Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: hkhedLxj2VjuQ3YF1I5kE9EK4wcnbeF91IpRvNnSziA=
Subject key identifier: 7D:D2:5A:BA:FE:48:6C:92:C1:DB:18:82:08:C4:EA:03:4F:40:69:44
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019A7225EC31EBEC8A7BB777E06BC759C3CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 0A1B
Signing time: Tue 11 Nov 2025 09:01:19 +0000
Manifest this update: Tue 11 Nov 2025 09:01:19 +0000
Manifest next update: Wed 12 Nov 2025 09:01:19 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: Zf1m0VMQ9gG1oyOTzQxjdvjp30AU2F3CUj7CbNeYRkE=)
2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ec:31:eb:ec:8a:7b:b7:77:e0:6b:c7:59:c3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Nov 11 09:01:19 2025 GMT
Not After : Nov 12 09:01:19 2025 GMT
Subject: CN=7dd25abafe486c92c1db188208c4ea034f406944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:41:98:51:7a:b4:95:ac:d2:6c:25:b6:15:8b:
98:a6:47:49:e3:69:fa:bd:24:f0:03:17:f0:f7:63:
bd:90:c2:83:8e:f1:5a:40:e7:80:42:58:fc:a9:78:
d1:2c:9b:a5:43:0d:31:4b:ca:c8:ee:9d:36:34:fc:
f3:fb:8d:d3:f7:d4:7a:42:32:78:47:7d:91:e4:c8:
e5:60:8d:ca:9c:8a:fd:8c:49:98:cb:91:8b:63:42:
33:8f:a6:0f:d5:35:ce:c1:54:ae:05:fa:72:8b:8c:
db:5c:ee:70:73:f7:d0:ad:8c:22:b6:4f:7a:54:f3:
ba:31:71:49:d2:66:b6:d7:fe:5c:9d:56:70:67:4a:
b5:7b:39:9e:1a:d1:52:22:6b:ef:37:4a:40:a4:1d:
ed:6c:03:8a:0b:33:f5:29:4e:be:e7:55:4f:8d:74:
15:72:38:fe:10:1c:84:1c:97:2b:50:a2:c9:eb:f2:
59:e5:74:6b:be:61:3f:35:e4:3c:98:0d:8e:9c:be:
43:f9:c1:8b:c1:96:f5:68:d7:44:df:cd:9d:fb:a1:
9a:1d:b2:64:4b:ad:5b:54:aa:d2:be:c0:ca:20:c4:
09:81:40:43:e1:29:ad:71:8e:a3:53:27:2c:6b:72:
64:b1:20:77:40:3b:c1:62:0a:f0:0b:c4:42:01:3d:
25:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D2:5A:BA:FE:48:6C:92:C1:DB:18:82:08:C4:EA:03:4F:40:69:44
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
43:74:66:61:4d:51:01:0c:f5:a0:ed:20:70:cd:bd:6f:cf:1a:
80:8a:0d:a7:ff:e6:6a:5b:dc:6f:55:f5:f7:75:8f:a7:04:02:
b4:38:7b:26:2d:4c:da:a6:6a:aa:56:77:a0:4e:4a:ba:d5:ed:
4c:14:60:c6:84:05:6e:df:7e:c5:6d:d7:6d:73:20:f5:47:e0:
be:ca:4a:5f:bd:b6:32:c0:72:94:f2:f1:1a:56:bb:a3:41:c3:
00:09:40:bf:7d:a1:3d:04:4a:ab:4b:d3:a5:0a:3e:5e:35:c5:
a1:51:f6:70:1a:56:cf:6a:5a:5d:f3:47:e9:66:55:bb:93:16:
b3:03:1c:22:a3:96:f3:e3:cf:e5:a9:ee:fd:12:c2:2a:4e:28:
c2:d7:fd:a0:01:84:25:04:79:24:c6:b2:54:9e:dd:fc:05:23:
59:e4:94:58:bf:36:81:0c:f5:4d:04:35:19:09:57:da:d7:3c:
59:2d:ac:28:df:01:78:9d:c9:d1:60:cc:0d:12:ff:8c:91:6c:
c8:29:e7:9b:06:82:32:e0:a4:49:c6:5f:6f:cd:9b:47:73:c2:
2b:47:00:e6:ed:9f:07:95:5d:e8:3d:8e:fc:31:6c:eb:59:88:
3a:a0:dc:a7:17:24:b5:b9:b5:f6:df:e3:5b:e2:43:1c:14:a7:
3c:ae:8a:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJewx6+yKe7d34GvHWcPMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjUxMTExMDkwMTE5WhcNMjUxMTEyMDkwMTE5WjAzMTEwLwYDVQQD
Eyg3ZGQyNWFiYWZlNDg2YzkyYzFkYjE4ODIwOGM0ZWEwMzRmNDA2OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUGYUXq0lazSbCW2FYuYpkdJ42n6
vSTwAxfw92O9kMKDjvFaQOeAQlj8qXjRLJulQw0xS8rI7p02NPzz+43T99R6QjJ4
R32R5MjlYI3KnIr9jEmYy5GLY0Izj6YP1TXOwVSuBfpyi4zbXO5wc/fQrYwitk96
VPO6MXFJ0ma21/5cnVZwZ0q1ezmeGtFSImvvN0pApB3tbAOKCzP1KU6+51VPjXQV
cjj+EByEHJcrUKLJ6/JZ5XRrvmE/NeQ8mA2OnL5D+cGLwZb1aNdE382d+6GaHbJk
S61bVKrSvsDKIMQJgUBD4SmtcY6jUycsa3JksSB3QDvBYgrwC8RCAT0lfwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3SWrr+SGySwdsYggjE6gNPQGlEMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ3RmYU1R
AQz1oO0gcM29b88agIoNp//malvcb1X193WPpwQCtDh7Ji1M2qZqqlZ3oE5KutXt
TBRgxoQFbt9+xW3XbXMg9UfgvspKX722MsBylPLxGla7o0HDAAlAv32hPQRKq0vT
pQo+XjXFoVH2cBpWz2paXfNH6WZVu5MWswMcIqOW8+PP5anu/RLCKk4owtf9oAGE
JQR5JMayVJ7d/AUjWeSUWL82gQz1TQQ1GQlX2tc8WS2sKN8BeJ3J0WDMDRL/jJFs
yCnnmwaCMuCkScZfb82bR3PCK0cA5u2fB5Vd6D2O/DFs61mIOqDcpxcktbm19t/j
W+JDHBSnPK6KFw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:34:54 2025 by rpki-client