Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
File: DkOg3wWaUlGkALWh8TIboA0xINI.mft (raw, json)
Hash identifier: 4vufQBvboAjlBuz/p0H9JnLgGNpy26J6ZqJ5V0RVrwA=
Subject key identifier: 4C:DC:7B:8E:B2:FF:A0:FA:B9:6C:40:EC:3D:D9:C5:41:4D:31:35:6F
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 019A70A51AEF62219BB888A60C07DBEB120F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 02:00:59 +0000
Manifest this update: Tue 11 Nov 2025 02:00:59 +0000
Manifest next update: Wed 12 Nov 2025 02:00:59 +0000
Files and hashes: 1: DkOg3wWaUlGkALWh8TIboA0xINI.crl (hash: LW2YONGHk3BqwlhZ0fvlTAtVVzvUsGonMKhtVGzQFjU=)
2: meyQlZ2V2fFm7jP19tS1SnwZU8o.roa (hash: Rjzn7WIqlB0uqbC7++KFiY3Pm+Td1rmouk6fxkElj30=)
3: u8p2k1kowabt5V010HcHbUdny4A.roa (hash: +zIIZMzEVP0HgE88S7aeA3JokmowyYpTKNzs1+R3c2M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a5:1a:ef:62:21:9b:b8:88:a6:0c:07:db:eb:12:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Nov 11 02:00:59 2025 GMT
Not After : Nov 12 02:00:59 2025 GMT
Subject: CN=4cdc7b8eb2ffa0fab96c40ec3dd9c5414d31356f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f4:4c:7d:9d:2e:a1:d0:3e:63:12:4d:64:0c:
7c:1d:b7:8b:ce:aa:26:3f:5f:64:9a:8c:5f:2d:49:
58:bf:45:03:8e:9c:73:18:8d:87:8b:b2:ac:5e:d1:
e7:2d:5c:b6:44:44:7d:23:b0:a2:69:fb:a3:2e:c7:
ec:29:c9:1f:43:a1:3f:1f:b1:10:da:a0:36:ef:e6:
e5:35:ef:08:0f:19:1d:0f:ed:5d:d2:df:10:8b:19:
7d:12:6a:7b:20:ac:e2:ac:03:93:1b:41:20:c9:dc:
e0:cb:9a:35:b0:32:3c:93:1a:db:5e:ff:95:72:6d:
bf:b1:c4:db:79:79:2d:45:8b:a7:18:e3:15:5f:1a:
2c:5c:c4:50:16:8b:bd:36:d2:d6:b5:82:e3:3e:b2:
da:41:d9:b5:ec:c5:a4:d3:c5:3c:80:a1:42:d8:dc:
e2:0a:db:1f:a1:46:c5:a7:ee:0f:46:f8:f3:06:cc:
89:4e:f7:c0:b1:3b:e6:aa:b0:d1:2f:46:dc:bd:67:
d5:5f:c7:bd:ca:e5:5b:6b:f6:f1:73:83:9e:d4:29:
68:c1:57:e9:de:d3:08:f4:97:17:a0:5c:40:c3:c4:
ec:2d:25:03:fe:c9:16:14:f0:6e:b5:78:7c:a3:ef:
74:17:09:76:57:cb:01:49:85:ac:21:25:a6:8e:b5:
7d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:DC:7B:8E:B2:FF:A0:FA:B9:6C:40:EC:3D:D9:C5:41:4D:31:35:6F
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a9:60:15:38:a6:71:0e:2f:f1:d6:e2:33:5c:65:5b:d3:07:40:
5c:c7:a3:36:05:0b:45:dc:8e:da:eb:ee:cf:21:59:ac:73:3e:
d2:c2:b0:a7:93:ef:0c:eb:21:ba:d5:79:f2:31:19:18:f3:25:
6f:5d:4d:90:21:11:99:02:dc:4a:fc:08:e7:c6:20:98:4e:47:
18:42:62:c8:91:ef:6d:e3:ba:ff:d1:97:ac:5a:4a:37:94:c3:
91:ff:e9:94:a2:c1:e9:a8:89:da:13:62:37:be:0e:e3:e5:e7:
79:b4:bd:e2:09:70:5a:56:87:ec:a7:2e:0d:83:d0:75:e9:f1:
5b:52:d4:c2:26:78:01:ad:c5:95:e2:a3:95:86:1b:99:df:87:
4e:41:43:5a:f9:fd:72:ac:d0:7f:e2:73:b6:6a:11:ba:96:76:
87:5c:3b:bc:e6:00:80:bd:23:7a:90:45:11:2d:7c:fc:07:54:
f3:fb:65:09:6e:b1:c4:46:37:c2:ff:15:6c:91:96:2d:14:0d:
aa:50:b8:3a:7f:4a:a7:84:66:ec:e1:c1:a5:9c:a3:c6:6e:c7:
25:f3:2a:50:43:ac:d3:25:18:6d:e4:be:33:ca:ba:98:f0:33:
98:97:df:11:e1:f1:27:25:d4:4b:3c:6e:a0:80:39:f1:de:da:
a0:04:c6:54
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpRrvYiGbuIimDAfb6xIPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjUxMTExMDIwMDU5WhcNMjUxMTEyMDIwMDU5WjAzMTEwLwYDVQQD
Eyg0Y2RjN2I4ZWIyZmZhMGZhYjk2YzQwZWMzZGQ5YzU0MTRkMzEzNTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvRMfZ0uodA+YxJNZAx8HbeLzqom
P19kmoxfLUlYv0UDjpxzGI2Hi7KsXtHnLVy2RER9I7CiafujLsfsKckfQ6E/H7EQ
2qA27+blNe8IDxkdD+1d0t8Qixl9Emp7IKzirAOTG0Egydzgy5o1sDI8kxrbXv+V
cm2/scTbeXktRYunGOMVXxosXMRQFou9NtLWtYLjPrLaQdm17MWk08U8gKFC2Nzi
CtsfoUbFp+4PRvjzBsyJTvfAsTvmqrDRL0bcvWfVX8e9yuVba/bxc4Oe1ClowVfp
3tMI9JcXoFxAw8TsLSUD/skWFPButXh8o+90Fwl2V8sBSYWsISWmjrV9CQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEzce46y/6D6uWxA7D3ZxUFNMTVvMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqWAVOKZx
Di/x1uIzXGVb0wdAXMejNgULRdyO2uvuzyFZrHM+0sKwp5PvDOshutV58jEZGPMl
b11NkCERmQLcSvwI58YgmE5HGEJiyJHvbeO6/9GXrFpKN5TDkf/plKLB6aiJ2hNi
N74O4+XnebS94glwWlaH7KcuDYPQdenxW1LUwiZ4Aa3FleKjlYYbmd+HTkFDWvn9
cqzQf+JztmoRupZ2h1w7vOYAgL0jepBFES18/AdU8/tlCW6xxEY3wv8VbJGWLRQN
qlC4On9Kp4Rm7OHBpZyjxm7HJfMqUEOs0yUYbeS+M8q6mPAzmJffEeHxJyXUSzxu
oIA58d7aoATGVA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:56 2025 by rpki-client