Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
File: ss0DX6sYpLeCYURWP2DniYpO8PE.mft (raw, json)
Hash identifier: yfEyv4quTfgjt+8Pu0eYt8zfLZyOyWG0UD25z32f9X4=
Subject key identifier: 44:04:57:CC:74:45:5C:4D:57:80:47:2B:F0:7D:96:6C:CA:A6:5A:5F
Authority key identifier: B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1
Certificate issuer: /CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1
Certificate serial: 019A70DC70DC69A454C14621315F8E073646
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
Manifest number: 123B
Signing time: Tue 11 Nov 2025 03:01:26 +0000
Manifest this update: Tue 11 Nov 2025 03:01:26 +0000
Manifest next update: Wed 12 Nov 2025 03:01:26 +0000
Files and hashes: 1: 8ioI1P3WjfVGZeocJzXjV25zEAM.roa (hash: R5/GZ5yigab2BnvLmrfCDXR0klk9Au0FN2fkvOAY+V4=)
2: ss0DX6sYpLeCYURWP2DniYpO8PE.crl (hash: KpZKglLmKhlu95JneUkR+sQNgjsJAVT/j7xdtFD/5w4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:70:dc:69:a4:54:c1:46:21:31:5f:8e:07:36:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2cd035fab18a4b7826144563f60e7898a4ef0f1
Validity
Not Before: Nov 11 03:01:26 2025 GMT
Not After : Nov 12 03:01:26 2025 GMT
Subject: CN=440457cc74455c4d5780472bf07d966ccaa65a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:11:81:f5:90:66:39:1e:e2:ef:58:76:da:4c:
ed:40:bb:88:e5:13:84:d7:ee:32:29:d0:b3:e1:1f:
60:e5:4a:7c:d6:45:07:46:ce:e4:b4:97:4f:93:87:
dd:30:8f:7c:1f:00:83:cd:37:d6:65:d4:9e:fa:69:
bd:4c:39:11:b4:eb:34:62:ba:8b:35:9f:79:8d:02:
c5:90:45:e3:91:a0:07:56:0a:fe:dc:aa:fd:68:13:
66:c1:54:46:a3:d8:e2:73:f7:a8:e4:6d:4b:54:e6:
1d:b3:41:e3:69:31:6b:0b:ca:bc:18:bd:7f:f1:ba:
54:88:3a:eb:af:64:1c:a5:a1:ed:ff:15:9c:b2:fb:
de:2e:e8:ee:77:75:5f:fa:fe:a2:bb:95:90:78:8c:
ee:aa:df:ee:27:78:e4:36:72:6b:60:7f:73:62:91:
4f:85:89:4f:5e:2a:8a:f0:0b:3d:20:1a:0a:be:e5:
56:57:11:76:7b:b1:d5:e4:84:e7:2b:9f:25:e8:2b:
1c:be:d8:57:61:15:2d:9f:ce:f6:71:42:49:93:fa:
d3:d9:2f:0c:2a:65:9b:62:5c:5f:58:54:0f:a0:08:
38:bd:7f:e0:d4:1d:09:e4:50:f0:19:c5:fa:27:b8:
ba:cc:fd:e5:4b:93:14:5e:eb:4b:58:21:60:dc:63:
8e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:04:57:CC:74:45:5C:4D:57:80:47:2B:F0:7D:96:6C:CA:A6:5A:5F
X509v3 Authority Key Identifier:
keyid:B2:CD:03:5F:AB:18:A4:B7:82:61:44:56:3F:60:E7:89:8A:4E:F0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ss0DX6sYpLeCYURWP2DniYpO8PE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/33154b-2941-4f70-8133-d48450521dd9/1/ss0DX6sYpLeCYURWP2DniYpO8PE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4a:d3:48:a6:b9:1d:fc:86:5d:af:6c:3a:01:75:fc:00:d7:07:
13:02:0e:12:0b:40:ba:3a:0a:17:54:f4:6f:45:95:9a:48:6e:
68:13:da:f7:41:c8:40:f8:e5:07:62:39:67:8f:2e:6a:3b:cb:
6f:9e:c6:9e:62:9c:d2:82:e9:58:b5:d1:2a:63:b3:a6:44:46:
22:15:6a:0c:5c:8e:28:83:ed:b6:92:60:07:4f:d7:a2:53:b7:
df:db:99:67:04:05:88:f8:52:7c:2c:84:67:00:13:f5:59:61:
05:af:e2:ff:04:40:37:75:2a:0e:c3:7f:3d:45:bf:7e:54:91:
ee:13:de:4f:be:60:1f:28:9d:d1:1e:a2:d3:30:08:37:d3:3c:
67:43:b0:76:2c:fe:60:63:6d:c3:82:c4:7b:14:c6:59:21:c9:
8d:91:dd:2e:cb:51:26:37:a2:12:39:a4:61:81:fb:66:4d:a6:
b5:a7:4e:f8:15:65:25:43:d8:0e:b8:c8:2b:02:29:7c:d0:50:
bb:a9:90:bb:65:60:70:a6:5d:fb:b9:68:c1:6d:3f:44:75:25:
d0:77:15:69:e0:74:46:e4:aa:0f:57:d2:cf:72:bb:81:e8:1f:
ff:f1:eb:24:05:55:c4:1c:be:55:49:47:9b:78:b8:14:4e:c3:
a8:4d:8a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3HDcaaRUwUYhMV+OBzZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyY2QwMzVmYWIxOGE0Yjc4MjYxNDQ1NjNmNjBlNzg5OGE0
ZWYwZjEwHhcNMjUxMTExMDMwMTI2WhcNMjUxMTEyMDMwMTI2WjAzMTEwLwYDVQQD
Eyg0NDA0NTdjYzc0NDU1YzRkNTc4MDQ3MmJmMDdkOTY2Y2NhYTY1YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBGB9ZBmOR7i71h22kztQLuI5ROE
1+4yKdCz4R9g5Up81kUHRs7ktJdPk4fdMI98HwCDzTfWZdSe+mm9TDkRtOs0YrqL
NZ95jQLFkEXjkaAHVgr+3Kr9aBNmwVRGo9jic/eo5G1LVOYds0HjaTFrC8q8GL1/
8bpUiDrrr2QcpaHt/xWcsvveLujud3Vf+v6iu5WQeIzuqt/uJ3jkNnJrYH9zYpFP
hYlPXiqK8As9IBoKvuVWVxF2e7HV5ITnK58l6CscvthXYRUtn872cUJJk/rT2S8M
KmWbYlxfWFQPoAg4vX/g1B0J5FDwGcX6J7i6zP3lS5MUXutLWCFg3GOO4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEQEV8x0RVxNV4BHK/B9lmzKplpfMB8GA1UdIwQY
MBaAFLLNA1+rGKS3gmFEVj9g54mKTvDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMt
ZDQ4NDUwNTIxZGQ5LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zMzE1NGItMjk0MS00ZjcwLTgxMzMtZDQ4NDUwNTIxZGQ5
LzEvc3MwRFg2c1lwTGVDWVVSV1AyRG5pWXBPOFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAStNIprkd
/IZdr2w6AXX8ANcHEwIOEgtAujoKF1T0b0WVmkhuaBPa90HIQPjlB2I5Z48uajvL
b57GnmKc0oLpWLXRKmOzpkRGIhVqDFyOKIPttpJgB0/XolO339uZZwQFiPhSfCyE
ZwAT9VlhBa/i/wRAN3UqDsN/PUW/flSR7hPeT75gHyid0R6i0zAIN9M8Z0Owdiz+
YGNtw4LEexTGWSHJjZHdLstRJjeiEjmkYYH7Zk2mtadO+BVlJUPYDrjIKwIpfNBQ
u6mQu2VgcKZd+7lowW0/RHUl0HcVaeB0RuSqD1fSz3K7gegf//HrJAVVxBy+VUlH
m3i4FE7DqE2KFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:12 2025 by rpki-client