Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
File: mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json)
Hash identifier: FavfVIlFJFN1iMpRnCKbXy9Jmcu45j2pXTyS8gPqZ3A=
Subject key identifier: D3:7B:63:3F:B6:DF:87:06:B9:F4:92:0E:42:20:B2:64:63:61:3A:33
Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
Certificate issuer: /CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Certificate serial: 019A29671AEAC80344B30C703CC4D992FC80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
Manifest number: 0594
Signing time: Tue 28 Oct 2025 06:00:14 +0000
Manifest this update: Tue 28 Oct 2025 06:00:14 +0000
Manifest next update: Wed 29 Oct 2025 06:00:14 +0000
Files and hashes: 1: cZCe7z1SuEJO9uo7pUfRsMk3zUE.roa (hash: 4ghpEp3he5IP2eaKj/sfWjxMV98wRylBMDqZHenZGeE=)
2: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: Heb0AoPJCr24flglnsWfHv8KcSxmE2EAblVs6GVtpHg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 06:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:67:1a:ea:c8:03:44:b3:0c:70:3c:c4:d9:92:fc:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617
Validity
Not Before: Oct 28 06:00:14 2025 GMT
Not After : Oct 29 06:00:14 2025 GMT
Subject: CN=d37b633fb6df8706b9f4920e4220b26463613a33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7a:ec:74:af:fb:04:9f:80:83:3b:84:b9:7c:
c8:b9:2b:bb:58:a0:99:19:9d:20:dd:41:ee:ee:71:
ed:0d:5b:0e:ac:02:94:55:e7:4b:05:5e:93:02:5a:
21:99:a5:96:9f:06:1b:93:bb:3e:90:54:7a:11:f8:
e2:7c:02:74:fa:93:25:85:a8:1e:16:63:f7:57:d0:
fc:81:3a:74:07:3d:f8:b9:87:74:e2:db:60:b8:e8:
a0:52:0c:bd:72:c5:f0:fc:5c:56:fc:04:ea:4a:b9:
d4:25:c0:ba:1f:20:73:7f:59:ba:51:1e:d4:78:4b:
7b:56:d3:af:a4:96:52:38:61:03:48:c8:db:fb:78:
83:4c:60:19:d2:6d:8b:b4:3a:4d:66:bb:d3:94:d8:
7c:3a:54:16:68:e8:97:13:56:35:7d:d2:7b:b2:59:
e5:c9:63:87:35:49:18:f5:e6:fc:c2:b5:01:8d:b8:
12:88:ea:98:4a:19:a6:58:42:57:14:8f:68:37:25:
c2:ae:ca:77:d4:74:f6:62:8b:6f:2f:24:ed:28:53:
ff:8d:f7:50:6d:a5:cd:3e:a8:8f:25:c1:66:b5:b8:
c0:bf:6c:42:f6:ae:b8:c5:fd:26:e2:ac:4d:e2:b5:
7e:7d:06:68:72:7e:ab:dc:6f:bc:da:21:fc:9b:40:
92:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:7B:63:3F:B6:DF:87:06:B9:F4:92:0E:42:20:B2:64:63:61:3A:33
X509v3 Authority Key Identifier:
keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:8c:69:6e:f0:66:5a:cc:22:1a:5f:72:29:30:b6:f5:70:d4:
12:30:7f:30:b6:39:71:89:81:3b:d3:37:f6:9a:cd:08:a9:9a:
bc:0b:12:5c:d8:3c:fc:77:73:d2:63:3d:7a:55:3d:5b:7f:f2:
be:d5:77:28:9e:21:08:7a:f9:88:7d:0a:b3:a2:6a:17:27:04:
c2:94:2d:51:e2:77:de:c2:ec:f1:17:ac:25:16:14:c2:6e:15:
15:38:ab:44:79:f3:4c:14:34:9d:ea:25:71:86:73:ee:42:21:
7f:a8:93:11:43:fe:59:f6:d3:55:2a:f8:b1:13:cd:2e:c7:52:
70:31:b8:78:03:16:72:bf:5d:2a:0f:bc:d8:8e:70:fb:0c:28:
94:61:63:2c:4e:e6:e2:13:8d:09:c9:dd:4f:80:8b:8a:9e:49:
60:f0:06:0e:a1:2b:e8:7d:3a:3b:77:2e:14:69:32:d9:08:4f:
d4:bf:3c:36:83:fc:45:bc:8b:ab:9c:ee:3a:33:4c:fc:b0:3f:
e0:dc:6a:1e:b0:ea:09:ab:bd:e5:4d:4d:aa:7a:53:48:8e:fd:
5c:b3:fd:2a:56:8d:20:92:6f:6d:e4:2e:11:cd:c1:42:5e:b6:
47:91:9c:16:b7:4d:48:37:19:b5:6a:ce:ed:71:f2:16:1e:0d:
f1:81:33:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopZxrqyANEswxwPMTZkvyAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3
OWQ2MTcwHhcNMjUxMDI4MDYwMDE0WhcNMjUxMDI5MDYwMDE0WjAzMTEwLwYDVQQD
EyhkMzdiNjMzZmI2ZGY4NzA2YjlmNDkyMGU0MjIwYjI2NDYzNjEzYTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHrsdK/7BJ+AgzuEuXzIuSu7WKCZ
GZ0g3UHu7nHtDVsOrAKUVedLBV6TAlohmaWWnwYbk7s+kFR6EfjifAJ0+pMlhage
FmP3V9D8gTp0Bz34uYd04ttguOigUgy9csXw/FxW/ATqSrnUJcC6HyBzf1m6UR7U
eEt7VtOvpJZSOGEDSMjb+3iDTGAZ0m2LtDpNZrvTlNh8OlQWaOiXE1Y1fdJ7slnl
yWOHNUkY9eb8wrUBjbgSiOqYShmmWEJXFI9oNyXCrsp31HT2YotvLyTtKFP/jfdQ
baXNPqiPJcFmtbjAv2xC9q64xf0m4qxN4rV+fQZocn6r3G+82iH8m0CSIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNN7Yz+234cGufSSDkIgsmRjYTozMB8GA1UdIwQY
MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt
YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi
LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhoxpbvBm
WswiGl9yKTC29XDUEjB/MLY5cYmBO9M39prNCKmavAsSXNg8/Hdz0mM9elU9W3/y
vtV3KJ4hCHr5iH0Ks6JqFycEwpQtUeJ33sLs8ResJRYUwm4VFTirRHnzTBQ0neol
cYZz7kIhf6iTEUP+WfbTVSr4sRPNLsdScDG4eAMWcr9dKg+82I5w+wwolGFjLE7m
4hONCcndT4CLip5JYPAGDqEr6H06O3cuFGky2QhP1L88NoP8RbyLq5zuOjNM/LA/
4NxqHrDqCau95U1NqnpTSI79XLP9KlaNIJJvbeQuEc3BQl62R5GcFrdNSDcZtWrO
7XHyFh4N8YEzfA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 11:10:58 2025 by rpki-client