Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft
File: GOk3wQPbBG8iVT75lDj6KVkkDaU.mft (raw, json)
Hash identifier: mY+cF+/fzylY1WB7zWfgcFWlY0oPIdJGI98vGihqe4k=
Subject key identifier: 98:6A:5A:C2:98:BC:35:5B:02:F2:57:32:E4:6D:83:3C:9E:50:3D:98
Authority key identifier: 18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5
Certificate issuer: /CN=18e937c103db046f22553ef99438fa2959240da5
Certificate serial: 019A725CEF4366F167570CE1AD11CCC82158
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 10:01:24 +0000
Manifest this update: Tue 11 Nov 2025 10:01:24 +0000
Manifest next update: Wed 12 Nov 2025 10:01:24 +0000
Files and hashes: 1: 2Hcj0ac-2VPUQm6MAjkwJIIrflI.roa (hash: qp66s4r7nxhRRHNo4vHow9LReUAp/h/x3jaDV1HCAjY=)
2: GOk3wQPbBG8iVT75lDj6KVkkDaU.crl (hash: oM+6AUUf3+D5WiREXNqTKUlXdnVZIXuahNH0iyp5G6s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:ef:43:66:f1:67:57:0c:e1:ad:11:cc:c8:21:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e937c103db046f22553ef99438fa2959240da5
Validity
Not Before: Nov 11 10:01:24 2025 GMT
Not After : Nov 12 10:01:24 2025 GMT
Subject: CN=986a5ac298bc355b02f25732e46d833c9e503d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0a:6f:8f:c7:78:30:1a:7d:e2:a9:1a:19:96:
32:9b:2c:eb:71:64:0d:5d:f4:03:b9:2f:5d:54:e1:
64:30:6d:82:a1:c9:0f:02:57:b6:ab:77:46:3f:7a:
59:76:63:fc:65:d8:bb:4c:36:12:11:fc:57:66:95:
5c:8a:5a:da:77:b5:3a:8b:6a:11:b4:f4:88:e1:da:
30:2a:6f:f7:ea:04:ca:1c:4f:ae:e4:84:64:78:19:
4b:cc:70:41:00:10:e6:d0:49:18:26:b5:dc:c6:4c:
83:86:53:98:4b:99:e7:4e:69:31:c1:4b:22:21:f2:
b3:35:13:48:bc:2b:86:96:25:67:37:fd:2a:bf:c5:
9c:fe:76:53:e0:ce:76:be:3d:f7:bf:4a:63:b2:d6:
66:26:11:d6:ca:4f:87:46:a0:02:54:3b:2f:57:f3:
13:48:b5:bb:73:31:71:a2:85:97:0b:2e:7b:45:fb:
6c:11:85:d6:ef:69:70:25:52:d0:36:c4:44:16:2e:
75:50:d5:2b:84:94:dc:10:34:27:0d:cc:48:39:e2:
3d:e9:9a:b4:49:16:18:34:65:20:b3:c7:4a:fc:74:
9f:9b:97:a6:37:30:34:8c:9a:11:05:cd:2b:1c:b2:
67:15:68:99:2a:77:1b:42:74:c7:73:18:34:2a:3e:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6A:5A:C2:98:BC:35:5B:02:F2:57:32:E4:6D:83:3C:9E:50:3D:98
X509v3 Authority Key Identifier:
keyid:18:E9:37:C1:03:DB:04:6F:22:55:3E:F9:94:38:FA:29:59:24:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOk3wQPbBG8iVT75lDj6KVkkDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/7aedad-b4cf-469c-aebf-cae6a709d14a/1/GOk3wQPbBG8iVT75lDj6KVkkDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
eb:4a:a0:40:a9:25:66:66:8c:46:92:cf:5e:9f:bd:e7:a0:0d:
fa:53:9e:0e:f9:ca:94:80:75:63:3d:fe:5b:e3:f0:67:c9:2f:
cf:9a:2a:19:ff:fa:72:44:10:4f:51:a5:4b:b8:68:6a:ed:9c:
c9:df:1c:64:6d:f2:f3:6e:c9:ba:10:bf:78:54:9e:7d:ae:3a:
78:83:3a:63:b4:31:0b:7a:aa:8a:73:27:a1:d9:e2:0b:50:df:
62:00:cd:ae:9c:0a:63:ae:9e:7f:60:03:07:0b:71:c8:78:7d:
2f:9c:70:6e:b0:43:48:67:75:e7:48:a1:a2:66:cf:06:2e:c9:
ca:ce:8f:d3:c8:cf:f4:8e:14:88:6f:c5:40:cd:15:df:ef:20:
34:73:1c:5c:e4:fe:70:a4:26:a9:ff:f0:e9:46:34:71:01:b3:
50:1a:14:15:57:38:88:e7:51:4e:95:d8:ef:aa:3a:d7:95:83:
e1:48:d1:49:18:25:c0:cc:cb:27:ad:2d:a2:f1:93:79:48:a8:
d8:d1:ff:d2:2e:9b:54:9c:b2:6f:aa:60:69:9b:52:23:5f:79:
23:36:6c:41:8b:43:3c:2d:c0:3c:8b:56:12:a0:1a:c8:fd:b7:
03:52:fe:a7:bc:11:b1:f0:51:01:ec:cc:df:ec:74:93:77:c5:
70:c7:7c:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXO9DZvFnVwzhrRHMyCFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTkzN2MxMDNkYjA0NmYyMjU1M2VmOTk0MzhmYTI5NTky
NDBkYTUwHhcNMjUxMTExMTAwMTI0WhcNMjUxMTEyMTAwMTI0WjAzMTEwLwYDVQQD
Eyg5ODZhNWFjMjk4YmMzNTViMDJmMjU3MzJlNDZkODMzYzllNTAzZDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwpvj8d4MBp94qkaGZYymyzrcWQN
XfQDuS9dVOFkMG2CockPAle2q3dGP3pZdmP8Zdi7TDYSEfxXZpVcilrad7U6i2oR
tPSI4dowKm/36gTKHE+u5IRkeBlLzHBBABDm0EkYJrXcxkyDhlOYS5nnTmkxwUsi
IfKzNRNIvCuGliVnN/0qv8Wc/nZT4M52vj33v0pjstZmJhHWyk+HRqACVDsvV/MT
SLW7czFxooWXCy57RftsEYXW72lwJVLQNsREFi51UNUrhJTcEDQnDcxIOeI96Zq0
SRYYNGUgs8dK/HSfm5emNzA0jJoRBc0rHLJnFWiZKncbQnTHcxg0Kj4wWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJhqWsKYvDVbAvJXMuRtgzyeUD2YMB8GA1UdIwQY
MBaAFBjpN8ED2wRvIlU++ZQ4+ilZJA2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYt
Y2FlNmE3MDlkMTRhLzEvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83YWVkYWQtYjRjZi00NjljLWFlYmYtY2FlNmE3MDlkMTRh
LzEvR09rM3dRUGJCRzhpVlQ3NWxEajZLVmtrRGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA60qgQKkl
ZmaMRpLPXp+956AN+lOeDvnKlIB1Yz3+W+PwZ8kvz5oqGf/6ckQQT1GlS7hoau2c
yd8cZG3y827JuhC/eFSefa46eIM6Y7QxC3qqinMnodniC1DfYgDNrpwKY66ef2AD
BwtxyHh9L5xwbrBDSGd150ihombPBi7Jys6P08jP9I4UiG/FQM0V3+8gNHMcXOT+
cKQmqf/w6UY0cQGzUBoUFVc4iOdRTpXY76o615WD4UjRSRglwMzLJ60tovGTeUio
2NH/0i6bVJyyb6pgaZtSI195IzZsQYtDPC3APItWEqAayP23A1L+p7wRsfBRAezM
3+x0k3fFcMd8Xg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:19 2025 by rpki-client