Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
File: D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft (raw, json)
Hash identifier: f8mvha+zjtyNR8Po03418qNfsA5bB+JvzlhkSU/5BYM=
Subject key identifier: FB:E1:AC:9C:F0:68:B7:FD:04:DA:A4:AA:A6:46:42:05:B8:C6:11:56
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 019A2E8D647FACF9343DBECDDC5EC659A503
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
Manifest number: 14DA
Signing time: Wed 29 Oct 2025 06:00:09 +0000
Manifest this update: Wed 29 Oct 2025 06:00:09 +0000
Manifest next update: Thu 30 Oct 2025 06:00:09 +0000
Files and hashes: 1: D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl (hash: iPrAwhsX3nsLmw9+hAJ7won/81XmKwdnKM0uLRd6zwA=)
2: O_uEU5a5hFxcQ9cF5vOgcBailtI.roa (hash: am+LoRbwPcUWGmyLF541pRdLLSbuzmsIRCZ85z19J6M=)
3: _MZl5mAk0VStSl6-Iutzl1XZEmc.roa (hash: GAxNehsNlSM4VBui+WLkl0ufFvlsHnC2diPLD2P3m8s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2e:8d:64:7f:ac:f9:34:3d:be:cd:dc:5e:c6:59:a5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Oct 29 06:00:09 2025 GMT
Not After : Oct 30 06:00:09 2025 GMT
Subject: CN=fbe1ac9cf068b7fd04daa4aaa6464205b8c61156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d4:4a:40:4d:a1:e2:9d:42:76:42:e0:18:27:
e4:3a:c7:65:14:c6:5e:77:d9:4f:cc:ed:1c:a6:87:
3e:e7:08:44:6f:c8:1a:d8:58:aa:7a:af:c4:1a:f2:
f9:76:28:15:4f:28:ce:da:f6:85:4a:98:08:65:b3:
a8:c6:da:d9:4f:e0:02:23:00:13:0a:29:51:39:4e:
4c:06:46:70:18:34:f8:52:24:62:35:52:56:10:a5:
f6:2b:01:78:6d:95:13:f0:8e:56:7b:3c:c1:a3:e1:
d0:0c:a9:e7:23:1e:be:02:53:cc:c8:50:56:af:fe:
a0:b7:ff:c0:7d:92:f2:ee:93:d1:00:67:32:da:d3:
83:ba:22:ac:ab:50:36:29:8c:d9:bc:04:42:33:2a:
f9:25:2f:17:e1:e1:3a:a3:d9:d2:49:de:34:72:eb:
ca:a4:1a:7f:3f:54:e4:71:f2:f5:70:6c:17:43:78:
1f:40:db:b3:e4:ef:35:8c:44:d8:39:ae:78:e1:01:
40:8a:c4:5f:d3:12:c4:b4:4f:96:37:ca:5e:e4:a1:
dd:ac:de:97:c7:37:05:3b:1b:58:60:29:0b:0e:76:
6f:2e:70:7c:8a:30:68:e6:2e:06:e0:67:a8:06:50:
13:ea:e7:df:20:b6:6b:11:92:52:a9:94:e5:37:fc:
c8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E1:AC:9C:F0:68:B7:FD:04:DA:A4:AA:A6:46:42:05:B8:C6:11:56
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:34:b4:cb:2c:bd:9e:25:89:84:b1:a9:85:83:6d:49:bb:a9:
ac:9a:2c:16:be:1e:2d:16:1c:ac:a3:9e:d4:ee:43:0b:5b:c7:
b6:36:56:f7:51:96:c9:16:3a:b0:40:79:65:02:8d:58:bd:6c:
02:06:f5:b6:70:34:5a:f6:b9:82:87:eb:1e:aa:9a:77:a8:ee:
eb:b8:3d:03:7f:65:d1:df:35:9f:0d:1f:f1:1b:48:7f:19:13:
17:ec:2f:16:2a:6b:29:d4:c6:de:7e:ed:89:40:49:f3:9b:1c:
c2:48:dc:8f:09:e3:22:54:d1:ce:8d:06:b0:5d:35:60:7f:da:
d5:4e:5e:20:cf:3c:02:31:82:07:3c:65:d6:4c:c4:a2:cc:d3:
4c:0c:c6:38:96:39:0a:fb:15:46:52:47:28:74:e6:46:3a:a7:
22:7a:e6:ea:d1:bf:fa:c1:5c:a3:f6:a8:71:88:28:fb:46:9a:
ae:28:62:b2:bd:d4:6e:63:50:d4:e9:bb:42:28:c1:0c:36:7e:
65:23:e5:17:5f:68:2b:17:b2:db:b4:a3:81:a1:f6:fd:17:95:
53:93:a3:e4:77:7c:4c:c9:d5:10:2e:6e:d4:09:7b:06:e1:d7:
27:a2:81:38:5e:86:f8:b7:09:1c:0a:60:eb:55:28:6c:45:29:
c5:f2:87:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoujWR/rPk0Pb7N3F7GWaUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjUxMDI5MDYwMDA5WhcNMjUxMDMwMDYwMDA5WjAzMTEwLwYDVQQD
EyhmYmUxYWM5Y2YwNjhiN2ZkMDRkYWE0YWFhNjQ2NDIwNWI4YzYxMTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dRKQE2h4p1CdkLgGCfkOsdlFMZe
d9lPzO0cpoc+5whEb8ga2Fiqeq/EGvL5digVTyjO2vaFSpgIZbOoxtrZT+ACIwAT
CilROU5MBkZwGDT4UiRiNVJWEKX2KwF4bZUT8I5WezzBo+HQDKnnIx6+AlPMyFBW
r/6gt//AfZLy7pPRAGcy2tODuiKsq1A2KYzZvARCMyr5JS8X4eE6o9nSSd40cuvK
pBp/P1TkcfL1cGwXQ3gfQNuz5O81jETYOa544QFAisRf0xLEtE+WN8pe5KHdrN6X
xzcFOxtYYCkLDnZvLnB8ijBo5i4G4GeoBlAT6uffILZrEZJSqZTlN/zI6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPvhrJzwaLf9BNqkqqZGQgW4xhFWMB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXTS0yyy9
niWJhLGphYNtSbuprJosFr4eLRYcrKOe1O5DC1vHtjZW91GWyRY6sEB5ZQKNWL1s
Agb1tnA0Wva5gofrHqqad6ju67g9A39l0d81nw0f8RtIfxkTF+wvFiprKdTG3n7t
iUBJ85scwkjcjwnjIlTRzo0GsF01YH/a1U5eIM88AjGCBzxl1kzEoszTTAzGOJY5
CvsVRlJHKHTmRjqnInrm6tG/+sFco/aocYgo+0aarihisr3UbmNQ1Om7QijBDDZ+
ZSPlF19oKxey27SjgaH2/ReVU5Oj5Hd8TMnVEC5u1Al7BuHXJ6KBOF6G+LcJHApg
61UobEUpxfKH/A==
-----END CERTIFICATE-----
Generated at Wed Oct 29 07:53:38 2025 by rpki-client