Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.mft
File: 0pF0ElK7nEzagAR9-wHOmMIZ0YA.mft (raw, json)
Hash identifier: youa2EoZSk4FeK2Gh80tkbgm/EkdixlMeQFoUidjyIM=
Subject key identifier: F1:6E:BA:98:D7:0C:74:E2:69:FC:6B:8F:EB:72:35:4A:9B:A2:16:88
Authority key identifier: D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
Certificate issuer: /CN=d291741252bb9c4cda80047dfb01ce98c219d180
Certificate serial: 019A7225973EA67F65296C60CC17C5CF46EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.mft
Manifest number: 15D3
Signing time: Tue 11 Nov 2025 09:00:57 +0000
Manifest this update: Tue 11 Nov 2025 09:00:57 +0000
Manifest next update: Wed 12 Nov 2025 09:00:57 +0000
Files and hashes: 1: 0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl (hash: UpebmljbPshEIa8O1bypHXP8k6lPVq0qWUHXzf1ZWos=)
2: 24F3NWEaUDo-ywzWotAmlAOE0aY.roa (hash: ERf1+Eo8kcPOcjF9iXtlxaEqblrqJRaC4jpu9Wj4DSs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.mft
rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:97:3e:a6:7f:65:29:6c:60:cc:17:c5:cf:46:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d291741252bb9c4cda80047dfb01ce98c219d180
Validity
Not Before: Nov 11 09:00:57 2025 GMT
Not After : Nov 12 09:00:57 2025 GMT
Subject: CN=f16eba98d70c74e269fc6b8feb72354a9ba21688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ca:59:4d:52:92:c5:bb:37:88:b6:32:49:e0:
8d:69:2b:c4:79:be:03:ec:00:40:3a:e7:a7:76:ee:
6d:d3:4b:5d:ad:12:dc:fd:54:a4:88:0d:d9:a5:91:
df:e3:3a:da:76:56:5d:94:9e:f7:ea:2d:f0:01:0e:
73:6c:6c:dd:6e:ff:e4:65:b9:f5:22:f9:7e:cd:74:
39:66:1b:b5:4b:40:56:df:ab:65:59:e9:b1:a6:20:
db:e8:c4:4f:0e:e3:4f:df:17:63:fe:2b:fc:93:aa:
dc:61:2a:f6:2c:83:0f:7a:0f:ea:3c:6c:58:5d:ee:
f7:fe:46:07:7b:5c:ed:7a:90:ea:79:29:95:2d:5f:
ac:fc:50:2c:7f:dd:85:d3:93:10:d4:9b:bd:f4:70:
3a:80:87:0f:f3:49:f2:2f:18:f7:61:b9:c9:23:72:
28:6b:7f:1e:f6:03:ed:eb:43:49:35:b9:67:15:46:
d8:60:96:2a:e6:db:34:4c:32:5b:b4:7d:d9:32:5f:
ff:c4:b6:cc:70:11:36:2e:a9:d3:ab:71:73:10:34:
2f:db:42:24:61:04:02:f5:7a:2a:13:41:3f:2b:2b:
4c:f8:f0:08:f8:c7:e0:3e:ea:5c:65:ed:f2:c9:3c:
c5:98:94:be:3a:f3:92:c5:c3:6e:56:d8:00:a7:70:
39:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:6E:BA:98:D7:0C:74:E2:69:FC:6B:8F:EB:72:35:4A:9B:A2:16:88
X509v3 Authority Key Identifier:
keyid:D2:91:74:12:52:BB:9C:4C:DA:80:04:7D:FB:01:CE:98:C2:19:D1:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0pF0ElK7nEzagAR9-wHOmMIZ0YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/3ba6fc-2d49-4aff-9229-48b957264c26/1/0pF0ElK7nEzagAR9-wHOmMIZ0YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
86:e6:b9:89:66:1f:4e:05:6b:01:f2:56:64:8d:bb:f2:16:b9:
f4:e8:af:72:af:82:0e:63:b9:26:1a:5e:37:9e:54:01:a4:d2:
34:1c:14:d8:d0:25:f7:9a:8d:3f:9e:e8:f2:9e:54:5b:6b:db:
5a:c6:c2:87:19:48:a4:6d:27:97:17:06:f8:e6:75:de:7c:97:
a9:63:cd:3a:8b:21:a6:18:33:8a:01:cc:79:41:4d:90:a4:ae:
10:b7:5f:0a:22:33:2b:26:7a:b3:34:6c:ff:75:23:56:5c:49:
d4:d1:42:dd:77:72:0d:68:9d:50:37:2d:40:df:42:63:c8:8c:
7b:2d:ee:22:6c:83:2c:44:3a:fd:0e:e9:a5:f4:bb:8b:3d:68:
9d:d4:16:f3:0e:6e:df:43:53:f1:e2:78:0a:7a:6b:38:06:27:
65:ab:c0:e9:a1:a4:5b:ce:a8:a6:b5:5f:51:ea:de:bd:11:8e:
2e:56:ea:3c:e9:af:bc:1d:62:15:11:ec:51:8a:ac:ac:34:10:
10:ee:39:96:c5:5c:bc:e6:a6:10:bf:e1:ee:cc:79:6f:8d:24:
d2:43:73:cc:d1:b4:0d:16:18:08:4f:ad:3b:c8:6e:5e:62:6f:
2f:62:dc:0b:eb:14:e8:e5:10:ce:cb:c1:79:e8:c5:e3:06:38:
35:dc:c5:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJZc+pn9lKWxgzBfFz0bqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyOTE3NDEyNTJiYjljNGNkYTgwMDQ3ZGZiMDFjZTk4YzIx
OWQxODAwHhcNMjUxMTExMDkwMDU3WhcNMjUxMTEyMDkwMDU3WjAzMTEwLwYDVQQD
EyhmMTZlYmE5OGQ3MGM3NGUyNjlmYzZiOGZlYjcyMzU0YTliYTIxNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8pZTVKSxbs3iLYySeCNaSvEeb4D
7ABAOuendu5t00tdrRLc/VSkiA3ZpZHf4zradlZdlJ736i3wAQ5zbGzdbv/kZbn1
Ivl+zXQ5Zhu1S0BW36tlWemxpiDb6MRPDuNP3xdj/iv8k6rcYSr2LIMPeg/qPGxY
Xe73/kYHe1ztepDqeSmVLV+s/FAsf92F05MQ1Ju99HA6gIcP80nyLxj3YbnJI3Io
a38e9gPt60NJNblnFUbYYJYq5ts0TDJbtH3ZMl//xLbMcBE2LqnTq3FzEDQv20Ik
YQQC9XoqE0E/KytM+PAI+MfgPupcZe3yyTzFmJS+OvOSxcNuVtgAp3A5+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPFuupjXDHTiafxrj+tyNUqbohaIMB8GA1UdIwQY
MBaAFNKRdBJSu5xM2oAEffsBzpjCGdGAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjkt
NDhiOTU3MjY0YzI2LzEvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8zYmE2ZmMtMmQ0OS00YWZmLTkyMjktNDhiOTU3MjY0YzI2
LzEvMHBGMEVsSzduRXphZ0FSOS13SE9tTUlaMFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhua5iWYf
TgVrAfJWZI278ha59Oivcq+CDmO5JhpeN55UAaTSNBwU2NAl95qNP57o8p5UW2vb
WsbChxlIpG0nlxcG+OZ13nyXqWPNOoshphgzigHMeUFNkKSuELdfCiIzKyZ6szRs
/3UjVlxJ1NFC3XdyDWidUDctQN9CY8iMey3uImyDLEQ6/Q7ppfS7iz1ondQW8w5u
30NT8eJ4CnprOAYnZavA6aGkW86oprVfUerevRGOLlbqPOmvvB1iFRHsUYqsrDQQ
EO45lsVcvOamEL/h7sx5b40k0kNzzNG0DRYYCE+tO8huXmJvL2LcC+sU6OUQzsvB
eejF4wY4NdzFrg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:52 2025 by rpki-client