Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
File: 25ebiYwPWDTLyDimmgXjq-jAKQM.mft (raw, json)
Hash identifier: dd5rBYhxn15b3qxUvVGk4aFqnWCY+BotY6isydNzL20=
Subject key identifier: 64:EB:1A:F9:F0:54:06:65:CB:AE:2F:E4:47:89:81:44:AF:8E:EF:11
Authority key identifier: DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
Certificate issuer: /CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Certificate serial: 019A73017610F23E527416DA6C2237F01BC0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
Manifest number: 0AB2
Signing time: Tue 11 Nov 2025 13:01:06 +0000
Manifest this update: Tue 11 Nov 2025 13:01:06 +0000
Manifest next update: Wed 12 Nov 2025 13:01:06 +0000
Files and hashes: 1: 25ebiYwPWDTLyDimmgXjq-jAKQM.crl (hash: 7QbxRu3PVkVzEbdOTG0KXWMNIh0/DEKhZ29UmRLxRik=)
2: kQI24cv0NZjcs-NoEtkNWQr945M.roa (hash: lv4kdfvUyBf5e1wmjHgM1hbCJlTmhLUys8Yvw75WiAo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:76:10:f2:3e:52:74:16:da:6c:22:37:f0:1b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Validity
Not Before: Nov 11 13:01:06 2025 GMT
Not After : Nov 12 13:01:06 2025 GMT
Subject: CN=64eb1af9f0540665cbae2fe447898144af8eef11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9c:00:94:ff:22:07:ba:c5:1c:6f:d2:32:fb:
19:8d:0f:f1:44:f8:d4:b3:52:1a:40:02:8a:0a:fc:
6a:bf:83:d7:8f:16:87:45:72:e3:1d:b5:08:d4:58:
ea:ed:fb:5f:45:ef:96:a8:3d:1f:6f:65:4f:ad:91:
94:8b:10:7f:82:29:af:a8:dd:e7:69:7a:5e:92:07:
bd:ff:8d:d7:dc:bc:b1:92:bb:b2:d6:d5:2c:55:46:
65:cd:f0:2e:75:d8:96:6f:08:57:71:10:90:da:5f:
30:d4:db:6b:ba:f6:0f:21:c0:4d:b6:23:86:12:73:
65:ec:69:a8:6e:71:8d:b4:08:3a:42:f0:e1:04:1e:
16:74:cc:f1:a5:14:90:9f:5c:c4:7f:3e:96:12:ef:
a6:2d:a3:78:c6:9f:2a:03:ac:58:0b:ba:a4:ac:85:
f7:5f:88:95:b1:64:9b:fc:d8:5b:26:52:7d:9e:f3:
20:40:b0:12:e7:2d:67:ec:f0:5c:57:e1:92:f6:45:
d6:b9:c5:e3:67:cd:b1:dc:9c:e4:50:9d:b8:ff:94:
e6:bc:28:73:53:76:2f:64:75:46:93:a0:e8:43:5c:
15:63:22:8d:3e:f9:e8:46:af:ae:16:14:05:94:58:
e3:a4:0d:ce:97:2a:17:6c:8b:6c:52:da:28:0d:56:
12:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EB:1A:F9:F0:54:06:65:CB:AE:2F:E4:47:89:81:44:AF:8E:EF:11
X509v3 Authority Key Identifier:
keyid:DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a7:fd:aa:62:fe:88:2c:68:db:bb:63:cf:75:23:13:e1:83:01:
46:8c:fc:b7:07:b7:dc:1d:c8:f7:4e:c9:b0:9e:5b:4f:6b:dc:
32:0a:68:47:92:34:33:ab:59:07:e6:88:97:c2:32:a4:61:52:
2a:84:ba:53:88:8d:70:90:af:d0:4a:ec:53:54:69:0c:dd:f0:
fe:71:19:84:3b:c5:3a:67:e2:f4:3f:c3:1d:77:dc:41:33:77:
14:e9:55:57:84:aa:ac:35:0b:2e:76:11:70:74:2c:f6:3a:c4:
3b:22:31:6b:7c:66:2f:cc:27:57:8c:2d:89:ec:24:90:28:06:
f8:1e:32:53:1f:c9:fb:fc:5c:1a:8f:5b:c9:a8:f2:f5:77:65:
03:39:cd:70:05:4b:18:cb:5b:7f:eb:2d:f4:63:d3:27:2c:ac:
11:5e:94:00:4f:fd:dd:3d:7d:72:9d:95:2c:99:98:23:70:f7:
44:fa:98:62:20:41:b2:9c:55:1d:7b:bf:92:4f:8d:d5:d6:67:
29:4f:2f:e2:ae:4d:3b:f4:8f:2a:66:fd:10:3e:55:58:42:cd:
24:4b:03:24:71:7a:ea:26:53:e0:14:de:b2:94:e3:a1:03:35:
5d:05:74:77:74:1d:9a:05:7b:65:5f:d6:1d:ce:8c:29:8d:66:
16:f1:64:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAXYQ8j5SdBbabCI38BvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTc5Yjg5OGMwZjU4MzRjYmM4MzhhNjlhMDVlM2FiZThj
MDI5MDMwHhcNMjUxMTExMTMwMTA2WhcNMjUxMTEyMTMwMTA2WjAzMTEwLwYDVQQD
Eyg2NGViMWFmOWYwNTQwNjY1Y2JhZTJmZTQ0Nzg5ODE0NGFmOGVlZjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pwAlP8iB7rFHG/SMvsZjQ/xRPjU
s1IaQAKKCvxqv4PXjxaHRXLjHbUI1Fjq7ftfRe+WqD0fb2VPrZGUixB/gimvqN3n
aXpekge9/43X3Lyxkruy1tUsVUZlzfAuddiWbwhXcRCQ2l8w1NtruvYPIcBNtiOG
EnNl7GmobnGNtAg6QvDhBB4WdMzxpRSQn1zEfz6WEu+mLaN4xp8qA6xYC7qkrIX3
X4iVsWSb/NhbJlJ9nvMgQLAS5y1n7PBcV+GS9kXWucXjZ82x3JzkUJ24/5TmvChz
U3YvZHVGk6DoQ1wVYyKNPvnoRq+uFhQFlFjjpA3OlyoXbItsUtooDVYSzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGTrGvnwVAZly64v5EeJgUSvju8RMB8GA1UdIwQY
MBaAFNuXm4mMD1g0y8g4ppoF46vowCkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUt
NGNiMjU3ZWUxOTJjLzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUtNGNiMjU3ZWUxOTJj
LzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAp/2qYv6I
LGjbu2PPdSMT4YMBRoz8twe33B3I907JsJ5bT2vcMgpoR5I0M6tZB+aIl8IypGFS
KoS6U4iNcJCv0ErsU1RpDN3w/nEZhDvFOmfi9D/DHXfcQTN3FOlVV4SqrDULLnYR
cHQs9jrEOyIxa3xmL8wnV4wtiewkkCgG+B4yUx/J+/xcGo9byajy9XdlAznNcAVL
GMtbf+st9GPTJyysEV6UAE/93T19cp2VLJmYI3D3RPqYYiBBspxVHXu/kk+N1dZn
KU8v4q5NO/SPKmb9ED5VWELNJEsDJHF66iZT4BTespTjoQM1XQV0d3QdmgV7ZV/W
Hc6MKY1mFvFkjg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:39 2025 by rpki-client