pPgEqox77NpLKizr5X0l+4R1A=
Subject key identifier: 3A:ED:12:5C:E6:9C:B4:64:06:2C:5B:7A:3B:2F:47:23:68:A7:52:E1
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 019A7293B3C2DEFFB8B2C9251459CB737587
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft
Manifest number: 0C29
Signing time: Tue 11 Nov 2025 11:01:13 +0000
Manifest this update: Tue 11 Nov 2025 11:01:13 +0000
Manifest next update: Wed 12 Nov 2025 11:01:13 +0000
Files and hashes: 1: 1DsiEwqpp3NCVHaewTv-Fx-h4os.crl (hash: nnrj8np8XWH8x5QK+XLSrlBqRDClvyeX4ya7ZbVZW6o=)
2: wEdGwXpwYmsgP9g00gzYyHwBX_w.roa (hash: xXn4YaJmCyamPKNCyA6d81IZAPpAi8iJdAjjF+NkEPs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:b3:c2:de:ff:b8:b2:c9:25:14:59:cb:73:75:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Nov 11 11:01:13 2025 GMT
Not After : Nov 12 11:01:13 2025 GMT
Subject: CN=3aed125ce69cb464062c5b7a3b2f472368a752e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c5:02:37:e2:3e:93:40:2b:ca:3c:9f:7d:72:
5e:87:7c:4d:73:69:0d:6e:61:b3:7d:77:8d:8d:58:
cd:fb:bf:66:5c:51:82:99:fa:e4:3f:f4:e1:23:2e:
42:b8:84:f4:d6:22:2a:2e:03:5d:9e:f1:2d:a1:74:
db:7c:89:64:0e:e0:5d:a5:17:27:d8:30:b8:ad:46:
a9:bb:d1:8c:15:04:33:e3:27:3d:ec:39:3a:31:5b:
91:3d:fe:50:a2:3c:66:7e:08:44:89:d1:b7:0c:60:
9e:1d:15:95:1d:3a:61:54:2b:71:56:4d:e0:13:c1:
22:03:4f:f7:7a:68:38:6d:79:23:ed:00:df:06:87:
f0:c3:ad:3d:a0:0a:45:6e:0a:89:8b:5c:d7:23:29:
1b:52:b8:a1:09:d9:b9:cb:f3:d4:b1:8b:e7:3f:cd:
1c:8d:af:28:db:3a:1b:e7:89:21:2f:85:76:f4:f2:
f8:9b:bd:78:ad:7e:e7:3b:a6:7c:9c:a5:69:85:de:
db:19:e7:58:9a:13:99:92:93:c8:c4:c0:03:d9:0e:
dd:54:b1:7f:1d:23:d6:16:a8:f1:06:df:17:0e:1d:
a8:7e:7f:2f:1e:ad:2a:61:10:1e:2e:44:50:4e:09:
00:49:87:76:de:7a:53:8b:b6:93:99:42:1e:67:34:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:ED:12:5C:E6:9C:B4:64:06:2C:5B:7A:3B:2F:47:23:68:A7:52:E1
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:e2:d6:eb:1b:51:ca:a6:48:99:f1:b9:2d:71:19:18:40:57:
ca:60:1c:26:2d:a8:ed:cf:55:b0:42:c9:94:9c:e5:35:f8:6c:
04:da:ff:9e:de:7d:d0:be:7a:3f:2f:f1:0f:a4:e2:59:8e:b3:
38:a9:b2:96:e7:a1:d1:29:f1:8b:7d:cb:1e:e5:39:e5:bf:d9:
40:f3:58:16:5d:e7:75:eb:a6:2b:9c:36:a6:ff:43:bd:12:96:
40:0f:93:73:a3:85:f2:6b:80:a8:9c:cc:1e:c8:58:51:cf:0b:
d2:03:ac:f5:0c:fb:5e:a7:78:cf:a7:66:bb:01:be:df:b0:f4:
0a:4a:33:ca:74:81:6a:29:cb:80:07:dd:34:2d:80:0b:c8:59:
f9:8a:6c:9c:b2:5d:0a:73:58:8e:79:bc:16:49:53:a1:4f:bf:
cf:0d:0b:7d:ad:18:4d:6c:b6:9d:ef:ef:ef:87:06:1d:53:07:
10:a5:ef:f6:9a:2c:4c:e4:88:9d:25:b5:3a:d8:97:18:bd:ac:
a6:4a:a0:7c:0d:81:b8:ee:fc:21:ec:0a:e7:00:44:0e:ba:95:
3f:aa:c7:2c:bd:0b:f0:12:69:13:0a:53:80:e0:b0:c9:f1:44:
c2:c4:b4:4f:ee:fd:14:95:06:75:1f:ea:7b:f5:b7:8a:5a:2c:
4f:66:e0:69
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk7PC3v+4ssklFFnLc3WHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjUxMTExMTEwMTEzWhcNMjUxMTEyMTEwMTEzWjAzMTEwLwYDVQQD
EygzYWVkMTI1Y2U2OWNiNDY0MDYyYzViN2EzYjJmNDcyMzY4YTc1MmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscUCN+I+k0AryjyffXJeh3xNc2kN
bmGzfXeNjVjN+79mXFGCmfrkP/ThIy5CuIT01iIqLgNdnvEtoXTbfIlkDuBdpRcn
2DC4rUapu9GMFQQz4yc97Dk6MVuRPf5QojxmfghEidG3DGCeHRWVHTphVCtxVk3g
E8EiA0/3emg4bXkj7QDfBofww609oApFbgqJi1zXIykbUrihCdm5y/PUsYvnP80c
ja8o2zob54khL4V29PL4m714rX7nO6Z8nKVphd7bGedYmhOZkpPIxMAD2Q7dVLF/
HSPWFqjxBt8XDh2ofn8vHq0qYRAeLkRQTgkASYd23npTi7aTmUIeZzRZzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDrtElzmnLRkBixbejsvRyNop1LhMB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC+LW6xtR
yqZImfG5LXEZGEBXymAcJi2o7c9VsELJlJzlNfhsBNr/nt590L56Py/xD6TiWY6z
OKmylueh0Snxi33LHuU55b/ZQPNYFl3ndeumK5w2pv9DvRKWQA+Tc6OF8muAqJzM
HshYUc8L0gOs9Qz7Xqd4z6dmuwG+37D0CkozynSBainLgAfdNC2AC8hZ+YpsnLJd
CnNYjnm8FklToU+/zw0Lfa0YTWy2ne/v74cGHVMHEKXv9posTOSInSW1OtiXGL2s
pkqgfA2BuO78IewK5wBEDrqVP6rHLL0L8BJpEwpTgOCwyfFEwsS0T+79FJUGdR/q
e/W3ilosT2bgaQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:25 2025 by rpki-client