Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
File: DUHQpubfLhjCVnMjaNbnaCiTExA.mft (raw, json)
Hash identifier: oJ1+vxQ9fde7/fTE4GXeRZ/5neXwruXPKVJ3jVnph2s=
Subject key identifier: AE:57:C7:61:A3:37:22:53:2D:BC:33:E8:DC:A2:FA:CD:C2:28:99:3A
Authority key identifier: 0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
Certificate issuer: /CN=0d41d0a6e6df2e18c256732368d6e76828931310
Certificate serial: 019A71808A5725D86474FC7F5CF6750BACB7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
Manifest number: 1066
Signing time: Tue 11 Nov 2025 06:00:40 +0000
Manifest this update: Tue 11 Nov 2025 06:00:40 +0000
Manifest next update: Wed 12 Nov 2025 06:00:40 +0000
Files and hashes: 1: 5yn4zHauZM75VAijpeMoQrgxCO4.roa (hash: XNQWDr0wgLOmyX40wHgFFl4XUTUYTIzKWa/lVOSFR8o=)
2: DUHQpubfLhjCVnMjaNbnaCiTExA.crl (hash: StqYR48HWKkesUdnQGH4vEklZOYDrUesAWxc7GQUl/w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:80:8a:57:25:d8:64:74:fc:7f:5c:f6:75:0b:ac:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d41d0a6e6df2e18c256732368d6e76828931310
Validity
Not Before: Nov 11 06:00:40 2025 GMT
Not After : Nov 12 06:00:40 2025 GMT
Subject: CN=ae57c761a33722532dbc33e8dca2facdc228993a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:15:41:f4:61:16:b5:d0:c9:75:43:a9:7a:43:
bb:5c:41:a8:c6:d4:a0:76:93:6f:32:39:6a:79:a4:
05:48:f5:8a:58:6a:b3:9c:eb:a1:3b:67:9e:96:97:
08:47:48:50:00:84:2f:3c:0a:28:0b:79:ed:e8:96:
2e:15:de:48:8a:e2:27:ad:ff:62:d8:4b:21:38:fc:
8e:f6:30:93:a0:fb:69:c9:0b:17:8d:ea:00:e9:b3:
65:5f:49:55:b6:c8:2f:19:92:3e:71:a8:4d:63:0e:
67:98:17:9f:1e:71:a9:3e:42:e3:46:43:fb:0d:10:
d2:aa:d9:fe:3c:d2:ed:9c:c6:30:5b:42:5c:6d:71:
e9:fb:b8:dc:f0:37:65:93:91:7c:0e:48:4b:d4:b0:
57:b9:74:8c:40:7b:1f:84:8e:2d:7f:24:34:9c:d1:
36:8e:ac:00:f3:5e:79:eb:3f:fd:c5:1c:f4:bd:a4:
2b:86:3d:c4:05:d3:2d:7e:80:1d:fa:86:a0:e2:42:
62:c2:39:27:e5:2e:cb:e9:1c:a2:08:ec:40:30:69:
45:ac:24:b1:79:2b:8e:5d:cc:68:e0:71:ed:fa:81:
03:0e:5e:e9:33:45:26:82:be:f2:57:73:57:14:eb:
84:33:d9:74:75:aa:eb:61:47:53:0c:cd:c2:69:96:
46:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:57:C7:61:A3:37:22:53:2D:BC:33:E8:DC:A2:FA:CD:C2:28:99:3A
X509v3 Authority Key Identifier:
keyid:0D:41:D0:A6:E6:DF:2E:18:C2:56:73:23:68:D6:E7:68:28:93:13:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DUHQpubfLhjCVnMjaNbnaCiTExA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/9837b2-0df0-4f5a-80db-62b640b02e2b/1/DUHQpubfLhjCVnMjaNbnaCiTExA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:33:05:67:f4:ea:a0:93:ba:b0:27:67:70:60:c1:12:48:46:
66:8d:d1:fd:f4:f5:10:5c:be:3f:59:7a:60:f6:b7:33:36:9d:
61:15:5d:f0:44:a1:72:2c:a9:bc:1f:0c:05:2f:61:ff:d8:03:
13:5c:10:f0:d2:16:20:55:0e:9b:5b:16:50:b7:b3:58:e0:7d:
8e:6e:00:d8:3e:8f:76:6a:36:29:63:b8:9f:44:c6:65:7d:3a:
72:40:af:d0:30:7c:48:05:f6:97:4b:6f:09:8d:0a:fa:a8:20:
36:28:ea:1b:58:71:69:b7:04:98:ca:dc:b2:e1:07:76:c3:bf:
87:e2:a4:8c:02:13:6e:4f:96:c2:4b:57:3f:ed:f9:5a:8f:39:
c5:62:ca:bc:83:f4:c2:29:7a:a4:d4:52:74:f2:41:d2:19:19:
d0:97:1f:33:1a:9e:c5:78:c1:e9:80:74:f1:c0:85:fb:78:87:
2a:0a:4b:ed:1d:df:47:81:25:e8:49:8d:a4:8c:e0:83:b3:30:
e2:a1:8f:05:ed:21:73:aa:e8:b4:20:e4:f0:e6:e4:1d:df:83:
f7:91:81:65:65:1b:64:67:81:89:94:95:0a:33:75:bc:6a:aa:
0b:33:17:67:8e:2d:ef:46:fa:56:6c:40:80:22:c9:e6:f0:69:
04:d4:7a:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxgIpXJdhkdPx/XPZ1C6y3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNDFkMGE2ZTZkZjJlMThjMjU2NzMyMzY4ZDZlNzY4Mjg5
MzEzMTAwHhcNMjUxMTExMDYwMDQwWhcNMjUxMTEyMDYwMDQwWjAzMTEwLwYDVQQD
EyhhZTU3Yzc2MWEzMzcyMjUzMmRiYzMzZThkY2EyZmFjZGMyMjg5OTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRVB9GEWtdDJdUOpekO7XEGoxtSg
dpNvMjlqeaQFSPWKWGqznOuhO2eelpcIR0hQAIQvPAooC3nt6JYuFd5IiuInrf9i
2EshOPyO9jCToPtpyQsXjeoA6bNlX0lVtsgvGZI+cahNYw5nmBefHnGpPkLjRkP7
DRDSqtn+PNLtnMYwW0JcbXHp+7jc8Ddlk5F8DkhL1LBXuXSMQHsfhI4tfyQ0nNE2
jqwA81556z/9xRz0vaQrhj3EBdMtfoAd+oag4kJiwjkn5S7L6RyiCOxAMGlFrCSx
eSuOXcxo4HHt+oEDDl7pM0Umgr7yV3NXFOuEM9l0darrYUdTDM3CaZZGMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK5Xx2GjNyJTLbwz6Nyi+s3CKJk6MB8GA1UdIwQY
MBaAFA1B0Kbm3y4YwlZzI2jW52gokxMQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGIt
NjJiNjQwYjAyZTJiLzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC85ODM3YjItMGRmMC00ZjVhLTgwZGItNjJiNjQwYjAyZTJi
LzEvRFVIUXB1YmZMaGpDVm5NamFOYm5hQ2lURXhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZTMFZ/Tq
oJO6sCdncGDBEkhGZo3R/fT1EFy+P1l6YPa3MzadYRVd8EShciypvB8MBS9h/9gD
E1wQ8NIWIFUOm1sWULezWOB9jm4A2D6Pdmo2KWO4n0TGZX06ckCv0DB8SAX2l0tv
CY0K+qggNijqG1hxabcEmMrcsuEHdsO/h+KkjAITbk+WwktXP+35Wo85xWLKvIP0
wil6pNRSdPJB0hkZ0JcfMxqexXjB6YB08cCF+3iHKgpL7R3fR4El6EmNpIzgg7Mw
4qGPBe0hc6rotCDk8ObkHd+D95GBZWUbZGeBiZSVCjN1vGqqCzMXZ44t70b6VmxA
gCLJ5vBpBNR6fQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:44:38 2025 by rpki-client