Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
File: t1ELZRv73wnISGqBNiAABb77SX0.mft (raw, json)
Hash identifier: B7w0Vajm1VYeTr/2yADr3TzU95lbR/YCresmpTPGZr4=
Subject key identifier: 30:F6:44:F2:F2:FC:BA:32:5B:6E:64:A2:2F:C5:94:D3:80:EB:4A:AA
Authority key identifier: B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
Certificate issuer: /CN=b7510b651bfbdf09c8486a8136200005befb497d
Certificate serial: 019A7112D286B9EC6950BB76CA76092AFF1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
Manifest number: 0D9E
Signing time: Tue 11 Nov 2025 04:00:49 +0000
Manifest this update: Tue 11 Nov 2025 04:00:49 +0000
Manifest next update: Wed 12 Nov 2025 04:00:49 +0000
Files and hashes: 1: Jiow1t-Pk1ZOtI6Aqeh1RaSW3p4.roa (hash: DYR6jlP51Fl43ZL0B6qnJrGHJROyqbTA9KSRORts0Uo=)
2: t1ELZRv73wnISGqBNiAABb77SX0.crl (hash: KCm9zxyxbp3c7CWdhRfiDrO5FdiBP37CDYYTqBVYovQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:d2:86:b9:ec:69:50:bb:76:ca:76:09:2a:ff:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7510b651bfbdf09c8486a8136200005befb497d
Validity
Not Before: Nov 11 04:00:49 2025 GMT
Not After : Nov 12 04:00:49 2025 GMT
Subject: CN=30f644f2f2fcba325b6e64a22fc594d380eb4aaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a7:38:e4:d3:e5:fb:36:33:4a:a4:ad:ee:6b:
33:1f:29:ed:cf:43:a7:ce:36:f8:85:3c:62:af:8e:
94:0f:da:48:9a:c0:ae:2e:93:22:f3:e6:fe:da:54:
08:5b:82:83:ad:96:34:bb:28:96:cc:ef:3f:c4:76:
2c:70:c2:5e:90:83:a8:d8:7f:4d:38:c1:35:de:1f:
69:c4:cc:7d:bf:eb:58:ec:36:06:cd:43:bd:b0:bc:
6f:7a:8a:8c:b4:51:51:1d:59:44:6a:f4:1a:31:30:
0b:4d:01:cf:c5:1a:91:79:00:07:fc:ba:fc:07:01:
74:7e:22:bf:a6:cf:4a:f9:81:b1:72:7b:21:f0:d9:
e0:42:b0:91:bb:97:b5:71:eb:9a:0e:72:01:61:a0:
c4:be:ba:1f:55:9b:9b:56:78:cb:af:1d:94:e9:fa:
c6:8d:35:e1:43:0c:48:3e:79:88:26:84:42:e4:75:
80:2a:0f:3c:66:51:bb:70:9d:fd:19:49:72:00:f5:
c6:5f:4d:21:e8:f2:dc:cc:0c:6a:9a:0b:b8:d6:11:
a5:8c:4c:47:bf:38:44:a8:c0:af:83:9b:b2:93:b7:
a6:7a:3a:2b:0d:42:82:54:4e:76:c4:05:21:8b:0c:
f0:9a:1d:2b:39:0d:d7:b0:78:d5:8b:76:ca:1a:ce:
4c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:F6:44:F2:F2:FC:BA:32:5B:6E:64:A2:2F:C5:94:D3:80:EB:4A:AA
X509v3 Authority Key Identifier:
keyid:B7:51:0B:65:1B:FB:DF:09:C8:48:6A:81:36:20:00:05:BE:FB:49:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1ELZRv73wnISGqBNiAABb77SX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/bff1c3-0084-42bb-bcf7-2cb8877fd970/1/t1ELZRv73wnISGqBNiAABb77SX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:84:19:f1:69:a3:e7:4e:1b:70:30:6c:a7:94:f1:7a:09:21:
53:dd:b8:6c:c0:fe:82:de:81:e8:54:f3:c9:23:b5:12:aa:c3:
cd:d3:c1:0f:ef:59:ce:e9:6e:5d:35:59:23:e8:30:9e:64:ac:
ec:b4:c8:f3:e3:97:c7:0f:ae:c7:6b:83:fe:49:46:d1:70:5b:
45:fc:ec:46:ea:78:13:83:93:07:01:29:5d:53:8d:6a:2e:83:
de:d4:cf:00:df:4d:0a:79:bf:01:ad:95:44:02:f6:55:e3:db:
ae:fe:5d:e9:13:eb:1c:fe:f8:46:06:b8:fc:95:fa:34:20:6e:
47:3f:e5:24:f2:47:f3:a9:3e:e4:7d:52:3a:3f:a1:45:a0:57:
ba:18:01:6d:34:10:86:b2:9a:a1:43:f8:9e:d3:7f:40:8e:e2:
e9:89:a5:09:9f:d9:e2:a0:ac:46:76:d4:df:bc:7b:5b:99:07:
17:6e:1b:e0:6b:a9:38:af:e4:c6:0b:49:db:18:25:ee:0b:a8:
d5:68:67:7b:f4:ee:90:e1:e1:60:1d:35:a9:de:78:60:df:02:
42:03:59:5d:fb:9b:a3:01:a3:89:b9:69:f7:17:29:12:5b:01:
7a:70:d8:d7:35:9b:47:c9:82:de:0b:07:d6:3b:77:b1:52:57:
45:42:11:60
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEtKGuexpULt2ynYJKv8dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTEwYjY1MWJmYmRmMDljODQ4NmE4MTM2MjAwMDA1YmVm
YjQ5N2QwHhcNMjUxMTExMDQwMDQ5WhcNMjUxMTEyMDQwMDQ5WjAzMTEwLwYDVQQD
EygzMGY2NDRmMmYyZmNiYTMyNWI2ZTY0YTIyZmM1OTRkMzgwZWI0YWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ac45NPl+zYzSqSt7mszHyntz0On
zjb4hTxir46UD9pImsCuLpMi8+b+2lQIW4KDrZY0uyiWzO8/xHYscMJekIOo2H9N
OME13h9pxMx9v+tY7DYGzUO9sLxveoqMtFFRHVlEavQaMTALTQHPxRqReQAH/Lr8
BwF0fiK/ps9K+YGxcnsh8NngQrCRu5e1ceuaDnIBYaDEvrofVZubVnjLrx2U6frG
jTXhQwxIPnmIJoRC5HWAKg88ZlG7cJ39GUlyAPXGX00h6PLczAxqmgu41hGljExH
vzhEqMCvg5uyk7emejorDUKCVE52xAUhiwzwmh0rOQ3XsHjVi3bKGs5MpwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDD2RPLy/LoyW25koi/FlNOA60qqMB8GA1UdIwQY
MBaAFLdRC2Ub+98JyEhqgTYgAAW++0l9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjct
MmNiODg3N2ZkOTcwLzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9iZmYxYzMtMDA4NC00MmJiLWJjZjctMmNiODg3N2ZkOTcw
LzEvdDFFTFpSdjczd25JU0dxQk5pQUFCYjc3U1gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIYQZ8Wmj
504bcDBsp5TxegkhU924bMD+gt6B6FTzySO1EqrDzdPBD+9ZzuluXTVZI+gwnmSs
7LTI8+OXxw+ux2uD/klG0XBbRfzsRup4E4OTBwEpXVONai6D3tTPAN9NCnm/Aa2V
RAL2VePbrv5d6RPrHP74Rga4/JX6NCBuRz/lJPJH86k+5H1SOj+hRaBXuhgBbTQQ
hrKaoUP4ntN/QI7i6YmlCZ/Z4qCsRnbU37x7W5kHF24b4GupOK/kxgtJ2xgl7guo
1Whne/TukOHhYB01qd54YN8CQgNZXfubowGjiblp9xcpElsBenDY1zWbR8mC3gsH
1jt3sVJXRUIRYA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:39:10 2025 by rpki-client