Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.mft
File: 1O219t5yQ2FIs1pZA38jNBUN2zY.mft (raw, json)
Hash identifier: e5yruHJO2h+RapXe+lo0GkUQES2dNozXBQcijGkDu2w=
Subject key identifier: 63:B0:C2:52:7A:71:12:A1:D6:58:41:B8:D4:E3:88:89:F3:32:F6:49
Authority key identifier: D4:ED:B5:F6:DE:72:43:61:48:B3:5A:59:03:7F:23:34:15:0D:DB:36
Certificate issuer: /CN=d4edb5f6de72436148b35a59037f2334150ddb36
Certificate serial: 019A72CA8297273BC2448AACCB83FF3BD3B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1O219t5yQ2FIs1pZA38jNBUN2zY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.mft
Manifest number: 16B2
Signing time: Tue 11 Nov 2025 12:01:05 +0000
Manifest this update: Tue 11 Nov 2025 12:01:05 +0000
Manifest next update: Wed 12 Nov 2025 12:01:05 +0000
Files and hashes: 1: 1O219t5yQ2FIs1pZA38jNBUN2zY.crl (hash: 7X4r7zB9N1v28Ub7fFp78ufB73YLQwDsviPtDcyVEn4=)
2: CUxoxoHUFgCcWdXLBL1XTZtblHU.roa (hash: nuVV0ajPUp0XSEkxw4hsRxKF9YmW1aG+8tY3rAw4VUA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1O219t5yQ2FIs1pZA38jNBUN2zY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:82:97:27:3b:c2:44:8a:ac:cb:83:ff:3b:d3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4edb5f6de72436148b35a59037f2334150ddb36
Validity
Not Before: Nov 11 12:01:05 2025 GMT
Not After : Nov 12 12:01:05 2025 GMT
Subject: CN=63b0c2527a7112a1d65841b8d4e38889f332f649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f6:6d:96:38:6b:7d:94:4f:33:13:23:08:71:
a6:ea:14:a2:52:6f:75:8a:ae:58:52:3e:1c:21:e0:
d3:63:1a:cc:2f:53:e5:7c:a0:78:d0:40:8b:4e:03:
7b:d5:79:ca:09:54:18:eb:55:94:75:b5:5e:c7:9b:
08:e8:2d:cc:9d:b0:9a:6f:9e:db:7c:3c:ea:e2:84:
76:46:1e:d7:b1:46:62:45:e4:80:f3:3d:d3:85:77:
87:8c:81:f7:f3:88:15:ec:40:7f:51:ed:d8:7b:bc:
db:83:52:5c:23:93:54:29:8c:7b:b3:79:f3:4f:12:
ae:aa:74:f8:95:ce:b0:3f:8c:f1:66:c9:15:4b:25:
89:4a:e8:f9:05:87:9e:b7:84:91:56:44:31:50:60:
5c:6c:12:f2:f9:d0:8d:b8:05:d4:2c:32:1b:b2:54:
e4:3f:c6:39:77:53:4d:4e:fa:c9:41:92:8b:23:ee:
c9:92:3a:e4:d6:58:88:12:00:2b:4c:76:e8:65:5e:
d2:3d:bd:eb:22:55:ba:a1:36:f8:a6:55:c7:40:2f:
ae:5b:b0:4a:71:a8:81:93:a8:fe:4b:da:8b:5a:7a:
ed:0e:0f:10:39:8b:03:b4:de:bc:ce:48:67:84:e7:
d5:c1:28:21:b2:90:0c:c4:ad:c3:b6:4d:94:ab:03:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:B0:C2:52:7A:71:12:A1:D6:58:41:B8:D4:E3:88:89:F3:32:F6:49
X509v3 Authority Key Identifier:
keyid:D4:ED:B5:F6:DE:72:43:61:48:B3:5A:59:03:7F:23:34:15:0D:DB:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1O219t5yQ2FIs1pZA38jNBUN2zY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3a5258-989d-400b-b7b7-454c93c065a0/1/1O219t5yQ2FIs1pZA38jNBUN2zY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b4:f2:af:c5:a7:b8:9d:bd:05:a1:ea:70:72:02:c8:0b:b5:c5:
86:bb:e4:5d:9c:6a:81:9e:5e:13:77:f1:4f:c9:42:13:09:e5:
38:03:a9:ab:e1:a6:53:0e:28:d2:7f:35:5e:08:b2:71:90:4b:
12:26:19:1c:a6:04:a8:5c:aa:d9:fe:a0:f7:fa:e4:81:eb:da:
83:b8:70:6d:ca:34:e4:cf:58:55:ce:c1:9b:83:e3:f8:63:12:
2a:75:b8:8a:e8:2b:63:1f:4f:a1:a9:0e:7f:23:9c:21:8c:4f:
ea:82:33:8c:d3:14:37:6b:a0:56:b5:9d:39:c9:c1:84:5a:5d:
8d:6c:ae:90:ba:c8:62:5f:bc:05:08:87:6a:d4:c3:71:b8:97:
b9:73:19:b3:be:ca:a1:bf:33:eb:83:ff:3c:50:b5:ea:b5:12:
7f:c0:3e:f7:ea:4e:67:04:75:65:4c:9d:2a:ac:22:89:93:07:
a5:9b:f6:a1:d5:1b:86:7e:6c:b3:2c:f2:af:b1:14:52:bb:2a:
b9:e7:c7:9b:cd:de:3f:48:8f:31:23:20:76:31:9b:05:33:92:
33:a9:c5:1d:10:75:7b:02:91:5e:fb:5a:f0:6e:0f:36:ef:ee:
e1:4b:94:23:22:ad:44:7d:94:63:9d:4b:21:eb:5f:8b:c3:c6:
90:f8:fc:91
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyyoKXJzvCRIqsy4P/O9O1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZWRiNWY2ZGU3MjQzNjE0OGIzNWE1OTAzN2YyMzM0MTUw
ZGRiMzYwHhcNMjUxMTExMTIwMTA1WhcNMjUxMTEyMTIwMTA1WjAzMTEwLwYDVQQD
Eyg2M2IwYzI1MjdhNzExMmExZDY1ODQxYjhkNGUzODg4OWYzMzJmNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/ZtljhrfZRPMxMjCHGm6hSiUm91
iq5YUj4cIeDTYxrML1PlfKB40ECLTgN71XnKCVQY61WUdbVex5sI6C3MnbCab57b
fDzq4oR2Rh7XsUZiReSA8z3ThXeHjIH384gV7EB/Ue3Ye7zbg1JcI5NUKYx7s3nz
TxKuqnT4lc6wP4zxZskVSyWJSuj5BYeet4SRVkQxUGBcbBLy+dCNuAXULDIbslTk
P8Y5d1NNTvrJQZKLI+7Jkjrk1liIEgArTHboZV7SPb3rIlW6oTb4plXHQC+uW7BK
caiBk6j+S9qLWnrtDg8QOYsDtN68zkhnhOfVwSghspAMxK3Dtk2UqwNsSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGOwwlJ6cRKh1lhBuNTjiInzMvZJMB8GA1UdIwQY
MBaAFNTttfbeckNhSLNaWQN/IzQVDds2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU8yMTl0NXlRMkZJczFwWkEzOGpOQlVOMnpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zYTUyNTgtOTg5ZC00MDBiLWI3Yjct
NDU0YzkzYzA2NWEwLzEvMU8yMTl0NXlRMkZJczFwWkEzOGpOQlVOMnpZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zYTUyNTgtOTg5ZC00MDBiLWI3YjctNDU0YzkzYzA2NWEw
LzEvMU8yMTl0NXlRMkZJczFwWkEzOGpOQlVOMnpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtPKvxae4
nb0FoepwcgLIC7XFhrvkXZxqgZ5eE3fxT8lCEwnlOAOpq+GmUw4o0n81XgiycZBL
EiYZHKYEqFyq2f6g9/rkgevag7hwbco05M9YVc7Bm4Pj+GMSKnW4iugrYx9PoakO
fyOcIYxP6oIzjNMUN2ugVrWdOcnBhFpdjWyukLrIYl+8BQiHatTDcbiXuXMZs77K
ob8z64P/PFC16rUSf8A+9+pOZwR1ZUydKqwiiZMHpZv2odUbhn5ssyzyr7EUUrsq
uefHm83eP0iPMSMgdjGbBTOSM6nFHRB1ewKRXvta8G4PNu/u4UuUIyKtRH2UY51L
Ietfi8PGkPj8kQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:09 2025 by rpki-client