Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
File: DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft (raw, json)
Hash identifier: yQMDKDHQg3yhIZi3lJ18P1pml4F5gdXf+ZqPZqLtmJo=
Subject key identifier: 05:0F:BB:D5:B7:CA:65:50:6E:E9:89:67:92:F9:A1:44:D1:57:A8:39
Authority key identifier: 0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
Certificate issuer: /CN=0e85fd3c9f9558b218022ff409fc554faee79090
Certificate serial: 019A725C63ACA2BFD435077D30AA82C17C36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 10:00:48 +0000
Manifest this update: Tue 11 Nov 2025 10:00:48 +0000
Manifest next update: Wed 12 Nov 2025 10:00:48 +0000
Files and hashes: 1: DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl (hash: cBW5Bx9BEoCc/BpL9pA/MQZJBqFKck0aUfq+1Zo6TgQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:63:ac:a2:bf:d4:35:07:7d:30:aa:82:c1:7c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e85fd3c9f9558b218022ff409fc554faee79090
Validity
Not Before: Nov 11 10:00:48 2025 GMT
Not After : Nov 12 10:00:48 2025 GMT
Subject: CN=050fbbd5b7ca65506ee9896792f9a144d157a839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:32:c3:97:06:4d:8e:2b:a1:12:4e:0a:34:48:
6f:ce:4f:c0:be:56:ca:a5:06:ac:81:5b:7d:12:62:
47:55:31:6d:0c:3f:f0:6b:5c:3f:87:15:b3:05:aa:
e1:af:f2:b9:24:c3:35:ef:cf:96:12:97:51:2c:68:
2c:50:e6:3e:24:6e:ec:a3:a7:0d:e2:a0:9b:a1:5d:
76:a9:63:39:7f:cf:c4:3e:9e:6f:21:35:bf:8f:23:
6e:32:5f:21:c3:be:e2:1c:3f:15:24:15:28:be:88:
16:b6:a6:72:3c:36:22:ae:b0:de:0a:83:48:a6:76:
71:48:78:5a:19:90:8e:cf:b5:c2:ae:42:f8:68:fe:
ca:f8:e8:c8:d9:52:98:4a:69:8b:98:64:f1:1d:68:
e0:9c:4a:e4:c7:f6:39:61:72:a5:b1:c0:dd:82:9f:
3c:06:36:82:39:8c:09:d9:f0:87:51:f5:4e:5f:d6:
3c:30:74:72:ce:93:45:af:fa:c8:57:42:30:b6:ed:
c5:c8:19:78:8a:8c:6e:ab:10:7d:a0:cd:f8:6d:2a:
3e:01:58:20:e0:51:80:d4:26:8f:a3:c6:51:7a:4b:
72:46:6a:5f:6a:57:91:fc:01:9c:42:e0:b4:65:d7:
bb:89:33:05:4d:bf:87:6d:9f:0f:54:9e:5b:bd:4a:
5c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:0F:BB:D5:B7:CA:65:50:6E:E9:89:67:92:F9:A1:44:D1:57:A8:39
X509v3 Authority Key Identifier:
keyid:0E:85:FD:3C:9F:95:58:B2:18:02:2F:F4:09:FC:55:4F:AE:E7:90:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DoX9PJ-VWLIYAi_0CfxVT67nkJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/b3d3d9-7928-458d-836e-3303afe5c89b/1/DoX9PJ-VWLIYAi_0CfxVT67nkJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:8e:d9:a4:5e:c2:94:71:d6:d9:a5:17:89:d5:d7:89:c9:a5:
07:62:62:8e:c7:06:75:3f:ce:5d:63:6c:31:1e:b6:01:94:57:
f1:75:15:48:31:f3:be:a2:f3:ef:aa:96:a5:3c:4a:36:03:48:
2a:93:a9:23:05:56:22:b6:bb:18:31:7e:2d:58:0e:aa:01:80:
19:18:d4:2e:77:36:de:eb:13:38:4f:28:9f:28:c5:24:f6:cc:
6d:a8:09:16:b6:21:60:00:8a:5f:0f:f4:70:b1:fd:ae:e5:6b:
f9:33:59:0a:5c:21:47:02:38:03:6e:9a:bc:09:23:29:10:11:
56:ea:a5:e1:b5:e7:0f:51:6e:c9:10:83:6b:bf:e3:ba:a8:52:
e7:06:d6:02:a0:55:ea:e4:ce:a0:ad:cb:cb:18:c4:7b:36:cc:
3d:47:91:9e:ab:85:88:9c:37:3b:72:76:ff:09:9d:44:d6:38:
31:1a:b7:0d:ef:b5:e7:99:4c:1b:42:8c:32:d0:a3:88:07:26:
8f:c6:c3:8f:44:20:88:fa:c3:35:32:a6:da:26:b8:29:0a:ec:
a0:6f:d7:dd:1f:bc:b4:b3:fc:1a:c7:35:b4:ac:86:56:df:f9:
b4:02:fa:f8:4d:1b:73:32:fc:26:4f:bc:98:50:d2:6d:cd:2a:
1d:d0:f5:f6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXGOsor/UNQd9MKqCwXw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlODVmZDNjOWY5NTU4YjIxODAyMmZmNDA5ZmM1NTRmYWVl
NzkwOTAwHhcNMjUxMTExMTAwMDQ4WhcNMjUxMTEyMTAwMDQ4WjAzMTEwLwYDVQQD
EygwNTBmYmJkNWI3Y2E2NTUwNmVlOTg5Njc5MmY5YTE0NGQxNTdhODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjLDlwZNjiuhEk4KNEhvzk/AvlbK
pQasgVt9EmJHVTFtDD/wa1w/hxWzBarhr/K5JMM178+WEpdRLGgsUOY+JG7so6cN
4qCboV12qWM5f8/EPp5vITW/jyNuMl8hw77iHD8VJBUovogWtqZyPDYirrDeCoNI
pnZxSHhaGZCOz7XCrkL4aP7K+OjI2VKYSmmLmGTxHWjgnErkx/Y5YXKlscDdgp88
BjaCOYwJ2fCHUfVOX9Y8MHRyzpNFr/rIV0Iwtu3FyBl4ioxuqxB9oM34bSo+AVgg
4FGA1CaPo8ZRektyRmpfaleR/AGcQuC0Zde7iTMFTb+HbZ8PVJ5bvUpcxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAUPu9W3ymVQbumJZ5L5oUTRV6g5MB8GA1UdIwQY
MBaAFA6F/TyflViyGAIv9An8VU+u55CQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUt
MzMwM2FmZTVjODliLzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9iM2QzZDktNzkyOC00NThkLTgzNmUtMzMwM2FmZTVjODli
LzEvRG9YOVBKLVZXTElZQWlfMENmeFZUNjdua0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQY7ZpF7C
lHHW2aUXidXXicmlB2JijscGdT/OXWNsMR62AZRX8XUVSDHzvqLz76qWpTxKNgNI
KpOpIwVWIra7GDF+LVgOqgGAGRjULnc23usTOE8onyjFJPbMbagJFrYhYACKXw/0
cLH9ruVr+TNZClwhRwI4A26avAkjKRARVuql4bXnD1FuyRCDa7/juqhS5wbWAqBV
6uTOoK3LyxjEezbMPUeRnquFiJw3O3J2/wmdRNY4MRq3De+155lMG0KMMtCjiAcm
j8bDj0QgiPrDNTKm2ia4KQrsoG/X3R+8tLP8Gsc1tKyGVt/5tAL6+E0bczL8Jk+8
mFDSbc0qHdD19g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:53:06 2025 by rpki-client