Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
File: 0ffNDsTDvFTFlDEwfuw27wOCdzM.mft (raw, json)
Hash identifier: 3/n86LRFiVNJRVi4x6WIegvSi9lHn0EkkJ2jMfA/Ut8=
Subject key identifier: 6A:C2:20:57:0B:B8:73:21:05:38:E2:30:B5:CD:A5:A9:0F:1B:18:D5
Authority key identifier: D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
Certificate issuer: /CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Certificate serial: 019A72260F5AFF06CDD6E56A3D7D41EE6C68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 09:01:27 +0000
Manifest this update: Tue 11 Nov 2025 09:01:27 +0000
Manifest next update: Wed 12 Nov 2025 09:01:27 +0000
Files and hashes: 1: 0ffNDsTDvFTFlDEwfuw27wOCdzM.crl (hash: 6CbCStomaL6oqrtTbwiniYqCDpARV4i4tIDmNBnyv7w=)
2: On0cxXdpQvZ_jJI1Rkh3ZfuLUxc.roa (hash: 9kDdHzwM7pfMm0bFoQEb02mFtUGZEAgcsF0RvK2rnzM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:0f:5a:ff:06:cd:d6:e5:6a:3d:7d:41:ee:6c:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f7cd0ec4c3bc54c59431307eec36ef03827733
Validity
Not Before: Nov 11 09:01:27 2025 GMT
Not After : Nov 12 09:01:27 2025 GMT
Subject: CN=6ac220570bb873210538e230b5cda5a90f1b18d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:7c:37:00:22:38:64:6c:a5:fb:f6:ca:27:b0:
f5:b8:91:33:70:3f:49:c2:08:db:a5:80:83:cb:dc:
5f:de:37:fb:35:5a:d0:62:de:0b:78:e2:16:e3:7c:
80:ce:32:29:f3:e2:f1:1d:f1:4c:1a:e8:62:c7:b6:
9a:e1:7e:30:5f:70:f3:82:24:39:ea:b2:ed:8c:f5:
e0:06:e9:f2:5b:91:5e:86:54:18:d8:23:01:d9:1a:
5c:a6:74:ec:56:59:e7:47:c6:75:69:ed:66:a6:91:
f1:94:1e:d9:85:1f:af:17:ac:02:1d:a0:36:97:9a:
89:46:13:0e:69:4e:6b:f7:4d:71:f5:39:55:4b:98:
38:34:c6:91:d0:52:dc:89:ee:eb:cb:7e:a7:60:1b:
21:00:b1:0e:ff:15:37:0c:4f:77:dd:8a:eb:a3:8b:
fd:27:14:fc:ff:cd:ca:ef:2f:6f:92:ef:9e:b1:49:
1d:77:01:72:3e:a9:20:51:e2:e7:b1:9c:2f:37:0e:
de:6c:db:6f:e2:4f:69:2e:b1:96:5b:3b:22:f4:95:
45:90:c6:9c:bb:f5:5f:7e:48:8c:15:c0:ab:76:25:
3c:5a:8e:f2:90:90:93:25:78:43:68:36:f2:f3:a9:
45:6b:6f:37:6a:3f:35:86:9f:35:54:84:87:df:33:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C2:20:57:0B:B8:73:21:05:38:E2:30:B5:CD:A5:A9:0F:1B:18:D5
X509v3 Authority Key Identifier:
keyid:D1:F7:CD:0E:C4:C3:BC:54:C5:94:31:30:7E:EC:36:EF:03:82:77:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0ffNDsTDvFTFlDEwfuw27wOCdzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/024d47-47b2-40b5-a2b8-9cb5d88fdd39/1/0ffNDsTDvFTFlDEwfuw27wOCdzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:8e:73:4a:47:f7:41:da:87:af:32:d5:0a:11:97:0b:e3:91:
36:86:ca:54:be:61:15:11:2e:26:a1:41:a7:61:ee:66:cf:3d:
45:40:fe:e2:3e:6f:3f:a8:2f:8f:74:42:6e:da:a5:3b:d3:d9:
67:61:eb:be:55:8a:fe:19:04:4c:94:e3:fc:0c:c9:85:be:d5:
85:e4:ea:1f:a4:20:13:c8:6f:35:fd:e3:cf:ec:1f:7f:17:c4:
ef:d6:16:3f:4c:85:e1:7b:e0:8d:5f:dc:13:d7:e8:c7:f5:9a:
34:55:39:3c:15:ee:1e:9f:7b:8a:07:5c:96:32:f9:af:05:08:
9b:5e:7a:c1:fb:78:42:02:91:fe:a6:ec:45:58:75:33:7c:1b:
17:62:65:02:52:6e:00:8b:19:dd:2f:eb:e8:4e:1a:3a:a9:da:
74:ef:e7:7a:0b:4b:78:ae:05:3b:d9:d3:78:17:c0:31:6f:7c:
31:90:0a:c5:e2:2e:95:06:f9:8d:e6:b8:fc:72:00:51:06:b0:
94:1e:ff:07:ef:15:df:ad:92:27:03:d4:98:2c:70:51:51:33:
91:03:97:92:6e:72:3c:43:c5:1c:ad:02:cb:f8:23:1e:02:fb:
60:c2:bb:3d:26:9e:60:f7:3f:8f:d8:5d:81:c0:fe:fe:19:9e:
5f:79:3d:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJg9a/wbN1uVqPX1B7mxoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjdjZDBlYzRjM2JjNTRjNTk0MzEzMDdlZWMzNmVmMDM4
Mjc3MzMwHhcNMjUxMTExMDkwMTI3WhcNMjUxMTEyMDkwMTI3WjAzMTEwLwYDVQQD
Eyg2YWMyMjA1NzBiYjg3MzIxMDUzOGUyMzBiNWNkYTVhOTBmMWIxOGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nw3ACI4ZGyl+/bKJ7D1uJEzcD9J
wgjbpYCDy9xf3jf7NVrQYt4LeOIW43yAzjIp8+LxHfFMGuhix7aa4X4wX3DzgiQ5
6rLtjPXgBunyW5FehlQY2CMB2RpcpnTsVlnnR8Z1ae1mppHxlB7ZhR+vF6wCHaA2
l5qJRhMOaU5r901x9TlVS5g4NMaR0FLcie7ry36nYBshALEO/xU3DE933Yrro4v9
JxT8/83K7y9vku+esUkddwFyPqkgUeLnsZwvNw7ebNtv4k9pLrGWWzsi9JVFkMac
u/VffkiMFcCrdiU8Wo7ykJCTJXhDaDby86lFa283aj81hp81VISH3zMU2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrCIFcLuHMhBTjiMLXNpakPGxjVMB8GA1UdIwQY
MBaAFNH3zQ7Ew7xUxZQxMH7sNu8DgnczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgt
OWNiNWQ4OGZkZDM5LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8wMjRkNDctNDdiMi00MGI1LWEyYjgtOWNiNWQ4OGZkZDM5
LzEvMGZmTkRzVER2RlRGbERFd2Z1dzI3d09DZHpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVI5zSkf3
QdqHrzLVChGXC+ORNobKVL5hFREuJqFBp2HuZs89RUD+4j5vP6gvj3RCbtqlO9PZ
Z2HrvlWK/hkETJTj/AzJhb7VheTqH6QgE8hvNf3jz+wffxfE79YWP0yF4XvgjV/c
E9fox/WaNFU5PBXuHp97igdcljL5rwUIm156wft4QgKR/qbsRVh1M3wbF2JlAlJu
AIsZ3S/r6E4aOqnadO/negtLeK4FO9nTeBfAMW98MZAKxeIulQb5jea4/HIAUQaw
lB7/B+8V362SJwPUmCxwUVEzkQOXkm5yPEPFHK0Cy/gjHgL7YMK7PSaeYPc/j9hd
gcD+/hmeX3k9ww==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:17 2025 by rpki-client