Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
File: vflgsO5rxdD2oMZKafL4Yln9zVg.mft (raw, json)
Hash identifier: oK4mLg+ZBDW4X8yGbksxb2Pk9aRlXR3RBVsdsMpEDLU=
Subject key identifier: F5:CA:7E:E0:86:A2:03:D6:2A:00:42:C8:77:32:45:F6:99:F9:DD:C2
Authority key identifier: BD:F9:60:B0:EE:6B:C5:D0:F6:A0:C6:4A:69:F2:F8:62:59:FD:CD:58
Certificate issuer: /CN=bdf960b0ee6bc5d0f6a0c64a69f2f86259fdcd58
Certificate serial: 019A73386FC9D6139DAF02765AD0B344314B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
Manifest number: 15F8
Signing time: Tue 11 Nov 2025 14:01:09 +0000
Manifest this update: Tue 11 Nov 2025 14:01:09 +0000
Manifest next update: Wed 12 Nov 2025 14:01:09 +0000
Files and hashes: 1: rEdLOhgJ5xMWvLwmv0wizm-cOW0.roa (hash: 5KEvRv7KqMLhpYGvFA0tU5bp6PFE1qlP3ELvibmeSX4=)
2: vflgsO5rxdD2oMZKafL4Yln9zVg.crl (hash: DM5JXKz2NlJH6/d8VWn/ml4eNn3jQGNZmuMRejL7fQs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:6f:c9:d6:13:9d:af:02:76:5a:d0:b3:44:31:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdf960b0ee6bc5d0f6a0c64a69f2f86259fdcd58
Validity
Not Before: Nov 11 14:01:09 2025 GMT
Not After : Nov 12 14:01:09 2025 GMT
Subject: CN=f5ca7ee086a203d62a0042c8773245f699f9ddc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:61:da:f1:fd:2e:38:da:7f:4d:21:db:2f:9f:
5c:10:a0:b9:fe:e1:eb:74:24:67:f6:09:1c:89:93:
c6:46:86:87:2a:d1:6c:16:13:1e:d7:43:7c:55:75:
93:f0:a2:26:c3:4f:bb:a3:48:85:9a:2e:65:4f:d2:
b2:62:05:3c:2f:6d:77:56:67:3f:e7:ae:90:9f:33:
28:d9:54:da:63:79:59:c5:2d:c1:93:f6:b1:0c:7d:
00:b6:d2:79:21:63:04:f2:3b:b3:3b:00:82:e7:ed:
ca:4e:7f:47:71:06:0a:6e:f5:5e:e1:7a:49:03:a2:
e1:36:42:fd:c8:74:eb:55:ac:44:e7:e4:7c:9a:e6:
42:a9:2f:37:af:b8:74:b8:74:7d:4d:6f:73:4c:22:
cb:2c:60:72:33:92:7b:a1:76:7e:28:6e:fa:8d:0d:
b0:2e:cb:06:a3:e8:c9:c4:9c:8e:81:24:4c:6f:b4:
ca:3c:19:08:83:5c:08:4f:bb:26:0d:82:67:8c:d7:
38:12:5f:90:21:81:4a:b9:34:a1:cc:af:9c:4c:99:
42:bf:02:83:8e:c8:0b:ea:0e:23:f3:f3:12:78:49:
62:4b:4e:c5:db:52:b2:68:92:79:c1:02:ac:66:d6:
e1:e4:33:ae:9f:92:4f:53:07:de:69:11:4e:10:60:
ef:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CA:7E:E0:86:A2:03:D6:2A:00:42:C8:77:32:45:F6:99:F9:DD:C2
X509v3 Authority Key Identifier:
keyid:BD:F9:60:B0:EE:6B:C5:D0:F6:A0:C6:4A:69:F2:F8:62:59:FD:CD:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vflgsO5rxdD2oMZKafL4Yln9zVg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/33684a-12c2-423a-bd3a-3ddffdeb9207/1/vflgsO5rxdD2oMZKafL4Yln9zVg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:05:10:9b:5f:86:47:31:1b:81:92:e5:a9:43:32:ca:44:5a:
e3:88:14:30:54:05:ad:ca:e5:04:05:a8:f5:15:ea:c2:c1:f3:
af:ec:54:17:c1:de:c1:5b:c2:c0:fc:8e:9b:e6:de:7a:28:3a:
c6:40:1d:ff:37:93:b1:98:f6:37:65:94:59:62:e4:ad:f4:7d:
9a:d1:50:ea:34:74:71:49:0f:94:26:18:9a:85:cf:45:d8:06:
ae:ab:76:23:be:e9:ec:b5:db:2c:8d:ca:44:24:75:b7:ba:3b:
12:cb:b2:dd:8f:77:4c:46:73:72:48:7d:61:1f:a8:6c:69:9c:
92:5d:76:f8:3f:e3:de:0d:eb:cb:a0:aa:96:4f:d7:54:27:db:
7b:8e:c9:c2:3c:f2:a8:34:ee:8d:80:bf:bc:d7:53:27:f8:77:
14:2c:65:7a:3a:3a:a0:8a:6c:dc:8d:fc:fc:57:97:4b:05:fc:
0a:1a:41:9e:00:59:9f:3f:06:d4:73:58:e8:03:db:63:cd:a9:
8f:44:6b:5d:75:e2:de:ee:62:ac:73:45:6c:2c:52:5f:c0:b9:
40:cc:66:fc:eb:37:92:40:71:2b:05:3e:e8:e6:f3:f6:7f:34:
2e:88:76:fd:e1:0a:6b:00:c4:b0:e6:b2:e0:b7:bb:4c:8c:ac:
4f:e8:65:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOG/J1hOdrwJ2WtCzRDFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZjk2MGIwZWU2YmM1ZDBmNmEwYzY0YTY5ZjJmODYyNTlm
ZGNkNTgwHhcNMjUxMTExMTQwMTA5WhcNMjUxMTEyMTQwMTA5WjAzMTEwLwYDVQQD
EyhmNWNhN2VlMDg2YTIwM2Q2MmEwMDQyYzg3NzMyNDVmNjk5ZjlkZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2Ha8f0uONp/TSHbL59cEKC5/uHr
dCRn9gkciZPGRoaHKtFsFhMe10N8VXWT8KImw0+7o0iFmi5lT9KyYgU8L213Vmc/
566QnzMo2VTaY3lZxS3Bk/axDH0AttJ5IWME8juzOwCC5+3KTn9HcQYKbvVe4XpJ
A6LhNkL9yHTrVaxE5+R8muZCqS83r7h0uHR9TW9zTCLLLGByM5J7oXZ+KG76jQ2w
LssGo+jJxJyOgSRMb7TKPBkIg1wIT7smDYJnjNc4El+QIYFKuTShzK+cTJlCvwKD
jsgL6g4j8/MSeEliS07F21KyaJJ5wQKsZtbh5DOun5JPUwfeaRFOEGDvRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXKfuCGogPWKgBCyHcyRfaZ+d3CMB8GA1UdIwQY
MBaAFL35YLDua8XQ9qDGSmny+GJZ/c1YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMzY4NGEtMTJjMi00MjNhLWJkM2Et
M2RkZmZkZWI5MjA3LzEvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMzY4NGEtMTJjMi00MjNhLWJkM2EtM2RkZmZkZWI5MjA3
LzEvdmZsZ3NPNXJ4ZEQyb01aS2FmTDRZbG45elZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGAUQm1+G
RzEbgZLlqUMyykRa44gUMFQFrcrlBAWo9RXqwsHzr+xUF8HewVvCwPyOm+beeig6
xkAd/zeTsZj2N2WUWWLkrfR9mtFQ6jR0cUkPlCYYmoXPRdgGrqt2I77p7LXbLI3K
RCR1t7o7Esuy3Y93TEZzckh9YR+obGmckl12+D/j3g3ry6Cqlk/XVCfbe47Jwjzy
qDTujYC/vNdTJ/h3FCxlejo6oIps3I38/FeXSwX8ChpBngBZnz8G1HNY6APbY82p
j0RrXXXi3u5irHNFbCxSX8C5QMxm/Os3kkBxKwU+6Obz9n80Loh2/eEKawDEsOay
4Le7TIysT+hliA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:55 2025 by rpki-client