Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft
File: dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft (raw, json)
Hash identifier: X11ToBIaQ7441h1YdHWktQB+jNFaUjotWzuv/yPJr/A=
Subject key identifier: 13:17:7C:08:4C:47:DB:66:94:2C:F9:CB:A8:0B:7B:1A:9F:93:F6:13
Authority key identifier: 76:9A:0E:D1:35:91:D4:B8:4C:A7:9A:8E:B5:77:22:60:76:65:1A:14
Certificate issuer: /CN=769a0ed13591d4b84ca79a8eb577226076651a14
Certificate serial: 019A71B8B5198CE2C6C1FDA61CD3613F2257
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft
Manifest number: 0B2D
Signing time: Tue 11 Nov 2025 07:02:01 +0000
Manifest this update: Tue 11 Nov 2025 07:02:01 +0000
Manifest next update: Wed 12 Nov 2025 07:02:01 +0000
Files and hashes: 1: dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl (hash: eBuan9UHkyMxZbXk9QlUMjHLQI2cN7FxSkCmVJIy79Y=)
2: r2xenfWR41SW-pcJkK2n6k9oW9c.roa (hash: 9h5yss6Wot3H0ZXysamwxUCIRFlANswYmfwPee5G6HI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:b5:19:8c:e2:c6:c1:fd:a6:1c:d3:61:3f:22:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=769a0ed13591d4b84ca79a8eb577226076651a14
Validity
Not Before: Nov 11 07:02:01 2025 GMT
Not After : Nov 12 07:02:01 2025 GMT
Subject: CN=13177c084c47db66942cf9cba80b7b1a9f93f613
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:45:e2:29:80:39:87:00:6b:be:0b:03:e4:89:
a7:2b:71:39:c2:06:84:fc:65:70:ca:7e:33:cd:53:
5d:ac:3b:e0:94:83:1c:f8:76:d7:ec:e3:f8:92:01:
f8:69:80:17:95:bf:67:a3:84:d5:e0:c2:26:2f:b1:
cd:7d:e5:40:6e:16:1d:b0:9d:da:17:3e:ac:f7:30:
82:fd:e5:99:39:1c:8d:33:06:78:c8:c6:30:e9:c0:
f1:10:2a:ea:ba:43:df:a1:b0:54:01:3e:67:91:30:
aa:ee:8e:40:f2:38:77:58:10:0a:57:00:ad:1a:02:
ba:02:44:58:72:e9:5a:5a:fa:17:dd:9a:45:42:21:
b4:1d:00:b7:9c:57:bb:26:42:2d:f7:8f:4f:a4:ef:
bd:a6:9c:10:d7:13:60:85:55:0e:b7:59:cb:54:76:
c2:76:00:b9:53:b0:20:4f:09:c8:ed:4e:f8:e0:d5:
c6:8b:60:ac:81:1b:08:5e:ac:0d:fc:a8:6b:81:15:
e8:7c:30:4f:80:28:fa:21:06:5e:b7:16:8d:b1:73:
71:07:16:a5:28:be:94:71:c5:03:4a:ca:58:66:a8:
85:a8:ca:b5:24:cc:c2:94:ae:f1:60:8a:6a:2a:2f:
32:b0:80:7a:b6:ab:77:0f:6d:ed:7d:ec:cd:8e:71:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:17:7C:08:4C:47:DB:66:94:2C:F9:CB:A8:0B:7B:1A:9F:93:F6:13
X509v3 Authority Key Identifier:
keyid:76:9A:0E:D1:35:91:D4:B8:4C:A7:9A:8E:B5:77:22:60:76:65:1A:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dpoO0TWR1LhMp5qOtXciYHZlGhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/68c008-69d3-436f-ad33-2dbe785422f8/1/dpoO0TWR1LhMp5qOtXciYHZlGhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:6d:76:e5:9b:85:7b:35:67:87:9e:8f:e7:db:5b:31:a0:02:
11:42:06:ac:f6:f2:cd:3d:b5:4d:6b:c5:63:b6:68:41:f4:86:
39:81:f1:1d:82:fd:82:8e:e1:99:72:ab:a6:e9:c3:bc:c0:5c:
db:52:82:f0:53:9f:b5:39:43:13:93:fc:35:fd:39:f4:0c:91:
e0:51:92:e3:80:c4:f0:5d:82:74:f4:bf:d3:4d:ac:8d:78:83:
27:be:9d:f8:76:c6:58:66:b1:56:39:46:08:66:00:bc:c3:38:
a3:0d:c5:18:61:6f:17:ba:a1:79:76:e0:04:a2:31:90:4b:9d:
1b:9c:2d:92:ed:5b:cd:7f:1e:c8:35:76:95:8b:81:80:59:13:
47:4d:8f:90:49:c7:9c:7f:38:7c:d9:87:8e:04:22:7c:d8:36:
6e:e1:44:3b:88:b9:d2:59:9a:89:5d:46:96:a1:b1:e4:38:ba:
95:ee:1d:08:9b:4b:b6:34:88:4e:cc:df:49:18:b9:c7:e9:85:
53:53:ca:f4:14:fe:af:80:d0:22:9c:24:ea:5e:65:7d:d5:90:
a3:b9:7d:da:01:93:bd:f3:4b:bd:30:38:81:55:87:74:1f:74:
92:e9:a7:3d:51:f7:41:c3:28:d5:04:db:d8:31:ec:16:20:bc:
8f:0a:28:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuLUZjOLGwf2mHNNhPyJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OWEwZWQxMzU5MWQ0Yjg0Y2E3OWE4ZWI1NzcyMjYwNzY2
NTFhMTQwHhcNMjUxMTExMDcwMjAxWhcNMjUxMTEyMDcwMjAxWjAzMTEwLwYDVQQD
EygxMzE3N2MwODRjNDdkYjY2OTQyY2Y5Y2JhODBiN2IxYTlmOTNmNjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUXiKYA5hwBrvgsD5ImnK3E5wgaE
/GVwyn4zzVNdrDvglIMc+HbX7OP4kgH4aYAXlb9no4TV4MImL7HNfeVAbhYdsJ3a
Fz6s9zCC/eWZORyNMwZ4yMYw6cDxECrqukPfobBUAT5nkTCq7o5A8jh3WBAKVwCt
GgK6AkRYculaWvoX3ZpFQiG0HQC3nFe7JkIt949PpO+9ppwQ1xNghVUOt1nLVHbC
dgC5U7AgTwnI7U744NXGi2CsgRsIXqwN/KhrgRXofDBPgCj6IQZetxaNsXNxBxal
KL6UccUDSspYZqiFqMq1JMzClK7xYIpqKi8ysIB6tqt3D23tfezNjnEAUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBMXfAhMR9tmlCz5y6gLexqfk/YTMB8GA1UdIwQY
MBaAFHaaDtE1kdS4TKeajrV3ImB2ZRoUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni82OGMwMDgtNjlkMy00MzZmLWFkMzMt
MmRiZTc4NTQyMmY4LzEvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni82OGMwMDgtNjlkMy00MzZmLWFkMzMtMmRiZTc4NTQyMmY4
LzEvZHBvTzBUV1IxTGhNcDVxT3RYY2lZSFpsR2hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkG125ZuF
ezVnh56P59tbMaACEUIGrPbyzT21TWvFY7ZoQfSGOYHxHYL9go7hmXKrpunDvMBc
21KC8FOftTlDE5P8Nf059AyR4FGS44DE8F2CdPS/002sjXiDJ76d+HbGWGaxVjlG
CGYAvMM4ow3FGGFvF7qheXbgBKIxkEudG5wtku1bzX8eyDV2lYuBgFkTR02PkEnH
nH84fNmHjgQifNg2buFEO4i50lmaiV1GlqGx5Di6le4dCJtLtjSITszfSRi5x+mF
U1PK9BT+r4DQIpwk6l5lfdWQo7l92gGTvfNLvTA4gVWHdB90kumnPVH3QcMo1QTb
2DHsFiC8jwooTw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:51 2025 by rpki-client