Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/d080c7-cee6-4b41-8c1c-0ef8c036b616/1/A9yMYjke_dTdGORoGeF3gAKpoYc.mft
File: A9yMYjke_dTdGORoGeF3gAKpoYc.mft (raw, json)
Hash identifier: RvXmgTYp/9a1tCNIHEf3cZ98IXOARIlqnHSgZbP0Ad4=
Subject key identifier: A9:19:AF:4D:17:E2:3D:42:65:4D:03:46:DA:21:56:38:F1:32:AD:B3
Authority key identifier: 03:DC:8C:62:39:1E:FD:D4:DD:18:E4:68:19:E1:77:80:02:A9:A1:87
Certificate issuer: /CN=03dc8c62391efdd4dd18e46819e1778002a9a187
Certificate serial: 019A7293451C7EB6CB8270274AE3AA91E022
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A9yMYjke_dTdGORoGeF3gAKpoYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/d080c7-cee6-4b41-8c1c-0ef8c036b616/1/A9yMYjke_dTdGORoGeF3gAKpoYc.mft
Manifest number: 04DF
Signing time: Tue 11 Nov 2025 11:00:45 +0000
Manifest this update: Tue 11 Nov 2025 11:00:45 +0000
Manifest next update: Wed 12 Nov 2025 11:00:45 +0000
Files and hashes: 1: A9yMYjke_dTdGORoGeF3gAKpoYc.crl (hash: F9XKZOF9Fmpjmdlr8oGQkWqnp1LgPyAO4RNtwsbCPss=)
2: KMKlBIWdbSLJxhG6mlrGw76dE8w.roa (hash: wMSY3OLmFX6U/ZLAS1pVuwf7520K0rZUrgx8A8ShiM0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/d080c7-cee6-4b41-8c1c-0ef8c036b616/1/A9yMYjke_dTdGORoGeF3gAKpoYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/d080c7-cee6-4b41-8c1c-0ef8c036b616/1/A9yMYjke_dTdGORoGeF3gAKpoYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/A9yMYjke_dTdGORoGeF3gAKpoYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:45:1c:7e:b6:cb:82:70:27:4a:e3:aa:91:e0:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03dc8c62391efdd4dd18e46819e1778002a9a187
Validity
Not Before: Nov 11 11:00:45 2025 GMT
Not After : Nov 12 11:00:45 2025 GMT
Subject: CN=a919af4d17e23d42654d0346da215638f132adb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1c:29:78:cd:9c:da:35:13:d9:9e:90:1d:71:
5f:ef:23:3e:a3:3b:3d:67:1a:b3:5a:23:1c:df:ea:
97:80:30:8b:96:e1:38:3f:73:6d:8f:43:11:b9:d6:
6a:2a:68:97:64:65:83:62:5a:b9:eb:9a:b1:ea:ed:
13:32:e6:c2:da:57:0d:2a:79:2f:c0:5c:cf:29:e5:
63:04:2b:58:81:4d:8b:0c:b6:35:52:41:da:ca:db:
ca:a9:42:0f:19:79:70:af:bd:49:c0:90:de:25:34:
98:79:25:f6:b2:98:ac:df:40:77:8a:a6:e6:1b:09:
87:73:5c:59:f5:08:e8:26:65:e2:78:15:84:f1:cb:
d6:12:63:5e:17:e4:2c:d6:e5:97:dd:a3:0e:73:64:
ad:c7:d8:0b:df:58:23:62:5c:be:ea:2b:b7:f3:41:
b9:cb:4c:ec:97:3a:8d:01:9f:90:51:ac:87:f1:e3:
1c:97:52:8d:10:63:20:6a:a9:ca:3e:a2:9e:81:90:
c9:f2:fb:93:79:b7:d8:5f:88:fe:d2:c8:b0:36:65:
f0:69:8d:df:97:c2:ed:56:99:23:aa:74:89:59:e0:
8b:ec:d4:fd:fb:54:b7:14:18:6f:26:46:83:59:d1:
1d:31:ad:31:46:07:84:52:c6:ed:e9:78:af:fb:f9:
17:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:19:AF:4D:17:E2:3D:42:65:4D:03:46:DA:21:56:38:F1:32:AD:B3
X509v3 Authority Key Identifier:
keyid:03:DC:8C:62:39:1E:FD:D4:DD:18:E4:68:19:E1:77:80:02:A9:A1:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A9yMYjke_dTdGORoGeF3gAKpoYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d080c7-cee6-4b41-8c1c-0ef8c036b616/1/A9yMYjke_dTdGORoGeF3gAKpoYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d080c7-cee6-4b41-8c1c-0ef8c036b616/1/A9yMYjke_dTdGORoGeF3gAKpoYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c2:cb:7b:aa:59:47:9f:a1:5c:d5:00:f5:3c:86:26:df:2f:28:
e5:1a:0a:09:f2:cd:75:6b:f7:fb:62:e1:ee:d0:73:cc:08:c0:
34:e2:44:de:76:79:d8:83:6b:fb:fe:bd:bd:38:a0:2b:4a:6a:
e0:e5:0c:d5:68:3c:c4:d3:9e:60:08:2b:f3:51:64:7b:c6:35:
1f:59:f0:84:91:00:14:7c:93:7f:92:42:a6:ca:b6:b1:f7:2d:
08:e4:c5:3b:f5:5a:1c:32:95:85:96:d6:3f:08:a5:ff:54:1e:
a3:a9:c5:a6:43:91:68:70:c8:a0:eb:fb:69:6b:ee:5b:a5:8f:
49:85:81:50:de:f9:77:c1:52:b4:30:e4:5b:3f:c0:a1:ad:0f:
34:49:20:9c:78:78:4a:db:c4:38:00:fc:45:52:01:d7:ef:c5:
91:31:20:ba:b6:bb:18:a4:4f:02:0d:76:ed:6d:0d:c4:5f:45:
34:0f:50:cb:24:bd:95:02:48:2e:43:e1:6d:2d:3d:97:d5:5d:
03:37:19:24:9b:71:5e:c0:d0:f0:80:bf:22:3c:86:17:77:a7:
47:c4:88:8b:b2:9c:4f:2b:9c:0f:aa:08:d1:29:98:b8:19:d7:
28:61:0b:5d:14:87:35:b8:fb:b4:08:4d:20:20:34:5c:ed:2e:
a9:3f:4b:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk0UcfrbLgnAnSuOqkeAiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzZGM4YzYyMzkxZWZkZDRkZDE4ZTQ2ODE5ZTE3NzgwMDJh
OWExODcwHhcNMjUxMTExMTEwMDQ1WhcNMjUxMTEyMTEwMDQ1WjAzMTEwLwYDVQQD
EyhhOTE5YWY0ZDE3ZTIzZDQyNjU0ZDAzNDZkYTIxNTYzOGYxMzJhZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBwpeM2c2jUT2Z6QHXFf7yM+ozs9
ZxqzWiMc3+qXgDCLluE4P3Ntj0MRudZqKmiXZGWDYlq565qx6u0TMubC2lcNKnkv
wFzPKeVjBCtYgU2LDLY1UkHaytvKqUIPGXlwr71JwJDeJTSYeSX2spis30B3iqbm
GwmHc1xZ9QjoJmXieBWE8cvWEmNeF+Qs1uWX3aMOc2Stx9gL31gjYly+6iu380G5
y0zslzqNAZ+QUayH8eMcl1KNEGMgaqnKPqKegZDJ8vuTebfYX4j+0siwNmXwaY3f
l8LtVpkjqnSJWeCL7NT9+1S3FBhvJkaDWdEdMa0xRgeEUsbt6Xiv+/kXCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKkZr00X4j1CZU0DRtohVjjxMq2zMB8GA1UdIwQY
MBaAFAPcjGI5Hv3U3RjkaBnhd4ACqaGHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTl5TVlqa2VfZFRkR09Sb0dlRjNnQUtwb1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kMDgwYzctY2VlNi00YjQxLThjMWMt
MGVmOGMwMzZiNjE2LzEvQTl5TVlqa2VfZFRkR09Sb0dlRjNnQUtwb1ljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9kMDgwYzctY2VlNi00YjQxLThjMWMtMGVmOGMwMzZiNjE2
LzEvQTl5TVlqa2VfZFRkR09Sb0dlRjNnQUtwb1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwst7qllH
n6Fc1QD1PIYm3y8o5RoKCfLNdWv3+2Lh7tBzzAjANOJE3nZ52INr+/69vTigK0pq
4OUM1Wg8xNOeYAgr81Fke8Y1H1nwhJEAFHyTf5JCpsq2sfctCOTFO/VaHDKVhZbW
Pwil/1Qeo6nFpkORaHDIoOv7aWvuW6WPSYWBUN75d8FStDDkWz/Aoa0PNEkgnHh4
StvEOAD8RVIB1+/FkTEgura7GKRPAg127W0NxF9FNA9QyyS9lQJILkPhbS09l9Vd
AzcZJJtxXsDQ8IC/IjyGF3enR8SIi7KcTyucD6oI0SmYuBnXKGELXRSHNbj7tAhN
ICA0XO0uqT9LJg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:41 2025 by rpki-client