Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.mft
File: mrL5l1qR5xN52hAOyEvUSgooDZs.mft (raw, json)
Hash identifier: P0iJ2RY6NQ6Zbn7LN3Xy3dLuwWMTt2Ls2gLNNE3XYEo=
Subject key identifier: 39:8B:53:B0:BB:8B:61:54:13:C2:AB:74:BF:87:50:66:27:E5:F6:24
Authority key identifier: 9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
Certificate issuer: /CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Certificate serial: 019A7149D7882EDDCF9213B4A5BC808DF8CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.mft
Manifest number: 1463
Signing time: Tue 11 Nov 2025 05:00:55 +0000
Manifest this update: Tue 11 Nov 2025 05:00:55 +0000
Manifest next update: Wed 12 Nov 2025 05:00:55 +0000
Files and hashes: 1: PbBhRej558nP-vCP2i5bq2vF02I.roa (hash: k4y0Lkz3mWSRjZ9l7iXnliVmD502EHJIpmvxtHIQNOU=)
2: mrL5l1qR5xN52hAOyEvUSgooDZs.crl (hash: G3sjQLxR/EMa/CipZ1Dj5VjTj8MMPuR1VIMXIKVhMuI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d7:88:2e:dd:cf:92:13:b4:a5:bc:80:8d:f8:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab2f9975a91e71379da100ec84bd44a0a280d9b
Validity
Not Before: Nov 11 05:00:55 2025 GMT
Not After : Nov 12 05:00:55 2025 GMT
Subject: CN=398b53b0bb8b615413c2ab74bf87506627e5f624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d4:bb:69:d5:74:87:71:3c:a9:47:c4:ca:2f:
7f:a5:09:78:32:70:4e:c6:5b:3b:2e:21:07:c1:9c:
27:66:80:48:06:ba:77:8d:9e:9f:cb:58:2e:40:c7:
d8:be:ad:0a:15:28:e0:41:10:51:b9:2e:fb:67:36:
80:13:53:dc:75:e3:fe:a2:dd:7c:8a:08:fe:7a:8d:
14:27:33:99:d6:4c:78:38:0f:5e:a8:b1:51:08:2e:
86:59:c1:bd:1d:73:c6:54:8e:fd:65:d4:c6:e1:63:
74:d0:64:64:2f:e3:c7:48:9f:a9:35:ae:4a:4d:4e:
65:f1:70:58:48:64:dc:52:06:1a:c9:ab:54:92:a5:
ae:89:41:38:19:7b:2a:12:e5:7a:7a:d8:41:c9:58:
d6:a6:43:5b:8a:7e:32:a6:80:00:fe:88:90:3b:a4:
c7:3f:f4:68:ea:33:58:88:45:66:cf:6b:62:23:43:
b9:dc:f9:8b:0f:a3:b8:29:26:49:99:6b:b1:29:0b:
dd:ca:93:22:21:79:81:ce:73:37:26:ba:c8:b7:8a:
e1:d0:a6:07:82:1f:21:39:ca:a8:a9:6c:7e:2b:6d:
2e:8f:1d:98:70:99:59:d2:6d:a7:f4:d0:99:58:97:
bd:b7:3f:fa:ba:6f:e4:a8:fa:16:9d:0e:42:eb:c0:
b2:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8B:53:B0:BB:8B:61:54:13:C2:AB:74:BF:87:50:66:27:E5:F6:24
X509v3 Authority Key Identifier:
keyid:9A:B2:F9:97:5A:91:E7:13:79:DA:10:0E:C8:4B:D4:4A:0A:28:0D:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mrL5l1qR5xN52hAOyEvUSgooDZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/07a487-26cb-4b18-bb39-15fe06fff8bc/1/mrL5l1qR5xN52hAOyEvUSgooDZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
32:0d:91:09:25:2b:7f:40:de:3d:c5:5a:9e:c7:1a:65:37:44:
24:35:7b:11:b7:41:c4:b6:45:df:c5:aa:9b:da:60:85:f7:c8:
34:60:49:14:b3:b3:77:e5:46:a0:df:59:eb:cc:65:f6:c7:c1:
a1:b2:f8:07:b7:f2:25:cf:87:cd:b9:6b:19:e3:fa:c7:01:7b:
96:d6:26:53:7a:f3:25:d4:ab:84:0a:2f:11:89:46:8a:09:3d:
81:76:40:41:c8:8d:21:89:e2:c2:e5:b0:18:e1:a0:29:96:95:
24:76:e6:48:4b:a2:82:8a:c0:ee:26:99:d4:6e:3d:38:d0:1d:
30:b2:e7:51:a9:fa:06:dc:b0:ca:6a:78:34:93:6e:2a:e2:0e:
f3:6a:81:8a:79:6f:9c:d6:64:47:92:d4:79:8a:63:e4:42:a1:
59:c7:9a:1f:b9:14:56:8a:c5:5e:b1:09:98:b7:d9:38:ac:d6:
1a:a3:ec:ef:8a:31:49:4b:8d:57:f0:7e:0f:d9:b3:68:54:e6:
71:d7:30:73:23:10:7f:d1:93:5a:41:af:6f:fd:26:6e:66:ff:
14:be:44:c1:97:6c:f9:07:b3:98:53:9f:56:7a:de:6e:56:bc:
0d:b8:7c:8c:9f:42:36:cb:3a:ec:e3:0b:74:03:61:6a:fc:ff:
d2:46:8c:4f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdeILt3PkhO0pbyAjfjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhYjJmOTk3NWE5MWU3MTM3OWRhMTAwZWM4NGJkNDRhMGEy
ODBkOWIwHhcNMjUxMTExMDUwMDU1WhcNMjUxMTEyMDUwMDU1WjAzMTEwLwYDVQQD
EygzOThiNTNiMGJiOGI2MTU0MTNjMmFiNzRiZjg3NTA2NjI3ZTVmNjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdS7adV0h3E8qUfEyi9/pQl4MnBO
xls7LiEHwZwnZoBIBrp3jZ6fy1guQMfYvq0KFSjgQRBRuS77ZzaAE1PcdeP+ot18
igj+eo0UJzOZ1kx4OA9eqLFRCC6GWcG9HXPGVI79ZdTG4WN00GRkL+PHSJ+pNa5K
TU5l8XBYSGTcUgYayatUkqWuiUE4GXsqEuV6ethByVjWpkNbin4ypoAA/oiQO6TH
P/Ro6jNYiEVmz2tiI0O53PmLD6O4KSZJmWuxKQvdypMiIXmBznM3JrrIt4rh0KYH
gh8hOcqoqWx+K20ujx2YcJlZ0m2n9NCZWJe9tz/6um/kqPoWnQ5C68CyswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDmLU7C7i2FUE8KrdL+HUGYn5fYkMB8GA1UdIwQY
MBaAFJqy+ZdakecTedoQDshL1EoKKA2bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wN2E0ODctMjZjYi00YjE4LWJiMzkt
MTVmZTA2ZmZmOGJjLzEvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wN2E0ODctMjZjYi00YjE4LWJiMzktMTVmZTA2ZmZmOGJj
LzEvbXJMNWwxcVI1eE41MmhBT3lFdlVTZ29vRFpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMg2RCSUr
f0DePcVanscaZTdEJDV7EbdBxLZF38Wqm9pghffINGBJFLOzd+VGoN9Z68xl9sfB
obL4B7fyJc+HzblrGeP6xwF7ltYmU3rzJdSrhAovEYlGigk9gXZAQciNIYniwuWw
GOGgKZaVJHbmSEuigorA7iaZ1G49ONAdMLLnUan6Btywymp4NJNuKuIO82qBinlv
nNZkR5LUeYpj5EKhWceaH7kUVorFXrEJmLfZOKzWGqPs74oxSUuNV/B+D9mzaFTm
cdcwcyMQf9GTWkGvb/0mbmb/FL5EwZds+QezmFOfVnrebla8Dbh8jJ9CNss67OML
dANhavz/0kaMTw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:19:12 2025 by rpki-client