Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.mft
File: 1jND98xsI32j-LgROMBR2Pk8nE0.mft (raw, json)
Hash identifier: lofvLdZtlS298WGxOpZL3X0j0vftTca0WkYgdR1DC+U=
Subject key identifier: FF:39:72:82:F4:23:D2:01:AF:0B:C4:88:D0:2A:CC:63:39:83:59:E9
Authority key identifier: D6:33:43:F7:CC:6C:23:7D:A3:F8:B8:11:38:C0:51:D8:F9:3C:9C:4D
Certificate issuer: /CN=d63343f7cc6c237da3f8b81138c051d8f93c9c4d
Certificate serial: 019A71EE93E17DFD9CF68E5FAD3F07D83A6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1jND98xsI32j-LgROMBR2Pk8nE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 08:00:52 +0000
Manifest this update: Tue 11 Nov 2025 08:00:52 +0000
Manifest next update: Wed 12 Nov 2025 08:00:52 +0000
Files and hashes: 1: 1jND98xsI32j-LgROMBR2Pk8nE0.crl (hash: rexVIxB9daW/T56byBeBhyjXCHyc2D9cBGzTmsWgrgY=)
2: r8Cx9iv2Us-sXIBLH4ymKtjO_pw.roa (hash: zSG7oRCig4axArTg72yLWZy9j2Lnt0Tay8wTKKxpjxM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1jND98xsI32j-LgROMBR2Pk8nE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:93:e1:7d:fd:9c:f6:8e:5f:ad:3f:07:d8:3a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d63343f7cc6c237da3f8b81138c051d8f93c9c4d
Validity
Not Before: Nov 11 08:00:52 2025 GMT
Not After : Nov 12 08:00:52 2025 GMT
Subject: CN=ff397282f423d201af0bc488d02acc63398359e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4d:5b:b4:d4:f2:8a:40:01:bf:1f:49:5e:9d:
0c:27:7f:20:b8:3a:1c:ab:3f:1e:e5:93:e8:ce:ff:
1a:67:f2:1b:f0:7c:b5:19:2c:5c:81:42:ec:35:e5:
2e:41:d7:60:14:7a:cf:68:4c:0a:73:3d:8c:66:8b:
ff:13:c7:87:ef:f6:09:7e:59:01:ae:39:83:ed:04:
8e:c7:d9:f8:d7:f9:c0:b1:c0:b7:cf:ca:61:57:58:
4f:1d:23:b5:26:c2:ae:5d:9a:0a:21:73:65:6c:29:
ef:cb:50:32:cc:a4:82:49:8a:e3:49:12:e7:27:2c:
e0:62:fd:90:5e:40:d5:7f:ad:b3:b2:f0:b1:c1:13:
2d:d8:3d:27:5d:76:e3:f9:16:c8:15:e7:50:2f:4a:
45:bf:fb:39:05:8a:28:a4:ab:e3:c0:2f:c4:77:93:
57:94:c0:0c:ac:c4:68:1f:8e:3b:ce:a7:e1:ea:d6:
f6:23:64:71:5a:fd:8a:c2:a6:a6:e9:72:3b:fd:e1:
d4:74:18:77:11:54:03:83:35:40:88:6a:e7:1f:4f:
53:78:22:77:9c:df:f4:f6:5d:17:f4:f3:42:29:20:
3d:61:28:b2:ca:8f:a7:f4:fc:0f:32:25:de:00:21:
08:cf:75:dc:f3:93:cb:9c:5e:bd:4e:0d:ff:c5:e9:
58:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:39:72:82:F4:23:D2:01:AF:0B:C4:88:D0:2A:CC:63:39:83:59:E9
X509v3 Authority Key Identifier:
keyid:D6:33:43:F7:CC:6C:23:7D:A3:F8:B8:11:38:C0:51:D8:F9:3C:9C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1jND98xsI32j-LgROMBR2Pk8nE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/8eb581-9c74-48e1-821a-53180eec56fb/1/1jND98xsI32j-LgROMBR2Pk8nE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:d3:a9:a0:33:e6:bf:25:83:93:ab:6b:b6:5f:9d:60:77:90:
53:a3:49:92:e4:f5:0f:3c:e9:90:45:d9:60:7e:51:76:f5:f3:
89:38:95:31:94:77:c4:37:20:f6:33:be:e9:90:56:29:35:f1:
33:d7:4d:ce:4b:2b:5b:e2:eb:18:0f:c7:da:fb:7a:ba:d4:fd:
ef:28:68:80:a0:c8:e4:be:89:0c:82:f0:68:3a:23:52:91:c3:
dc:12:61:23:1d:80:41:d2:25:83:61:c4:07:a7:ff:c9:28:a7:
64:be:b1:ab:5a:68:6a:02:cb:93:49:42:8d:53:72:1c:b4:32:
3d:ba:0b:a6:5e:be:93:47:94:d9:b9:50:72:be:b1:48:6d:b2:
f5:6f:de:d1:5a:02:59:bb:40:e8:00:96:bb:ab:70:04:79:82:
f5:61:70:69:39:60:c9:72:83:f6:de:45:22:44:90:87:46:93:
1f:a7:a7:ae:05:bf:65:d4:6b:fa:1a:2b:30:bb:ea:40:64:e1:
dd:62:45:91:dd:24:57:e5:9c:ab:2a:3a:6d:60:88:06:ad:2a:
ac:12:99:79:05:cb:f7:79:f6:e1:28:3a:dd:a3:7c:82:8b:ee:
90:62:f5:e5:56:47:5e:31:25:75:1d:5b:11:7c:ce:6b:3e:7c:
42:2c:2e:e5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pPhff2c9o5frT8H2DptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MzM0M2Y3Y2M2YzIzN2RhM2Y4YjgxMTM4YzA1MWQ4Zjkz
YzljNGQwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
EyhmZjM5NzI4MmY0MjNkMjAxYWYwYmM0ODhkMDJhY2M2MzM5ODM1OWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0E1btNTyikABvx9JXp0MJ38guDoc
qz8e5ZPozv8aZ/Ib8Hy1GSxcgULsNeUuQddgFHrPaEwKcz2MZov/E8eH7/YJflkB
rjmD7QSOx9n41/nAscC3z8phV1hPHSO1JsKuXZoKIXNlbCnvy1AyzKSCSYrjSRLn
JyzgYv2QXkDVf62zsvCxwRMt2D0nXXbj+RbIFedQL0pFv/s5BYoopKvjwC/Ed5NX
lMAMrMRoH447zqfh6tb2I2RxWv2Kwqam6XI7/eHUdBh3EVQDgzVAiGrnH09TeCJ3
nN/09l0X9PNCKSA9YSiyyo+n9PwPMiXeACEIz3Xc85PLnF69Tg3/xelY7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP85coL0I9IBrwvEiNAqzGM5g1npMB8GA1UdIwQY
MBaAFNYzQ/fMbCN9o/i4ETjAUdj5PJxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWpORDk4eHNJMzJqLUxnUk9NQlIyUGs4bkUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS84ZWI1ODEtOWM3NC00OGUxLTgyMWEt
NTMxODBlZWM1NmZiLzEvMWpORDk4eHNJMzJqLUxnUk9NQlIyUGs4bkUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS84ZWI1ODEtOWM3NC00OGUxLTgyMWEtNTMxODBlZWM1NmZi
LzEvMWpORDk4eHNJMzJqLUxnUk9NQlIyUGs4bkUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMtOpoDPm
vyWDk6trtl+dYHeQU6NJkuT1DzzpkEXZYH5RdvXziTiVMZR3xDcg9jO+6ZBWKTXx
M9dNzksrW+LrGA/H2vt6utT97yhogKDI5L6JDILwaDojUpHD3BJhIx2AQdIlg2HE
B6f/ySinZL6xq1poagLLk0lCjVNyHLQyPboLpl6+k0eU2blQcr6xSG2y9W/e0VoC
WbtA6ACWu6twBHmC9WFwaTlgyXKD9t5FIkSQh0aTH6enrgW/ZdRr+horMLvqQGTh
3WJFkd0kV+Wcqyo6bWCIBq0qrBKZeQXL93n24Sg63aN8govukGL15VZHXjEldR1b
EXzOaz58Qiwu5Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:18 2025 by rpki-client