Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
File: duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json)
Hash identifier: pow1kWqm8rU0VScBF2kxj6uT6eueYSimJ3x4HJz5AnY=
Subject key identifier: 02:3E:C0:B9:12:3E:53:D0:D3:BF:CD:05:2C:53:F5:6D:8C:79:94:B6
Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
Certificate issuer: /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Certificate serial: 019A725CB8368D3F029CA75FFB69EE412C32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 10:01:10 +0000
Manifest this update: Tue 11 Nov 2025 10:01:10 +0000
Manifest next update: Wed 12 Nov 2025 10:01:10 +0000
Files and hashes: 1: Bia10WQI4xw0UI_i-ndQUbuN950.roa (hash: cjV4yJiHMdoyYcYcYJ8yPol8C2FCborf12L6f+mp+8Y=)
2: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: sEQGPAZ7uldLa1UE0VP0iHiJYr7NClFaVEuANi6yDt4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:b8:36:8d:3f:02:9c:a7:5f:fb:69:ee:41:2c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Validity
Not Before: Nov 11 10:01:10 2025 GMT
Not After : Nov 12 10:01:10 2025 GMT
Subject: CN=023ec0b9123e53d0d3bfcd052c53f56d8c7994b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:06:45:da:9b:ac:52:29:b1:6c:4b:48:e3:c9:
2e:72:7b:2e:c7:6e:30:28:27:d3:b4:36:4b:d2:7e:
04:f6:35:27:32:b5:7e:73:b2:6d:2a:0d:c2:1d:a0:
96:c5:0e:f3:b0:22:da:e6:23:2c:ab:74:99:3a:ab:
ba:40:3b:c9:60:71:00:02:df:c9:19:b4:3a:14:92:
b4:f9:8c:ac:46:9a:8a:44:7e:b7:30:f1:6e:e8:75:
59:63:66:d1:5c:df:62:15:c6:f5:08:54:9f:07:e9:
c1:31:e8:d7:b6:6a:fd:86:94:4a:b7:66:3a:eb:e8:
df:96:d3:73:fc:d5:d1:b1:96:fa:28:1f:60:e4:8d:
3e:72:7d:5e:bf:0c:ca:5e:43:d2:02:dc:aa:28:70:
79:06:bb:9f:22:f8:2e:7b:22:eb:64:68:4e:d4:c4:
7c:a0:79:61:7a:12:b8:3f:e4:e3:a7:40:78:15:51:
6a:0e:ce:a7:af:fa:d3:a8:b1:de:8d:01:1b:5a:ea:
af:c4:f0:d2:fc:1d:51:83:33:01:de:4f:da:ba:83:
2e:9f:40:70:25:80:13:3a:16:65:15:a6:36:9f:7f:
7e:7a:0f:a1:07:9d:41:49:57:e4:5e:09:69:37:0c:
33:28:ea:11:e5:4f:6b:7a:b9:64:4f:7d:23:17:65:
e3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3E:C0:B9:12:3E:53:D0:D3:BF:CD:05:2C:53:F5:6D:8C:79:94:B6
X509v3 Authority Key Identifier:
keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:8e:4a:dc:df:4d:11:2e:9c:e8:d6:df:ef:77:19:48:67:9f:
bb:19:be:6e:88:a9:62:86:95:e9:d3:65:d3:a3:29:71:10:3d:
ec:83:91:a9:e7:4f:0c:00:f5:a3:1a:56:94:f0:40:11:df:5b:
4f:63:27:a4:54:cd:76:3e:50:3f:84:b9:2c:19:d7:f3:b4:46:
17:b0:7b:21:7c:0f:fb:34:dd:1c:c5:7a:fc:0d:da:8c:1c:77:
49:df:d2:2d:fd:83:83:82:13:a9:fc:c2:5b:41:a5:93:41:34:
69:11:2f:91:af:e0:a0:e1:a5:fc:98:80:2a:f9:98:58:7a:90:
c4:11:42:01:7d:ca:01:b3:d0:9c:42:9a:8a:b5:ce:25:35:b0:
1c:78:3a:82:57:38:54:a0:16:63:6a:b0:9e:28:78:1a:e8:9d:
e6:3a:9e:80:38:1f:fc:37:0c:e9:46:47:00:3c:9c:4b:31:99:
04:28:36:64:11:58:f7:73:d1:49:82:65:fb:81:7d:6b:e8:5a:
a9:7b:f3:ea:14:4d:36:6b:01:11:27:da:c8:fe:b9:fb:b5:d9:
73:72:3f:95:55:e8:bd:e0:14:5d:37:9d:4d:57:6a:a7:a8:dc:
57:36:6b:61:d3:5c:54:79:b6:c1:12:d6:c1:17:d5:51:80:b9:
a7:83:2c:4d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXLg2jT8CnKdf+2nuQSwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0
MDg0NGQwHhcNMjUxMTExMTAwMTEwWhcNMjUxMTEyMTAwMTEwWjAzMTEwLwYDVQQD
EygwMjNlYzBiOTEyM2U1M2QwZDNiZmNkMDUyYzUzZjU2ZDhjNzk5NGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAZF2pusUimxbEtI48kucnsux24w
KCfTtDZL0n4E9jUnMrV+c7JtKg3CHaCWxQ7zsCLa5iMsq3SZOqu6QDvJYHEAAt/J
GbQ6FJK0+YysRpqKRH63MPFu6HVZY2bRXN9iFcb1CFSfB+nBMejXtmr9hpRKt2Y6
6+jfltNz/NXRsZb6KB9g5I0+cn1evwzKXkPSAtyqKHB5BrufIvgueyLrZGhO1MR8
oHlhehK4P+Tjp0B4FVFqDs6nr/rTqLHejQEbWuqvxPDS/B1RgzMB3k/auoMun0Bw
JYATOhZlFaY2n39+eg+hB51BSVfkXglpNwwzKOoR5U9rerlkT30jF2XjpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAI+wLkSPlPQ07/NBSxT9W2MeZS2MB8GA1UdIwQY
MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et
NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm
LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJY5K3N9N
ES6c6Nbf73cZSGefuxm+boipYoaV6dNl06MpcRA97IORqedPDAD1oxpWlPBAEd9b
T2MnpFTNdj5QP4S5LBnX87RGF7B7IXwP+zTdHMV6/A3ajBx3Sd/SLf2Dg4ITqfzC
W0Glk0E0aREvka/goOGl/JiAKvmYWHqQxBFCAX3KAbPQnEKairXOJTWwHHg6glc4
VKAWY2qwnih4Guid5jqegDgf/DcM6UZHADycSzGZBCg2ZBFY93PRSYJl+4F9a+ha
qXvz6hRNNmsBESfayP65+7XZc3I/lVXoveAUXTedTVdqp6jcVzZrYdNcVHm2wRLW
wRfVUYC5p4MsTQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:27 2025 by rpki-client