Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
File: D5otI3SqascUtfim7duA3GlnnMY.mft (raw, json)
Hash identifier: YEDwt6GPFMRBOUDfL/04CDGK289biSJaDVPxlCHoz6k=
Subject key identifier: D5:1F:9B:8B:C4:80:7B:15:7E:D0:F2:D0:4D:B7:5C:E7:4F:43:47:55
Authority key identifier: 0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6
Certificate issuer: /CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6
Certificate serial: 019A2478CBA9597AEEB8728F60EE00699F03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
Manifest number: 0D5B
Signing time: Mon 27 Oct 2025 07:01:27 +0000
Manifest this update: Mon 27 Oct 2025 07:01:27 +0000
Manifest next update: Tue 28 Oct 2025 07:01:27 +0000
Files and hashes: 1: D5otI3SqascUtfim7duA3GlnnMY.crl (hash: 014a5cvDRKUpvBu81ephN84fbmWi/El3goKBn/puOqs=)
2: RNk_0Bt2Bdlaf0Pdd2eUPaMyW8E.roa (hash: m6J+0888VMRpST0J5iXwVh9t9K8LOLn/EV2xZ10pPjg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:78:cb:a9:59:7a:ee:b8:72:8f:60:ee:00:69:9f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f9a2d2374aa6ac714b5f8a6eddb80dc69679cc6
Validity
Not Before: Oct 27 07:01:27 2025 GMT
Not After : Oct 28 07:01:27 2025 GMT
Subject: CN=d51f9b8bc4807b157ed0f2d04db75ce74f434755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:59:ed:ed:ac:22:64:d8:e7:18:75:60:30:
1c:ed:b2:b4:54:c9:5c:a7:2e:44:a3:a7:d3:33:6e:
4d:b6:d1:c7:4a:09:6f:95:6c:06:2c:2f:96:b2:c9:
d8:8e:e6:f9:67:b0:65:15:8f:07:eb:d7:b5:3f:bb:
0f:d5:72:22:14:54:5a:19:56:c9:48:fc:dc:d2:53:
e2:6b:bd:f1:b4:15:07:99:c0:f4:40:1c:4b:7e:44:
1b:d5:ac:b3:1b:54:81:bb:04:1f:6d:b4:40:b2:39:
2e:e0:c7:92:c4:73:dd:14:e8:aa:6e:d7:b1:f6:54:
9b:cd:35:c0:89:38:30:27:be:ec:c8:a2:34:f1:45:
8b:ed:cc:30:4d:69:02:27:c6:d8:ca:34:28:91:d7:
95:27:5b:26:36:09:f2:35:ba:34:13:a5:23:83:d2:
2e:58:af:48:d4:84:f9:6c:fc:d3:26:a8:0a:cb:bf:
b9:63:3d:d8:17:d7:81:fc:f8:51:b5:41:e1:c4:d4:
fd:fb:84:5d:31:7f:20:36:e9:c4:c2:fb:96:2c:0e:
8d:3a:9b:c0:46:44:d0:83:d2:2d:0b:69:b4:db:91:
7e:e8:1e:6c:35:80:0b:a0:69:1b:d3:86:47:5b:e7:
af:35:65:8c:2e:84:fc:f4:4b:9f:bb:a0:c5:d2:53:
e8:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:1F:9B:8B:C4:80:7B:15:7E:D0:F2:D0:4D:B7:5C:E7:4F:43:47:55
X509v3 Authority Key Identifier:
keyid:0F:9A:2D:23:74:AA:6A:C7:14:B5:F8:A6:ED:DB:80:DC:69:67:9C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5otI3SqascUtfim7duA3GlnnMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/00248c-3791-4629-a6c6-6d971992c349/1/D5otI3SqascUtfim7duA3GlnnMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
26:0d:1d:af:f5:89:f3:62:ef:7a:dc:98:8c:c3:d3:ad:a4:f8:
1e:ab:62:95:a2:2f:fb:7a:c1:0a:39:e1:c0:df:13:d8:c8:e1:
f6:75:2b:4e:9a:00:e6:81:87:39:a6:c2:a1:98:c4:1e:43:fb:
ca:ad:cc:dd:a9:11:4f:5c:85:40:9e:84:99:b1:68:11:ea:84:
07:19:69:45:49:05:d7:1b:be:b5:e0:6a:13:66:43:a8:87:2c:
3e:9e:7b:f2:47:2b:f5:27:f2:78:3d:d5:9a:e9:10:e9:dd:fb:
18:80:c6:1b:3b:82:95:16:07:05:4c:40:d0:28:14:33:0c:bd:
20:33:80:3d:0a:1d:6f:12:f1:51:86:45:e3:98:73:57:44:e0:
82:ca:6c:7a:9f:1d:03:a8:3d:62:1d:f0:2b:0e:02:60:e2:87:
8f:cb:af:27:ff:3d:1a:c8:13:71:f1:88:3d:f0:e4:86:bf:49:
5a:b7:c0:79:06:5d:71:54:f2:e7:3b:de:04:b7:48:e2:17:b7:
a2:07:81:ac:6e:c2:24:0b:f9:6a:c0:31:f8:34:73:d0:83:81:
d2:d3:e6:be:67:af:ee:a1:ff:e2:b2:f7:55:75:66:e8:22:f5:
4f:b2:df:29:ff:9c:d4:59:f1:26:cd:20:3d:dc:ce:c1:ff:1c:
e8:bb:30:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokeMupWXruuHKPYO4AaZ8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOWEyZDIzNzRhYTZhYzcxNGI1ZjhhNmVkZGI4MGRjNjk2
NzljYzYwHhcNMjUxMDI3MDcwMTI3WhcNMjUxMDI4MDcwMTI3WjAzMTEwLwYDVQQD
EyhkNTFmOWI4YmM0ODA3YjE1N2VkMGYyZDA0ZGI3NWNlNzRmNDM0NzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9FZ7e2sImTY5xh1YDAc7bK0VMlc
py5Eo6fTM25NttHHSglvlWwGLC+WssnYjub5Z7BlFY8H69e1P7sP1XIiFFRaGVbJ
SPzc0lPia73xtBUHmcD0QBxLfkQb1ayzG1SBuwQfbbRAsjku4MeSxHPdFOiqbtex
9lSbzTXAiTgwJ77syKI08UWL7cwwTWkCJ8bYyjQokdeVJ1smNgnyNbo0E6Ujg9Iu
WK9I1IT5bPzTJqgKy7+5Yz3YF9eB/PhRtUHhxNT9+4RdMX8gNunEwvuWLA6NOpvA
RkTQg9ItC2m025F+6B5sNYALoGkb04ZHW+evNWWMLoT89Eufu6DF0lPoEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNUfm4vEgHsVftDy0E23XOdPQ0dVMB8GA1UdIwQY
MBaAFA+aLSN0qmrHFLX4pu3bgNxpZ5zGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYt
NmQ5NzE5OTJjMzQ5LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMDI0OGMtMzc5MS00NjI5LWE2YzYtNmQ5NzE5OTJjMzQ5
LzEvRDVvdEkzU3Fhc2NVdGZpbTdkdUEzR2xubk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJg0dr/WJ
82LvetyYjMPTraT4HqtilaIv+3rBCjnhwN8T2Mjh9nUrTpoA5oGHOabCoZjEHkP7
yq3M3akRT1yFQJ6EmbFoEeqEBxlpRUkF1xu+teBqE2ZDqIcsPp578kcr9SfyeD3V
mukQ6d37GIDGGzuClRYHBUxA0CgUMwy9IDOAPQodbxLxUYZF45hzV0Tggspsep8d
A6g9Yh3wKw4CYOKHj8uvJ/89GsgTcfGIPfDkhr9JWrfAeQZdcVTy5zveBLdI4he3
ogeBrG7CJAv5asAx+DRz0IOB0tPmvmev7qH/4rL3VXVm6CL1T7LfKf+c1FnxJs0g
PdzOwf8c6LswUA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 10:28:01 2025 by rpki-client