Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
File: 0tzocORzw1QnPonF5OLtPgwGk1Y.mft (raw, json)
Hash identifier: C8Mk4zwTZzH+j38SbfPwDbf/LcBDJ3A68z0iLC+7kuI=
Subject key identifier: AB:23:B8:54:39:4E:64:BB:71:81:B5:C0:19:9D:EE:B7:75:DB:0E:4C
Authority key identifier: D2:DC:E8:70:E4:73:C3:54:27:3E:89:C5:E4:E2:ED:3E:0C:06:93:56
Certificate issuer: /CN=d2dce870e473c354273e89c5e4e2ed3e0c069356
Certificate serial: 019A722659C1C6560847476219E586782250
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
Manifest number: 0B77
Signing time: Tue 11 Nov 2025 09:01:47 +0000
Manifest this update: Tue 11 Nov 2025 09:01:47 +0000
Manifest next update: Wed 12 Nov 2025 09:01:47 +0000
Files and hashes: 1: 0tzocORzw1QnPonF5OLtPgwGk1Y.crl (hash: tYUcU+PsrIySbfk60t8PHpaI3oOaXWsB8VzKNstBW1I=)
2: tTZ8ChHVIsV9vssdJRRwpvt77Ic.roa (hash: vUfunefLZb2Jpmp53yxYY0pVxR49oq3Pwb2HHqDzrlg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:59:c1:c6:56:08:47:47:62:19:e5:86:78:22:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2dce870e473c354273e89c5e4e2ed3e0c069356
Validity
Not Before: Nov 11 09:01:47 2025 GMT
Not After : Nov 12 09:01:47 2025 GMT
Subject: CN=ab23b854394e64bb7181b5c0199deeb775db0e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e4:72:c6:96:70:25:07:84:0a:5d:9c:86:18:
bd:db:78:b2:62:ae:00:20:f5:60:a2:5f:d7:9b:72:
d7:4f:a6:ef:56:05:a8:69:bf:e2:c1:3a:b2:07:3d:
04:10:73:b7:4b:cd:57:1d:14:13:50:c6:f8:3c:6a:
f2:b8:75:ee:60:56:a7:77:83:de:bc:de:60:2c:35:
30:95:68:e4:d8:da:ab:b0:b5:8b:16:b7:41:e5:52:
ba:c5:e9:bd:d6:f7:2e:98:60:c0:0a:a1:b3:7d:4e:
c3:39:02:19:84:25:d9:ea:d1:70:42:4e:0e:63:33:
86:75:b6:4b:7a:e9:8a:8d:4c:35:d1:97:8d:83:b5:
cf:10:cf:c6:ec:19:25:47:c2:3f:24:62:77:7d:64:
39:9a:e3:90:9d:4a:a5:ef:89:40:f9:a8:55:d5:42:
0c:33:87:38:27:ef:00:1f:bb:84:cb:0b:9f:75:3c:
56:29:98:af:ae:68:8d:fb:32:83:a8:ef:4e:02:45:
fb:55:28:ce:ba:78:e7:30:8b:6e:d2:a9:a3:85:1c:
65:53:27:40:04:a6:ed:95:a1:d6:8a:92:c7:98:0e:
c5:f1:2b:c3:55:06:97:c1:d7:75:29:9c:e9:d4:60:
6c:ff:0c:f4:bc:27:20:38:a3:33:ef:f0:83:c8:da:
7e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:23:B8:54:39:4E:64:BB:71:81:B5:C0:19:9D:EE:B7:75:DB:0E:4C
X509v3 Authority Key Identifier:
keyid:D2:DC:E8:70:E4:73:C3:54:27:3E:89:C5:E4:E2:ED:3E:0C:06:93:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tzocORzw1QnPonF5OLtPgwGk1Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/113f5f-be58-478c-9030-32d80d8d1615/1/0tzocORzw1QnPonF5OLtPgwGk1Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
33:28:63:e6:0e:2e:16:33:e0:2f:52:ab:01:54:52:d2:aa:50:
61:07:40:6a:5f:e1:74:09:f5:84:5c:fb:28:3c:e8:c8:17:42:
d2:a6:55:04:58:c8:8c:e0:76:a1:cd:8a:04:48:37:3a:b5:54:
5c:0d:c1:5e:5e:c0:34:9e:f8:ca:c2:74:e1:24:e2:ee:c6:a4:
7b:0b:25:7b:df:8f:f2:d7:cd:f5:0c:5d:df:e3:fd:37:bd:bd:
bb:2d:91:74:b7:d2:7e:c9:c2:e9:1e:59:3d:cf:04:79:61:9f:
d7:0e:15:9f:ee:49:67:5e:2f:13:d2:85:c9:f7:82:50:1c:b0:
ac:72:9b:15:37:b3:89:72:5a:0b:5a:3e:c5:66:90:dd:80:ba:
4b:9b:f6:ab:e5:26:22:d3:2a:a8:46:e7:e6:52:34:f2:9d:cd:
5c:d9:19:f6:e2:df:ed:37:c0:2b:82:f1:e9:45:77:2b:f4:58:
ba:6a:16:4f:b9:af:f7:52:00:8e:90:f7:49:4d:78:68:22:bc:
59:e7:83:dd:31:ea:ef:1d:d0:e8:61:c0:90:eb:55:51:1c:72:
b8:29:c0:51:0f:d8:23:4a:85:66:51:5b:f4:6d:08:ab:28:3a:
b9:c0:2b:84:9a:34:85:30:d1:0b:dc:0e:91:af:ab:b3:e1:13:
fe:bc:1c:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJlnBxlYIR0diGeWGeCJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZGNlODcwZTQ3M2MzNTQyNzNlODljNWU0ZTJlZDNlMGMw
NjkzNTYwHhcNMjUxMTExMDkwMTQ3WhcNMjUxMTEyMDkwMTQ3WjAzMTEwLwYDVQQD
EyhhYjIzYjg1NDM5NGU2NGJiNzE4MWI1YzAxOTlkZWViNzc1ZGIwZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuRyxpZwJQeECl2chhi923iyYq4A
IPVgol/Xm3LXT6bvVgWoab/iwTqyBz0EEHO3S81XHRQTUMb4PGryuHXuYFand4Pe
vN5gLDUwlWjk2NqrsLWLFrdB5VK6xem91vcumGDACqGzfU7DOQIZhCXZ6tFwQk4O
YzOGdbZLeumKjUw10ZeNg7XPEM/G7BklR8I/JGJ3fWQ5muOQnUql74lA+ahV1UIM
M4c4J+8AH7uEywufdTxWKZivrmiN+zKDqO9OAkX7VSjOunjnMItu0qmjhRxlUydA
BKbtlaHWipLHmA7F8SvDVQaXwdd1KZzp1GBs/wz0vCcgOKMz7/CDyNp+FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKsjuFQ5TmS7cYG1wBmd7rd12w5MMB8GA1UdIwQY
MBaAFNLc6HDkc8NUJz6JxeTi7T4MBpNWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8xMTNmNWYtYmU1OC00NzhjLTkwMzAt
MzJkODBkOGQxNjE1LzEvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8xMTNmNWYtYmU1OC00NzhjLTkwMzAtMzJkODBkOGQxNjE1
LzEvMHR6b2NPUnp3MVFuUG9uRjVPTHRQZ3dHazFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMyhj5g4u
FjPgL1KrAVRS0qpQYQdAal/hdAn1hFz7KDzoyBdC0qZVBFjIjOB2oc2KBEg3OrVU
XA3BXl7ANJ74ysJ04STi7sakewsle9+P8tfN9Qxd3+P9N729uy2RdLfSfsnC6R5Z
Pc8EeWGf1w4Vn+5JZ14vE9KFyfeCUBywrHKbFTeziXJaC1o+xWaQ3YC6S5v2q+Um
ItMqqEbn5lI08p3NXNkZ9uLf7TfAK4Lx6UV3K/RYumoWT7mv91IAjpD3SU14aCK8
WeeD3THq7x3Q6GHAkOtVURxyuCnAUQ/YI0qFZlFb9G0Iqyg6ucArhJo0hTDRC9wO
ka+rs+ET/rwcBA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:33 2025 by rpki-client