Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
File: tDlfbOqaAYpMyEgY5qo1INMiIYs.mft (raw, json)
Hash identifier: NjpYbz9CVAi3uH0edG3VAacehGBVU/BKC2ghsXzfG9s=
Subject key identifier: 11:07:B1:DC:96:EE:FA:E8:F3:20:7E:A4:91:08:BE:B5:36:CF:AC:31
Authority key identifier: B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B
Certificate issuer: /CN=b4395f6cea9a018a4cc84818e6aa3520d322218b
Certificate serial: 019A71B7D6C7AF16D229F6760D5064EBC763
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
Manifest number: 0DA1
Signing time: Tue 11 Nov 2025 07:01:04 +0000
Manifest this update: Tue 11 Nov 2025 07:01:04 +0000
Manifest next update: Wed 12 Nov 2025 07:01:04 +0000
Files and hashes: 1: UoFhfe1D4fv5504pD16hAMtOHqM.roa (hash: f5OjLqYpJfmM6P+Sc+etueFJmxpiBV6zei8gZZWeXpE=)
2: tDlfbOqaAYpMyEgY5qo1INMiIYs.crl (hash: uDZRtATa+qiPBA2C0cEVH2de+sqaXSmQy36V0eaQI7M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:d6:c7:af:16:d2:29:f6:76:0d:50:64:eb:c7:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4395f6cea9a018a4cc84818e6aa3520d322218b
Validity
Not Before: Nov 11 07:01:04 2025 GMT
Not After : Nov 12 07:01:04 2025 GMT
Subject: CN=1107b1dc96eefae8f3207ea49108beb536cfac31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:91:39:b4:f3:8b:5e:d8:53:73:55:ee:be:ae:
ee:05:a5:4b:b4:6e:8c:ed:ab:d5:c7:1f:72:08:a0:
13:b9:35:bc:8d:ac:d9:00:92:c7:e2:81:23:dd:23:
10:2c:72:7c:35:e1:95:a2:46:a3:4e:ec:63:2b:7b:
66:e0:8d:a4:f0:93:8f:57:f4:bd:0a:26:41:b4:ef:
b4:b3:97:07:f3:06:81:53:48:35:33:8f:36:47:7b:
55:a0:e5:0a:94:9a:7a:03:b9:99:4f:9d:9c:33:06:
d6:d5:b0:ba:58:31:0a:ed:be:37:2e:bf:55:3f:87:
05:21:c7:3f:01:6d:3a:df:5e:75:6c:76:28:ff:94:
38:5d:da:f7:7b:12:bb:80:dd:6a:d8:64:c2:70:33:
69:ff:90:95:cd:18:6f:4b:20:35:43:8f:b3:8f:b9:
a6:ec:62:0b:9b:91:36:82:16:fd:1e:68:3e:18:cb:
3b:af:d8:83:06:37:87:1c:3c:59:cf:09:fd:0d:da:
43:d3:03:2f:cd:26:df:52:5e:a9:9f:36:fd:8b:dc:
8d:54:4b:8a:f6:d0:d9:4b:47:c4:60:f5:3d:71:1e:
2c:71:a0:b0:e4:16:61:3f:0d:ce:61:40:1e:70:bd:
a2:3a:80:21:f4:83:79:a5:b3:a3:72:5a:3f:61:3f:
3c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:07:B1:DC:96:EE:FA:E8:F3:20:7E:A4:91:08:BE:B5:36:CF:AC:31
X509v3 Authority Key Identifier:
keyid:B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5a:53:b3:6f:29:06:1d:2a:91:98:76:27:0a:e6:02:3a:ed:47:
08:97:5a:97:a7:6a:63:74:94:6c:b6:ee:7f:50:c0:58:a3:69:
89:75:72:7b:07:16:c0:bb:27:15:8d:5f:22:d3:62:c9:52:78:
07:c0:ed:dc:7c:34:8f:fe:bf:ec:06:6c:3f:dc:0f:9e:8f:19:
c5:90:68:59:36:d0:d1:ce:f1:39:31:ff:ab:1e:23:d3:56:b2:
22:3c:75:19:29:55:3b:fc:cc:d3:03:8c:2e:f7:a3:cd:bd:a6:
8e:73:57:1c:a5:be:cb:d2:92:b2:f1:71:70:05:c5:53:4c:b2:
19:b1:a2:f3:13:a7:49:c3:9d:e4:8b:cc:c2:c3:ce:11:73:fe:
55:c4:ad:78:fd:2d:8f:4d:00:9f:27:43:47:5b:a5:11:8d:13:
88:3d:e3:e5:e0:60:1d:58:d6:6c:40:65:8c:3c:0e:9d:93:7d:
6f:5f:62:df:ba:c5:8c:ab:e9:21:01:be:9d:af:2d:5c:04:27:
a4:d6:5d:06:bf:f0:09:6c:2c:76:2b:58:28:a8:9e:44:2b:4f:
42:58:dc:51:ba:47:ae:b9:2e:84:91:d5:03:b7:a1:38:d8:58:
b4:c1:bc:72:f6:59:30:1e:9a:11:a5:19:60:38:72:ec:c9:35:
8a:6a:67:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9bHrxbSKfZ2DVBk68djMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Mzk1ZjZjZWE5YTAxOGE0Y2M4NDgxOGU2YWEzNTIwZDMy
MjIxOGIwHhcNMjUxMTExMDcwMTA0WhcNMjUxMTEyMDcwMTA0WjAzMTEwLwYDVQQD
EygxMTA3YjFkYzk2ZWVmYWU4ZjMyMDdlYTQ5MTA4YmViNTM2Y2ZhYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5E5tPOLXthTc1Xuvq7uBaVLtG6M
7avVxx9yCKATuTW8jazZAJLH4oEj3SMQLHJ8NeGVokajTuxjK3tm4I2k8JOPV/S9
CiZBtO+0s5cH8waBU0g1M482R3tVoOUKlJp6A7mZT52cMwbW1bC6WDEK7b43Lr9V
P4cFIcc/AW063151bHYo/5Q4Xdr3exK7gN1q2GTCcDNp/5CVzRhvSyA1Q4+zj7mm
7GILm5E2ghb9Hmg+GMs7r9iDBjeHHDxZzwn9DdpD0wMvzSbfUl6pnzb9i9yNVEuK
9tDZS0fEYPU9cR4scaCw5BZhPw3OYUAecL2iOoAh9IN5pbOjclo/YT886QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBEHsdyW7vro8yB+pJEIvrU2z6wxMB8GA1UdIwQY
MBaAFLQ5X2zqmgGKTMhIGOaqNSDTIiGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUt
MzkxZmVjMjY3ZGFlLzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUtMzkxZmVjMjY3ZGFl
LzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWlOzbykG
HSqRmHYnCuYCOu1HCJdal6dqY3SUbLbuf1DAWKNpiXVyewcWwLsnFY1fItNiyVJ4
B8Dt3Hw0j/6/7AZsP9wPno8ZxZBoWTbQ0c7xOTH/qx4j01ayIjx1GSlVO/zM0wOM
Lvejzb2mjnNXHKW+y9KSsvFxcAXFU0yyGbGi8xOnScOd5IvMwsPOEXP+VcSteP0t
j00AnydDR1ulEY0TiD3j5eBgHVjWbEBljDwOnZN9b19i37rFjKvpIQG+na8tXAQn
pNZdBr/wCWwsditYKKieRCtPQljcUbpHrrkuhJHVA7ehONhYtMG8cvZZMB6aEaUZ
YDhy7Mk1impnQw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:03 2025 by rpki-client