Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.mft
File: rDKHVt7Ojyn5f0G4Ggh9tSThWbc.mft (raw, json)
Hash identifier: e2+5upCsFER6jJqi99eTh48GjLJGBFrcX6LfewQjjIw=
Subject key identifier: 63:C9:A4:8A:EA:12:9F:98:75:1D:6D:75:D0:AE:55:58:91:E0:F9:45
Authority key identifier: AC:32:87:56:DE:CE:8F:29:F9:7F:41:B8:1A:08:7D:B5:24:E1:59:B7
Certificate issuer: /CN=ac328756dece8f29f97f41b81a087db524e159b7
Certificate serial: 019A71EEAE992E1144987EC76FB146442BA0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.mft
Manifest number: 136A
Signing time: Tue 11 Nov 2025 08:00:58 +0000
Manifest this update: Tue 11 Nov 2025 08:00:58 +0000
Manifest next update: Wed 12 Nov 2025 08:00:58 +0000
Files and hashes: 1: KhThgn0FLgtxgLmV5WuQd88UjJs.roa (hash: UVyvP36EKpZylxYZtY94LC7cB1Xoy48Pim7visCwDUs=)
2: rDKHVt7Ojyn5f0G4Ggh9tSThWbc.crl (hash: FR0BJZQE5CLqtNNrRX7KSAdvtwOFEelQ7sAgwSuH/YY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ae:99:2e:11:44:98:7e:c7:6f:b1:46:44:2b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac328756dece8f29f97f41b81a087db524e159b7
Validity
Not Before: Nov 11 08:00:58 2025 GMT
Not After : Nov 12 08:00:58 2025 GMT
Subject: CN=63c9a48aea129f98751d6d75d0ae555891e0f945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:62:5c:85:7f:c4:1f:52:3c:ed:30:c9:6f:fc:
b3:3e:e8:7f:6e:e2:7c:9e:e1:84:89:6e:a2:33:82:
2b:ff:57:1d:17:80:22:37:50:06:42:54:f5:09:64:
2c:a1:24:2c:23:5b:39:a6:53:e0:3c:ae:bd:a6:c6:
2e:3a:c6:a6:01:fe:01:f1:d6:b5:0c:57:63:93:98:
21:61:e6:fc:1b:f3:40:16:c4:af:bb:9d:1a:c2:50:
7e:a6:a4:94:3f:33:dc:0c:8c:c3:3f:df:61:b5:3b:
59:f5:e9:a9:81:0d:c6:08:ec:bb:ed:96:45:b4:3c:
d4:72:f2:2a:b7:b4:b1:2d:ca:7d:4d:1b:e7:8a:02:
86:de:27:60:2d:8d:c7:ad:d3:36:35:76:40:cb:66:
e1:5d:11:3c:80:12:bd:8f:d5:f3:62:3b:46:9a:2b:
33:88:85:48:15:48:d8:f4:90:7b:6c:3b:80:00:1e:
91:05:a1:89:01:c9:28:6a:c4:bd:65:ae:cd:d4:64:
70:09:f9:9a:52:f4:fe:f7:91:a6:c7:12:33:e6:92:
24:67:c5:a8:2d:8b:1b:26:45:7f:d8:47:f3:7e:de:
9a:cf:70:93:4f:93:33:2d:bc:e9:95:09:16:64:cb:
a5:40:d5:ff:36:83:80:31:ec:2b:fd:fa:96:ab:0b:
b2:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C9:A4:8A:EA:12:9F:98:75:1D:6D:75:D0:AE:55:58:91:E0:F9:45
X509v3 Authority Key Identifier:
keyid:AC:32:87:56:DE:CE:8F:29:F9:7F:41:B8:1A:08:7D:B5:24:E1:59:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/fb78ad-918e-44c2-9501-024ad4fb3708/1/rDKHVt7Ojyn5f0G4Ggh9tSThWbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
56:13:12:fa:6e:08:1c:3c:f6:cf:3d:b6:2a:4d:ee:18:a9:1f:
2a:57:85:c9:ae:9e:62:c8:6d:ed:49:a5:fb:28:94:c1:70:7e:
c9:d0:1e:03:fb:02:59:7d:7b:ce:b5:64:d8:15:3c:2b:09:4e:
f1:b1:7e:fb:3d:e6:74:5d:d5:79:89:fb:00:75:37:30:ef:b9:
2d:40:e3:37:86:a4:48:2c:b2:7a:5a:e6:4a:35:03:11:e7:9f:
e3:70:9c:6f:f8:0e:6a:6d:5b:b9:b2:ce:65:38:a8:34:cd:64:
d3:3e:b3:ce:3a:66:c3:40:e5:97:9e:92:56:3c:fa:ee:c0:a5:
af:40:5e:fd:1a:45:42:de:09:ee:76:b8:ae:d2:58:75:a7:b8:
83:6d:6a:b7:23:32:19:ce:bd:ea:e6:98:70:df:ae:51:ce:b2:
52:51:98:53:9b:61:67:71:e4:6c:a5:a4:18:49:1c:55:81:08:
42:ae:2e:f7:21:9f:7f:de:9a:ee:3c:99:ce:f8:82:f1:26:25:
b0:58:0b:33:cf:60:5c:64:d2:ee:b4:e5:b5:ad:41:bf:84:81:
62:b1:34:ed:76:6d:58:17:75:77:f0:e8:8d:31:15:4f:cb:71:
ac:84:66:6e:42:c6:fa:93:f2:e2:98:b8:cd:46:d4:5e:0f:fa:
b8:4b:e7:c8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7q6ZLhFEmH7Hb7FGRCugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMzI4NzU2ZGVjZThmMjlmOTdmNDFiODFhMDg3ZGI1MjRl
MTU5YjcwHhcNMjUxMTExMDgwMDU4WhcNMjUxMTEyMDgwMDU4WjAzMTEwLwYDVQQD
Eyg2M2M5YTQ4YWVhMTI5Zjk4NzUxZDZkNzVkMGFlNTU1ODkxZTBmOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2JchX/EH1I87TDJb/yzPuh/buJ8
nuGEiW6iM4Ir/1cdF4AiN1AGQlT1CWQsoSQsI1s5plPgPK69psYuOsamAf4B8da1
DFdjk5ghYeb8G/NAFsSvu50awlB+pqSUPzPcDIzDP99htTtZ9empgQ3GCOy77ZZF
tDzUcvIqt7SxLcp9TRvnigKG3idgLY3HrdM2NXZAy2bhXRE8gBK9j9XzYjtGmisz
iIVIFUjY9JB7bDuAAB6RBaGJAckoasS9Za7N1GRwCfmaUvT+95GmxxIz5pIkZ8Wo
LYsbJkV/2Efzft6az3CTT5MzLbzplQkWZMulQNX/NoOAMewr/fqWqwuyQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGPJpIrqEp+YdR1tddCuVViR4PlFMB8GA1UdIwQY
MBaAFKwyh1bezo8p+X9BuBoIfbUk4Vm3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckRLSFZ0N09qeW41ZjBHNEdnaDl0U1RoV2JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mYjc4YWQtOTE4ZS00NGMyLTk1MDEt
MDI0YWQ0ZmIzNzA4LzEvckRLSFZ0N09qeW41ZjBHNEdnaDl0U1RoV2JjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mYjc4YWQtOTE4ZS00NGMyLTk1MDEtMDI0YWQ0ZmIzNzA4
LzEvckRLSFZ0N09qeW41ZjBHNEdnaDl0U1RoV2JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVhMS+m4I
HDz2zz22Kk3uGKkfKleFya6eYsht7Uml+yiUwXB+ydAeA/sCWX17zrVk2BU8KwlO
8bF++z3mdF3VeYn7AHU3MO+5LUDjN4akSCyyelrmSjUDEeef43Ccb/gOam1bubLO
ZTioNM1k0z6zzjpmw0Dll56SVjz67sClr0Be/RpFQt4J7na4rtJYdae4g21qtyMy
Gc696uaYcN+uUc6yUlGYU5thZ3HkbKWkGEkcVYEIQq4u9yGff96a7jyZzviC8SYl
sFgLM89gXGTS7rTlta1Bv4SBYrE07XZtWBd1d/DojTEVT8txrIRmbkLG+pPy4pi4
zUbUXg/6uEvnyA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:15 2025 by rpki-client