Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
File: D3jqRswh1F7WEmjUqfVnMsheIVA.mft (raw, json)
Hash identifier: 88ZmRHkGP9kyEnnAaPc2SljqB4OaWTjKIQV99OvtnTU=
Subject key identifier: BC:26:14:4C:0B:5F:19:C3:32:06:14:49:4E:01:BB:49:DC:8A:5C:FC
Authority key identifier: 0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50
Certificate issuer: /CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150
Certificate serial: 019A71EE6B1FC1FE488F33767235E94EF0E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 08:00:41 +0000
Manifest this update: Tue 11 Nov 2025 08:00:41 +0000
Manifest next update: Wed 12 Nov 2025 08:00:41 +0000
Files and hashes: 1: 8SQTxy_p8cY9en9UR93vjFnnH74.roa (hash: LPCNfHY24fbVR2x4GxfhYD0c8Fxi97g9FBcWFfU2h/o=)
2: D3jqRswh1F7WEmjUqfVnMsheIVA.crl (hash: 58yOvjnm56X9QLor3y82uCSSZYSMJZNM+NX4sehEyM8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:6b:1f:c1:fe:48:8f:33:76:72:35:e9:4e:f0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f78ea46cc21d45ed61268d4a9f56732c85e2150
Validity
Not Before: Nov 11 08:00:41 2025 GMT
Not After : Nov 12 08:00:41 2025 GMT
Subject: CN=bc26144c0b5f19c3320614494e01bb49dc8a5cfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a0:36:da:cf:f0:54:95:37:56:f4:ed:c2:38:
5b:96:1b:1f:71:d3:5e:72:05:cf:d8:8c:7a:9a:8a:
60:1b:74:96:b0:97:33:c7:b4:06:07:09:b6:c9:69:
35:58:40:5f:8c:e9:9f:78:c7:f5:81:cd:c0:ea:19:
31:c8:74:ef:b2:a5:bb:34:cb:c0:47:db:19:8e:f3:
f7:84:a8:d4:64:33:8a:f6:dd:93:f3:9a:52:65:4a:
7b:5e:a3:b8:22:6c:7d:be:48:56:a0:35:8d:9a:ce:
98:df:69:b3:27:bb:ad:c5:43:f0:cb:f3:59:94:73:
e6:11:90:70:3e:b0:2f:7d:92:df:ac:62:59:57:48:
b4:5f:a5:89:a4:9f:4b:17:87:ba:a3:76:5f:e9:e5:
e1:1f:97:3d:94:37:67:58:da:95:6c:6f:e0:e0:50:
53:bf:73:d9:94:ec:39:17:7e:27:fa:8e:ff:41:26:
2f:54:16:5f:ae:84:e6:30:b6:2e:d6:c4:ca:16:99:
9c:96:4f:76:42:b7:4f:4e:d4:07:1d:0b:49:ec:8a:
9a:cc:eb:4c:f5:a2:08:e9:a5:6d:c4:30:9b:fb:1b:
49:b8:d8:64:aa:d6:fa:5c:09:16:ee:19:55:c1:82:
0e:de:c5:af:69:19:a9:95:c5:82:a9:0d:7e:4b:90:
40:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:26:14:4C:0B:5F:19:C3:32:06:14:49:4E:01:BB:49:DC:8A:5C:FC
X509v3 Authority Key Identifier:
keyid:0F:78:EA:46:CC:21:D4:5E:D6:12:68:D4:A9:F5:67:32:C8:5E:21:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D3jqRswh1F7WEmjUqfVnMsheIVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/0219c1-a551-4b91-9ca3-032b3b614dd8/1/D3jqRswh1F7WEmjUqfVnMsheIVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6a:51:17:25:d7:8a:85:23:30:55:9e:75:2a:48:dd:73:7c:89:
51:e6:7e:0b:1f:3b:1a:3e:d6:9f:53:09:6b:60:3c:87:fb:c1:
14:73:4c:85:a3:fd:0e:6e:d3:2d:5e:3e:eb:36:eb:8a:70:76:
14:af:13:a5:4b:1d:7c:d3:68:53:39:b3:41:50:70:69:99:f7:
70:d9:09:2b:52:b5:a4:91:2f:22:cd:86:71:6e:e0:f5:eb:5b:
de:8e:38:aa:d8:fc:75:65:47:ac:49:42:4d:d2:2f:99:5f:30:
e2:99:34:c4:20:57:4b:7f:64:b3:bd:89:49:d0:8f:ac:50:bb:
8a:ba:02:55:49:10:72:bd:03:af:26:11:f9:f9:67:03:38:21:
1c:e2:31:bc:f9:07:c6:c6:41:cf:81:90:14:1a:af:42:b4:94:
2f:68:7a:3b:e5:a8:76:96:3f:5a:c6:a0:40:5d:ad:32:7b:14:
16:f9:bd:b4:f1:20:ba:11:05:e3:42:0d:ed:02:50:4f:65:5f:
bc:c2:5c:28:2b:2b:75:10:6c:58:f9:f4:3a:83:4c:ba:e6:b2:
d6:75:a5:f4:fe:49:35:61:c8:46:e0:76:19:5b:71:3a:98:d8:
bd:81:19:84:56:1e:88:b0:7a:c0:b3:13:91:2f:73:9c:37:16:
73:c2:de:dd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7msfwf5IjzN2cjXpTvDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNzhlYTQ2Y2MyMWQ0NWVkNjEyNjhkNGE5ZjU2NzMyYzg1
ZTIxNTAwHhcNMjUxMTExMDgwMDQxWhcNMjUxMTEyMDgwMDQxWjAzMTEwLwYDVQQD
EyhiYzI2MTQ0YzBiNWYxOWMzMzIwNjE0NDk0ZTAxYmI0OWRjOGE1Y2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6A22s/wVJU3VvTtwjhblhsfcdNe
cgXP2Ix6mopgG3SWsJczx7QGBwm2yWk1WEBfjOmfeMf1gc3A6hkxyHTvsqW7NMvA
R9sZjvP3hKjUZDOK9t2T85pSZUp7XqO4Imx9vkhWoDWNms6Y32mzJ7utxUPwy/NZ
lHPmEZBwPrAvfZLfrGJZV0i0X6WJpJ9LF4e6o3Zf6eXhH5c9lDdnWNqVbG/g4FBT
v3PZlOw5F34n+o7/QSYvVBZfroTmMLYu1sTKFpmclk92QrdPTtQHHQtJ7IqazOtM
9aII6aVtxDCb+xtJuNhkqtb6XAkW7hlVwYIO3sWvaRmplcWCqQ1+S5BAFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLwmFEwLXxnDMgYUSU4Bu0ncilz8MB8GA1UdIwQY
MBaAFA946kbMIdRe1hJo1Kn1ZzLIXiFQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMt
MDMyYjNiNjE0ZGQ4LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8wMjE5YzEtYTU1MS00YjkxLTljYTMtMDMyYjNiNjE0ZGQ4
LzEvRDNqcVJzd2gxRjdXRW1qVXFmVm5Nc2hlSVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAalEXJdeK
hSMwVZ51Kkjdc3yJUeZ+Cx87Gj7Wn1MJa2A8h/vBFHNMhaP9Dm7TLV4+6zbrinB2
FK8TpUsdfNNoUzmzQVBwaZn3cNkJK1K1pJEvIs2GcW7g9etb3o44qtj8dWVHrElC
TdIvmV8w4pk0xCBXS39ks72JSdCPrFC7iroCVUkQcr0DryYR+flnAzghHOIxvPkH
xsZBz4GQFBqvQrSUL2h6O+WodpY/WsagQF2tMnsUFvm9tPEguhEF40IN7QJQT2Vf
vMJcKCsrdRBsWPn0OoNMuuay1nWl9P5JNWHIRuB2GVtxOpjYvYEZhFYeiLB6wLMT
kS9znDcWc8Le3Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:50:26 2025 by rpki-client