Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
File: DyKg7jvG4y2JLt3iV8u3mRefLNY.mft (raw, json)
Hash identifier: nP/DV2O+PapfnRMPadFsjGHVwOyne0Y06iXuYdMerSk=
Subject key identifier: 52:55:C8:D5:FF:90:C3:4D:0B:92:7A:8F:FF:8C:E9:FD:F8:88:22:5D
Authority key identifier: 0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
Certificate issuer: /CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Certificate serial: 019A714A0FDDF2C023A27A9F04B74BFA7B91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
Manifest number: 0889
Signing time: Tue 11 Nov 2025 05:01:10 +0000
Manifest this update: Tue 11 Nov 2025 05:01:10 +0000
Manifest next update: Wed 12 Nov 2025 05:01:10 +0000
Files and hashes: 1: 3ybDPKiA0wDv8fgYqqJjrGlrgZo.roa (hash: Lzgk9VM3/0+YuHabQnt8dL/9QNx4stqWd1uOafztoy0=)
2: DyKg7jvG4y2JLt3iV8u3mRefLNY.crl (hash: rKBU0g9AYf4vbQe/aEyejgtkUhAVDfM5vRDh6KuWnUM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:4a:0f:dd:f2:c0:23:a2:7a:9f:04:b7:4b:fa:7b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f22a0ee3bc6e32d892edde257cbb799179f2cd6
Validity
Not Before: Nov 11 05:01:10 2025 GMT
Not After : Nov 12 05:01:10 2025 GMT
Subject: CN=5255c8d5ff90c34d0b927a8fff8ce9fdf888225d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ae:8f:70:9a:0c:80:d1:92:5e:0a:a2:a1:e9:
a9:45:b6:8b:3f:aa:c0:3c:c3:8a:b9:c9:ab:27:0f:
5e:b4:31:05:c6:87:46:4d:cf:25:8c:72:8a:2a:f3:
67:bb:96:9c:27:5a:fe:36:1f:fa:46:6c:b5:4a:59:
de:6a:56:7e:cb:78:18:0b:dc:03:35:46:f9:cd:ab:
7f:e0:76:1f:ad:fc:51:74:4b:fb:c8:44:ac:3a:d2:
6e:d5:b1:54:59:83:64:dd:87:ee:86:15:e5:08:4d:
00:32:c0:85:39:02:ac:66:e3:01:3c:14:ba:3d:d6:
33:d5:07:a9:84:2d:dd:7d:ee:35:30:f8:f4:a2:d6:
23:93:d0:de:95:8e:9d:ab:42:e6:33:ac:e8:4a:f6:
ad:7b:fe:73:3f:b4:18:f4:8e:ef:5e:a0:d5:77:37:
5f:03:38:4c:74:78:15:f4:e5:e7:c3:90:96:26:9b:
60:4b:ae:65:12:b1:8f:7f:ad:23:36:ce:0d:d8:b9:
7c:36:9b:df:47:7a:92:b4:23:11:34:79:1a:06:9b:
2b:23:6c:a9:08:49:d3:02:7d:87:4b:d3:08:7c:79:
6c:8e:91:f2:22:85:27:7b:86:ec:27:22:30:1e:03:
11:f5:c0:4e:e5:3b:00:b4:86:45:1d:7f:07:6d:60:
79:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:55:C8:D5:FF:90:C3:4D:0B:92:7A:8F:FF:8C:E9:FD:F8:88:22:5D
X509v3 Authority Key Identifier:
keyid:0F:22:A0:EE:3B:C6:E3:2D:89:2E:DD:E2:57:CB:B7:99:17:9F:2C:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DyKg7jvG4y2JLt3iV8u3mRefLNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/3084de-b159-4e54-9ed7-42d67840944d/1/DyKg7jvG4y2JLt3iV8u3mRefLNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:5b:ef:36:de:e8:d6:1f:c6:c0:5f:8c:fa:a4:90:63:e1:b0:
1d:e0:92:29:1a:b1:81:51:b8:4d:cd:60:ab:dd:c3:8d:09:ce:
cd:00:1c:d0:78:aa:dd:44:9c:b4:7e:22:c5:7d:89:aa:7b:36:
e4:e4:7a:c6:0c:e0:c6:78:1c:c8:45:c9:bc:c8:26:43:5a:17:
86:0b:b0:8c:8d:3b:ff:9a:34:54:0d:5c:27:81:67:57:fa:b0:
9d:35:8a:ec:9f:51:47:fa:16:3b:31:85:20:f1:69:6d:b8:f2:
42:04:37:87:85:c7:0a:63:65:ce:02:fc:33:43:ac:7a:79:7b:
61:5f:13:67:0e:95:3b:fe:a0:8a:e5:12:31:2b:47:ca:7a:db:
1c:4a:e0:e6:11:7e:99:18:8a:85:2a:a5:72:eb:80:9d:1c:4f:
54:53:74:66:ec:a6:91:be:cf:5d:ac:e6:19:f4:a3:58:05:8b:
54:92:47:7e:91:22:74:33:58:a8:ed:d3:6c:a9:6a:db:8e:6c:
f3:ab:cc:b7:18:63:01:37:e0:b9:97:2b:bd:43:b3:4e:52:92:
16:db:80:78:d8:26:86:5f:ea:f3:d1:3c:50:58:1a:d3:96:03:
0e:ee:11:59:d5:76:1f:ce:82:38:2f:1e:0d:0b:0a:17:5d:84:
60:be:e4:da
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSg/d8sAjonqfBLdL+nuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMjJhMGVlM2JjNmUzMmQ4OTJlZGRlMjU3Y2JiNzk5MTc5
ZjJjZDYwHhcNMjUxMTExMDUwMTEwWhcNMjUxMTEyMDUwMTEwWjAzMTEwLwYDVQQD
Eyg1MjU1YzhkNWZmOTBjMzRkMGI5MjdhOGZmZjhjZTlmZGY4ODgyMjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApa6PcJoMgNGSXgqioempRbaLP6rA
PMOKucmrJw9etDEFxodGTc8ljHKKKvNnu5acJ1r+Nh/6Rmy1SlnealZ+y3gYC9wD
NUb5zat/4HYfrfxRdEv7yESsOtJu1bFUWYNk3YfuhhXlCE0AMsCFOQKsZuMBPBS6
PdYz1QephC3dfe41MPj0otYjk9DelY6dq0LmM6zoSvate/5zP7QY9I7vXqDVdzdf
AzhMdHgV9OXnw5CWJptgS65lErGPf60jNs4N2Ll8NpvfR3qStCMRNHkaBpsrI2yp
CEnTAn2HS9MIfHlsjpHyIoUne4bsJyIwHgMR9cBO5TsAtIZFHX8HbWB5JwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFJVyNX/kMNNC5J6j/+M6f34iCJdMB8GA1UdIwQY
MBaAFA8ioO47xuMtiS7d4lfLt5kXnyzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDct
NDJkNjc4NDA5NDRkLzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8zMDg0ZGUtYjE1OS00ZTU0LTllZDctNDJkNjc4NDA5NDRk
LzEvRHlLZzdqdkc0eTJKTHQzaVY4dTNtUmVmTE5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgVvvNt7o
1h/GwF+M+qSQY+GwHeCSKRqxgVG4Tc1gq93DjQnOzQAc0Hiq3USctH4ixX2Jqns2
5OR6xgzgxngcyEXJvMgmQ1oXhguwjI07/5o0VA1cJ4FnV/qwnTWK7J9RR/oWOzGF
IPFpbbjyQgQ3h4XHCmNlzgL8M0Osenl7YV8TZw6VO/6giuUSMStHynrbHErg5hF+
mRiKhSqlcuuAnRxPVFN0Zuymkb7PXazmGfSjWAWLVJJHfpEidDNYqO3TbKlq245s
86vMtxhjATfguZcrvUOzTlKSFtuAeNgmhl/q89E8UFga05YDDu4RWdV2H86COC8e
DQsKF12EYL7k2g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:40:23 2025 by rpki-client