Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
File: 0LYdHx2czatrbY4UUMLJNtOX5nA.mft (raw, json)
Hash identifier: S0OnIg7GHMj5pFujSQHItL2lyk3Ps2q64if90+tecq0=
Subject key identifier: A1:25:73:0A:3D:9C:36:94:76:22:CE:EE:2C:89:EE:9F:AC:94:4B:77
Authority key identifier: D0:B6:1D:1F:1D:9C:CD:AB:6B:6D:8E:14:50:C2:C9:36:D3:97:E6:70
Certificate issuer: /CN=d0b61d1f1d9ccdab6b6d8e1450c2c936d397e670
Certificate serial: 019932364724D44689DF1B3B66F89514B898
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
Manifest number: 035D
Signing time: Wed 10 Sep 2025 06:00:41 +0000
Manifest this update: Wed 10 Sep 2025 06:00:41 +0000
Manifest next update: Thu 11 Sep 2025 06:00:41 +0000
Files and hashes: 1: 0LYdHx2czatrbY4UUMLJNtOX5nA.crl (hash: sQANaBIi5LKcTwvNCRJ38U7F0QZUTGdqquxXmgB055E=)
2: WtuPQAz22oEnCEx3Rc-9J0U0Qbk.roa (hash: LqsVaHB6US9lWput6TNuWvOyM8xnvQFU16n5uBdiSPM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:36:47:24:d4:46:89:df:1b:3b:66:f8:95:14:b8:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0b61d1f1d9ccdab6b6d8e1450c2c936d397e670
Validity
Not Before: Sep 10 06:00:41 2025 GMT
Not After : Sep 11 06:00:41 2025 GMT
Subject: CN=a125730a3d9c36947622ceee2c89ee9fac944b77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ad:87:45:92:18:19:ff:8b:2f:42:35:41:8e:
49:c4:6c:e3:d0:ec:82:2b:77:56:bf:91:53:e1:22:
b7:66:cf:e8:fd:70:36:0c:1e:f4:03:c7:17:f2:fa:
ea:b7:a3:b7:4a:76:49:ba:f1:83:52:b4:81:20:79:
ff:ce:d3:bb:1b:08:f0:ee:88:c3:0c:ac:ef:c3:7f:
12:36:91:6b:83:3a:e9:8e:cd:83:e3:89:91:0f:5f:
f8:34:78:7b:d2:b2:0a:fc:3a:01:de:5d:89:4e:12:
30:21:de:db:4d:49:c4:15:0c:0c:27:74:e5:94:53:
d9:27:c7:b9:58:e2:25:8d:b3:00:5b:ff:2c:67:c2:
df:4f:9d:17:1f:f8:c8:32:05:f2:33:c9:8d:4f:81:
51:55:e9:53:68:d8:02:19:07:25:25:79:b3:8b:44:
08:cc:40:d1:0e:4e:66:6c:f6:20:84:14:e4:35:a6:
54:91:4a:44:b1:2a:ab:d6:3f:45:9b:90:ec:e4:54:
d1:f1:44:58:bd:a5:b4:e1:91:2c:62:2b:78:49:67:
cf:80:c2:c6:6c:31:b4:d9:52:27:b8:07:50:66:a7:
6a:ce:67:95:bb:92:e5:5b:24:f3:64:a6:5a:79:0f:
06:26:32:83:35:2f:d4:5b:c8:d3:be:b8:20:71:ac:
50:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:25:73:0A:3D:9C:36:94:76:22:CE:EE:2C:89:EE:9F:AC:94:4B:77
X509v3 Authority Key Identifier:
keyid:D0:B6:1D:1F:1D:9C:CD:AB:6B:6D:8E:14:50:C2:C9:36:D3:97:E6:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0LYdHx2czatrbY4UUMLJNtOX5nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/317635-a90a-4704-9672-15f62c890af8/1/0LYdHx2czatrbY4UUMLJNtOX5nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:74:6e:5c:25:31:63:99:b5:76:83:04:0f:e9:20:f1:f4:e8:
f6:16:f7:0f:fe:9d:90:d2:35:c4:18:ac:61:c9:9c:b4:f1:63:
14:58:14:b1:55:c1:9f:81:83:04:2e:c6:54:82:53:74:2d:fd:
ee:ae:ab:bf:49:3c:9b:f8:c1:06:76:23:f1:f6:cf:e2:d3:8b:
cb:c0:f9:ff:74:a2:32:31:ff:0b:84:e9:e4:41:06:6f:81:e5:
e5:3c:18:e8:41:2a:44:24:1d:fb:61:82:0b:04:d3:25:6c:4d:
cf:bd:60:64:7e:41:58:01:2e:5f:0f:9b:30:5a:2e:a9:69:b7:
4a:03:12:da:a0:0f:77:ac:b6:99:7e:da:fa:ef:ac:2e:c7:e6:
35:9f:f6:14:ed:05:57:2e:8f:66:a5:5a:22:4d:fe:13:ac:f4:
08:04:64:1a:40:a3:65:49:59:5c:46:e5:7e:23:f9:b2:7e:89:
dd:29:78:51:e4:1b:52:6e:f6:73:4d:b8:53:03:6b:db:4e:b0:
79:95:ee:05:83:be:c3:c3:25:7d:34:7f:f3:58:0e:c8:6a:b9:
a3:84:a3:39:50:11:75:37:71:cd:24:37:b2:29:be:39:96:cf:
45:c0:b5:0f:30:29:54:ea:be:d6:b0:25:aa:9b:eb:a0:66:10:
d2:3c:79:ca
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkyNkck1EaJ3xs7ZviVFLiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwYjYxZDFmMWQ5Y2NkYWI2YjZkOGUxNDUwYzJjOTM2ZDM5
N2U2NzAwHhcNMjUwOTEwMDYwMDQxWhcNMjUwOTExMDYwMDQxWjAzMTEwLwYDVQQD
EyhhMTI1NzMwYTNkOWMzNjk0NzYyMmNlZWUyYzg5ZWU5ZmFjOTQ0Yjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo62HRZIYGf+LL0I1QY5JxGzj0OyC
K3dWv5FT4SK3Zs/o/XA2DB70A8cX8vrqt6O3SnZJuvGDUrSBIHn/ztO7Gwjw7ojD
DKzvw38SNpFrgzrpjs2D44mRD1/4NHh70rIK/DoB3l2JThIwId7bTUnEFQwMJ3Tl
lFPZJ8e5WOIljbMAW/8sZ8LfT50XH/jIMgXyM8mNT4FRVelTaNgCGQclJXmzi0QI
zEDRDk5mbPYghBTkNaZUkUpEsSqr1j9Fm5Ds5FTR8URYvaW04ZEsYit4SWfPgMLG
bDG02VInuAdQZqdqzmeVu5LlWyTzZKZaeQ8GJjKDNS/UW8jTvrggcaxQOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKElcwo9nDaUdiLO7iyJ7p+slEt3MB8GA1UdIwQY
MBaAFNC2HR8dnM2ra22OFFDCyTbTl+ZwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zMTc2MzUtYTkwYS00NzA0LTk2NzIt
MTVmNjJjODkwYWY4LzEvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zMTc2MzUtYTkwYS00NzA0LTk2NzItMTVmNjJjODkwYWY4
LzEvMExZZEh4MmN6YXRyYlk0VVVNTEpOdE9YNW5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZHRuXCUx
Y5m1doMED+kg8fTo9hb3D/6dkNI1xBisYcmctPFjFFgUsVXBn4GDBC7GVIJTdC39
7q6rv0k8m/jBBnYj8fbP4tOLy8D5/3SiMjH/C4Tp5EEGb4Hl5TwY6EEqRCQd+2GC
CwTTJWxNz71gZH5BWAEuXw+bMFouqWm3SgMS2qAPd6y2mX7a+u+sLsfmNZ/2FO0F
Vy6PZqVaIk3+E6z0CARkGkCjZUlZXEblfiP5sn6J3Sl4UeQbUm72c024UwNr206w
eZXuBYO+w8MlfTR/81gOyGq5o4SjOVARdTdxzSQ3sim+OZbPRcC1DzApVOq+1rAl
qpvroGYQ0jx5yg==
-----END CERTIFICATE-----
Generated at Wed Sep 10 10:25:42 2025 by rpki-client