Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
File: dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft (raw, json)
Hash identifier: olLSUoexDw604HRZJioFURid5ekUjrV1Sc9HF2PUGLY=
Subject key identifier: FE:05:55:7D:61:55:A8:E6:BB:04:B8:B5:0B:39:ED:31:96:1C:4D:DF
Authority key identifier: 74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
Certificate issuer: /CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Certificate serial: 019A725C4BE6ED010A9B25F60D9E5A214301
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
Manifest number: 97
Signing time: Tue 11 Nov 2025 10:00:42 +0000
Manifest this update: Tue 11 Nov 2025 10:00:42 +0000
Manifest next update: Wed 12 Nov 2025 10:00:42 +0000
Files and hashes: 1: 9aSGIa-WEC1bN7Ni4E8-efLmGGQ.roa (hash: 9siiR4LDQpp3LbxItU8xD6C1s0IOvLTqKZo+clC6imU=)
2: dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl (hash: V1M5jifroXvcDvXKZlSKGsXFjesKnDQCkGsVMJKlHSc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:4b:e6:ed:01:0a:9b:25:f6:0d:9e:5a:21:43:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749d8a4328930b938fa86018b1e447ee4d8da8f9
Validity
Not Before: Nov 11 10:00:42 2025 GMT
Not After : Nov 12 10:00:42 2025 GMT
Subject: CN=fe05557d6155a8e6bb04b8b50b39ed31961c4ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:1d:49:06:7e:9c:72:f1:e4:a0:21:fb:5b:31:
82:dd:5a:1d:37:95:3b:b8:ea:b4:fb:a6:4d:12:b2:
d7:0a:fb:78:35:ae:37:b8:35:43:ed:9a:08:47:70:
de:2b:49:37:b8:7b:ee:53:85:7b:96:80:d0:4c:d2:
0b:a9:36:a6:1d:64:42:03:ad:11:32:7c:b1:ad:4c:
db:5b:ae:af:4d:c5:d0:75:83:77:3a:26:9f:bc:b8:
72:ff:0f:6e:11:84:da:3b:6f:ff:e1:b7:bc:82:ae:
ba:a5:d8:b4:db:9a:ed:1d:d5:ac:a0:57:fc:03:b2:
6b:73:a7:ea:99:a7:e5:f1:15:a4:b5:34:a6:27:e3:
c9:d8:e3:f7:00:f7:c7:01:ad:2e:9a:4f:74:79:b2:
b2:91:98:6c:bf:77:a4:9f:36:73:58:81:c1:80:b7:
2c:0f:96:5e:b0:e5:7f:75:cb:62:19:b9:3d:d5:30:
3b:8d:61:5c:5f:dd:de:a5:b6:1b:db:8e:48:b4:72:
d5:a3:45:72:2e:90:e2:53:57:48:93:d7:16:ca:99:
d4:55:02:7e:4e:3a:c0:1a:10:78:02:05:8c:88:cd:
63:ed:68:90:7b:aa:4d:28:29:0b:b8:56:5e:f6:87:
7a:13:28:8e:e4:5b:f2:15:d5:c0:00:12:50:1f:26:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:05:55:7D:61:55:A8:E6:BB:04:B8:B5:0B:39:ED:31:96:1C:4D:DF
X509v3 Authority Key Identifier:
keyid:74:9D:8A:43:28:93:0B:93:8F:A8:60:18:B1:E4:47:EE:4D:8D:A8:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJ2KQyiTC5OPqGAYseRH7k2NqPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3fa217-85f5-4f19-b91e-0889e3ecd1f6/1/dJ2KQyiTC5OPqGAYseRH7k2NqPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:74:9e:34:11:38:6c:65:9f:34:c2:83:bb:4c:08:a1:96:8c:
d9:f6:cb:b7:ce:4e:4c:6b:dd:49:6d:a4:6d:3d:08:06:e4:db:
98:c8:d8:9f:bd:76:0c:7b:c1:a2:c9:e4:d0:68:3f:57:ab:eb:
53:92:dd:c8:3c:e3:81:09:34:ae:9c:69:2c:94:d3:b9:6a:b4:
aa:09:32:d1:78:1e:28:a2:f5:b9:9b:f5:94:c6:dc:b8:5d:51:
64:d3:dc:9b:e8:d3:1d:03:94:e7:51:b3:e7:22:f6:b8:ef:f3:
d2:8a:17:dd:51:be:d7:79:d1:c5:f4:6d:2a:3c:6e:94:26:63:
ed:15:a1:30:80:ed:a8:47:b7:79:92:eb:0e:cb:75:a3:ed:f9:
c7:c0:a3:9f:72:22:7f:68:66:28:63:3b:8a:3a:5a:ca:7e:76:
1b:c0:70:c1:10:7a:48:d9:a6:b5:b7:87:7d:27:92:0c:d9:ed:
5c:db:4e:1e:3d:65:cf:52:e6:66:dc:bd:69:90:6a:3c:66:0e:
1d:bb:68:8e:72:1e:9e:40:d0:db:68:e5:09:cf:8d:23:ef:b7:
32:b1:8a:bb:d7:45:ae:29:27:52:a5:ab:09:8b:e3:a9:49:45:
37:01:fa:51:69:a6:ec:51:01:85:6f:43:66:cb:2e:63:4a:9b:
a9:5b:f1:7a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXEvm7QEKmyX2DZ5aIUMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OWQ4YTQzMjg5MzBiOTM4ZmE4NjAxOGIxZTQ0N2VlNGQ4
ZGE4ZjkwHhcNMjUxMTExMTAwMDQyWhcNMjUxMTEyMTAwMDQyWjAzMTEwLwYDVQQD
EyhmZTA1NTU3ZDYxNTVhOGU2YmIwNGI4YjUwYjM5ZWQzMTk2MWM0ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6h1JBn6ccvHkoCH7WzGC3VodN5U7
uOq0+6ZNErLXCvt4Na43uDVD7ZoIR3DeK0k3uHvuU4V7loDQTNILqTamHWRCA60R
MnyxrUzbW66vTcXQdYN3OiafvLhy/w9uEYTaO2//4be8gq66pdi025rtHdWsoFf8
A7Jrc6fqmafl8RWktTSmJ+PJ2OP3APfHAa0umk90ebKykZhsv3eknzZzWIHBgLcs
D5ZesOV/dctiGbk91TA7jWFcX93epbYb245ItHLVo0VyLpDiU1dIk9cWypnUVQJ+
TjrAGhB4AgWMiM1j7WiQe6pNKCkLuFZe9od6EyiO5FvyFdXAABJQHyaeHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP4FVX1hVajmuwS4tQs57TGWHE3fMB8GA1UdIwQY
MBaAFHSdikMokwuTj6hgGLHkR+5Njaj5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUt
MDg4OWUzZWNkMWY2LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zZmEyMTctODVmNS00ZjE5LWI5MWUtMDg4OWUzZWNkMWY2
LzEvZEoyS1F5aVRDNU9QcUdBWXNlUkg3azJOcVBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAanSeNBE4
bGWfNMKDu0wIoZaM2fbLt85OTGvdSW2kbT0IBuTbmMjYn712DHvBosnk0Gg/V6vr
U5LdyDzjgQk0rpxpLJTTuWq0qgky0XgeKKL1uZv1lMbcuF1RZNPcm+jTHQOU51Gz
5yL2uO/z0ooX3VG+13nRxfRtKjxulCZj7RWhMIDtqEe3eZLrDst1o+35x8Cjn3Ii
f2hmKGM7ijpayn52G8BwwRB6SNmmtbeHfSeSDNntXNtOHj1lz1LmZty9aZBqPGYO
HbtojnIenkDQ22jlCc+NI++3MrGKu9dFriknUqWrCYvjqUlFNwH6UWmm7FEBhW9D
ZssuY0qbqVvxeg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:26 2025 by rpki-client