Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.mft
File: f4XpkDVDl-NsDKkDoMYgx3Ce_c0.mft (raw, json)
Hash identifier: 8fEW0FGMSczHO3WsJ88PBrZf+Kt0qiSO2p2Np+yZ2wM=
Subject key identifier: E9:7A:F7:A9:DF:E5:1E:DE:E1:25:8C:6A:60:B9:68:97:CB:4D:65:36
Authority key identifier: 7F:85:E9:90:35:43:97:E3:6C:0C:A9:03:A0:C6:20:C7:70:9E:FD:CD
Certificate issuer: /CN=7f85e990354397e36c0ca903a0c620c7709efdcd
Certificate serial: 019A72257B238F772C72D6E88B1FF6BF884F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.mft
Manifest number: 034D
Signing time: Tue 11 Nov 2025 09:00:50 +0000
Manifest this update: Tue 11 Nov 2025 09:00:50 +0000
Manifest next update: Wed 12 Nov 2025 09:00:50 +0000
Files and hashes: 1: XIAriGwKiXIV89XyokuVSU6ok94.roa (hash: hF3zC1oiW03gwgTs9lo/n7vUmEiv8dfR/NI1cnnwuzk=)
2: f4XpkDVDl-NsDKkDoMYgx3Ce_c0.crl (hash: B7RtybbajDIe7oRCMBdUAbgh1qN/4ksAzg1afUmrZFg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.mft
rsync://rpki.ripe.net/repository/DEFAULT/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:7b:23:8f:77:2c:72:d6:e8:8b:1f:f6:bf:88:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f85e990354397e36c0ca903a0c620c7709efdcd
Validity
Not Before: Nov 11 09:00:50 2025 GMT
Not After : Nov 12 09:00:50 2025 GMT
Subject: CN=e97af7a9dfe51edee1258c6a60b96897cb4d6536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:17:65:e7:d1:5a:cd:b4:6e:4a:65:ab:86:85:
92:99:87:e5:0d:f0:1e:15:9c:bb:ef:26:49:2d:a5:
42:ff:d7:df:27:9f:fa:63:e0:d3:da:ef:78:82:24:
0b:64:25:8a:67:62:bd:20:22:16:1b:6e:e5:d4:d6:
e8:a7:15:b3:d2:28:5b:fc:17:3d:e6:0b:45:64:ab:
be:a0:94:51:06:66:d3:01:61:28:bc:ed:12:97:ac:
d8:c1:ff:f8:86:77:86:c4:87:86:36:3f:b2:9e:78:
3c:81:45:33:f1:d5:58:d4:1d:d2:45:5a:1f:32:18:
78:21:6d:ca:b7:27:c2:8d:35:93:5a:b1:17:c9:1e:
b4:48:87:e0:a9:3c:e7:9b:b8:c9:95:ee:0f:a7:2e:
5d:a5:38:b7:f1:b6:31:e8:8f:1f:87:eb:a1:a6:70:
b8:c5:c4:dc:c6:a4:1b:83:b3:c8:5c:bf:11:28:59:
b3:73:ad:0e:47:f2:99:f4:3c:cf:e0:34:5e:35:55:
4d:fc:12:b8:5a:b2:68:38:2a:c7:a9:1e:96:4e:dc:
2c:a4:2e:8f:7b:b9:36:57:c1:49:45:64:f7:eb:c4:
5c:3e:73:89:51:4b:6c:50:77:6d:dd:ca:44:ab:4f:
d0:b5:e0:45:52:19:5e:a6:ff:63:ec:bd:77:d3:8c:
7b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7A:F7:A9:DF:E5:1E:DE:E1:25:8C:6A:60:B9:68:97:CB:4D:65:36
X509v3 Authority Key Identifier:
keyid:7F:85:E9:90:35:43:97:E3:6C:0C:A9:03:A0:C6:20:C7:70:9E:FD:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/4ae175-55d0-484d-8d11-8c9d5823bad9/1/f4XpkDVDl-NsDKkDoMYgx3Ce_c0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:a3:da:67:63:65:cd:ff:d3:24:cd:7b:00:d7:63:90:89:3c:
af:fc:29:e8:2b:7a:3a:11:c0:a3:91:7f:37:88:77:0c:00:39:
60:bd:e5:02:48:b8:3b:fa:87:54:68:0a:62:44:fd:2e:e4:b2:
7e:15:12:d2:c2:c8:bb:d5:08:ae:fd:b0:8c:93:4c:3f:23:cb:
3f:23:2b:16:3b:a0:6e:7a:ad:c2:8c:16:26:0d:ce:a3:2a:a6:
ec:81:a7:e0:fd:2c:4e:e8:de:a5:bc:57:56:fb:53:63:55:f9:
6a:48:fd:db:1a:55:65:8d:2f:50:b1:e3:46:e2:f9:16:12:40:
73:b0:41:fc:24:07:2f:18:59:e2:bc:c4:89:25:d6:cd:c8:f9:
b7:33:1e:a8:4e:cb:72:db:31:e9:92:20:d5:02:2a:94:6d:ef:
b9:53:59:a5:9e:4f:72:65:11:94:f9:af:3e:e0:1f:20:93:d9:
24:5d:00:9a:89:35:e4:0e:29:43:bc:f3:39:38:47:38:e8:46:
94:2a:38:3b:d0:ea:d9:fd:33:8a:97:8e:48:e2:66:d7:f2:1e:
b7:59:16:7d:b4:88:ec:17:43:1f:a0:7a:c6:4c:e9:f6:e2:4d:
0d:59:8b:d0:3c:10:aa:c8:ac:e1:cb:b2:36:70:d6:db:5e:7c:
db:4c:50:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJXsjj3csctboix/2v4hPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmODVlOTkwMzU0Mzk3ZTM2YzBjYTkwM2EwYzYyMGM3NzA5
ZWZkY2QwHhcNMjUxMTExMDkwMDUwWhcNMjUxMTEyMDkwMDUwWjAzMTEwLwYDVQQD
EyhlOTdhZjdhOWRmZTUxZWRlZTEyNThjNmE2MGI5Njg5N2NiNGQ2NTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Bdl59FazbRuSmWrhoWSmYflDfAe
FZy77yZJLaVC/9ffJ5/6Y+DT2u94giQLZCWKZ2K9ICIWG27l1NbopxWz0ihb/Bc9
5gtFZKu+oJRRBmbTAWEovO0Sl6zYwf/4hneGxIeGNj+ynng8gUUz8dVY1B3SRVof
Mhh4IW3KtyfCjTWTWrEXyR60SIfgqTznm7jJle4Ppy5dpTi38bYx6I8fh+uhpnC4
xcTcxqQbg7PIXL8RKFmzc60OR/KZ9DzP4DReNVVN/BK4WrJoOCrHqR6WTtwspC6P
e7k2V8FJRWT368RcPnOJUUtsUHdt3cpEq0/QteBFUhlepv9j7L1304x7/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOl696nf5R7e4SWMamC5aJfLTWU2MB8GA1UdIwQY
MBaAFH+F6ZA1Q5fjbAypA6DGIMdwnv3NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjRYcGtEVkRsLU5zREtrRG9NWWd4M0NlX2MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80YWUxNzUtNTVkMC00ODRkLThkMTEt
OGM5ZDU4MjNiYWQ5LzEvZjRYcGtEVkRsLU5zREtrRG9NWWd4M0NlX2MwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80YWUxNzUtNTVkMC00ODRkLThkMTEtOGM5ZDU4MjNiYWQ5
LzEvZjRYcGtEVkRsLU5zREtrRG9NWWd4M0NlX2MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUKPaZ2Nl
zf/TJM17ANdjkIk8r/wp6Ct6OhHAo5F/N4h3DAA5YL3lAki4O/qHVGgKYkT9LuSy
fhUS0sLIu9UIrv2wjJNMPyPLPyMrFjugbnqtwowWJg3Ooyqm7IGn4P0sTujepbxX
VvtTY1X5akj92xpVZY0vULHjRuL5FhJAc7BB/CQHLxhZ4rzEiSXWzcj5tzMeqE7L
ctsx6ZIg1QIqlG3vuVNZpZ5PcmURlPmvPuAfIJPZJF0Amok15A4pQ7zzOThHOOhG
lCo4O9Dq2f0zipeOSOJm1/Iet1kWfbSI7BdDH6B6xkzp9uJNDVmL0DwQqsis4cuy
NnDW215820xQRA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:38 2025 by rpki-client