Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.mft
File: r9I8xVrurzN-23Pq4ltZCXoneEw.mft (raw, json)
Hash identifier: e24sWtHLjHsbWUXxvXNpXYWnj76L+CGNZsYsENduVyg=
Subject key identifier: 33:C8:CF:3C:4B:44:14:D6:38:73:25:70:61:EA:3E:39:F5:2C:12:15
Authority key identifier: AF:D2:3C:C5:5A:EE:AF:33:7E:DB:73:EA:E2:5B:59:09:7A:27:78:4C
Certificate issuer: /CN=afd23cc55aeeaf337edb73eae25b59097a27784c
Certificate serial: 019A71B8A8411E2D328BB0A6D35A72780098
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:01:58 +0000
Manifest this update: Tue 11 Nov 2025 07:01:58 +0000
Manifest next update: Wed 12 Nov 2025 07:01:58 +0000
Files and hashes: 1: lHwTYMLdPppQjIGCxxbbE7ChdPI.roa (hash: AdFGp8oSyfut37qs3XRrjrGdC0sy7qxul+fWrYsyUd8=)
2: r9I8xVrurzN-23Pq4ltZCXoneEw.crl (hash: zBt/Nx1HbpZ2CG6arj6gWNrHt5757cOmMKy7Js6XLQc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:a8:41:1e:2d:32:8b:b0:a6:d3:5a:72:78:00:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afd23cc55aeeaf337edb73eae25b59097a27784c
Validity
Not Before: Nov 11 07:01:58 2025 GMT
Not After : Nov 12 07:01:58 2025 GMT
Subject: CN=33c8cf3c4b4414d63873257061ea3e39f52c1215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7e:bb:8f:6d:92:1e:6b:fd:ae:8a:a3:63:0b:
ba:09:68:b4:e4:81:18:b5:bf:67:fc:e3:11:27:fd:
9b:c0:d9:34:45:f7:6e:78:97:02:ea:a3:da:46:79:
ba:76:7a:ed:94:cf:ef:55:60:f8:be:4e:7c:25:72:
b4:4f:87:b3:67:c4:87:b7:0b:14:c4:dd:1c:64:50:
a1:c9:6c:1f:5d:8a:30:7e:7f:94:81:c4:18:36:a7:
59:4d:47:30:ba:84:d4:99:14:30:85:6e:15:34:1d:
8a:58:68:30:f1:cc:db:77:a4:4d:5b:c9:96:9f:ab:
4c:aa:d6:a4:30:89:9b:4d:f9:c2:1f:0f:84:a3:b2:
db:1a:31:ce:31:4c:50:ac:91:64:7f:2e:fc:0f:6d:
a7:64:f2:e3:d0:3a:ce:6b:ba:1f:f0:05:09:5e:41:
9f:95:23:76:44:8a:e4:e1:de:88:54:68:17:5f:2b:
ef:08:f0:02:1a:a4:ef:47:71:a0:71:3d:77:6f:45:
65:91:c0:79:b5:c2:5a:3c:de:b4:c3:7d:c6:f3:16:
fe:d8:5e:38:bd:33:b4:f3:ee:d7:ca:57:94:84:2a:
1c:fc:64:96:57:9c:2e:46:f7:1b:9b:8a:5c:7f:14:
1a:a7:fe:48:4e:2c:7d:09:88:a1:39:65:f2:92:22:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C8:CF:3C:4B:44:14:D6:38:73:25:70:61:EA:3E:39:F5:2C:12:15
X509v3 Authority Key Identifier:
keyid:AF:D2:3C:C5:5A:EE:AF:33:7E:DB:73:EA:E2:5B:59:09:7A:27:78:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r9I8xVrurzN-23Pq4ltZCXoneEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/53f458-761a-4382-827c-494f08c21497/1/r9I8xVrurzN-23Pq4ltZCXoneEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:35:aa:20:0a:e7:2b:d3:8b:2e:ee:d2:51:89:b4:51:b6:17:
f8:db:80:60:95:90:69:88:b7:a9:92:1f:a2:7e:c8:c4:c1:80:
50:89:c7:ba:f2:57:10:a6:e0:33:ce:06:a4:a0:9a:80:c6:86:
07:da:f7:b9:bd:f3:ce:3a:46:8d:59:d2:fd:1c:d0:df:61:62:
45:71:a5:c0:af:76:94:1e:43:21:f7:08:1e:41:65:47:01:c8:
8e:bb:3b:a8:18:17:2f:c2:97:17:cb:14:0f:02:0d:7b:89:dc:
ee:f0:75:9e:8c:2c:e6:24:4e:3d:4b:2c:74:d3:5c:90:3e:3c:
68:f3:e5:21:e8:94:0b:0f:e8:20:4a:51:05:b0:eb:00:f2:57:
28:7e:5e:e3:cb:71:b7:80:84:35:0e:fd:43:21:af:09:38:cb:
97:85:11:a0:21:f1:fd:52:fa:ce:97:46:07:10:8e:87:5e:2e:
e5:7a:05:4f:31:92:17:7a:8a:5f:6f:69:f9:e3:bc:fc:18:63:
00:d0:e3:3d:39:54:88:a7:71:28:bf:d0:aa:1f:71:a2:d3:6d:
8c:4b:c1:2d:2b:19:20:6c:1f:fe:4d:b6:e8:7a:3c:08:37:75:
38:51:f1:f4:f2:6e:74:83:98:c8:8c:7b:35:18:0b:07:7d:17:
7a:74:40:af
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuKhBHi0yi7Cm01pyeACYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZDIzY2M1NWFlZWFmMzM3ZWRiNzNlYWUyNWI1OTA5N2Ey
Nzc4NGMwHhcNMjUxMTExMDcwMTU4WhcNMjUxMTEyMDcwMTU4WjAzMTEwLwYDVQQD
EygzM2M4Y2YzYzRiNDQxNGQ2Mzg3MzI1NzA2MWVhM2UzOWY1MmMxMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX67j22SHmv9roqjYwu6CWi05IEY
tb9n/OMRJ/2bwNk0RfdueJcC6qPaRnm6dnrtlM/vVWD4vk58JXK0T4ezZ8SHtwsU
xN0cZFChyWwfXYowfn+UgcQYNqdZTUcwuoTUmRQwhW4VNB2KWGgw8czbd6RNW8mW
n6tMqtakMImbTfnCHw+Eo7LbGjHOMUxQrJFkfy78D22nZPLj0DrOa7of8AUJXkGf
lSN2RIrk4d6IVGgXXyvvCPACGqTvR3GgcT13b0VlkcB5tcJaPN60w33G8xb+2F44
vTO08+7XyleUhCoc/GSWV5wuRvcbm4pcfxQap/5ITix9CYihOWXykiIUNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDPIzzxLRBTWOHMlcGHqPjn1LBIVMB8GA1UdIwQY
MBaAFK/SPMVa7q8zfttz6uJbWQl6J3hMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjlJOHhWcnVyek4tMjNQcTRsdFpDWG9uZUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy81M2Y0NTgtNzYxYS00MzgyLTgyN2Mt
NDk0ZjA4YzIxNDk3LzEvcjlJOHhWcnVyek4tMjNQcTRsdFpDWG9uZUV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy81M2Y0NTgtNzYxYS00MzgyLTgyN2MtNDk0ZjA4YzIxNDk3
LzEvcjlJOHhWcnVyek4tMjNQcTRsdFpDWG9uZUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaDWqIArn
K9OLLu7SUYm0UbYX+NuAYJWQaYi3qZIfon7IxMGAUInHuvJXEKbgM84GpKCagMaG
B9r3ub3zzjpGjVnS/RzQ32FiRXGlwK92lB5DIfcIHkFlRwHIjrs7qBgXL8KXF8sU
DwINe4nc7vB1nows5iROPUssdNNckD48aPPlIeiUCw/oIEpRBbDrAPJXKH5e48tx
t4CENQ79QyGvCTjLl4URoCHx/VL6zpdGBxCOh14u5XoFTzGSF3qKX29p+eO8/Bhj
ANDjPTlUiKdxKL/Qqh9xotNtjEvBLSsZIGwf/k226Ho8CDd1OFHx9PJudIOYyIx7
NRgLB30XenRArw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:18:47 2025 by rpki-client