Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
File: dfGnY3RcJdrSj0qBFmiOgs4SAos.mft (raw, json)
Hash identifier: ibLHo/gL7VGid76lTF6dtt+J/17UP5I363Eqr7pGrmY=
Subject key identifier: 26:4B:7E:F3:54:05:4C:71:32:8E:41:28:2A:73:C4:82:D0:21:76:0E
Authority key identifier: 75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
Certificate issuer: /CN=75f1a763745c25dad28f4a8116688e82ce12028b
Certificate serial: 019A209B2E58A62E53F6B45729D07502AB60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
Manifest number: 151A
Signing time: Sun 26 Oct 2025 13:00:32 +0000
Manifest this update: Sun 26 Oct 2025 13:00:32 +0000
Manifest next update: Mon 27 Oct 2025 13:00:32 +0000
Files and hashes: 1: dfGnY3RcJdrSj0qBFmiOgs4SAos.crl (hash: nmiquM4tTeIrtqqmdwxlcwYTnklE8YClX400V3WCDao=)
2: ecFLrFSYazGNpMwtdUC2GTyB7Ls.roa (hash: 9V1D5AZ/eHVRt4YDKcmTOE8v9iNuXaOV/i0Ye/mdU9E=)
3: zeZfDF6FQVXfyXUfk9yRfeoJZIA.roa (hash: DtxqGawsrFVZx4HNzS+S5CsdD6flwYPGqAxKv36rkJ0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:20:9b:2e:58:a6:2e:53:f6:b4:57:29:d0:75:02:ab:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75f1a763745c25dad28f4a8116688e82ce12028b
Validity
Not Before: Oct 26 13:00:32 2025 GMT
Not After : Oct 27 13:00:32 2025 GMT
Subject: CN=264b7ef354054c71328e41282a73c482d021760e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:43:fb:c2:c8:c7:8c:1e:26:a9:b8:c2:56:39:
77:1c:cf:4b:29:55:19:af:4a:b2:c0:3d:c6:25:70:
c4:3b:fc:72:30:98:b6:94:7f:68:30:ad:72:31:36:
3a:32:d6:7b:dd:f3:ff:ec:fd:3a:db:3f:82:cd:38:
dc:7b:cf:80:be:a3:c3:de:f1:46:86:32:16:ec:f0:
3b:95:4d:ee:79:90:f3:29:aa:34:48:32:dd:4c:bd:
c3:16:3d:75:6b:25:3f:40:a7:9e:7d:5e:b3:27:c1:
cb:bc:eb:be:22:6d:01:fa:89:00:44:fc:32:d1:7c:
94:d3:df:26:5a:43:4d:d8:f9:74:69:1e:2e:22:c6:
ae:e1:1d:12:5f:65:53:ed:60:74:91:68:4f:2f:fb:
4a:07:71:e3:7c:f6:f1:9a:08:e8:04:d3:dd:46:7f:
eb:57:ea:a4:cc:62:d6:0b:b2:b0:57:19:2b:73:75:
17:97:cb:c2:88:dc:88:b9:d4:c8:ee:b8:38:f3:ac:
d2:a8:53:2b:2f:36:19:a9:fd:9e:e4:30:bd:3f:de:
9c:2b:a5:f1:12:83:b3:27:02:4d:22:b7:49:17:62:
2e:6b:15:87:43:56:08:1e:7e:98:8f:9f:96:e9:44:
67:3c:42:7c:ba:8f:ac:43:57:4a:52:f5:d7:32:1b:
54:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4B:7E:F3:54:05:4C:71:32:8E:41:28:2A:73:C4:82:D0:21:76:0E
X509v3 Authority Key Identifier:
keyid:75:F1:A7:63:74:5C:25:DA:D2:8F:4A:81:16:68:8E:82:CE:12:02:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfGnY3RcJdrSj0qBFmiOgs4SAos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/980e66-3631-4fde-8e2d-c849bc0f359b/1/dfGnY3RcJdrSj0qBFmiOgs4SAos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1b:a3:1f:cb:7e:3a:17:7a:95:4d:6f:59:8d:f4:de:e3:ab:47:
eb:00:02:f2:cf:25:cd:a9:f5:c5:38:1f:3b:21:9c:86:cd:cf:
63:e9:95:74:b2:50:39:27:1d:1a:49:34:3f:8b:da:3b:39:00:
48:0d:ea:a1:b5:f9:ed:40:06:5d:2c:46:34:ec:6a:9d:dd:11:
8c:4b:a3:d1:7e:95:9c:c4:bb:f9:9b:ea:67:7b:cf:21:78:89:
63:d5:bf:d4:39:7d:77:2e:c0:18:ee:2c:0a:51:61:97:11:62:
0a:9f:18:4c:da:36:44:45:95:4d:41:db:32:d2:ee:6e:cb:94:
1f:23:7c:a9:56:e5:cb:c0:79:54:04:99:45:da:c2:c7:85:98:
93:47:05:ea:21:22:f1:d5:bc:61:99:83:54:ed:7f:9d:a2:60:
57:24:60:3f:42:27:c2:54:51:d7:ee:85:9e:2b:4d:be:69:7b:
6c:87:fb:07:9f:66:5a:45:eb:4e:c1:c3:23:eb:a9:e0:0c:d3:
80:74:ce:3d:31:e6:f3:d6:56:ee:10:1d:53:d0:a5:fc:e2:a6:
ac:0b:b7:71:9c:87:66:90:db:6d:77:28:f9:e9:a2:42:18:67:
23:5e:6c:c2:6d:e4:85:ee:55:1f:98:74:75:9b:99:c3:0d:a0:
e1:bf:29:d3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZogmy5Ypi5T9rRXKdB1AqtgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZjFhNzYzNzQ1YzI1ZGFkMjhmNGE4MTE2Njg4ZTgyY2Ux
MjAyOGIwHhcNMjUxMDI2MTMwMDMyWhcNMjUxMDI3MTMwMDMyWjAzMTEwLwYDVQQD
EygyNjRiN2VmMzU0MDU0YzcxMzI4ZTQxMjgyYTczYzQ4MmQwMjE3NjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUP7wsjHjB4mqbjCVjl3HM9LKVUZ
r0qywD3GJXDEO/xyMJi2lH9oMK1yMTY6MtZ73fP/7P062z+CzTjce8+AvqPD3vFG
hjIW7PA7lU3ueZDzKao0SDLdTL3DFj11ayU/QKeefV6zJ8HLvOu+Im0B+okARPwy
0XyU098mWkNN2Pl0aR4uIsau4R0SX2VT7WB0kWhPL/tKB3HjfPbxmgjoBNPdRn/r
V+qkzGLWC7KwVxkrc3UXl8vCiNyIudTI7rg486zSqFMrLzYZqf2e5DC9P96cK6Xx
EoOzJwJNIrdJF2IuaxWHQ1YIHn6Yj5+W6URnPEJ8uo+sQ1dKUvXXMhtUIQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCZLfvNUBUxxMo5BKCpzxILQIXYOMB8GA1UdIwQY
MBaAFHXxp2N0XCXa0o9KgRZojoLOEgKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQt
Yzg0OWJjMGYzNTliLzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85ODBlNjYtMzYzMS00ZmRlLThlMmQtYzg0OWJjMGYzNTli
LzEvZGZHblkzUmNKZHJTajBxQkZtaU9nczRTQW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG6Mfy346
F3qVTW9ZjfTe46tH6wAC8s8lzan1xTgfOyGchs3PY+mVdLJQOScdGkk0P4vaOzkA
SA3qobX57UAGXSxGNOxqnd0RjEuj0X6VnMS7+ZvqZ3vPIXiJY9W/1Dl9dy7AGO4s
ClFhlxFiCp8YTNo2REWVTUHbMtLubsuUHyN8qVbly8B5VASZRdrCx4WYk0cF6iEi
8dW8YZmDVO1/naJgVyRgP0InwlRR1+6FnitNvml7bIf7B59mWkXrTsHDI+up4AzT
gHTOPTHm89ZW7hAdU9Cl/OKmrAu3cZyHZpDbbXco+emiQhhnI15swm3khe5VH5h0
dZuZww2g4b8p0w==
-----END CERTIFICATE-----
Generated at Sun Oct 26 16:16:39 2025 by rpki-client