Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c2fbe1-dd9d-4204-9066-e225a249378e/1/o4SlYxesgXmFG1cPDjp6oEToCKY.mft
File: o4SlYxesgXmFG1cPDjp6oEToCKY.mft (raw, json)
Hash identifier: w2i1HDTgK/WPb1RkjAED2ba5CbpdfdnUJzN5OW1pSu8=
Subject key identifier: C6:03:A3:4A:07:C9:D5:D3:4F:92:D5:ED:05:1A:3B:50:59:07:3E:8D
Authority key identifier: A3:84:A5:63:17:AC:81:79:85:1B:57:0F:0E:3A:7A:A0:44:E8:08:A6
Certificate issuer: /CN=a384a56317ac8179851b570f0e3a7aa044e808a6
Certificate serial: 019A71EEB137BF20ECECB0B5A34B9C4F711B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o4SlYxesgXmFG1cPDjp6oEToCKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c2fbe1-dd9d-4204-9066-e225a249378e/1/o4SlYxesgXmFG1cPDjp6oEToCKY.mft
Manifest number: 0540
Signing time: Tue 11 Nov 2025 08:00:59 +0000
Manifest this update: Tue 11 Nov 2025 08:00:59 +0000
Manifest next update: Wed 12 Nov 2025 08:00:59 +0000
Files and hashes: 1: K7qTK9pIyiEZfe3oYQ_ZP0X2yEA.roa (hash: aRm9dSDweAWyai2Lyi7lBDWMUI5ncN0CehfI1VhjASU=)
2: o4SlYxesgXmFG1cPDjp6oEToCKY.crl (hash: i31v9jB37ovVJjOYgh6D7/hG9ZZ/d4N7KyRNUOHFzuk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/c2fbe1-dd9d-4204-9066-e225a249378e/1/o4SlYxesgXmFG1cPDjp6oEToCKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/c2fbe1-dd9d-4204-9066-e225a249378e/1/o4SlYxesgXmFG1cPDjp6oEToCKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/o4SlYxesgXmFG1cPDjp6oEToCKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:b1:37:bf:20:ec:ec:b0:b5:a3:4b:9c:4f:71:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a384a56317ac8179851b570f0e3a7aa044e808a6
Validity
Not Before: Nov 11 08:00:59 2025 GMT
Not After : Nov 12 08:00:59 2025 GMT
Subject: CN=c603a34a07c9d5d34f92d5ed051a3b5059073e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:24:17:91:a9:b2:b4:bf:2e:43:46:47:10:ad:
6f:77:6d:6e:b4:4a:1e:62:8b:26:c9:8d:53:57:5e:
51:15:83:f6:47:09:60:6f:7b:06:2d:1b:72:2b:6f:
bf:60:90:71:20:3a:de:90:89:0e:e5:6e:d4:aa:cf:
fe:08:96:15:c2:79:9d:72:06:bc:2c:39:e6:0e:b6:
c9:68:0d:9b:95:ac:17:96:3d:f0:db:1f:a3:94:b8:
05:b3:cc:4c:d7:b8:37:7e:16:59:12:0f:bb:02:14:
ba:42:c3:68:f7:55:1c:d5:d8:6d:38:4b:5f:86:35:
cf:55:c3:97:c8:cb:70:0d:9d:97:25:07:dc:4b:9f:
0c:f4:24:8a:7e:ef:0c:fd:6d:85:49:f9:fe:4c:b4:
f8:cd:9e:6d:a4:0b:bb:fe:5b:27:1d:d7:2d:cf:2c:
cb:98:13:3d:91:22:78:42:7d:ad:d6:e7:02:58:0c:
63:87:1a:41:e8:64:93:26:51:f0:e0:ba:bc:bf:61:
c8:f0:51:71:f4:44:94:79:f4:39:56:7c:cc:78:23:
33:1a:23:34:30:4a:ec:bc:7d:6d:6b:7f:0a:7d:78:
2e:ce:50:73:a1:e1:86:ab:e3:36:29:b3:b8:55:68:
31:2c:67:d0:0b:85:1a:c6:1d:0a:33:b0:e8:08:43:
20:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:03:A3:4A:07:C9:D5:D3:4F:92:D5:ED:05:1A:3B:50:59:07:3E:8D
X509v3 Authority Key Identifier:
keyid:A3:84:A5:63:17:AC:81:79:85:1B:57:0F:0E:3A:7A:A0:44:E8:08:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o4SlYxesgXmFG1cPDjp6oEToCKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c2fbe1-dd9d-4204-9066-e225a249378e/1/o4SlYxesgXmFG1cPDjp6oEToCKY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c2fbe1-dd9d-4204-9066-e225a249378e/1/o4SlYxesgXmFG1cPDjp6oEToCKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:cc:2d:60:32:7d:09:4b:36:ee:cc:84:f5:cf:47:19:ab:43:
77:fb:63:35:21:16:a5:e5:01:1f:a4:30:b5:c4:81:78:88:8f:
79:8b:d3:5a:16:12:bb:03:ca:ed:a8:22:0c:be:5e:19:a7:d5:
6f:ba:88:58:c8:0d:63:e0:be:61:bd:c5:e9:80:ef:93:f1:41:
b4:bd:d0:4d:6d:02:08:e1:82:95:11:a8:51:36:39:ac:c7:2c:
19:de:e3:51:e2:2e:f1:9f:ae:47:20:96:53:48:17:3d:64:c2:
a7:31:d6:70:13:24:87:68:ab:c6:c7:18:5e:20:72:28:8a:dd:
60:2a:9f:50:da:76:9f:eb:dc:40:6d:91:04:a5:4a:8d:c2:1b:
0b:d9:ae:9f:59:16:f7:13:d1:ad:4f:26:ab:a8:1c:cc:d3:2c:
c8:72:b6:13:01:87:d9:35:53:42:92:c7:6c:35:43:e4:9f:ce:
f7:91:6a:f5:a5:af:17:94:e0:8d:fc:46:dd:2c:08:27:1d:8e:
b3:2c:0d:09:bf:e1:eb:cc:f3:1b:f6:8a:7d:67:74:23:4b:a2:
81:e0:8c:6a:61:c6:1e:b0:3a:56:90:c1:2b:bc:bb:13:70:a7:
8f:c2:cb:5f:c7:88:91:cb:86:47:c2:bd:b5:91:ce:58:a5:28:
4c:b0:8c:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7rE3vyDs7LC1o0ucT3EbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzODRhNTYzMTdhYzgxNzk4NTFiNTcwZjBlM2E3YWEwNDRl
ODA4YTYwHhcNMjUxMTExMDgwMDU5WhcNMjUxMTEyMDgwMDU5WjAzMTEwLwYDVQQD
EyhjNjAzYTM0YTA3YzlkNWQzNGY5MmQ1ZWQwNTFhM2I1MDU5MDczZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziQXkamytL8uQ0ZHEK1vd21utEoe
YosmyY1TV15RFYP2Rwlgb3sGLRtyK2+/YJBxIDrekIkO5W7Uqs/+CJYVwnmdcga8
LDnmDrbJaA2blawXlj3w2x+jlLgFs8xM17g3fhZZEg+7AhS6QsNo91Uc1dhtOEtf
hjXPVcOXyMtwDZ2XJQfcS58M9CSKfu8M/W2FSfn+TLT4zZ5tpAu7/lsnHdctzyzL
mBM9kSJ4Qn2t1ucCWAxjhxpB6GSTJlHw4Lq8v2HI8FFx9ESUefQ5VnzMeCMzGiM0
MErsvH1ta38KfXguzlBzoeGGq+M2KbO4VWgxLGfQC4Uaxh0KM7DoCEMg4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMYDo0oHydXTT5LV7QUaO1BZBz6NMB8GA1UdIwQY
MBaAFKOEpWMXrIF5hRtXDw46eqBE6AimMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzRTbFl4ZXNnWG1GRzFjUERqcDZvRVRvQ0tZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMmZiZTEtZGQ5ZC00MjA0LTkwNjYt
ZTIyNWEyNDkzNzhlLzEvbzRTbFl4ZXNnWG1GRzFjUERqcDZvRVRvQ0tZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9jMmZiZTEtZGQ5ZC00MjA0LTkwNjYtZTIyNWEyNDkzNzhl
LzEvbzRTbFl4ZXNnWG1GRzFjUERqcDZvRVRvQ0tZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX8wtYDJ9
CUs27syE9c9HGatDd/tjNSEWpeUBH6QwtcSBeIiPeYvTWhYSuwPK7agiDL5eGafV
b7qIWMgNY+C+Yb3F6YDvk/FBtL3QTW0CCOGClRGoUTY5rMcsGd7jUeIu8Z+uRyCW
U0gXPWTCpzHWcBMkh2irxscYXiByKIrdYCqfUNp2n+vcQG2RBKVKjcIbC9mun1kW
9xPRrU8mq6gczNMsyHK2EwGH2TVTQpLHbDVD5J/O95Fq9aWvF5TgjfxG3SwIJx2O
sywNCb/h68zzG/aKfWd0I0uigeCMamHGHrA6VpDBK7y7E3Cnj8LLX8eIkcuGR8K9
tZHOWKUoTLCMdg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:22:43 2025 by rpki-client