Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
File: rS044g8k0OMLhszYJhrAAX8XpaQ.mft (raw, json)
Hash identifier: JOEv0fOqCzVL9mm/iQY6pQzIbIcHKEjzw26uCgVAmQI=
Subject key identifier: DB:2F:9E:69:9E:1D:2B:27:8B:3A:08:BC:72:6A:CC:0A:33:E0:9A:1C
Authority key identifier: AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
Certificate issuer: /CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Certificate serial: 019A4C610788A632BE4559CD60F4E87D1C39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
Manifest number: 09D9
Signing time: Tue 04 Nov 2025 01:00:18 +0000
Manifest this update: Tue 04 Nov 2025 01:00:18 +0000
Manifest next update: Wed 05 Nov 2025 01:00:18 +0000
Files and hashes: 1: IhFmVxbE3gn_IPAxvOuH1Dxlo9o.roa (hash: oKXrmB0pSBgjznKzRYUFbiw4D9My9SBHtgqoNaUCBKA=)
2: rS044g8k0OMLhszYJhrAAX8XpaQ.crl (hash: puRwNXWtR/kmzra/CS3sR4A/Y8ttEMiV+I7otwauPxA=)
3: wbXeB63VhLi_7WMIhOdMpk0lCW4.roa (hash: d7dOr+7PutspTBpcReyCrf+E8CzcxyNVV7Zc8qzo3dU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:61:07:88:a6:32:be:45:59:cd:60:f4:e8:7d:1c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2d38e20f24d0e30b86ccd8261ac0017f17a5a4
Validity
Not Before: Nov 4 01:00:18 2025 GMT
Not After : Nov 5 01:00:18 2025 GMT
Subject: CN=db2f9e699e1d2b278b3a08bc726acc0a33e09a1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:82:89:17:85:b4:1a:6d:66:4c:d1:dd:43:da:
03:b9:58:c1:ce:47:3c:ee:90:51:60:3e:08:60:9b:
49:2c:ea:68:95:0c:ce:5d:e9:e2:c7:df:0e:56:a6:
58:7e:c0:ab:09:bd:ae:c7:57:10:df:69:5c:3a:6a:
b8:15:44:52:96:60:e4:79:08:7b:d4:c3:3c:d2:fa:
8a:9a:a4:f8:32:b7:64:08:8d:f5:87:7b:3c:87:2f:
b4:4e:fb:0c:24:de:92:ea:91:9f:60:8f:9e:47:b3:
6f:85:8f:6d:4e:46:a8:cd:21:81:80:74:2c:47:47:
29:3d:a8:14:cc:55:0d:c8:63:8c:b3:d6:60:5d:7a:
7c:5a:c1:cb:ce:16:e7:77:68:b6:53:26:7e:fe:1f:
42:56:b8:b8:57:87:f9:ee:27:34:78:2f:99:ba:27:
53:67:60:e0:c1:00:73:86:5f:a6:df:4c:19:70:e4:
35:bc:fa:96:98:ad:7f:ca:72:40:f9:9c:d5:5f:9b:
4c:9a:7d:92:e0:d1:7f:ef:2b:ea:34:48:51:25:0f:
0f:59:df:d9:f3:a0:60:78:8e:22:a1:b3:74:f8:32:
da:9d:8f:f2:65:77:10:8c:c1:c5:3b:98:c8:5f:67:
41:88:83:e4:e8:da:56:3e:ef:51:a4:14:25:05:a8:
65:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:2F:9E:69:9E:1D:2B:27:8B:3A:08:BC:72:6A:CC:0A:33:E0:9A:1C
X509v3 Authority Key Identifier:
keyid:AD:2D:38:E2:0F:24:D0:E3:0B:86:CC:D8:26:1A:C0:01:7F:17:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rS044g8k0OMLhszYJhrAAX8XpaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2d8761-229f-4a37-87b1-42995323c03d/1/rS044g8k0OMLhszYJhrAAX8XpaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
72:8a:8a:11:c1:24:40:38:c5:a2:aa:0a:1b:0e:c8:a7:1c:d6:
8e:1d:94:d8:8d:e9:9b:d0:40:19:b6:a9:e2:d0:b2:81:4a:8a:
f1:0f:1e:3e:2a:14:18:a9:b0:e1:4d:d4:29:ff:e7:84:09:5d:
0e:83:69:1e:d8:61:c7:66:64:ca:bf:f8:66:92:f0:76:23:9c:
3a:a5:73:86:e3:cd:a8:bb:cc:b5:55:f3:9a:60:43:e2:8b:5c:
1d:d2:76:28:8e:10:bb:94:76:05:ba:0c:ca:ff:9d:3f:7c:29:
6f:1f:3d:22:8c:47:2a:30:c5:48:c7:b4:c9:e0:7a:36:8b:81:
34:5d:c1:71:a2:b2:ef:22:95:4f:0b:3c:46:0d:8e:79:b9:0a:
74:48:11:34:e0:73:82:45:15:48:2a:14:f4:b2:f4:33:f3:62:
84:d4:cd:f7:1f:21:43:c8:ec:7a:7c:45:c1:c5:70:94:09:af:
2e:c9:9a:12:54:a9:2f:f3:32:e8:29:05:b5:43:26:86:cc:e7:
c9:a2:85:fa:0c:e0:1b:36:b5:1a:20:ba:25:b7:ca:2a:af:3e:
2f:25:fb:a9:d8:c0:ad:2e:db:cf:70:28:75:02:7c:60:bc:54:
ab:c5:e6:12:52:8a:15:c0:09:fa:e9:12:f7:d6:72:4c:ca:e3:
f6:2f:04:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYQeIpjK+RVnNYPTofRw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmQzOGUyMGYyNGQwZTMwYjg2Y2NkODI2MWFjMDAxN2Yx
N2E1YTQwHhcNMjUxMTA0MDEwMDE4WhcNMjUxMTA1MDEwMDE4WjAzMTEwLwYDVQQD
EyhkYjJmOWU2OTllMWQyYjI3OGIzYTA4YmM3MjZhY2MwYTMzZTA5YTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oKJF4W0Gm1mTNHdQ9oDuVjBzkc8
7pBRYD4IYJtJLOpolQzOXenix98OVqZYfsCrCb2ux1cQ32lcOmq4FURSlmDkeQh7
1MM80vqKmqT4MrdkCI31h3s8hy+0TvsMJN6S6pGfYI+eR7NvhY9tTkaozSGBgHQs
R0cpPagUzFUNyGOMs9ZgXXp8WsHLzhbnd2i2UyZ+/h9CVri4V4f57ic0eC+ZuidT
Z2DgwQBzhl+m30wZcOQ1vPqWmK1/ynJA+ZzVX5tMmn2S4NF/7yvqNEhRJQ8PWd/Z
86BgeI4iobN0+DLanY/yZXcQjMHFO5jIX2dBiIPk6NpWPu9RpBQlBahlNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNsvnmmeHSsnizoIvHJqzAoz4JocMB8GA1UdIwQY
MBaAFK0tOOIPJNDjC4bM2CYawAF/F6WkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEt
NDI5OTUzMjNjMDNkLzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yZDg3NjEtMjI5Zi00YTM3LTg3YjEtNDI5OTUzMjNjMDNk
LzEvclMwNDRnOGswT01MaHN6WUpockFBWDhYcGFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcoqKEcEk
QDjFoqoKGw7IpxzWjh2U2I3pm9BAGbap4tCygUqK8Q8ePioUGKmw4U3UKf/nhAld
DoNpHthhx2Zkyr/4ZpLwdiOcOqVzhuPNqLvMtVXzmmBD4otcHdJ2KI4Qu5R2BboM
yv+dP3wpbx89IoxHKjDFSMe0yeB6NouBNF3BcaKy7yKVTws8Rg2OebkKdEgRNOBz
gkUVSCoU9LL0M/NihNTN9x8hQ8jsenxFwcVwlAmvLsmaElSpL/My6CkFtUMmhszn
yaKF+gzgGza1GiC6JbfKKq8+LyX7qdjArS7bz3AodQJ8YLxUq8XmElKKFcAJ+ukS
99ZyTMrj9i8ENA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 04:04:23 2025 by rpki-client