Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
File: SrfcA3ifWGIbJejdDZJdyRtKWqI.mft (raw, json)
Hash identifier: 44rXN3LlU0NJwQB1FyL3pvn03WmjndOQ50BE+H/bMA8=
Subject key identifier: FB:97:36:68:57:47:F6:35:78:E7:F5:C3:86:4E:18:F5:71:D2:4E:B6
Authority key identifier: 4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
Certificate issuer: /CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Certificate serial: 019A7225925D3F3633156AD18942B23909B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
Manifest number: 0BC4
Signing time: Tue 11 Nov 2025 09:00:56 +0000
Manifest this update: Tue 11 Nov 2025 09:00:56 +0000
Manifest next update: Wed 12 Nov 2025 09:00:56 +0000
Files and hashes: 1: EmdE4lFlfaABPtiZtlnbFIKNWhE.roa (hash: xZDQuK6O09neLie5Q456W4oztNFuHLsLoArEyWHRJSU=)
2: SrfcA3ifWGIbJejdDZJdyRtKWqI.crl (hash: Mls24hHt/wtLAXtkM3PC2dcWej+ad++UyCHCCXmab/4=)
3: lCpE9-_9vA0HzQAwKrWQ7gX2Gi8.roa (hash: YkwTTveNH0IQGCLC0ZIMEDB0zjPdx3yFhcYm5gkoPpw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:92:5d:3f:36:33:15:6a:d1:89:42:b2:39:09:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ab7dc03789f58621b25e8dd0d925dc91b4a5aa2
Validity
Not Before: Nov 11 09:00:56 2025 GMT
Not After : Nov 12 09:00:56 2025 GMT
Subject: CN=fb9736685747f63578e7f5c3864e18f571d24eb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:99:2a:0e:09:51:ce:ec:6d:d8:b7:83:cc:
27:6d:2b:f0:ff:56:9f:f0:b9:ec:3e:4c:37:69:e1:
ac:53:c4:1c:a7:dc:39:cf:29:98:e5:08:69:8e:f9:
73:1f:8d:bd:ad:93:0c:9b:4e:d7:fe:4f:88:56:5a:
92:3a:28:3d:20:b7:c8:dd:cc:ff:b9:8a:a8:48:82:
31:40:f1:e7:9c:bf:47:6e:53:77:5c:11:6d:97:d0:
1c:33:f0:52:2d:95:96:9f:b8:e7:fc:13:f9:ea:5d:
b7:5c:ef:b0:ed:32:2d:64:db:c4:71:6c:24:9f:b1:
6d:91:e6:c6:78:09:d4:cc:90:2f:bb:68:e9:89:57:
9e:b2:34:c0:ca:2f:c2:3d:29:14:9f:6e:ef:a8:e6:
ce:22:23:3f:40:02:84:12:00:f8:de:a2:d8:13:be:
c5:46:cd:36:db:53:bc:51:ab:77:7e:ca:9b:52:f1:
50:ea:a5:09:bd:d9:22:dd:4d:95:78:bf:c7:66:e5:
ed:46:46:d9:f1:73:d2:51:67:6e:8f:4d:ac:59:04:
6e:67:36:9c:75:de:e7:e5:01:d6:da:0d:6d:ef:cd:
31:95:fa:7c:4d:13:d8:90:14:ac:64:d7:5d:d7:d7:
8e:a0:de:14:39:4f:d2:a9:11:d7:c3:85:cd:9d:b2:
0b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:97:36:68:57:47:F6:35:78:E7:F5:C3:86:4E:18:F5:71:D2:4E:B6
X509v3 Authority Key Identifier:
keyid:4A:B7:DC:03:78:9F:58:62:1B:25:E8:DD:0D:92:5D:C9:1B:4A:5A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SrfcA3ifWGIbJejdDZJdyRtKWqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8a59db-5ad8-4f3f-97c2-f38bcbd93390/1/SrfcA3ifWGIbJejdDZJdyRtKWqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:5d:24:ca:b7:93:bd:82:d9:e3:0d:e7:69:e1:90:40:74:2a:
b7:9b:1e:6d:b6:73:3c:68:cd:52:bf:16:aa:bd:ef:36:91:1d:
a9:73:c6:80:f7:d5:2d:3f:9a:92:7b:11:2b:41:72:24:8c:08:
73:0c:0c:f8:87:98:49:46:9b:4e:be:bf:93:4a:72:47:f6:5a:
1a:bc:f5:c6:fa:72:4a:b1:3c:05:cd:fb:71:22:65:33:19:14:
64:d2:b4:d7:34:2c:d3:f3:a7:d5:6c:88:04:85:0e:69:5e:e0:
56:69:b2:fe:9d:b1:33:c5:b9:1f:80:99:a0:10:7d:9b:cf:4a:
91:0f:62:67:b9:75:60:56:59:83:69:71:2f:ce:79:0a:36:68:
d9:f3:01:93:3c:0a:98:a9:d0:53:06:c0:67:2b:f8:56:b8:1c:
f1:44:13:1a:fe:31:36:6e:4e:50:d3:99:fe:46:5a:de:77:a1:
03:5c:23:70:68:f3:59:d2:3c:ad:a0:a8:b3:ec:71:b6:fb:b3:
6f:fb:38:7f:1e:14:7d:a3:f2:3e:be:95:fd:8a:56:a2:c1:31:
a7:a3:22:6a:da:7e:4a:cd:be:57:d2:5c:df:84:60:a5:be:25:
fa:a8:9e:fd:1c:85:ad:f0:60:5d:af:c6:99:9c:d3:65:d5:46:
19:0e:3a:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZJdPzYzFWrRiUKyOQmwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYjdkYzAzNzg5ZjU4NjIxYjI1ZThkZDBkOTI1ZGM5MWI0
YTVhYTIwHhcNMjUxMTExMDkwMDU2WhcNMjUxMTEyMDkwMDU2WjAzMTEwLwYDVQQD
EyhmYjk3MzY2ODU3NDdmNjM1NzhlN2Y1YzM4NjRlMThmNTcxZDI0ZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4OZKg4JUc7sbdi3g8wnbSvw/1af
8LnsPkw3aeGsU8Qcp9w5zymY5QhpjvlzH429rZMMm07X/k+IVlqSOig9ILfI3cz/
uYqoSIIxQPHnnL9HblN3XBFtl9AcM/BSLZWWn7jn/BP56l23XO+w7TItZNvEcWwk
n7FtkebGeAnUzJAvu2jpiVeesjTAyi/CPSkUn27vqObOIiM/QAKEEgD43qLYE77F
Rs0221O8Uat3fsqbUvFQ6qUJvdki3U2VeL/HZuXtRkbZ8XPSUWduj02sWQRuZzac
dd7n5QHW2g1t780xlfp8TRPYkBSsZNdd19eOoN4UOU/SqRHXw4XNnbILUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPuXNmhXR/Y1eOf1w4ZOGPVx0k62MB8GA1UdIwQY
MBaAFEq33AN4n1hiGyXo3Q2SXckbSlqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzIt
ZjM4YmNiZDkzMzkwLzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84YTU5ZGItNWFkOC00ZjNmLTk3YzItZjM4YmNiZDkzMzkw
LzEvU3JmY0EzaWZXR0liSmVqZERaSmR5UnRLV3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhF0kyreT
vYLZ4w3naeGQQHQqt5sebbZzPGjNUr8Wqr3vNpEdqXPGgPfVLT+aknsRK0FyJIwI
cwwM+IeYSUabTr6/k0pyR/ZaGrz1xvpySrE8Bc37cSJlMxkUZNK01zQs0/On1WyI
BIUOaV7gVmmy/p2xM8W5H4CZoBB9m89KkQ9iZ7l1YFZZg2lxL855CjZo2fMBkzwK
mKnQUwbAZyv4Vrgc8UQTGv4xNm5OUNOZ/kZa3nehA1wjcGjzWdI8raCos+xxtvuz
b/s4fx4UfaPyPr6V/YpWosExp6Miatp+Ss2+V9Jc34Rgpb4l+qie/RyFrfBgXa/G
mZzTZdVGGQ461g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:39:13 2025 by rpki-client