Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.mft
File: 0dI-JBGcupM36DRmSFv7EGsuJLY.mft (raw, json)
Hash identifier: H2cuGgPn92Qz1Sj+eLw8PffRXsX3sUSZERleMc9+AHI=
Subject key identifier: 37:C8:17:4A:76:1F:50:29:D2:AC:36:59:AC:D3:AB:3D:E1:10:A9:DF
Authority key identifier: D1:D2:3E:24:11:9C:BA:93:37:E8:34:66:48:5B:FB:10:6B:2E:24:B6
Certificate issuer: /CN=d1d23e24119cba9337e83466485bfb106b2e24b6
Certificate serial: 019A725CDB1F8A9C76B4731F64FA51E605CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0dI-JBGcupM36DRmSFv7EGsuJLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.mft
Manifest number: 0167
Signing time: Tue 11 Nov 2025 10:01:19 +0000
Manifest this update: Tue 11 Nov 2025 10:01:19 +0000
Manifest next update: Wed 12 Nov 2025 10:01:19 +0000
Files and hashes: 1: 0dI-JBGcupM36DRmSFv7EGsuJLY.crl (hash: KyXDBKc3X9EtFEQVe9QeY9Wd+Q3aJ2AmvTe69y+skAY=)
2: M-IfQdJ5pbgcbSVbmMmO8aaPrAY.roa (hash: XwGRnAxf2Tdx5V01T06WDZvLLVmv2uRnErY5moi+5Gs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0dI-JBGcupM36DRmSFv7EGsuJLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:db:1f:8a:9c:76:b4:73:1f:64:fa:51:e6:05:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1d23e24119cba9337e83466485bfb106b2e24b6
Validity
Not Before: Nov 11 10:01:19 2025 GMT
Not After : Nov 12 10:01:19 2025 GMT
Subject: CN=37c8174a761f5029d2ac3659acd3ab3de110a9df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:41:c8:7b:33:b1:45:df:f0:e5:3b:91:04:15:
d9:12:62:4b:1a:d1:de:fe:1a:4a:44:79:aa:9d:da:
d6:5d:ba:42:be:f2:70:db:46:1e:a1:f7:ea:92:a1:
0f:7c:19:1a:a5:f0:c4:c3:76:b2:42:7f:8e:e4:3b:
7e:20:d0:86:ab:bf:da:0d:39:ea:ad:92:b2:ea:88:
6b:4f:ef:ff:d8:02:8d:a5:4f:b9:cd:b4:bf:d8:57:
6e:27:4d:0e:ee:be:a6:c5:60:3b:a9:a9:96:c4:37:
b0:2e:22:b6:37:5e:8e:70:53:2a:cd:9e:c8:d6:a4:
87:de:bf:80:7c:08:d4:f6:34:11:90:71:f7:7f:b8:
ed:e7:ad:68:62:cc:14:18:b7:23:ea:ce:76:b2:64:
ea:a5:88:eb:54:07:4c:25:43:05:3d:3e:cd:11:3e:
2a:97:ec:a8:c5:4e:6c:a9:fd:89:fc:ca:1f:fa:be:
b7:97:0c:e4:55:1b:71:27:77:48:a3:20:d1:d7:27:
2e:d9:9d:de:71:47:37:70:7d:2a:16:5e:4a:c8:c4:
33:8c:9e:f3:ec:b7:d8:33:f8:09:fa:8c:65:06:bb:
3e:4a:97:f5:92:8d:b6:b3:8c:82:3e:f4:1b:c5:00:
d3:b7:76:9e:85:27:29:9d:d7:1f:e0:54:80:e3:44:
58:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C8:17:4A:76:1F:50:29:D2:AC:36:59:AC:D3:AB:3D:E1:10:A9:DF
X509v3 Authority Key Identifier:
keyid:D1:D2:3E:24:11:9C:BA:93:37:E8:34:66:48:5B:FB:10:6B:2E:24:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0dI-JBGcupM36DRmSFv7EGsuJLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/6c4064-8503-4d16-9354-74d4e5b01c35/1/0dI-JBGcupM36DRmSFv7EGsuJLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:55:71:de:92:76:a6:c7:1a:42:c3:d6:bb:19:f0:f6:99:2f:
6d:d6:18:b6:21:7d:f2:4a:7c:e6:53:ca:d7:b4:db:ad:3d:6d:
5f:42:40:66:6f:bf:5d:81:49:a9:56:b4:a9:a1:d0:f3:b2:99:
11:06:26:4b:ee:76:db:b1:32:74:0e:dc:f6:70:4b:15:e9:09:
21:fa:dc:10:2f:14:77:2d:72:fd:35:af:d5:4d:9e:6c:e9:b3:
06:ff:0a:95:51:ea:bc:cf:4b:07:1d:a6:76:2a:1a:e0:ca:53:
b4:51:91:9b:01:a1:39:68:9a:ae:5f:20:73:97:b4:1b:04:7c:
bd:9b:5d:18:de:52:9a:4a:6d:ec:23:40:00:75:5d:d4:19:11:
ae:8d:59:9f:12:33:ea:9a:ea:0e:2a:ce:3d:ce:06:f0:1f:c3:
8d:7c:d4:e5:48:de:6d:ba:fc:80:8d:c4:eb:1b:4c:ed:cd:c2:
2f:82:95:40:2e:54:d7:04:b1:ff:ff:b5:6f:34:d4:80:4b:dc:
d5:6e:89:07:44:71:be:15:82:c3:14:d0:3b:6c:85:15:0d:c5:
bc:15:63:7f:d7:9d:c1:c9:fc:4a:63:66:ea:7f:f5:c7:c7:27:
60:b1:4e:c0:f5:be:c2:2e:5f:c4:18:45:4c:57:a4:d4:74:48:
8c:28:1e:bb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNsfipx2tHMfZPpR5gXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZDIzZTI0MTE5Y2JhOTMzN2U4MzQ2NjQ4NWJmYjEwNmIy
ZTI0YjYwHhcNMjUxMTExMTAwMTE5WhcNMjUxMTEyMTAwMTE5WjAzMTEwLwYDVQQD
EygzN2M4MTc0YTc2MWY1MDI5ZDJhYzM2NTlhY2QzYWIzZGUxMTBhOWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUHIezOxRd/w5TuRBBXZEmJLGtHe
/hpKRHmqndrWXbpCvvJw20YeoffqkqEPfBkapfDEw3ayQn+O5Dt+INCGq7/aDTnq
rZKy6ohrT+//2AKNpU+5zbS/2FduJ00O7r6mxWA7qamWxDewLiK2N16OcFMqzZ7I
1qSH3r+AfAjU9jQRkHH3f7jt561oYswUGLcj6s52smTqpYjrVAdMJUMFPT7NET4q
l+yoxU5sqf2J/Mof+r63lwzkVRtxJ3dIoyDR1ycu2Z3ecUc3cH0qFl5KyMQzjJ7z
7LfYM/gJ+oxlBrs+Spf1ko22s4yCPvQbxQDTt3aehScpndcf4FSA40RYVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDfIF0p2H1Ap0qw2WazTqz3hEKnfMB8GA1UdIwQY
MBaAFNHSPiQRnLqTN+g0Zkhb+xBrLiS2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGRJLUpCR2N1cE0zNkRSbVNGdjdFR3N1SkxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82YzQwNjQtODUwMy00ZDE2LTkzNTQt
NzRkNGU1YjAxYzM1LzEvMGRJLUpCR2N1cE0zNkRSbVNGdjdFR3N1SkxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82YzQwNjQtODUwMy00ZDE2LTkzNTQtNzRkNGU1YjAxYzM1
LzEvMGRJLUpCR2N1cE0zNkRSbVNGdjdFR3N1SkxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlVx3pJ2
pscaQsPWuxnw9pkvbdYYtiF98kp85lPK17TbrT1tX0JAZm+/XYFJqVa0qaHQ87KZ
EQYmS+5227EydA7c9nBLFekJIfrcEC8Udy1y/TWv1U2ebOmzBv8KlVHqvM9LBx2m
dioa4MpTtFGRmwGhOWiarl8gc5e0GwR8vZtdGN5Smkpt7CNAAHVd1BkRro1ZnxIz
6prqDirOPc4G8B/DjXzU5Ujebbr8gI3E6xtM7c3CL4KVQC5U1wSx//+1bzTUgEvc
1W6JB0RxvhWCwxTQO2yFFQ3FvBVjf9edwcn8SmNm6n/1x8cnYLFOwPW+wi5fxBhF
TFek1HRIjCgeuw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:17 2025 by rpki-client