Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
File: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft (raw, json)
Hash identifier: xBNtzOBv3KwEEMhHM8ppXSUUvGMOQCWk0g56xWisxYE=
Subject key identifier: DB:A4:B5:24:94:33:BD:3B:2B:54:60:A6:A0:5D:4D:30:C6:45:F2:6E
Authority key identifier: 0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
Certificate issuer: /CN=0d333f72d9e294543825be63729f8034a4517090
Certificate serial: 019A725C9071B0001686B935AEA40498C0DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
Manifest number: 0B15
Signing time: Tue 11 Nov 2025 10:01:00 +0000
Manifest this update: Tue 11 Nov 2025 10:01:00 +0000
Manifest next update: Wed 12 Nov 2025 10:01:00 +0000
Files and hashes: 1: DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl (hash: U7ZbFoLkho8qGmwe+OJf2AoPv0FrybHirT6w3NhTOI4=)
2: IoDHlDbNXO3jlcqfipIcULBON5A.roa (hash: KOgCTDaSahbElR1Ol4oBVrEjOtYhS4W0VzXtKth8BeM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:90:71:b0:00:16:86:b9:35:ae:a4:04:98:c0:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d333f72d9e294543825be63729f8034a4517090
Validity
Not Before: Nov 11 10:01:00 2025 GMT
Not After : Nov 12 10:01:00 2025 GMT
Subject: CN=dba4b5249433bd3b2b5460a6a05d4d30c645f26e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:24:70:c0:59:84:5c:f1:7a:9b:49:09:a4:ee:
31:34:9f:70:da:39:c0:64:5e:2a:43:b1:31:fc:bd:
9a:a0:bb:18:ce:ff:f0:03:f3:22:a3:3a:2d:ed:ac:
ff:1d:b4:c5:fe:96:ab:18:4c:f7:78:67:40:9a:d5:
2b:d7:e8:4c:fb:9a:b5:09:56:07:1d:25:d7:54:aa:
b6:19:93:ac:6d:5d:c2:fd:45:78:be:00:2e:42:a5:
af:dc:fb:3a:9e:7f:ac:3f:b5:f3:c0:4b:07:96:ba:
b5:a6:80:db:47:3a:ab:58:47:46:29:4e:ac:56:0f:
b7:cf:c5:c8:0c:c9:cc:f2:c3:8e:95:ce:a5:7e:fd:
bc:13:6f:20:51:c1:99:c4:2a:40:55:40:b5:0c:ce:
99:be:36:e4:de:3f:54:2f:0c:a2:4a:42:6f:d8:8f:
01:23:dd:0f:1d:ad:e7:50:ce:03:2c:00:18:8d:12:
72:16:b9:48:18:79:7a:82:04:b0:a6:a9:36:4d:23:
30:1a:71:b4:3a:76:a7:88:d4:22:54:9c:af:43:ef:
58:7c:28:17:32:f2:35:09:3f:89:41:88:fe:f5:55:
0c:66:ce:8d:27:08:b0:f8:af:a9:43:2e:88:c7:a7:
ba:5d:d9:9e:c6:be:29:3c:a1:32:4b:ce:38:75:55:
83:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A4:B5:24:94:33:BD:3B:2B:54:60:A6:A0:5D:4D:30:C6:45:F2:6E
X509v3 Authority Key Identifier:
keyid:0D:33:3F:72:D9:E2:94:54:38:25:BE:63:72:9F:80:34:A4:51:70:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/65fea2-a3d9-492f-8e44-894dfa5df017/1/DTM_ctnilFQ4Jb5jcp-ANKRRcJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:7f:86:ce:91:1a:aa:cc:85:69:a0:d3:f7:f8:9d:4a:f0:67:
4d:05:39:b4:13:4b:f7:a9:35:57:e8:40:d8:b0:e6:bb:7f:9f:
a8:37:5c:6f:ee:bb:b0:cb:de:04:dc:23:df:59:ff:fb:13:86:
57:f3:d1:45:13:dc:4d:4a:de:25:7f:97:ec:6e:3a:67:3f:c3:
b2:9e:be:cb:b6:5b:68:82:c8:db:52:ad:3b:67:e5:da:7f:8b:
6b:d9:4f:a6:2d:5f:32:8b:b6:06:42:96:f8:40:c7:17:f2:47:
0d:a4:bb:84:5c:fe:58:64:0e:67:80:40:a5:b8:58:1a:12:d9:
fb:2f:c6:48:f4:6f:74:54:78:65:f3:5d:89:2a:02:d5:7f:80:
ac:85:a9:56:b1:29:4f:fd:4b:2f:d3:2b:3c:80:a0:2f:a1:a6:
a4:67:e7:59:a1:42:5f:75:6e:0d:d7:ee:bf:2c:57:55:6e:b9:
18:30:54:e8:9e:28:d1:73:46:ac:a8:22:a9:dc:b1:19:7a:e9:
b0:fc:3a:58:52:9a:ba:a8:b0:b6:19:f4:44:81:39:42:63:75:
ee:be:2c:57:ae:c8:a9:46:5c:2b:a4:55:8d:52:80:fc:77:5f:
16:10:2f:94:18:83:b3:1b:ad:0a:e3:cc:f5:8d:24:37:ee:3c:
78:17:79:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJBxsAAWhrk1rqQEmMDdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMzMzZjcyZDllMjk0NTQzODI1YmU2MzcyOWY4MDM0YTQ1
MTcwOTAwHhcNMjUxMTExMTAwMTAwWhcNMjUxMTEyMTAwMTAwWjAzMTEwLwYDVQQD
EyhkYmE0YjUyNDk0MzNiZDNiMmI1NDYwYTZhMDVkNGQzMGM2NDVmMjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyRwwFmEXPF6m0kJpO4xNJ9w2jnA
ZF4qQ7Ex/L2aoLsYzv/wA/Miozot7az/HbTF/parGEz3eGdAmtUr1+hM+5q1CVYH
HSXXVKq2GZOsbV3C/UV4vgAuQqWv3Ps6nn+sP7XzwEsHlrq1poDbRzqrWEdGKU6s
Vg+3z8XIDMnM8sOOlc6lfv28E28gUcGZxCpAVUC1DM6Zvjbk3j9ULwyiSkJv2I8B
I90PHa3nUM4DLAAYjRJyFrlIGHl6ggSwpqk2TSMwGnG0OnaniNQiVJyvQ+9YfCgX
MvI1CT+JQYj+9VUMZs6NJwiw+K+pQy6Ix6e6Xdmexr4pPKEyS844dVWD9QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNuktSSUM707K1RgpqBdTTDGRfJuMB8GA1UdIwQY
MBaAFA0zP3LZ4pRUOCW+Y3KfgDSkUXCQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQt
ODk0ZGZhNWRmMDE3LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC82NWZlYTItYTNkOS00OTJmLThlNDQtODk0ZGZhNWRmMDE3
LzEvRFRNX2N0bmlsRlE0SmI1amNwLUFOS1JSY0pBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHn+GzpEa
qsyFaaDT9/idSvBnTQU5tBNL96k1V+hA2LDmu3+fqDdcb+67sMveBNwj31n/+xOG
V/PRRRPcTUreJX+X7G46Zz/Dsp6+y7ZbaILI21KtO2fl2n+La9lPpi1fMou2BkKW
+EDHF/JHDaS7hFz+WGQOZ4BApbhYGhLZ+y/GSPRvdFR4ZfNdiSoC1X+ArIWpVrEp
T/1LL9MrPICgL6GmpGfnWaFCX3VuDdfuvyxXVW65GDBU6J4o0XNGrKgiqdyxGXrp
sPw6WFKauqiwthn0RIE5QmN17r4sV67IqUZcK6RVjVKA/HdfFhAvlBiDsxutCuPM
9Y0kN+48eBd5pg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:09:40 2025 by rpki-client