Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/b1ab1b-0e95-4c3c-8768-903d083496e5/1/elmlzGH-vbkW1GJLvowQiXNTsME.mft
File: elmlzGH-vbkW1GJLvowQiXNTsME.mft (raw, json)
Hash identifier: JKDPfmxMuvNBJkgnh4mVO1oRfqgEj6i40T3ur0S3bzc=
Subject key identifier: 4C:2C:0D:19:A2:E6:3A:94:41:E6:60:B0:3C:AC:C9:A1:E7:3B:DD:C9
Authority key identifier: 7A:59:A5:CC:61:FE:BD:B9:16:D4:62:4B:BE:8C:10:89:73:53:B0:C1
Certificate issuer: /CN=7a59a5cc61febdb916d4624bbe8c10897353b0c1
Certificate serial: 019A71B9675E85D8803D0541A6DFA960A1F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/elmlzGH-vbkW1GJLvowQiXNTsME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/b1ab1b-0e95-4c3c-8768-903d083496e5/1/elmlzGH-vbkW1GJLvowQiXNTsME.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 07:02:47 +0000
Manifest this update: Tue 11 Nov 2025 07:02:47 +0000
Manifest next update: Wed 12 Nov 2025 07:02:47 +0000
Files and hashes: 1: DhgKv9EWttCPWimr0cMYdix-VFM.roa (hash: jt6Z6pHhL+jbqX5CBAxAInUF4d0Kgk2CfxAQbj8DhrM=)
2: elmlzGH-vbkW1GJLvowQiXNTsME.crl (hash: XRNXdugaEda8irkE5ZWBJeT8zYHFARBomIjUE/B30KU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/b1ab1b-0e95-4c3c-8768-903d083496e5/1/elmlzGH-vbkW1GJLvowQiXNTsME.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/b1ab1b-0e95-4c3c-8768-903d083496e5/1/elmlzGH-vbkW1GJLvowQiXNTsME.mft
rsync://rpki.ripe.net/repository/DEFAULT/elmlzGH-vbkW1GJLvowQiXNTsME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:67:5e:85:d8:80:3d:05:41:a6:df:a9:60:a1:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a59a5cc61febdb916d4624bbe8c10897353b0c1
Validity
Not Before: Nov 11 07:02:47 2025 GMT
Not After : Nov 12 07:02:47 2025 GMT
Subject: CN=4c2c0d19a2e63a9441e660b03cacc9a1e73bddc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:51:6f:7e:91:0e:d2:98:e3:ee:50:00:57:ef:
ad:f4:a8:fd:be:af:b0:e2:a1:ca:e9:7a:d5:9d:48:
31:4d:6d:3e:b0:84:de:ec:6d:96:3e:18:67:11:3d:
07:02:a0:98:56:23:10:5a:2c:3b:68:0a:59:ca:63:
24:da:53:f8:c4:0b:d5:2c:03:1f:8a:78:60:60:6d:
11:50:22:fd:c8:5d:c6:2e:f2:a1:d1:2d:8d:69:d8:
a7:e4:7c:4c:de:47:26:b3:c8:64:26:cd:19:cf:79:
f4:9f:44:25:85:35:f3:b1:ee:a1:70:26:6f:a8:67:
f5:69:de:f0:af:e8:4a:80:2c:29:93:12:be:26:94:
46:bf:45:b7:ed:16:f5:36:d0:21:e0:40:c8:66:a4:
d8:63:91:35:bd:97:04:4a:31:d1:59:4b:3d:2b:cb:
97:17:5c:50:84:d4:66:e0:70:9b:cf:f3:c9:25:f0:
4e:a5:1d:7a:c2:5f:d4:23:fd:6d:d9:11:6d:d9:26:
42:08:0e:42:53:e2:c2:ac:61:a2:0c:15:77:9a:f5:
28:1e:e2:f4:4d:ea:7f:94:03:24:56:a2:c1:2a:9a:
0b:8e:6c:b0:ca:f6:fa:91:37:1a:b7:51:b4:e2:09:
8b:fd:b7:31:a3:6c:e3:a1:23:53:ad:e3:9d:43:93:
fc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:2C:0D:19:A2:E6:3A:94:41:E6:60:B0:3C:AC:C9:A1:E7:3B:DD:C9
X509v3 Authority Key Identifier:
keyid:7A:59:A5:CC:61:FE:BD:B9:16:D4:62:4B:BE:8C:10:89:73:53:B0:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/elmlzGH-vbkW1GJLvowQiXNTsME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/b1ab1b-0e95-4c3c-8768-903d083496e5/1/elmlzGH-vbkW1GJLvowQiXNTsME.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/b1ab1b-0e95-4c3c-8768-903d083496e5/1/elmlzGH-vbkW1GJLvowQiXNTsME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5c:1b:ad:a7:1c:3c:1a:81:ff:c8:7a:60:bf:d1:23:66:40:6c:
a7:fd:b0:b3:49:12:9d:f1:04:0f:53:6c:a6:a5:6c:c1:c2:d0:
7f:5d:dd:a2:8c:76:76:6f:eb:42:84:e6:fb:4c:eb:e4:12:da:
97:66:f9:ca:85:ed:55:d4:de:b9:12:55:50:a2:31:56:5c:6b:
6e:a4:7c:83:00:fc:18:61:94:ad:2c:35:d1:ac:a3:cd:f8:a4:
22:e9:20:b2:a4:b4:19:b8:3b:fe:c1:97:c9:b8:55:5c:02:90:
69:13:33:0d:9e:2d:50:79:df:84:c7:90:ba:00:a2:0e:30:88:
0e:79:ee:53:db:de:2e:f3:55:98:b5:94:f1:3c:64:21:c8:11:
1c:5c:ba:d0:40:3f:4a:ec:3c:f2:5c:88:09:05:fe:4c:a5:7b:
2c:b8:f2:ba:14:e5:48:23:46:96:f3:52:2a:de:0a:a9:c7:01:
8a:7b:95:37:f0:44:73:dd:31:7e:7d:2e:ae:eb:18:4e:12:8b:
ca:6a:54:02:3b:2a:86:b6:76:54:47:50:64:cb:b7:03:b2:db:
13:b9:bb:40:0c:88:d3:23:8f:0c:39:83:64:8f:db:86:0a:1c:
86:be:af:f8:93:a7:a1:92:ea:53:93:8b:b2:50:b4:ac:ad:4e:
c2:25:81:5d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuWdehdiAPQVBpt+pYKH0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNTlhNWNjNjFmZWJkYjkxNmQ0NjI0YmJlOGMxMDg5NzM1
M2IwYzEwHhcNMjUxMTExMDcwMjQ3WhcNMjUxMTEyMDcwMjQ3WjAzMTEwLwYDVQQD
Eyg0YzJjMGQxOWEyZTYzYTk0NDFlNjYwYjAzY2FjYzlhMWU3M2JkZGM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVFvfpEO0pjj7lAAV++t9Kj9vq+w
4qHK6XrVnUgxTW0+sITe7G2WPhhnET0HAqCYViMQWiw7aApZymMk2lP4xAvVLAMf
inhgYG0RUCL9yF3GLvKh0S2Nadin5HxM3kcms8hkJs0Zz3n0n0QlhTXzse6hcCZv
qGf1ad7wr+hKgCwpkxK+JpRGv0W37Rb1NtAh4EDIZqTYY5E1vZcESjHRWUs9K8uX
F1xQhNRm4HCbz/PJJfBOpR16wl/UI/1t2RFt2SZCCA5CU+LCrGGiDBV3mvUoHuL0
Tep/lAMkVqLBKpoLjmywyvb6kTcat1G04gmL/bcxo2zjoSNTreOdQ5P8rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEwsDRmi5jqUQeZgsDysyaHnO93JMB8GA1UdIwQY
MBaAFHpZpcxh/r25FtRiS76MEIlzU7DBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWxtbHpHSC12YmtXMUdKTHZvd1FpWE5Uc01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi9iMWFiMWItMGU5NS00YzNjLTg3Njgt
OTAzZDA4MzQ5NmU1LzEvZWxtbHpHSC12YmtXMUdKTHZvd1FpWE5Uc01FLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi9iMWFiMWItMGU5NS00YzNjLTg3NjgtOTAzZDA4MzQ5NmU1
LzEvZWxtbHpHSC12YmtXMUdKTHZvd1FpWE5Uc01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXButpxw8
GoH/yHpgv9EjZkBsp/2ws0kSnfEED1NspqVswcLQf13doox2dm/rQoTm+0zr5BLa
l2b5yoXtVdTeuRJVUKIxVlxrbqR8gwD8GGGUrSw10ayjzfikIukgsqS0Gbg7/sGX
ybhVXAKQaRMzDZ4tUHnfhMeQugCiDjCIDnnuU9veLvNVmLWU8TxkIcgRHFy60EA/
Suw88lyICQX+TKV7LLjyuhTlSCNGlvNSKt4KqccBinuVN/BEc90xfn0urusYThKL
ympUAjsqhrZ2VEdQZMu3A7LbE7m7QAyI0yOPDDmDZI/bhgochr6v+JOnoZLqU5OL
slC0rK1OwiWBXQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:18:55 2025 by rpki-client