Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft
File: VXe0uHq4aspXflbjjVuKWBPMzD0.mft (raw, json)
Hash identifier: MUIKmMVsXncT24DBnlCQWoHMTW3EmjoJSfMDxEFe/UA=
Subject key identifier: 25:14:83:E9:64:7B:B4:67:3F:FF:B5:60:E8:0C:EE:60:64:FD:3D:72
Authority key identifier: 55:77:B4:B8:7A:B8:6A:CA:57:7E:56:E3:8D:5B:8A:58:13:CC:CC:3D
Certificate issuer: /CN=5577b4b87ab86aca577e56e38d5b8a5813cccc3d
Certificate serial: 019A7149FB08760D6924E9D82D1C7F169E3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft
Manifest number: 1251
Signing time: Tue 11 Nov 2025 05:01:04 +0000
Manifest this update: Tue 11 Nov 2025 05:01:04 +0000
Manifest next update: Wed 12 Nov 2025 05:01:04 +0000
Files and hashes: 1: P9bs-w5DkWpu1aBuTV3PHAzvH6Q.roa (hash: oAepJ4+j0gmtz7XxqoB+yGPsz6tmKuFLhq6h9fcVyTY=)
2: VXe0uHq4aspXflbjjVuKWBPMzD0.crl (hash: g03mHG88iN82Ufey4TX3NVVE5PGRR3pXhEQMc9Z9w/Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft
rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:fb:08:76:0d:69:24:e9:d8:2d:1c:7f:16:9e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5577b4b87ab86aca577e56e38d5b8a5813cccc3d
Validity
Not Before: Nov 11 05:01:04 2025 GMT
Not After : Nov 12 05:01:04 2025 GMT
Subject: CN=251483e9647bb4673fffb560e80cee6064fd3d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3d:14:86:af:a1:a1:c9:85:40:e0:86:07:ec:
9c:19:25:1f:95:75:fe:0e:67:5a:a6:a1:9e:5e:b2:
20:b1:cd:d4:7d:67:d8:f4:ed:07:0b:f4:63:92:2f:
a1:c0:8f:a5:70:f7:26:25:be:8d:bc:f5:a2:30:e4:
ab:ef:e3:ef:af:d6:3e:4d:b5:f9:44:73:c7:9f:d6:
02:26:1c:16:cb:ac:a5:6c:5b:48:a8:77:7d:f9:e5:
a6:0c:4e:e2:13:f7:18:9a:63:00:c7:c5:cf:ee:5f:
eb:16:5c:3a:f8:e0:bd:2b:70:9c:d9:28:93:25:00:
86:72:5c:4b:12:b1:33:99:f6:2a:a9:62:44:45:fd:
f4:13:6f:b2:c8:1c:1c:96:f7:0a:05:30:cf:27:15:
a7:62:df:61:bb:a9:1f:fc:7a:0a:1f:80:19:98:f0:
f3:85:f8:51:6e:77:d0:70:4f:98:e6:68:44:0f:43:
5c:64:60:05:2f:4b:ad:b6:7f:e8:92:04:e0:78:f7:
6e:a1:df:70:9e:55:60:7d:60:dc:f3:ce:0a:62:f5:
af:90:81:6f:66:f8:63:65:56:2c:9e:7c:0c:c6:3e:
75:0b:ba:14:91:d2:fc:5a:76:9a:bc:cd:ac:fd:6f:
7c:ac:86:cf:a4:2f:c3:ef:7e:91:2d:7a:f6:51:7b:
fe:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:14:83:E9:64:7B:B4:67:3F:FF:B5:60:E8:0C:EE:60:64:FD:3D:72
X509v3 Authority Key Identifier:
keyid:55:77:B4:B8:7A:B8:6A:CA:57:7E:56:E3:8D:5B:8A:58:13:CC:CC:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VXe0uHq4aspXflbjjVuKWBPMzD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/d158e1-512b-4486-af87-b490a6d6be25/1/VXe0uHq4aspXflbjjVuKWBPMzD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
31:ce:72:8c:a0:1f:0f:5e:80:dc:c9:fa:24:8f:18:43:8d:02:
23:92:3a:63:42:ed:b0:11:e4:0a:8b:4f:7f:ba:f7:46:ea:d3:
34:36:e4:01:72:6f:97:42:01:a4:02:ea:c5:b2:56:00:79:f3:
54:01:99:f6:c5:cb:a6:a6:f9:55:bc:be:f3:b2:4f:6d:80:03:
13:9a:87:76:43:2f:11:d2:89:ed:31:88:f7:35:5e:1b:a8:57:
41:f0:75:d2:ed:cc:96:91:ad:42:33:91:54:ac:90:52:23:47:
8e:dd:05:5f:18:bb:e5:5c:62:13:3c:22:86:1e:6f:28:23:70:
72:77:bb:8d:dd:93:ac:d1:ae:b2:3d:ad:d6:d3:ea:ca:38:a5:
81:ee:86:35:2b:4c:ab:a8:a0:70:6e:21:8b:a0:f8:b8:6b:3f:
9c:4a:f2:3a:f7:47:ac:87:b8:29:5b:79:9f:ed:ff:d4:3d:7f:
de:48:c6:29:51:d0:2c:d3:88:bd:f1:8e:85:be:06:7e:44:e3:
8e:45:82:7e:e2:7b:45:ab:2e:69:85:7a:07:40:30:80:87:98:
38:cf:1e:df:7b:a5:39:46:8d:85:d2:a0:13:75:66:f9:4b:53:
0e:ac:5e:16:66:a5:7f:85:5c:ba:84:61:1e:47:b7:af:2e:c0:
fe:ba:19:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSfsIdg1pJOnYLRx/Fp4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NzdiNGI4N2FiODZhY2E1NzdlNTZlMzhkNWI4YTU4MTNj
Y2NjM2QwHhcNMjUxMTExMDUwMTA0WhcNMjUxMTEyMDUwMTA0WjAzMTEwLwYDVQQD
EygyNTE0ODNlOTY0N2JiNDY3M2ZmZmI1NjBlODBjZWU2MDY0ZmQzZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0z0Uhq+hocmFQOCGB+ycGSUflXX+
DmdapqGeXrIgsc3UfWfY9O0HC/Rjki+hwI+lcPcmJb6NvPWiMOSr7+Pvr9Y+TbX5
RHPHn9YCJhwWy6ylbFtIqHd9+eWmDE7iE/cYmmMAx8XP7l/rFlw6+OC9K3Cc2SiT
JQCGclxLErEzmfYqqWJERf30E2+yyBwclvcKBTDPJxWnYt9hu6kf/HoKH4AZmPDz
hfhRbnfQcE+Y5mhED0NcZGAFL0uttn/okgTgePduod9wnlVgfWDc884KYvWvkIFv
ZvhjZVYsnnwMxj51C7oUkdL8WnaavM2s/W98rIbPpC/D736RLXr2UXv+UwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCUUg+lke7RnP/+1YOgM7mBk/T1yMB8GA1UdIwQY
MBaAFFV3tLh6uGrKV35W441bilgTzMw9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9kMTU4ZTEtNTEyYi00NDg2LWFmODct
YjQ5MGE2ZDZiZTI1LzEvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9kMTU4ZTEtNTEyYi00NDg2LWFmODctYjQ5MGE2ZDZiZTI1
LzEvVlhlMHVIcTRhc3BYZmxiampWdUtXQlBNekQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMc5yjKAf
D16A3Mn6JI8YQ40CI5I6Y0LtsBHkCotPf7r3RurTNDbkAXJvl0IBpALqxbJWAHnz
VAGZ9sXLpqb5Vby+87JPbYADE5qHdkMvEdKJ7TGI9zVeG6hXQfB10u3MlpGtQjOR
VKyQUiNHjt0FXxi75VxiEzwihh5vKCNwcne7jd2TrNGusj2t1tPqyjilge6GNStM
q6igcG4hi6D4uGs/nEryOvdHrIe4KVt5n+3/1D1/3kjGKVHQLNOIvfGOhb4GfkTj
jkWCfuJ7RasuaYV6B0AwgIeYOM8e33ulOUaNhdKgE3Vm+UtTDqxeFmalf4VcuoRh
Hke3ry7A/roZhg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:26 2025 by rpki-client