Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
File: Dj8xyerObwpezNuN8rAcc1FWhoY.mft (raw, json)
Hash identifier: PtWo1XI1HmqiNUxy8jNcZv7Gl3rOVh4Cq7Frgg/Jvfc=
Subject key identifier: 90:53:B5:CD:26:49:45:98:E1:C6:B9:61:65:3C:35:CF:C5:42:B6:AD
Authority key identifier: 0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86
Certificate issuer: /CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
Certificate serial: 019A733891039C72F1EA312486667BD1AC88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
Manifest number: 16DA
Signing time: Tue 11 Nov 2025 14:01:18 +0000
Manifest this update: Tue 11 Nov 2025 14:01:18 +0000
Manifest next update: Wed 12 Nov 2025 14:01:18 +0000
Files and hashes: 1: Dj8xyerObwpezNuN8rAcc1FWhoY.crl (hash: 7nXDVGEUKBK0ferNTRWvG+5d1h+W9raUSt/Apyl0miY=)
2: J3l5rSoC85N4xAXm2HxvLusDt_A.roa (hash: jgHAZqarPBwPQhS0mFPS0Zo6XKz3AtLQwgXQdr9WvR4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:91:03:9c:72:f1:ea:31:24:86:66:7b:d1:ac:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e3f31c9eace6f0a5eccdb8df2b01c7351568686
Validity
Not Before: Nov 11 14:01:18 2025 GMT
Not After : Nov 12 14:01:18 2025 GMT
Subject: CN=9053b5cd26494598e1c6b961653c35cfc542b6ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:de:34:57:fa:d5:cd:56:15:52:9d:fe:27:9c:
f1:f0:a6:48:3c:5e:46:fa:d9:25:e7:dc:f5:2e:c9:
78:6a:cd:e9:2c:0a:42:0d:ab:37:41:a7:8b:43:ea:
4c:7e:cb:c7:e7:f5:f8:01:0f:86:e0:46:03:05:6d:
c8:f1:5f:75:6e:6c:b6:52:cb:f7:a6:9b:15:d3:a1:
a7:06:bc:d4:50:aa:40:ce:84:5e:58:fc:c5:51:4a:
c8:24:9f:eb:ca:79:32:60:a2:10:72:87:ab:59:ba:
16:45:a6:94:a7:a1:68:af:af:2a:2c:d9:2c:bf:34:
f3:30:75:e3:65:5f:65:e9:bf:6c:b7:78:d9:87:b5:
46:24:a4:31:5c:9f:e4:c8:06:f2:59:2e:45:e1:3b:
22:8d:79:ed:b9:1d:93:01:58:1e:3b:80:5b:4f:bd:
ab:c7:d9:ab:f9:6a:79:29:3e:83:bf:5d:eb:02:d3:
9b:fc:37:a4:c5:de:14:98:c8:4c:f2:71:da:81:9d:
fb:8c:be:11:76:58:7b:1f:24:0e:e8:6e:86:f8:68:
e9:42:c4:ae:53:30:ac:b2:0c:e9:b8:4d:78:a7:5b:
a7:3b:11:0d:c3:0d:ff:39:4b:c3:6f:0c:db:c7:d8:
66:39:ad:a5:6c:d0:0b:95:14:55:ce:83:26:9c:c5:
8b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:53:B5:CD:26:49:45:98:E1:C6:B9:61:65:3C:35:CF:C5:42:B6:AD
X509v3 Authority Key Identifier:
keyid:0E:3F:31:C9:EA:CE:6F:0A:5E:CC:DB:8D:F2:B0:1C:73:51:56:86:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dj8xyerObwpezNuN8rAcc1FWhoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/a6dda1-1b87-4ec3-938f-dd5ddd05db0b/1/Dj8xyerObwpezNuN8rAcc1FWhoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b8:87:96:64:73:c6:47:06:1d:9e:da:08:5f:c3:4a:70:7a:61:
99:64:34:87:bf:b0:6f:a1:e1:9f:0c:1c:e1:10:10:e8:46:b2:
9e:79:04:d0:83:8f:5e:a3:2a:ad:62:9f:0d:28:71:74:a4:90:
0c:9d:52:2b:cf:2d:0f:07:91:76:84:af:9d:c3:4f:f3:ae:f3:
ad:27:20:b1:4f:4d:c0:6a:64:74:d8:80:e7:ee:31:e9:50:23:
66:e5:44:19:7a:c6:5d:e4:5f:1a:f5:e3:2a:f0:2c:cd:54:f3:
fb:89:8f:77:8f:68:ab:82:3b:f2:7c:6e:6a:5c:da:ec:1e:06:
64:13:24:0a:44:c9:7f:b3:66:c8:ba:cc:1f:76:65:9c:3e:aa:
6d:55:3e:2d:de:f7:65:13:25:31:79:51:ec:87:2b:d6:0b:56:
e2:87:d5:3e:80:61:76:ad:09:2b:f9:29:9a:dd:c9:79:eb:8e:
68:e1:07:1e:41:86:b1:27:28:45:73:bb:e8:3b:1f:3c:1f:95:
69:56:dc:e3:e7:02:ef:94:d3:4f:b5:75:85:04:f9:cb:03:ed:
d0:1f:46:e6:1b:02:10:24:be:c1:93:7b:9b:b3:5c:81:c2:1a:
e7:eb:ca:3e:fc:44:65:34:79:6e:21:58:10:ce:30:0f:9d:fb:
e9:98:1e:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzOJEDnHLx6jEkhmZ70ayIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlM2YzMWM5ZWFjZTZmMGE1ZWNjZGI4ZGYyYjAxYzczNTE1
Njg2ODYwHhcNMjUxMTExMTQwMTE4WhcNMjUxMTEyMTQwMTE4WjAzMTEwLwYDVQQD
Eyg5MDUzYjVjZDI2NDk0NTk4ZTFjNmI5NjE2NTNjMzVjZmM1NDJiNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt40V/rVzVYVUp3+J5zx8KZIPF5G
+tkl59z1Lsl4as3pLApCDas3QaeLQ+pMfsvH5/X4AQ+G4EYDBW3I8V91bmy2Usv3
ppsV06GnBrzUUKpAzoReWPzFUUrIJJ/rynkyYKIQcoerWboWRaaUp6For68qLNks
vzTzMHXjZV9l6b9st3jZh7VGJKQxXJ/kyAbyWS5F4TsijXntuR2TAVgeO4BbT72r
x9mr+Wp5KT6Dv13rAtOb/Dekxd4UmMhM8nHagZ37jL4Rdlh7HyQO6G6G+GjpQsSu
UzCssgzpuE14p1unOxENww3/OUvDbwzbx9hmOa2lbNALlRRVzoMmnMWLfQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJBTtc0mSUWY4ca5YWU8Nc/FQratMB8GA1UdIwQY
MBaAFA4/Mcnqzm8KXszbjfKwHHNRVoaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYt
ZGQ1ZGRkMDVkYjBiLzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9hNmRkYTEtMWI4Ny00ZWMzLTkzOGYtZGQ1ZGRkMDVkYjBi
LzEvRGo4eHllck9id3Blek51TjhyQWNjMUZXaG9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuIeWZHPG
RwYdntoIX8NKcHphmWQ0h7+wb6Hhnwwc4RAQ6EaynnkE0IOPXqMqrWKfDShxdKSQ
DJ1SK88tDweRdoSvncNP867zrScgsU9NwGpkdNiA5+4x6VAjZuVEGXrGXeRfGvXj
KvAszVTz+4mPd49oq4I78nxualza7B4GZBMkCkTJf7NmyLrMH3ZlnD6qbVU+Ld73
ZRMlMXlR7Icr1gtW4ofVPoBhdq0JK/kpmt3JeeuOaOEHHkGGsScoRXO76DsfPB+V
aVbc4+cC75TTT7V1hQT5ywPt0B9G5hsCECS+wZN7m7NcgcIa5+vKPvxEZTR5biFY
EM4wD5376Zgegg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:56:32 2025 by rpki-client