Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.mft
File: gnMTJHxIb-Q0gzwJCHoAqQAwGEA.mft (raw, json)
Hash identifier: NClS03cdzRpce2Gp5+4XoMyKgQAADvOm7sXbyOdZU5o=
Subject key identifier: 40:62:18:B6:E0:62:8C:EB:F5:14:85:DD:C8:1F:27:11:0E:25:02:02
Authority key identifier: 82:73:13:24:7C:48:6F:E4:34:83:3C:09:08:7A:00:A9:00:30:18:40
Certificate issuer: /CN=827313247c486fe434833c09087a00a900301840
Certificate serial: 019A71B8E47A55B8E4696D5D24856F78ED70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:02:13 +0000
Manifest this update: Tue 11 Nov 2025 07:02:13 +0000
Manifest next update: Wed 12 Nov 2025 07:02:13 +0000
Files and hashes: 1: 7G9OAa8ebUxYvLbiABAZAGXs6yI.roa (hash: Q8FJVCv7ZP8KepVRkOgfjY1xOHET+UVMaI0qQvaXpcQ=)
2: gnMTJHxIb-Q0gzwJCHoAqQAwGEA.crl (hash: clgNyKLhWA8f+kbzzz/1uzpK3YhjEC3BbFN0hHcWGK8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:e4:7a:55:b8:e4:69:6d:5d:24:85:6f:78:ed:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827313247c486fe434833c09087a00a900301840
Validity
Not Before: Nov 11 07:02:13 2025 GMT
Not After : Nov 12 07:02:13 2025 GMT
Subject: CN=406218b6e0628cebf51485ddc81f27110e250202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:22:19:e6:5a:71:4e:ff:18:b2:77:68:55:
db:fa:bb:8c:fb:8f:ef:d7:5d:b8:9c:c0:e3:73:58:
63:e1:04:a3:7f:68:cf:8d:94:4a:47:28:62:23:a7:
64:3c:c7:80:8f:c8:e1:3b:5d:6c:97:e7:e6:bf:73:
92:70:aa:84:eb:de:ec:3c:d9:2f:f9:8c:3b:15:92:
74:67:16:33:3a:67:ce:30:bb:74:10:0e:3c:a3:67:
1f:c9:1c:8d:62:74:c4:c7:63:b0:5c:9e:64:2b:c2:
52:cf:6b:5c:69:08:44:0e:b6:1d:a1:a4:e0:ed:4b:
4b:7b:a8:fe:37:4a:a4:e2:04:15:51:17:92:bc:5e:
91:dc:24:e9:61:70:66:31:0d:7f:9e:9d:f7:e2:3e:
16:6c:7f:9c:13:56:38:06:24:7d:65:a0:6e:c8:4b:
e8:38:22:8e:f0:ee:b3:5b:40:63:ad:77:cd:9e:d1:
8e:a8:8b:9b:e6:0a:00:86:60:4c:2d:be:d8:23:26:
24:f1:2b:ac:60:0d:d2:86:06:69:5b:23:fe:79:28:
e2:4d:36:4b:00:35:1b:7c:10:54:1b:e4:7f:3c:0f:
eb:fe:15:e3:5b:93:93:b9:b7:6f:9d:27:cf:93:8b:
31:ba:a2:c0:7d:53:35:97:17:8f:2a:b4:49:4b:cc:
96:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:62:18:B6:E0:62:8C:EB:F5:14:85:DD:C8:1F:27:11:0E:25:02:02
X509v3 Authority Key Identifier:
keyid:82:73:13:24:7C:48:6F:E4:34:83:3C:09:08:7A:00:A9:00:30:18:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/85b043-36d8-4136-9835-8d477259839b/1/gnMTJHxIb-Q0gzwJCHoAqQAwGEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5f:6b:34:e4:c8:49:de:5c:0d:cb:54:13:35:9a:83:85:e2:99:
cb:f9:81:8c:ff:5f:ab:28:77:84:e7:df:89:3f:29:8a:a3:74:
44:43:ba:30:f8:e2:47:8c:d4:54:e4:b4:ad:8c:4f:27:3f:e3:
dd:ac:72:69:3b:60:db:8e:01:78:7e:af:fd:88:c2:90:69:d8:
f8:a8:78:99:3c:49:b4:62:7e:2f:e7:58:92:66:f9:79:db:18:
c2:d2:5a:89:4b:35:df:4b:c7:ff:34:52:58:1c:68:5b:0d:99:
eb:fe:2d:bc:93:26:40:f0:af:09:8a:f9:d4:b4:7a:b4:f3:45:
03:9c:1b:be:81:42:9b:f4:6b:b6:a1:3c:18:06:09:6a:9e:45:
e5:ef:01:a9:d0:11:2e:83:b2:e6:1e:f6:65:3a:55:42:cf:1e:
82:a6:1f:c9:5d:57:c2:ce:ad:b0:b6:2c:51:2d:e1:72:53:50:
61:a2:7f:86:6c:12:ea:dd:b9:0d:47:94:e7:03:97:54:2e:e1:
cb:0c:b4:0e:97:bc:ac:19:4b:39:8d:18:11:15:f1:0a:8b:1e:
7e:39:09:3a:ed:c3:9f:d0:8c:50:a7:4a:fb:3b:b7:14:07:03:
fc:d5:04:18:80:04:3f:e1:1a:9b:c0:d3:95:e1:99:aa:91:0b:
18:93:2e:85
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuOR6VbjkaW1dJIVveO1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzMxMzI0N2M0ODZmZTQzNDgzM2MwOTA4N2EwMGE5MDAz
MDE4NDAwHhcNMjUxMTExMDcwMjEzWhcNMjUxMTEyMDcwMjEzWjAzMTEwLwYDVQQD
Eyg0MDYyMThiNmUwNjI4Y2ViZjUxNDg1ZGRjODFmMjcxMTBlMjUwMjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWQiGeZacU7/GLJ3aFXb+ruM+4/v
1124nMDjc1hj4QSjf2jPjZRKRyhiI6dkPMeAj8jhO11sl+fmv3OScKqE697sPNkv
+Yw7FZJ0ZxYzOmfOMLt0EA48o2cfyRyNYnTEx2OwXJ5kK8JSz2tcaQhEDrYdoaTg
7UtLe6j+N0qk4gQVUReSvF6R3CTpYXBmMQ1/np334j4WbH+cE1Y4BiR9ZaBuyEvo
OCKO8O6zW0BjrXfNntGOqIub5goAhmBMLb7YIyYk8SusYA3ShgZpWyP+eSjiTTZL
ADUbfBBUG+R/PA/r/hXjW5OTubdvnSfPk4sxuqLAfVM1lxePKrRJS8yWnQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEBiGLbgYozr9RSF3cgfJxEOJQICMB8GA1UdIwQY
MBaAFIJzEyR8SG/kNIM8CQh6AKkAMBhAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25NVEpIeEliLVEwZ3p3SkNIb0FxUUF3R0VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC84NWIwNDMtMzZkOC00MTM2LTk4MzUt
OGQ0NzcyNTk4MzliLzEvZ25NVEpIeEliLVEwZ3p3SkNIb0FxUUF3R0VBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC84NWIwNDMtMzZkOC00MTM2LTk4MzUtOGQ0NzcyNTk4Mzli
LzEvZ25NVEpIeEliLVEwZ3p3SkNIb0FxUUF3R0VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2s05MhJ
3lwNy1QTNZqDheKZy/mBjP9fqyh3hOffiT8piqN0REO6MPjiR4zUVOS0rYxPJz/j
3axyaTtg244BeH6v/YjCkGnY+Kh4mTxJtGJ+L+dYkmb5edsYwtJaiUs130vH/zRS
WBxoWw2Z6/4tvJMmQPCvCYr51LR6tPNFA5wbvoFCm/RrtqE8GAYJap5F5e8BqdAR
LoOy5h72ZTpVQs8egqYfyV1Xws6tsLYsUS3hclNQYaJ/hmwS6t25DUeU5wOXVC7h
ywy0Dpe8rBlLOY0YERXxCosefjkJOu3Dn9CMUKdK+zu3FAcD/NUEGIAEP+Eam8DT
leGZqpELGJMuhQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:45 2025 by rpki-client