Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft
File: dy9wNcKJOyjNBP0amzys0kKMjf0.mft (raw, json)
Hash identifier: rX/CWt6RO1CvwuGb3dF9/reB7ZXFvAGyFfNWN8laBRE=
Subject key identifier: 20:C3:03:FE:5B:55:8B:23:00:34:09:33:6E:0C:C5:EE:BB:08:52:76
Authority key identifier: 77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD
Certificate issuer: /CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd
Certificate serial: 019A67344CB02B1E4878F95B231F542D8612
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft
Manifest number: 0435
Signing time: Sun 09 Nov 2025 06:01:11 +0000
Manifest this update: Sun 09 Nov 2025 06:01:11 +0000
Manifest next update: Mon 10 Nov 2025 06:01:11 +0000
Files and hashes: 1: 9jS2v21J95xARBtQOtdTT0EtYBQ.roa (hash: BeiYvaVP67aUM+eVkzjpflxlaHwkNmiJmUTQZAVqkOQ=)
2: dy9wNcKJOyjNBP0amzys0kKMjf0.crl (hash: WVwiB85TbQCkU2BpzcRfJrEe4ymgqcS0O9wInyRQ/xQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft
rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Nov 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:67:34:4c:b0:2b:1e:48:78:f9:5b:23:1f:54:2d:86:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=772f7035c2893b28cd04fd1a9b3cacd2428c8dfd
Validity
Not Before: Nov 9 06:01:11 2025 GMT
Not After : Nov 10 06:01:11 2025 GMT
Subject: CN=20c303fe5b558b23003409336e0cc5eebb085276
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0f:c7:a5:2b:71:64:f0:57:06:d9:bb:a2:e5:
43:c2:81:7c:58:0f:75:9c:65:34:e6:fe:58:4c:97:
db:2f:57:80:a0:c5:2b:44:8c:9f:1c:5f:86:88:1e:
1b:05:4e:aa:94:40:8d:de:9c:eb:03:e7:17:e9:46:
4a:bf:11:10:de:68:6c:dc:70:08:fd:fb:3b:65:04:
68:e8:a5:6c:06:f8:9a:4c:cb:04:48:ef:a1:71:57:
b3:ee:88:5a:ea:b8:09:5b:27:26:bb:65:ce:7d:94:
59:9d:81:98:7a:06:6b:16:8e:00:db:bf:05:c5:2e:
ce:66:2a:f6:26:ec:87:83:41:9f:82:a9:d3:0c:3e:
db:32:0a:7a:14:51:a7:a9:5b:e4:7b:62:ff:9a:8c:
4d:0d:94:9a:5b:86:40:03:e6:17:1a:46:6d:fa:54:
02:bc:65:dc:01:65:75:c7:4d:b2:c5:03:c9:3f:8a:
76:5b:23:fe:1a:9f:4e:e5:f8:3c:a8:21:46:d4:58:
1b:87:b6:3c:ae:5b:1a:e9:0d:aa:35:8d:1f:72:34:
4e:89:01:f3:8d:9b:4c:92:65:bc:6a:89:89:b6:e4:
ab:ed:05:b8:de:ec:52:2f:b1:dd:ff:cf:a9:2b:fd:
64:70:6c:39:33:0f:b7:f3:b6:a5:88:65:ba:01:fc:
72:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C3:03:FE:5B:55:8B:23:00:34:09:33:6E:0C:C5:EE:BB:08:52:76
X509v3 Authority Key Identifier:
keyid:77:2F:70:35:C2:89:3B:28:CD:04:FD:1A:9B:3C:AC:D2:42:8C:8D:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dy9wNcKJOyjNBP0amzys0kKMjf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/41eae0-6b72-4624-9c24-83035afe4a37/1/dy9wNcKJOyjNBP0amzys0kKMjf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:b5:7f:e2:34:3e:c0:41:d1:67:56:0a:6c:2b:fb:bf:81:c2:
6e:c4:c0:85:58:91:ec:f7:89:fe:9e:0a:fb:6c:5a:67:b0:ba:
ba:dd:a2:07:7f:5c:24:a2:83:5b:89:3f:40:f1:68:38:e4:25:
3f:89:ab:96:3f:36:ac:6f:0e:8a:29:98:2d:de:4a:95:d8:db:
e7:53:3a:a1:9f:1c:32:14:b4:6b:2a:8f:dc:45:fb:67:50:61:
12:ef:a7:6c:de:b2:3e:f9:19:36:1f:0e:f6:9d:ea:9d:7b:9b:
a1:47:11:51:34:31:c7:47:8a:41:6b:2e:1a:29:b8:ba:21:6d:
e8:fe:15:03:c3:43:e3:1a:69:7e:78:83:5e:78:25:4a:ec:7b:
f2:b7:fe:d7:23:89:09:59:01:80:20:6e:d6:2a:43:d7:e5:f0:
21:b6:75:4a:57:2d:31:ba:d5:13:1c:7b:0d:41:7b:d1:91:6d:
8a:36:63:e8:6b:bc:48:ac:c9:22:66:ca:3d:c9:22:71:3b:5f:
16:38:55:3c:4f:74:f6:35:c8:d7:41:82:b5:68:ab:73:da:1c:
46:e9:7b:51:7a:20:64:d0:3d:72:84:70:c2:95:30:9b:de:f3:
3c:ba:b8:a4:81:f4:eb:a5:46:e5:78:df:e9:40:b2:5e:e3:cc:
d4:08:ed:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpnNEywKx5IePlbIx9ULYYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3MmY3MDM1YzI4OTNiMjhjZDA0ZmQxYTliM2NhY2QyNDI4
YzhkZmQwHhcNMjUxMTA5MDYwMTExWhcNMjUxMTEwMDYwMTExWjAzMTEwLwYDVQQD
EygyMGMzMDNmZTViNTU4YjIzMDAzNDA5MzM2ZTBjYzVlZWJiMDg1Mjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Q/HpStxZPBXBtm7ouVDwoF8WA91
nGU05v5YTJfbL1eAoMUrRIyfHF+GiB4bBU6qlECN3pzrA+cX6UZKvxEQ3mhs3HAI
/fs7ZQRo6KVsBviaTMsESO+hcVez7oha6rgJWycmu2XOfZRZnYGYegZrFo4A278F
xS7OZir2JuyHg0GfgqnTDD7bMgp6FFGnqVvke2L/moxNDZSaW4ZAA+YXGkZt+lQC
vGXcAWV1x02yxQPJP4p2WyP+Gp9O5fg8qCFG1Fgbh7Y8rlsa6Q2qNY0fcjROiQHz
jZtMkmW8aomJtuSr7QW43uxSL7Hd/8+pK/1kcGw5Mw+387aliGW6AfxyDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCDDA/5bVYsjADQJM24Mxe67CFJ2MB8GA1UdIwQY
MBaAFHcvcDXCiTsozQT9Gps8rNJCjI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQt
ODMwMzVhZmU0YTM3LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi80MWVhZTAtNmI3Mi00NjI0LTljMjQtODMwMzVhZmU0YTM3
LzEvZHk5d05jS0pPeWpOQlAwYW16eXMwa0tNamYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhLV/4jQ+
wEHRZ1YKbCv7v4HCbsTAhViR7PeJ/p4K+2xaZ7C6ut2iB39cJKKDW4k/QPFoOOQl
P4mrlj82rG8OiimYLd5Kldjb51M6oZ8cMhS0ayqP3EX7Z1BhEu+nbN6yPvkZNh8O
9p3qnXuboUcRUTQxx0eKQWsuGim4uiFt6P4VA8ND4xppfniDXnglSux78rf+1yOJ
CVkBgCBu1ipD1+XwIbZ1SlctMbrVExx7DUF70ZFtijZj6Gu8SKzJImbKPckicTtf
FjhVPE909jXI10GCtWirc9ocRul7UXogZNA9coRwwpUwm97zPLq4pIH066VG5Xjf
6UCyXuPM1AjtOg==
-----END CERTIFICATE-----
Generated at Sun Nov 9 09:33:03 2025 by rpki-client