Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
File: SFk-QNpaUvMi21oEwg-0htThVQI.mft (raw, json)
Hash identifier: /IzcHN9p/XJjRk2NGVVik1tFmnnQox6uxA3I5qFj/DY=
Subject key identifier: D9:E6:69:7D:01:E1:3C:3C:59:DB:0D:3B:BA:80:BF:D0:B1:5F:E0:27
Authority key identifier: 48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
Certificate issuer: /CN=48593e40da5a52f322db5a04c20fb486d4e15502
Certificate serial: 019A71B86AEEDA40030ACE80AC54F6909EA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
Manifest number: 13DA
Signing time: Tue 11 Nov 2025 07:01:42 +0000
Manifest this update: Tue 11 Nov 2025 07:01:42 +0000
Manifest next update: Wed 12 Nov 2025 07:01:42 +0000
Files and hashes: 1: SFk-QNpaUvMi21oEwg-0htThVQI.crl (hash: rUNHifvwSSu/Cy1c8YP4J60irK1yi9OrlxAgGC+Jyt4=)
2: Xe1gxuRIIOL95lwNFDlJJ4LeD98.roa (hash: E3ThdKoNF/zSVQO/0Rh8O4e1tJqwTsPdKIVV0WmD0l8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:6a:ee:da:40:03:0a:ce:80:ac:54:f6:90:9e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48593e40da5a52f322db5a04c20fb486d4e15502
Validity
Not Before: Nov 11 07:01:42 2025 GMT
Not After : Nov 12 07:01:42 2025 GMT
Subject: CN=d9e6697d01e13c3c59db0d3bba80bfd0b15fe027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:9f:cb:42:cf:07:23:eb:79:03:2a:6f:e1:
22:9e:00:7a:9b:c9:c6:07:51:70:0d:ca:10:d8:50:
58:7a:54:ba:cd:47:1d:c1:a7:67:1e:c5:e5:b7:6a:
af:8a:1a:92:ca:59:15:a9:6d:5b:fe:94:8c:7a:0d:
9e:38:b8:72:0a:1d:62:46:a5:bf:56:0c:c0:e0:bf:
9c:2c:12:e1:47:55:28:93:4e:e5:9e:bd:cf:f7:25:
46:ae:87:e6:34:6b:eb:5b:92:1e:11:85:00:7f:a5:
d9:0d:37:f4:d7:42:d8:63:7b:17:84:b8:92:46:61:
1e:b0:1e:26:42:84:ed:d9:73:d4:87:ff:20:55:49:
54:43:68:72:0f:0e:a1:7c:ca:9b:0a:3f:78:cf:94:
0d:a1:a7:13:97:75:e8:0b:b7:9b:de:29:56:a0:df:
54:f2:d1:4c:7d:81:6b:58:8e:8e:52:c9:8c:34:49:
15:f5:b8:95:a2:49:e2:fb:94:3f:5d:9c:81:52:44:
e3:7b:85:63:00:3c:3f:fc:99:f8:b5:49:d7:f5:5e:
11:63:61:e8:5e:ce:d5:0b:aa:07:44:43:86:14:d0:
d0:36:67:57:f8:2a:a4:6c:15:9f:ea:ce:ae:48:f8:
d5:46:29:d5:2c:b0:a1:e7:d8:27:d2:be:e0:30:c3:
97:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E6:69:7D:01:E1:3C:3C:59:DB:0D:3B:BA:80:BF:D0:B1:5F:E0:27
X509v3 Authority Key Identifier:
keyid:48:59:3E:40:DA:5A:52:F3:22:DB:5A:04:C2:0F:B4:86:D4:E1:55:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SFk-QNpaUvMi21oEwg-0htThVQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/9700c8-f9ab-42a7-b1fa-e68a08d9e54f/1/SFk-QNpaUvMi21oEwg-0htThVQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
09:2f:0d:ea:47:e6:cf:17:a4:fb:a9:b9:fa:72:33:d2:38:4f:
c8:92:17:cd:6b:40:94:c5:d3:30:68:a2:51:c2:e4:77:b1:09:
84:f9:51:b8:36:f0:ec:b7:f5:f8:0d:7a:16:da:34:1c:57:2f:
a0:9e:e1:79:87:3a:bb:2d:20:f2:88:4e:43:4b:fd:3c:8f:ce:
32:2f:4b:24:b8:fc:ba:0a:8b:2a:8f:d0:4e:f5:e4:eb:99:68:
26:85:94:a3:60:9d:e5:0b:4c:67:50:ea:81:7f:6b:b2:d9:b9:
65:58:3b:7f:27:aa:af:c8:b4:95:9b:39:52:76:a3:da:45:d6:
6f:8c:5b:b4:dc:14:8e:4b:0f:e5:84:f1:ae:4f:73:c9:01:34:
3d:3b:a5:0c:c6:8b:dc:c8:8f:be:75:22:35:a7:ae:b9:31:61:
be:58:fb:ba:f2:c6:39:25:2b:dd:6e:d6:4a:2d:f1:b5:c4:1b:
7a:a3:f8:ac:ec:5b:8f:e5:92:44:be:c5:ec:fc:3a:2e:24:1a:
69:07:0d:f2:23:b7:91:b2:5f:0f:d6:41:b6:66:4b:19:29:79:
5d:77:7d:5a:16:83:f4:d4:05:c5:51:6a:84:cf:09:0b:50:33:
15:0c:bb:76:88:e7:64:4a:db:23:c4:cc:9d:9c:0a:74:50:c7:
01:9b:ca:7c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGru2kADCs6ArFT2kJ6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NTkzZTQwZGE1YTUyZjMyMmRiNWEwNGMyMGZiNDg2ZDRl
MTU1MDIwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
EyhkOWU2Njk3ZDAxZTEzYzNjNTlkYjBkM2JiYTgwYmZkMGIxNWZlMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwyfy0LPByPreQMqb+EingB6m8nG
B1FwDcoQ2FBYelS6zUcdwadnHsXlt2qvihqSylkVqW1b/pSMeg2eOLhyCh1iRqW/
VgzA4L+cLBLhR1Uok07lnr3P9yVGrofmNGvrW5IeEYUAf6XZDTf010LYY3sXhLiS
RmEesB4mQoTt2XPUh/8gVUlUQ2hyDw6hfMqbCj94z5QNoacTl3XoC7eb3ilWoN9U
8tFMfYFrWI6OUsmMNEkV9biVokni+5Q/XZyBUkTje4VjADw//Jn4tUnX9V4RY2Ho
Xs7VC6oHREOGFNDQNmdX+CqkbBWf6s6uSPjVRinVLLCh59gn0r7gMMOXCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNnmaX0B4Tw8WdsNO7qAv9CxX+AnMB8GA1UdIwQY
MBaAFEhZPkDaWlLzIttaBMIPtIbU4VUCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEt
ZTY4YTA4ZDllNTRmLzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi85NzAwYzgtZjlhYi00MmE3LWIxZmEtZTY4YTA4ZDllNTRm
LzEvU0ZrLVFOcGFVdk1pMjFvRXdnLTBodFRoVlFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACS8N6kfm
zxek+6m5+nIz0jhPyJIXzWtAlMXTMGiiUcLkd7EJhPlRuDbw7Lf1+A16Fto0HFcv
oJ7heYc6uy0g8ohOQ0v9PI/OMi9LJLj8ugqLKo/QTvXk65loJoWUo2Cd5QtMZ1Dq
gX9rstm5ZVg7fyeqr8i0lZs5Unaj2kXWb4xbtNwUjksP5YTxrk9zyQE0PTulDMaL
3MiPvnUiNaeuuTFhvlj7uvLGOSUr3W7WSi3xtcQbeqP4rOxbj+WSRL7F7Pw6LiQa
aQcN8iO3kbJfD9ZBtmZLGSl5XXd9WhaD9NQFxVFqhM8JC1AzFQy7dojnZErbI8TM
nZwKdFDHAZvKfA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:32 2025 by rpki-client