Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/7c1b17-b7b5-4401-b0a7-974720889ffa/1/S5nNYSQguFk0kdhobOTEr4W5CtU.mft
File: S5nNYSQguFk0kdhobOTEr4W5CtU.mft (raw, json)
Hash identifier: s8Y87/+OvfKT8yO6vlvX3Otg1UNe8BF/eYgDGYksVRc=
Subject key identifier: F4:2A:B7:D5:D4:31:D7:55:3E:3E:AF:B7:6B:68:77:3C:82:23:A6:94
Authority key identifier: 4B:99:CD:61:24:20:B8:59:34:91:D8:68:6C:E4:C4:AF:85:B9:0A:D5
Certificate issuer: /CN=4b99cd612420b8593491d8686ce4c4af85b90ad5
Certificate serial: 019A7112D10D32321B64549A8B3250BF335E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5nNYSQguFk0kdhobOTEr4W5CtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/7c1b17-b7b5-4401-b0a7-974720889ffa/1/S5nNYSQguFk0kdhobOTEr4W5CtU.mft
Manifest number: 014F
Signing time: Tue 11 Nov 2025 04:00:49 +0000
Manifest this update: Tue 11 Nov 2025 04:00:49 +0000
Manifest next update: Wed 12 Nov 2025 04:00:49 +0000
Files and hashes: 1: 4qD1Oc9Rkwf3nkPKdA3PqgFhBVg.roa (hash: FAYdaSueDZBgvCYn8/TIySq6P0JIfXLy0IlKcRVzUNU=)
2: S5nNYSQguFk0kdhobOTEr4W5CtU.crl (hash: CZkS+huL1k9VHoWsyfT4pzFHJlsy2JPdm5LKaYmGFC0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/7c1b17-b7b5-4401-b0a7-974720889ffa/1/S5nNYSQguFk0kdhobOTEr4W5CtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/7c1b17-b7b5-4401-b0a7-974720889ffa/1/S5nNYSQguFk0kdhobOTEr4W5CtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5nNYSQguFk0kdhobOTEr4W5CtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:d1:0d:32:32:1b:64:54:9a:8b:32:50:bf:33:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b99cd612420b8593491d8686ce4c4af85b90ad5
Validity
Not Before: Nov 11 04:00:49 2025 GMT
Not After : Nov 12 04:00:49 2025 GMT
Subject: CN=f42ab7d5d431d7553e3eafb76b68773c8223a694
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:4d:7d:80:56:35:e9:0a:16:fb:46:1f:99:
3b:0c:43:86:76:38:63:9c:5e:04:56:47:7e:62:42:
4e:2a:15:5e:ec:4d:2b:d6:88:0d:b6:ae:92:92:f4:
74:51:78:5f:72:b1:a8:a8:5f:2d:a5:c2:ed:f3:74:
d6:5a:c1:da:b2:09:b5:87:57:c6:80:97:08:ff:a2:
69:a1:5a:65:3a:d4:81:c0:66:97:37:9a:69:15:a5:
6d:19:8e:84:8a:0f:7d:09:8a:4b:76:00:1d:6c:18:
cb:4d:c3:11:f9:55:49:38:63:4e:a4:a7:d7:6b:f5:
0f:60:9d:e1:a9:39:34:a6:65:7d:f8:02:7f:b1:80:
4e:3b:33:71:65:bb:5c:1c:ef:0c:65:14:79:a2:10:
7a:85:33:0d:65:5a:39:bf:8c:db:64:fb:b7:27:07:
35:11:b7:59:52:be:ac:b0:7c:14:26:c1:90:c0:91:
c8:ac:28:63:fd:7d:3d:5f:de:c1:4a:2b:38:1e:83:
90:cf:11:79:50:04:d2:c0:d2:40:e5:84:c3:c6:2a:
25:ea:e3:b2:77:6b:c8:13:db:d5:ee:16:05:f0:b4:
c0:14:8e:79:a6:f2:bd:0d:54:fc:e4:5f:62:80:47:
a2:57:90:ea:47:41:f5:16:d6:25:6a:c5:79:5f:fa:
ab:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2A:B7:D5:D4:31:D7:55:3E:3E:AF:B7:6B:68:77:3C:82:23:A6:94
X509v3 Authority Key Identifier:
keyid:4B:99:CD:61:24:20:B8:59:34:91:D8:68:6C:E4:C4:AF:85:B9:0A:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5nNYSQguFk0kdhobOTEr4W5CtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7c1b17-b7b5-4401-b0a7-974720889ffa/1/S5nNYSQguFk0kdhobOTEr4W5CtU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/7c1b17-b7b5-4401-b0a7-974720889ffa/1/S5nNYSQguFk0kdhobOTEr4W5CtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3c:dc:19:6c:17:7c:a9:0c:a3:c4:54:28:a5:98:3f:b1:8c:18:
9a:b2:d7:c4:a8:93:32:11:0e:fe:11:48:8d:33:9a:4e:91:14:
36:a8:05:6a:b2:10:de:d9:5d:df:6e:b4:75:9b:9a:36:52:79:
56:1c:a5:c5:17:68:3d:71:44:79:e3:02:27:be:91:5c:31:44:
bf:6c:0d:da:81:2f:34:2f:49:e2:4a:f4:ce:22:8b:14:ff:04:
88:c5:85:33:3b:5f:c3:39:97:b3:07:3e:83:91:1a:bc:88:98:
8c:98:6f:01:65:d1:be:11:ea:6c:1c:7f:c3:46:0f:e9:ae:db:
25:85:a5:3a:fb:ce:25:4a:05:4d:82:e0:88:45:57:9f:6e:57:
e8:b4:7d:0d:e6:d9:57:35:2f:fb:63:93:0f:93:02:b1:64:47:
e5:07:eb:3c:84:24:52:32:36:96:fc:0f:3c:66:4a:7f:6d:c6:
87:14:f9:cc:22:a8:fb:a5:c3:6f:f0:ca:f8:5c:0c:db:e6:98:
7b:3f:91:87:87:63:48:40:3c:21:57:c4:b1:be:a3:e7:7f:b9:
d6:dd:8b:90:23:3d:25:b7:59:bd:e2:9a:18:40:a0:7a:b8:3e:
b7:51:17:fd:f0:4b:ce:31:3d:86:0c:31:a8:d3:a6:b1:69:78:
01:0b:63:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEtENMjIbZFSaizJQvzNeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTljZDYxMjQyMGI4NTkzNDkxZDg2ODZjZTRjNGFmODVi
OTBhZDUwHhcNMjUxMTExMDQwMDQ5WhcNMjUxMTEyMDQwMDQ5WjAzMTEwLwYDVQQD
EyhmNDJhYjdkNWQ0MzFkNzU1M2UzZWFmYjc2YjY4NzczYzgyMjNhNjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YVNfYBWNekKFvtGH5k7DEOGdjhj
nF4EVkd+YkJOKhVe7E0r1ogNtq6SkvR0UXhfcrGoqF8tpcLt83TWWsHasgm1h1fG
gJcI/6JpoVplOtSBwGaXN5ppFaVtGY6Eig99CYpLdgAdbBjLTcMR+VVJOGNOpKfX
a/UPYJ3hqTk0pmV9+AJ/sYBOOzNxZbtcHO8MZRR5ohB6hTMNZVo5v4zbZPu3Jwc1
EbdZUr6ssHwUJsGQwJHIrChj/X09X97BSis4HoOQzxF5UATSwNJA5YTDxiol6uOy
d2vIE9vV7hYF8LTAFI55pvK9DVT85F9igEeiV5DqR0H1FtYlasV5X/qruwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPQqt9XUMddVPj6vt2todzyCI6aUMB8GA1UdIwQY
MBaAFEuZzWEkILhZNJHYaGzkxK+FuQrVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVuTllTUWd1Rmswa2Rob2JPVEVyNFc1Q3RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS83YzFiMTctYjdiNS00NDAxLWIwYTct
OTc0NzIwODg5ZmZhLzEvUzVuTllTUWd1Rmswa2Rob2JPVEVyNFc1Q3RVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS83YzFiMTctYjdiNS00NDAxLWIwYTctOTc0NzIwODg5ZmZh
LzEvUzVuTllTUWd1Rmswa2Rob2JPVEVyNFc1Q3RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPNwZbBd8
qQyjxFQopZg/sYwYmrLXxKiTMhEO/hFIjTOaTpEUNqgFarIQ3tld3260dZuaNlJ5
VhylxRdoPXFEeeMCJ76RXDFEv2wN2oEvNC9J4kr0ziKLFP8EiMWFMztfwzmXswc+
g5EavIiYjJhvAWXRvhHqbBx/w0YP6a7bJYWlOvvOJUoFTYLgiEVXn25X6LR9DebZ
VzUv+2OTD5MCsWRH5QfrPIQkUjI2lvwPPGZKf23GhxT5zCKo+6XDb/DK+FwM2+aY
ez+Rh4djSEA8IVfEsb6j53+51t2LkCM9JbdZveKaGECgerg+t1EX/fBLzjE9hgwx
qNOmsWl4AQtjiw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:53 2025 by rpki-client