Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
File: D9zw7HuvNJ6JLVERXCLA29Q1C44.mft (raw, json)
Hash identifier: qfQsY7/NU7LkTcsECxvvCZpavvt3Ad4FDhOrkuspEHY=
Subject key identifier: 58:E8:63:91:BC:11:1A:09:85:7E:AF:78:EF:12:44:A5:DF:D5:0F:1E
Authority key identifier: 0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
Certificate issuer: /CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Certificate serial: 019A71B87E638058BC102A09B0CFF89E849A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
Manifest number: 03D7
Signing time: Tue 11 Nov 2025 07:01:47 +0000
Manifest this update: Tue 11 Nov 2025 07:01:47 +0000
Manifest next update: Wed 12 Nov 2025 07:01:47 +0000
Files and hashes: 1: D9zw7HuvNJ6JLVERXCLA29Q1C44.crl (hash: DtMIPg5rbrarGbSXK4ST6P97YIrgIa84lz4gDwhOUjo=)
2: LkbZ9NbuqV8kVwW0R6t_W7E36SY.roa (hash: OFwtZ8nR+nHbeTcy4UO/g/3elRZlu1GMxchq0zT/W/U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:7e:63:80:58:bc:10:2a:09:b0:cf:f8:9e:84:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e
Validity
Not Before: Nov 11 07:01:47 2025 GMT
Not After : Nov 12 07:01:47 2025 GMT
Subject: CN=58e86391bc111a09857eaf78ef1244a5dfd50f1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:49:c4:5e:4f:de:f3:6e:f8:db:8b:68:54:79:
c0:46:72:da:ef:b4:7a:58:e4:d3:35:d6:1a:42:e7:
d5:0a:20:da:c4:7b:a6:5d:23:db:7d:8b:c0:74:da:
8a:79:f2:93:4d:79:c3:76:c6:a4:a2:58:7e:11:62:
d3:77:80:a8:32:d2:bc:0f:01:81:89:f1:79:ca:d4:
cf:ef:63:a3:d8:43:6a:26:de:2d:c6:10:d5:92:a8:
12:b5:3c:bf:c4:34:3f:50:cb:7f:21:2e:d3:d4:54:
b3:67:d2:a0:53:a2:99:17:88:ba:4a:41:5c:a2:fc:
8c:04:54:87:b1:76:a7:cd:e9:c4:d1:24:2d:ce:9a:
37:93:f1:03:a1:e9:6d:c1:fb:51:af:56:0b:3b:ee:
c3:fa:e9:1a:c0:ac:b1:18:9b:a7:5f:d8:4a:e6:49:
de:a9:38:98:78:a8:cc:85:0a:d4:13:ea:9a:97:bc:
c6:7c:20:97:60:63:c7:80:c6:5d:a6:42:6c:7f:c3:
13:1b:ed:42:bf:26:79:e0:2a:b3:1f:88:52:3c:5e:
35:83:e5:f4:3d:4a:70:c9:ae:1d:d1:83:ce:b6:05:
8d:01:16:15:eb:54:24:1a:c2:20:e1:c7:b7:68:bd:
d7:1a:0e:4b:f1:df:55:7e:fa:df:0f:ee:e2:4a:5b:
f5:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:E8:63:91:BC:11:1A:09:85:7E:AF:78:EF:12:44:A5:DF:D5:0F:1E
X509v3 Authority Key Identifier:
keyid:0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
db:f3:b5:ab:94:ed:5a:88:85:66:ac:ff:4d:63:2a:7c:09:77:
43:78:3d:97:e2:77:55:3c:02:af:c1:04:99:3a:cc:c9:1e:a3:
d7:fb:f5:be:7c:96:f9:53:47:b1:e7:d3:6f:9e:4c:a5:89:50:
d1:03:a2:03:1d:07:4a:0d:f3:7c:b3:50:68:58:4c:71:bc:a9:
13:4b:98:45:f2:33:11:53:9a:b5:d0:d6:3f:f8:be:56:f3:74:
68:3a:c4:35:2c:b3:3d:2a:b7:ac:e8:85:68:8d:6a:4b:f8:ea:
31:df:06:62:e8:83:97:b7:d5:f2:ad:a4:d2:9b:ca:64:6e:4a:
90:cf:13:63:d5:9b:05:36:f4:03:16:38:3e:d5:02:f9:9c:ef:
8b:ff:ad:e4:65:31:c3:7b:98:c5:5a:c2:84:b6:92:8f:f7:83:
1c:88:be:5c:b7:93:e7:39:a7:33:ee:9a:60:3b:06:1d:d5:c2:
23:aa:44:89:83:b1:31:4e:42:28:b8:96:4b:ff:92:de:62:55:
29:99:bb:85:8b:ff:35:91:85:95:fb:76:3d:3a:85:6f:bf:a0:
ad:45:61:4d:3a:6d:ba:d1:1d:d3:39:78:d5:9c:d8:06:99:c6:
21:2e:59:43:cd:88:f2:2e:d5:0e:b9:08:ce:93:65:d8:11:12:
d5:d0:97:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuH5jgFi8ECoJsM/4noSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGNmMGVjN2JhZjM0OWU4OTJkNTExMTVjMjJjMGRiZDQz
NTBiOGUwHhcNMjUxMTExMDcwMTQ3WhcNMjUxMTEyMDcwMTQ3WjAzMTEwLwYDVQQD
Eyg1OGU4NjM5MWJjMTExYTA5ODU3ZWFmNzhlZjEyNDRhNWRmZDUwZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEnEXk/e827424toVHnARnLa77R6
WOTTNdYaQufVCiDaxHumXSPbfYvAdNqKefKTTXnDdsakolh+EWLTd4CoMtK8DwGB
ifF5ytTP72Oj2ENqJt4txhDVkqgStTy/xDQ/UMt/IS7T1FSzZ9KgU6KZF4i6SkFc
ovyMBFSHsXanzenE0SQtzpo3k/EDoeltwftRr1YLO+7D+ukawKyxGJunX9hK5kne
qTiYeKjMhQrUE+qal7zGfCCXYGPHgMZdpkJsf8MTG+1CvyZ54CqzH4hSPF41g+X0
PUpwya4d0YPOtgWNARYV61QkGsIg4ce3aL3XGg5L8d9VfvrfD+7iSlv1pwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFjoY5G8ERoJhX6veO8SRKXf1Q8eMB8GA1UdIwQY
MBaAFA/c8Ox7rzSeiS1REVwiwNvUNQuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2Ut
YjI5NTgzOGFiYmQ5LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2UtYjI5NTgzOGFiYmQ5
LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2/O1q5Tt
WoiFZqz/TWMqfAl3Q3g9l+J3VTwCr8EEmTrMyR6j1/v1vnyW+VNHsefTb55MpYlQ
0QOiAx0HSg3zfLNQaFhMcbypE0uYRfIzEVOatdDWP/i+VvN0aDrENSyzPSq3rOiF
aI1qS/jqMd8GYuiDl7fV8q2k0pvKZG5KkM8TY9WbBTb0AxY4PtUC+Zzvi/+t5GUx
w3uYxVrChLaSj/eDHIi+XLeT5zmnM+6aYDsGHdXCI6pEiYOxMU5CKLiWS/+S3mJV
KZm7hYv/NZGFlft2PTqFb7+grUVhTTptutEd0zl41ZzYBpnGIS5ZQ82I8i7VDrkI
zpNl2BES1dCXAA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:03 2025 by rpki-client