Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
File: 39D7xN6B7icnq6PpEK_NKlOmZAw.mft (raw, json)
Hash identifier: j8cWI1IpdVasayTVVbtr8pxNGBdvKeS/uLLAPS1VXJs=
Subject key identifier: E2:07:0C:AD:01:4D:40:CD:4A:3E:0B:8C:02:9B:B8:CF:66:87:46:4F
Authority key identifier: DF:D0:FB:C4:DE:81:EE:27:27:AB:A3:E9:10:AF:CD:2A:53:A6:64:0C
Certificate issuer: /CN=dfd0fbc4de81ee2727aba3e910afcd2a53a6640c
Certificate serial: 019A71EEDEC5ECABBFA8075E5D30633A2B27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
Manifest number: 1E
Signing time: Tue 11 Nov 2025 08:01:11 +0000
Manifest this update: Tue 11 Nov 2025 08:01:11 +0000
Manifest next update: Wed 12 Nov 2025 08:01:11 +0000
Files and hashes: 1: 39D7xN6B7icnq6PpEK_NKlOmZAw.crl (hash: ez49f/xwwJGlY6fCTlau/zRAddmctAPOvK2QWMBC9gw=)
2: 4FynWQReK8fRxN_uNnLkwTP2lYE.roa (hash: VEq12KahPtGBV1be7sGcqyI3vqUnKDMcKj34J54Xm3k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:de:c5:ec:ab:bf:a8:07:5e:5d:30:63:3a:2b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfd0fbc4de81ee2727aba3e910afcd2a53a6640c
Validity
Not Before: Nov 11 08:01:11 2025 GMT
Not After : Nov 12 08:01:11 2025 GMT
Subject: CN=e2070cad014d40cd4a3e0b8c029bb8cf6687464f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:cb:da:3e:38:76:86:d6:d9:be:76:e2:51:59:
2b:97:f2:aa:bb:2b:2a:05:f4:f7:5e:22:dd:37:75:
1e:dd:4a:77:ed:d7:10:18:42:43:c0:f7:5c:8b:7f:
c3:28:6f:a1:ea:66:5f:4f:07:90:3f:8a:b6:a0:a1:
10:69:de:2e:d7:f6:f5:17:9f:19:a2:e0:32:e8:bd:
e4:cb:c7:25:09:b2:aa:8a:c2:e6:fe:b5:87:1c:3d:
94:11:0f:32:da:dd:8c:c1:5b:6c:87:79:00:ba:0f:
19:fc:3d:e1:08:ed:64:c5:3f:4c:c7:ba:98:1c:83:
39:71:44:6b:8f:ca:ec:7d:56:7a:8d:6e:d9:96:6b:
d7:ac:d9:79:58:a0:a6:35:ef:9b:f3:e0:f6:5e:ee:
f4:66:cf:26:94:fd:dd:52:df:73:40:a4:7f:9e:1b:
3a:78:76:71:88:7c:e1:99:17:07:d7:81:69:19:47:
0d:dc:84:ae:02:0f:a5:7e:ff:fe:ba:35:77:7c:33:
ae:dd:8a:2f:20:5f:e9:e9:d5:64:b2:8f:88:ec:8a:
2b:6b:31:04:15:53:15:a1:09:4b:10:bd:29:90:5c:
4c:ca:82:44:6d:59:56:9f:1b:bb:89:54:1d:b0:61:
4d:f4:d7:43:56:2b:8b:13:62:b0:85:4e:0c:db:22:
fe:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:07:0C:AD:01:4D:40:CD:4A:3E:0B:8C:02:9B:B8:CF:66:87:46:4F
X509v3 Authority Key Identifier:
keyid:DF:D0:FB:C4:DE:81:EE:27:27:AB:A3:E9:10:AF:CD:2A:53:A6:64:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/39D7xN6B7icnq6PpEK_NKlOmZAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/245873-1ca7-4b71-b220-edb0418cac4d/1/39D7xN6B7icnq6PpEK_NKlOmZAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:6c:63:cd:45:2c:82:47:00:13:91:0b:25:56:8d:76:36:97:
5d:9d:df:93:81:78:05:2f:1c:a3:21:a1:87:b3:f6:53:08:ea:
bf:9b:da:3d:53:77:8b:12:72:77:6f:0a:57:fa:cc:74:57:51:
d8:b1:93:f4:3b:31:15:2b:bb:03:4b:a7:01:04:ae:f5:f5:3a:
7c:34:91:8b:c6:4b:60:5e:f6:b6:ba:10:6e:40:46:f3:5d:f3:
a2:45:2a:27:6a:70:93:48:40:01:25:62:71:d7:4f:a2:72:f4:
de:d6:0d:4e:0e:04:64:c5:1a:a9:66:4d:af:d0:9f:f0:54:07:
28:88:cd:41:a9:f7:cd:9e:54:6a:08:15:87:70:f3:36:f5:a8:
bc:86:bd:4e:8d:5e:39:84:54:f5:48:a7:b2:28:1e:c4:0b:61:
95:e9:4e:61:51:9a:c6:22:d4:c6:55:c1:d9:c2:48:ba:8f:27:
45:d9:75:54:a6:89:bd:c8:94:54:ce:c2:80:d6:38:c3:ad:03:
51:a2:54:6e:71:d4:2f:a2:ed:ad:c5:84:4c:cd:1e:34:75:d7:
ba:3a:de:43:61:21:67:9d:31:40:8c:d4:aa:f4:18:89:da:bc:
c6:30:92:bb:2f:7e:21:6f:02:50:82:87:56:15:c4:1d:01:74:
12:8a:b5:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7t7F7Ku/qAdeXTBjOisnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmZDBmYmM0ZGU4MWVlMjcyN2FiYTNlOTEwYWZjZDJhNTNh
NjY0MGMwHhcNMjUxMTExMDgwMTExWhcNMjUxMTEyMDgwMTExWjAzMTEwLwYDVQQD
EyhlMjA3MGNhZDAxNGQ0MGNkNGEzZTBiOGMwMjliYjhjZjY2ODc0NjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsvaPjh2htbZvnbiUVkrl/Kquysq
BfT3XiLdN3Ue3Up37dcQGEJDwPdci3/DKG+h6mZfTweQP4q2oKEQad4u1/b1F58Z
ouAy6L3ky8clCbKqisLm/rWHHD2UEQ8y2t2MwVtsh3kAug8Z/D3hCO1kxT9Mx7qY
HIM5cURrj8rsfVZ6jW7ZlmvXrNl5WKCmNe+b8+D2Xu70Zs8mlP3dUt9zQKR/nhs6
eHZxiHzhmRcH14FpGUcN3ISuAg+lfv/+ujV3fDOu3YovIF/p6dVkso+I7IorazEE
FVMVoQlLEL0pkFxMyoJEbVlWnxu7iVQdsGFN9NdDViuLE2KwhU4M2yL++wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIHDK0BTUDNSj4LjAKbuM9mh0ZPMB8GA1UdIwQY
MBaAFN/Q+8Tege4nJ6uj6RCvzSpTpmQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8yNDU4NzMtMWNhNy00YjcxLWIyMjAt
ZWRiMDQxOGNhYzRkLzEvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8yNDU4NzMtMWNhNy00YjcxLWIyMjAtZWRiMDQxOGNhYzRk
LzEvMzlEN3hONkI3aWNucTZQcEVLX05LbE9tWkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemxjzUUs
gkcAE5ELJVaNdjaXXZ3fk4F4BS8coyGhh7P2Uwjqv5vaPVN3ixJyd28KV/rMdFdR
2LGT9DsxFSu7A0unAQSu9fU6fDSRi8ZLYF72troQbkBG813zokUqJ2pwk0hAASVi
cddPonL03tYNTg4EZMUaqWZNr9Cf8FQHKIjNQan3zZ5UaggVh3DzNvWovIa9To1e
OYRU9UinsigexAthlelOYVGaxiLUxlXB2cJIuo8nRdl1VKaJvciUVM7CgNY4w60D
UaJUbnHUL6LtrcWETM0eNHXXujreQ2EhZ50xQIzUqvQYidq8xjCSuy9+IW8CUIKH
VhXEHQF0Eoq12w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:52:13 2025 by rpki-client