Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
File: ddoOY-skfZoLE7TLNt1nJJkgu8o.mft (raw, json)
Hash identifier: 61zZnVwxiL5Z2lxsEmOdzFc4NPEvSpt3oDgHltndLLw=
Subject key identifier: B6:02:60:B2:BD:9A:70:AF:B9:66:8F:7B:01:14:D0:82:C7:74:BF:6E
Authority key identifier: 75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
Certificate issuer: /CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Certificate serial: 019A70A4D8ED71733D288FCCB43B2B08160D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 02:00:42 +0000
Manifest this update: Tue 11 Nov 2025 02:00:42 +0000
Manifest next update: Wed 12 Nov 2025 02:00:42 +0000
Files and hashes: 1: Qij-xPisZGBBqpNgu1KPeAhYyeA.roa (hash: 0qt3Er+wn2Xj8MdmWfSXDbZ9aYW82PDchwg6o4/NTxg=)
2: ddoOY-skfZoLE7TLNt1nJJkgu8o.crl (hash: UIrjjuuqLE9Lty79XMjnEj+qGMkvJMqZQhFLlsFqV4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:d8:ed:71:73:3d:28:8f:cc:b4:3b:2b:08:16:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Validity
Not Before: Nov 11 02:00:42 2025 GMT
Not After : Nov 12 02:00:42 2025 GMT
Subject: CN=b60260b2bd9a70afb9668f7b0114d082c774bf6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5d:a3:fd:ae:a8:52:38:f1:fd:c9:96:fc:22:
3f:ac:8f:c8:56:d7:1c:f5:40:fd:c0:3d:72:1e:0d:
84:56:23:ab:e6:07:07:5f:4f:8e:bb:7b:cd:9b:1a:
f7:fd:19:6b:f4:52:58:47:0f:35:af:a2:b8:3d:cb:
d4:f0:b9:d9:a1:ad:c0:57:e5:5a:2e:05:89:f4:79:
82:25:6c:72:96:cf:05:e6:a0:cf:71:3c:2f:1d:3a:
2b:0d:75:5a:e6:0c:5c:15:3b:dd:61:47:96:52:d8:
c2:46:17:a3:70:4a:9c:ad:8d:8b:67:df:91:82:67:
1f:35:16:5e:7b:b0:48:1b:f6:01:50:1e:e3:1f:5c:
67:08:e4:c1:dc:07:c2:e0:c1:90:35:ac:bd:d7:60:
1d:8b:5e:50:3d:5c:1f:c1:db:2b:97:fb:58:c2:e3:
72:a3:ba:6e:9f:eb:60:82:42:74:55:16:bb:2b:f2:
41:be:69:7e:e9:52:cc:d6:42:c5:94:07:a6:17:ee:
17:30:1d:aa:f8:51:34:ff:08:3e:e3:a4:97:12:15:
ea:e2:23:aa:27:65:ea:70:d0:91:14:f2:f0:70:de:
52:15:18:9e:36:72:4b:2e:b0:66:b1:91:5d:e0:3d:
4b:6e:ae:b6:bf:d4:cb:22:41:fc:b6:93:a6:1b:d1:
f5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:02:60:B2:BD:9A:70:AF:B9:66:8F:7B:01:14:D0:82:C7:74:BF:6E
X509v3 Authority Key Identifier:
keyid:75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d5:c2:c2:57:9b:a6:77:c8:6c:14:2e:a5:96:9c:b7:6c:cc:16:
c6:ec:39:c2:91:f3:9e:dc:34:40:a4:e5:ef:ee:fc:de:5e:b9:
d3:15:9c:7e:6d:e2:b3:5d:63:cb:5a:32:a4:57:47:d8:bb:b9:
f6:45:f7:e8:b9:22:cd:56:6b:eb:39:e4:42:a9:7b:27:08:10:
cc:84:2e:d3:05:4e:bc:a2:b3:3a:5d:67:9d:84:00:53:d1:5b:
90:ee:7b:e3:98:bf:80:2b:99:53:ea:54:fd:94:74:a4:ce:5c:
07:6b:36:40:44:44:34:82:5e:fd:c1:99:60:8a:f1:36:ca:c3:
15:a9:b7:83:da:a7:29:f7:5c:46:1c:4a:dd:07:11:84:66:80:
ea:c2:05:5e:9e:5f:6a:5a:5c:46:12:1a:f9:ac:b0:92:49:5f:
a2:28:ee:6e:a5:16:e4:5c:1e:4b:73:11:77:fb:c3:44:4d:ff:
fa:11:c4:bc:26:2e:b0:44:4c:c8:94:d0:c1:36:47:bb:9c:e5:
cc:e4:1d:a7:51:b3:e8:63:f3:f6:f7:76:49:8e:e2:b1:22:0c:
4d:d8:0b:06:b2:82:ad:a8:24:59:f4:51:72:8b:1b:9b:8b:40:
63:03:c4:7f:64:94:e4:10:8b:1e:3b:d4:b9:88:8a:88:7a:fa:
73:de:8d:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpNjtcXM9KI/MtDsrCBYNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGEwZTYzZWIyNDdkOWEwYjEzYjRjYjM2ZGQ2NzI0OTky
MGJiY2EwHhcNMjUxMTExMDIwMDQyWhcNMjUxMTEyMDIwMDQyWjAzMTEwLwYDVQQD
EyhiNjAyNjBiMmJkOWE3MGFmYjk2NjhmN2IwMTE0ZDA4MmM3NzRiZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0l2j/a6oUjjx/cmW/CI/rI/IVtcc
9UD9wD1yHg2EViOr5gcHX0+Ou3vNmxr3/Rlr9FJYRw81r6K4PcvU8LnZoa3AV+Va
LgWJ9HmCJWxyls8F5qDPcTwvHTorDXVa5gxcFTvdYUeWUtjCRhejcEqcrY2LZ9+R
gmcfNRZee7BIG/YBUB7jH1xnCOTB3AfC4MGQNay912Adi15QPVwfwdsrl/tYwuNy
o7pun+tggkJ0VRa7K/JBvml+6VLM1kLFlAemF+4XMB2q+FE0/wg+46SXEhXq4iOq
J2XqcNCRFPLwcN5SFRieNnJLLrBmsZFd4D1Lbq62v9TLIkH8tpOmG9H1mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLYCYLK9mnCvuWaPewEU0ILHdL9uMB8GA1UdIwQY
MBaAFHXaDmPrJH2aCxO0yzbdZySZILvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgt
ZGY0YTMxNzM1MjJiLzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgtZGY0YTMxNzM1MjJi
LzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1cLCV5um
d8hsFC6llpy3bMwWxuw5wpHzntw0QKTl7+783l650xWcfm3is11jy1oypFdH2Lu5
9kX36LkizVZr6znkQql7JwgQzIQu0wVOvKKzOl1nnYQAU9FbkO5745i/gCuZU+pU
/ZR0pM5cB2s2QERENIJe/cGZYIrxNsrDFam3g9qnKfdcRhxK3QcRhGaA6sIFXp5f
alpcRhIa+aywkklfoijubqUW5FweS3MRd/vDRE3/+hHEvCYusERMyJTQwTZHu5zl
zOQdp1Gz6GPz9vd2SY7isSIMTdgLBrKCragkWfRRcosbm4tAYwPEf2SU5BCLHjvU
uYiKiHr6c96NDQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:46:29 2025 by rpki-client