Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
File: s90R00a2O7HrIqB8JswSkaKgaJU.mft (raw, json)
Hash identifier: XMR/pgva8MCzcf3XhEuQkuntLRSJUwE+MTzSWkgg5Bo=
Subject key identifier: 1F:98:BA:88:A4:A2:0F:7E:0A:29:F5:D1:40:0F:FA:A2:AF:B6:A9:31
Authority key identifier: B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
Certificate issuer: /CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Certificate serial: 019A71132EC7A97518FACAC5EEF26C3EAA33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
Manifest number: 0F2A
Signing time: Tue 11 Nov 2025 04:01:13 +0000
Manifest this update: Tue 11 Nov 2025 04:01:13 +0000
Manifest next update: Wed 12 Nov 2025 04:01:13 +0000
Files and hashes: 1: DUVtp5rmZWhjlPTwXejQEd3V8J4.roa (hash: qTcPo/VJaQTji8d15MDDjiWvnKJ389xtHOegN0VgXp0=)
2: s90R00a2O7HrIqB8JswSkaKgaJU.crl (hash: yYXg7z6TFD3aiXmlFiisfDl1MPOm3gqFgutLdnYY+qY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:2e:c7:a9:75:18:fa:ca:c5:ee:f2:6c:3e:aa:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd11d346b63bb1eb22a07c26cc1291a2a06895
Validity
Not Before: Nov 11 04:01:13 2025 GMT
Not After : Nov 12 04:01:13 2025 GMT
Subject: CN=1f98ba88a4a20f7e0a29f5d1400ffaa2afb6a931
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:0d:14:81:10:ec:94:c1:7f:85:12:d4:39:e1:
87:ec:c1:ee:1c:97:f8:c2:c8:a8:2d:47:91:1f:a2:
35:9d:1d:04:df:24:49:8e:b5:43:13:ff:7a:a1:65:
0d:73:6b:09:8e:6d:86:5c:99:13:9a:90:ef:76:1d:
b9:c3:08:dc:1e:fd:52:cf:9f:a5:e7:f6:23:63:cc:
13:2c:c7:60:6e:25:15:b3:4c:27:f1:b6:e8:6a:07:
fc:19:8f:6b:70:e0:e3:81:42:8a:c3:68:19:99:0f:
ac:46:82:bc:aa:a5:cb:56:3b:c6:82:41:d1:17:60:
08:84:d4:8c:bf:8f:93:66:a1:c1:9e:23:ce:1f:89:
2f:f9:0c:71:12:a1:c8:a3:75:b5:66:b1:97:9d:ab:
ab:67:17:dd:70:b6:6b:33:08:5f:86:45:dc:30:47:
21:b0:ba:78:f5:ee:51:b6:bd:d3:8d:66:a9:7f:d3:
50:76:0e:20:77:50:7e:66:38:a1:cb:a5:c8:a5:40:
77:e7:11:f0:9d:d2:11:ef:28:fc:57:db:b9:dc:41:
b8:8d:ac:35:c0:1d:c2:df:3d:05:f6:be:e7:e1:63:
65:b9:4b:37:51:7b:f2:56:ed:98:5e:56:48:38:4d:
14:65:52:ca:08:ad:0b:e3:70:93:45:44:a2:75:98:
0d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:98:BA:88:A4:A2:0F:7E:0A:29:F5:D1:40:0F:FA:A2:AF:B6:A9:31
X509v3 Authority Key Identifier:
keyid:B3:DD:11:D3:46:B6:3B:B1:EB:22:A0:7C:26:CC:12:91:A2:A0:68:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s90R00a2O7HrIqB8JswSkaKgaJU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/a41898-da08-469d-be1a-8bbc226e6c45/1/s90R00a2O7HrIqB8JswSkaKgaJU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
61:05:c3:bf:32:3c:e8:16:81:7c:d8:e0:45:34:04:61:61:d8:
5e:53:d9:b4:11:6e:71:7f:c5:67:dc:9b:b8:cd:22:a4:dc:58:
dd:af:92:27:c1:59:1d:e9:9b:d0:0e:8e:50:e5:fd:63:84:03:
d6:64:58:0e:cc:c1:49:92:e9:04:f3:2d:4a:72:dc:30:fe:7d:
33:89:a6:5e:56:92:c5:24:96:45:7f:72:3b:c7:36:6a:61:b6:
ec:8d:36:b3:84:76:1a:6b:67:34:44:dc:04:ce:8e:72:7d:c5:
73:9c:26:d2:11:21:f0:89:77:57:08:b4:34:84:7c:92:5b:d1:
a5:1e:f4:07:54:74:28:8d:7d:00:8e:85:07:ef:be:1a:76:50:
15:50:b2:78:b9:c6:fa:dc:35:49:bd:76:6a:67:a2:51:8c:0b:
13:98:c5:17:8e:9d:d2:e8:07:31:b6:b9:fd:df:bf:f6:b4:5a:
29:92:b4:ee:0a:f7:65:24:a5:7a:a6:29:62:71:2e:33:05:d6:
7c:45:0a:4c:07:48:b1:15:32:60:f3:9e:f4:31:13:b3:06:eb:
16:31:8d:c8:6f:e5:53:b8:ff:58:c9:88:a5:03:de:bb:87:05:
68:35:a3:08:e8:7e:86:8a:5e:58:a1:2f:c9:bb:fc:7f:79:3d:
93:95:81:68
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEy7HqXUY+srF7vJsPqozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQxMWQzNDZiNjNiYjFlYjIyYTA3YzI2Y2MxMjkxYTJh
MDY4OTUwHhcNMjUxMTExMDQwMTEzWhcNMjUxMTEyMDQwMTEzWjAzMTEwLwYDVQQD
EygxZjk4YmE4OGE0YTIwZjdlMGEyOWY1ZDE0MDBmZmFhMmFmYjZhOTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQ0UgRDslMF/hRLUOeGH7MHuHJf4
wsioLUeRH6I1nR0E3yRJjrVDE/96oWUNc2sJjm2GXJkTmpDvdh25wwjcHv1Sz5+l
5/YjY8wTLMdgbiUVs0wn8bboagf8GY9rcODjgUKKw2gZmQ+sRoK8qqXLVjvGgkHR
F2AIhNSMv4+TZqHBniPOH4kv+QxxEqHIo3W1ZrGXnaurZxfdcLZrMwhfhkXcMEch
sLp49e5Rtr3TjWapf9NQdg4gd1B+Zjihy6XIpUB35xHwndIR7yj8V9u53EG4jaw1
wB3C3z0F9r7n4WNluUs3UXvyVu2YXlZIOE0UZVLKCK0L43CTRUSidZgNfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB+Yuoikog9+Cin10UAP+qKvtqkxMB8GA1UdIwQY
MBaAFLPdEdNGtjux6yKgfCbMEpGioGiVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEt
OGJiYzIyNmU2YzQ1LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hNDE4OTgtZGEwOC00NjlkLWJlMWEtOGJiYzIyNmU2YzQ1
LzEvczkwUjAwYTJPN0hySXFCOEpzd1NrYUtnYUpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYQXDvzI8
6BaBfNjgRTQEYWHYXlPZtBFucX/FZ9ybuM0ipNxY3a+SJ8FZHemb0A6OUOX9Y4QD
1mRYDszBSZLpBPMtSnLcMP59M4mmXlaSxSSWRX9yO8c2amG27I02s4R2GmtnNETc
BM6Ocn3Fc5wm0hEh8Il3Vwi0NIR8klvRpR70B1R0KI19AI6FB+++GnZQFVCyeLnG
+tw1Sb12ameiUYwLE5jFF46d0ugHMba5/d+/9rRaKZK07gr3ZSSleqYpYnEuMwXW
fEUKTAdIsRUyYPOe9DETswbrFjGNyG/lU7j/WMmIpQPeu4cFaDWjCOh+hopeWKEv
ybv8f3k9k5WBaA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:58 2025 by rpki-client