Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
File: D97nlErE2jERKV2B4p3roAwWOpY.mft (raw, json)
Hash identifier: WKkrvYC+z5xd0TsimH0KG8WFYWjYuTAz7DF14PemVlg=
Subject key identifier: B1:D3:E9:8E:49:DB:86:26:0E:D3:D9:B4:A1:F3:05:8E:41:A5:F4:B7
Authority key identifier: 0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
Certificate issuer: /CN=0fdee7944ac4da3111295d81e29deba00c163a96
Certificate serial: 019A72258BCD2E90465D71EA8F6E12FC9107
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
Manifest number: 111A
Signing time: Tue 11 Nov 2025 09:00:54 +0000
Manifest this update: Tue 11 Nov 2025 09:00:54 +0000
Manifest next update: Wed 12 Nov 2025 09:00:54 +0000
Files and hashes: 1: D97nlErE2jERKV2B4p3roAwWOpY.crl (hash: vtNBeKYJE0IOqSiw4NZ+7zq6PLzZ06NtO4BTn+HmcYQ=)
2: Fe73gwKx3TfChZQCePRdIEAemH0.roa (hash: qBzf7ILpA60OZzhZbHEoimpJXoZWWGpm51oGlU43AdU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:8b:cd:2e:90:46:5d:71:ea:8f:6e:12:fc:91:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdee7944ac4da3111295d81e29deba00c163a96
Validity
Not Before: Nov 11 09:00:54 2025 GMT
Not After : Nov 12 09:00:54 2025 GMT
Subject: CN=b1d3e98e49db86260ed3d9b4a1f3058e41a5f4b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d7:22:b9:f0:36:75:b2:80:5f:02:49:ee:31:
d1:ac:91:d1:0d:a6:36:0a:0a:90:c1:fd:75:0b:07:
5d:99:f3:cd:2f:ad:15:9d:92:30:fd:27:df:83:8b:
81:53:52:3f:ad:af:04:de:3b:12:95:c4:47:30:30:
fa:a0:20:4f:39:20:53:53:c2:ce:3d:20:63:92:36:
62:82:b0:65:38:32:f3:14:e1:85:d4:4a:4d:81:a5:
da:a2:97:f7:1a:2c:34:fc:78:71:72:12:fb:2f:7b:
09:e4:bc:3e:1e:5b:fb:98:ae:be:fb:6e:39:77:50:
f4:0c:d6:dd:02:a5:48:af:fd:48:82:3b:4f:14:b6:
48:32:04:26:ef:e7:65:f2:7c:b4:b7:7a:73:90:2f:
63:ab:54:b5:eb:5d:ff:36:bd:ed:26:c9:2a:f1:04:
81:79:2d:ac:b4:16:68:f6:2c:4b:2f:ca:a7:c5:57:
31:86:8f:1f:c2:d7:ea:7c:5b:62:fd:a6:b2:08:19:
70:43:60:35:64:f1:ca:4a:29:05:24:44:9c:99:07:
ba:04:7a:48:6d:dd:f5:05:da:94:a5:d8:ec:3e:f0:
50:ae:3a:b4:18:29:17:ca:f2:27:13:58:72:14:b5:
86:21:b2:90:24:19:55:4e:e0:00:c8:7a:36:9c:bb:
ce:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D3:E9:8E:49:DB:86:26:0E:D3:D9:B4:A1:F3:05:8E:41:A5:F4:B7
X509v3 Authority Key Identifier:
keyid:0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
19:8f:c7:e5:67:bd:f8:62:83:40:6b:5d:99:32:99:9e:3a:78:
6d:ee:ed:40:40:d0:98:01:40:43:c9:77:2a:24:f0:2e:df:20:
55:16:5e:54:1f:13:de:c9:5b:dd:54:c6:c4:41:5a:93:9c:ac:
42:d6:f2:a9:cf:03:04:0f:19:01:ba:53:51:29:1d:76:0e:8f:
52:7c:d5:04:eb:cc:92:84:45:58:9e:83:e5:e5:3d:16:8e:48:
23:51:ab:41:15:f8:d9:2e:80:5e:54:f9:7e:2d:cb:04:80:bb:
b2:9c:e8:45:a1:41:a5:0e:5f:67:32:36:58:73:bb:aa:a2:0c:
4a:e4:2b:17:25:98:5b:69:00:bd:4f:b6:ea:03:2c:a4:be:db:
c5:f6:1b:09:af:44:2d:62:ed:2d:3d:b6:d3:c7:4e:a5:ac:07:
37:f4:aa:98:9f:ed:f3:ad:c0:21:de:68:e5:12:73:7a:04:6b:
fd:81:72:23:42:6b:f6:8b:a8:07:fe:14:12:0d:3c:dd:f5:ce:
e0:61:81:d3:d7:cc:23:f4:ab:00:51:b2:95:68:d0:46:a1:42:
49:7b:d7:1a:e1:80:43:3e:56:dc:2e:bf:f7:f7:cd:6d:a0:83:
ce:d4:97:b2:e0:00:a5:97:6f:4e:dd:21:9d:9b:5c:fa:d7:40:
88:c4:52:9d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJYvNLpBGXXHqj24S/JEHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGVlNzk0NGFjNGRhMzExMTI5NWQ4MWUyOWRlYmEwMGMx
NjNhOTYwHhcNMjUxMTExMDkwMDU0WhcNMjUxMTEyMDkwMDU0WjAzMTEwLwYDVQQD
EyhiMWQzZTk4ZTQ5ZGI4NjI2MGVkM2Q5YjRhMWYzMDU4ZTQxYTVmNGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9ciufA2dbKAXwJJ7jHRrJHRDaY2
CgqQwf11CwddmfPNL60VnZIw/Sffg4uBU1I/ra8E3jsSlcRHMDD6oCBPOSBTU8LO
PSBjkjZigrBlODLzFOGF1EpNgaXaopf3Giw0/HhxchL7L3sJ5Lw+Hlv7mK6++245
d1D0DNbdAqVIr/1IgjtPFLZIMgQm7+dl8ny0t3pzkC9jq1S1613/Nr3tJskq8QSB
eS2stBZo9ixLL8qnxVcxho8fwtfqfFti/aayCBlwQ2A1ZPHKSikFJEScmQe6BHpI
bd31BdqUpdjsPvBQrjq0GCkXyvInE1hyFLWGIbKQJBlVTuAAyHo2nLvOMQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLHT6Y5J24YmDtPZtKHzBY5BpfS3MB8GA1UdIwQY
MBaAFA/e55RKxNoxESldgeKd66AMFjqWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAt
NzhhNGQ2NTY5M2ZlLzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAtNzhhNGQ2NTY5M2Zl
LzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGY/H5We9
+GKDQGtdmTKZnjp4be7tQEDQmAFAQ8l3KiTwLt8gVRZeVB8T3slb3VTGxEFak5ys
Qtbyqc8DBA8ZAbpTUSkddg6PUnzVBOvMkoRFWJ6D5eU9Fo5II1GrQRX42S6AXlT5
fi3LBIC7spzoRaFBpQ5fZzI2WHO7qqIMSuQrFyWYW2kAvU+26gMspL7bxfYbCa9E
LWLtLT2208dOpawHN/SqmJ/t863AId5o5RJzegRr/YFyI0Jr9ouoB/4UEg083fXO
4GGB09fMI/SrAFGylWjQRqFCSXvXGuGAQz5W3C6/9/fNbaCDztSXsuAApZdvTt0h
nZtc+tdAiMRSnQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 17:19:45 2025 by rpki-client