Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
File: 86GuCwfNBe4khPTuvNRWhHNHNBQ.mft (raw, json)
Hash identifier: plJ/5sVwuLhV+92z8HQskkyz/yMNvMrs6bNg2I2Ylmo=
Subject key identifier: BA:F1:B3:0D:2C:CB:8B:30:18:9C:BD:CD:76:F0:F0:C0:84:11:CD:9C
Authority key identifier: F3:A1:AE:0B:07:CD:05:EE:24:84:F4:EE:BC:D4:56:84:73:47:34:14
Certificate issuer: /CN=f3a1ae0b07cd05ee2484f4eebcd4568473473414
Certificate serial: 019A72265FDBA8934B8E88E2811CF9C5361F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
Manifest number: 1723
Signing time: Tue 11 Nov 2025 09:01:48 +0000
Manifest this update: Tue 11 Nov 2025 09:01:48 +0000
Manifest next update: Wed 12 Nov 2025 09:01:48 +0000
Files and hashes: 1: 0yNiuwlEmaGi-GMVCrhtb0jD684.roa (hash: 0JYmDVSwa/kA2DCdsSlQFjDnGZq4KcJ5IykJE11qOfk=)
2: 86GuCwfNBe4khPTuvNRWhHNHNBQ.crl (hash: plBCMnRszpGqcI9pQ1KPTtTO1M5+43BQgFmai3uc71U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:5f:db:a8:93:4b:8e:88:e2:81:1c:f9:c5:36:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3a1ae0b07cd05ee2484f4eebcd4568473473414
Validity
Not Before: Nov 11 09:01:48 2025 GMT
Not After : Nov 12 09:01:48 2025 GMT
Subject: CN=baf1b30d2ccb8b30189cbdcd76f0f0c08411cd9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5b:92:0b:b5:7a:50:d1:42:56:d5:5f:27:eb:
ba:66:17:52:18:12:b8:38:53:2b:00:fc:d9:f5:3f:
ae:63:15:97:91:c0:cf:12:6e:63:bc:66:57:5b:0c:
29:12:45:aa:a9:01:3b:86:8a:d4:2f:86:c9:72:33:
30:95:1d:f9:a7:fe:83:03:12:57:cd:30:26:0c:a8:
36:01:99:06:5a:7e:c4:1a:65:31:e5:57:23:fb:92:
bd:be:12:76:4a:fe:34:2b:84:1d:f3:a8:f0:e5:11:
9f:71:11:4e:fa:f6:ba:cd:cf:9b:8a:22:88:49:a5:
14:86:e7:89:d2:af:c4:eb:9f:87:e9:9c:f8:d4:33:
68:dc:a8:6c:e9:ea:70:da:27:00:62:5f:aa:93:00:
08:39:b3:23:93:f3:17:40:b9:f0:b2:d4:59:ae:0f:
97:2a:7d:fd:d5:40:7b:fc:75:c7:eb:3e:79:d3:54:
25:32:70:0c:a1:a1:44:87:5c:ce:f6:7d:12:05:a2:
38:e2:7e:5f:d0:76:38:e2:03:60:18:0b:78:ed:4a:
07:44:a6:8d:2b:40:a3:7e:7e:92:8e:85:d8:c8:bf:
79:de:5b:63:5a:3c:b7:3f:5a:63:1e:71:b6:d2:9a:
d5:c2:47:4b:f5:2f:4a:18:fe:e5:5f:ff:10:b9:48:
57:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:F1:B3:0D:2C:CB:8B:30:18:9C:BD:CD:76:F0:F0:C0:84:11:CD:9C
X509v3 Authority Key Identifier:
keyid:F3:A1:AE:0B:07:CD:05:EE:24:84:F4:EE:BC:D4:56:84:73:47:34:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86GuCwfNBe4khPTuvNRWhHNHNBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/2162d8-e9de-4981-b1ca-b8477f5073c1/1/86GuCwfNBe4khPTuvNRWhHNHNBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a5:0e:eb:4f:87:07:e6:29:10:86:06:5d:9e:97:c0:20:ae:85:
5b:41:2a:10:ed:a8:e9:69:0c:aa:8c:c5:f1:7e:8b:47:da:e5:
70:65:3a:f2:be:53:32:6a:e4:58:96:bd:ac:88:70:f9:1a:43:
95:f4:5a:8f:34:9f:ec:b4:6f:33:c7:06:f7:7f:c7:25:a3:86:
f0:1f:68:cc:f8:96:a8:7b:4d:ea:e7:02:d0:4c:fb:75:39:f3:
b4:ca:a2:fd:21:30:d2:ab:bb:fb:c4:fd:f5:42:cd:fc:af:74:
e0:72:ae:e0:c3:3a:eb:0d:eb:35:e3:65:ae:a9:20:67:f5:5b:
e1:27:6b:6d:4d:fa:cb:21:44:12:31:9d:bd:6b:cc:39:d6:ff:
0f:e4:f5:e2:f6:58:12:d1:49:6b:d6:e6:9b:3a:94:a8:68:7e:
7b:56:43:c6:ba:1f:0c:94:07:fc:db:e1:3a:2c:84:cc:8c:17:
41:95:4c:c8:da:87:30:1b:75:0c:86:e8:f9:0b:5a:9d:ef:88:
03:b8:d4:09:25:cb:2c:27:d8:c1:bb:6d:26:48:66:06:13:ad:
ed:82:2b:60:0e:91:3e:f1:9b:00:71:8b:fe:32:25:80:de:2d:
f5:e3:5b:c3:10:fc:b6:f2:d8:e7:a9:25:fe:8a:9c:d6:0a:2f:
4b:fb:21:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJl/bqJNLjojigRz5xTYfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYTFhZTBiMDdjZDA1ZWUyNDg0ZjRlZWJjZDQ1Njg0NzM0
NzM0MTQwHhcNMjUxMTExMDkwMTQ4WhcNMjUxMTEyMDkwMTQ4WjAzMTEwLwYDVQQD
EyhiYWYxYjMwZDJjY2I4YjMwMTg5Y2JkY2Q3NmYwZjBjMDg0MTFjZDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVuSC7V6UNFCVtVfJ+u6ZhdSGBK4
OFMrAPzZ9T+uYxWXkcDPEm5jvGZXWwwpEkWqqQE7horUL4bJcjMwlR35p/6DAxJX
zTAmDKg2AZkGWn7EGmUx5Vcj+5K9vhJ2Sv40K4Qd86jw5RGfcRFO+va6zc+biiKI
SaUUhueJ0q/E65+H6Zz41DNo3Khs6epw2icAYl+qkwAIObMjk/MXQLnwstRZrg+X
Kn391UB7/HXH6z5501QlMnAMoaFEh1zO9n0SBaI44n5f0HY44gNgGAt47UoHRKaN
K0Cjfn6SjoXYyL953ltjWjy3P1pjHnG20prVwkdL9S9KGP7lX/8QuUhXtQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLrxsw0sy4swGJy9zXbw8MCEEc2cMB8GA1UdIwQY
MBaAFPOhrgsHzQXuJIT07rzUVoRzRzQUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8yMTYyZDgtZTlkZS00OTgxLWIxY2Et
Yjg0NzdmNTA3M2MxLzEvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8yMTYyZDgtZTlkZS00OTgxLWIxY2EtYjg0NzdmNTA3M2Mx
LzEvODZHdUN3Zk5CZTRraFBUdXZOUldoSE5ITkJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApQ7rT4cH
5ikQhgZdnpfAIK6FW0EqEO2o6WkMqozF8X6LR9rlcGU68r5TMmrkWJa9rIhw+RpD
lfRajzSf7LRvM8cG93/HJaOG8B9ozPiWqHtN6ucC0Ez7dTnztMqi/SEw0qu7+8T9
9ULN/K904HKu4MM66w3rNeNlrqkgZ/Vb4SdrbU36yyFEEjGdvWvMOdb/D+T14vZY
EtFJa9bmmzqUqGh+e1ZDxrofDJQH/NvhOiyEzIwXQZVMyNqHMBt1DIbo+Qtane+I
A7jUCSXLLCfYwbttJkhmBhOt7YIrYA6RPvGbAHGL/jIlgN4t9eNbwxD8tvLY56kl
/oqc1govS/shug==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:44:21 2025 by rpki-client