Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.mft
File: dAThbzM9iWUMZhOsbJXTSNxLeVA.mft (raw, json)
Hash identifier: Io72AeTqkFgD5Tp+bpirQtjQUmkX5uY8ckPqHq1Se/w=
Subject key identifier: E7:8A:38:0D:3B:E4:6E:48:06:E2:82:25:CE:7C:5B:81:69:1C:9A:BD
Authority key identifier: 74:04:E1:6F:33:3D:89:65:0C:66:13:AC:6C:95:D3:48:DC:4B:79:50
Certificate issuer: /CN=7404e16f333d89650c6613ac6c95d348dc4b7950
Certificate serial: 019A71EED67FDB6587F58EA34477A08875FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.mft
Manifest number: 02A9
Signing time: Tue 11 Nov 2025 08:01:09 +0000
Manifest this update: Tue 11 Nov 2025 08:01:09 +0000
Manifest next update: Wed 12 Nov 2025 08:01:09 +0000
Files and hashes: 1: USYf1bw7MHizcISPSt3QDNx57-c.roa (hash: hlppK+U0LprItNasoWls7BUhYE5DrUbPlgUCcoN0Ou8=)
2: dAThbzM9iWUMZhOsbJXTSNxLeVA.crl (hash: ym8QI4esxY+uQkC6zLkhXS0iN7uIO3UQ6ki1jc39DHU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:d6:7f:db:65:87:f5:8e:a3:44:77:a0:88:75:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7404e16f333d89650c6613ac6c95d348dc4b7950
Validity
Not Before: Nov 11 08:01:09 2025 GMT
Not After : Nov 12 08:01:09 2025 GMT
Subject: CN=e78a380d3be46e4806e28225ce7c5b81691c9abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:67:2b:df:53:f8:02:88:28:2d:27:32:e6:fb:
73:60:00:65:de:9d:63:d8:60:cc:ca:75:de:5a:51:
2e:42:84:d7:21:b3:c9:e0:ca:2d:90:36:72:70:67:
9c:c0:e7:d0:69:89:c1:78:61:f3:3b:f2:29:c1:cf:
8a:57:8c:a9:0f:7d:9e:ef:9a:27:74:a9:99:f4:e3:
50:4d:bc:53:cc:bd:f8:98:ac:e1:12:9e:3c:de:cd:
c8:23:58:e1:e3:36:d4:dd:f9:31:74:fe:44:95:0d:
94:93:e0:08:84:4e:f0:0d:29:46:da:09:71:2d:ae:
4a:58:2a:34:70:ad:12:00:e0:6d:62:19:00:92:35:
e3:de:d9:43:af:b2:1c:b4:38:8a:a2:47:9c:17:0c:
a6:ac:e1:8e:4e:ea:bc:8e:ce:0b:e3:17:8f:98:42:
6b:72:6e:ac:02:d8:bb:aa:80:45:f6:22:67:c6:94:
60:1b:df:e5:22:97:42:b9:2a:6c:0c:19:95:16:85:
36:82:18:c7:dc:81:1a:6d:91:56:ff:e2:68:e9:d9:
12:11:eb:fa:74:d1:b1:e0:ec:30:3e:58:43:b6:df:
79:09:e4:09:05:67:32:b7:ad:cb:de:7c:76:88:7d:
0f:fb:50:e6:4d:55:df:6c:d9:fb:23:39:9c:ea:6e:
99:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:8A:38:0D:3B:E4:6E:48:06:E2:82:25:CE:7C:5B:81:69:1C:9A:BD
X509v3 Authority Key Identifier:
keyid:74:04:E1:6F:33:3D:89:65:0C:66:13:AC:6C:95:D3:48:DC:4B:79:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dAThbzM9iWUMZhOsbJXTSNxLeVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1532c6-a2f5-48e6-b037-18c5ebef27a8/1/dAThbzM9iWUMZhOsbJXTSNxLeVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:2b:51:42:4e:af:7c:f0:7f:92:c7:f8:9c:8d:0b:28:f1:2e:
b6:a4:4e:27:1a:8b:6b:53:1a:1e:57:8a:20:54:87:8f:44:a3:
b9:68:fb:42:53:ca:65:69:a5:fb:26:23:70:a1:b3:d0:90:3d:
02:13:4a:35:fb:a4:49:0d:9f:ab:31:a9:04:b1:3c:08:58:a2:
bb:25:4b:3c:73:ae:08:33:d8:72:c0:9b:20:b8:74:de:c0:11:
f3:3a:25:17:4c:70:1f:00:f2:f4:fc:ec:ce:db:f2:eb:d1:84:
c4:22:06:4f:2b:74:2c:7c:9e:11:f1:70:75:fe:ad:cb:a3:41:
8d:51:a9:8e:15:1e:89:20:49:6b:cf:c5:bd:5e:84:57:fb:1e:
52:a4:99:0a:d5:3a:11:34:c5:d3:0a:87:16:c0:52:79:ab:a4:
06:f1:bf:fa:10:6a:82:0d:14:34:4e:19:57:21:55:cb:8f:74:
43:f0:f6:c3:75:40:e8:91:50:08:ec:fe:b7:ef:19:98:34:87:
f9:6c:8a:af:c8:08:9b:2c:6c:91:76:8a:57:21:d3:d8:38:0a:
c0:f9:d8:b9:53:31:fb:24:c8:9f:37:cb:3c:b5:16:51:a0:0f:
ec:14:dd:d1:44:78:51:ce:c3:fb:84:96:88:cd:f8:1a:dc:b8:
c9:9a:f8:fd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7tZ/22WH9Y6jRHegiHX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MDRlMTZmMzMzZDg5NjUwYzY2MTNhYzZjOTVkMzQ4ZGM0
Yjc5NTAwHhcNMjUxMTExMDgwMTA5WhcNMjUxMTEyMDgwMTA5WjAzMTEwLwYDVQQD
EyhlNzhhMzgwZDNiZTQ2ZTQ4MDZlMjgyMjVjZTdjNWI4MTY5MWM5YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Wcr31P4AogoLScy5vtzYABl3p1j
2GDMynXeWlEuQoTXIbPJ4MotkDZycGecwOfQaYnBeGHzO/Ipwc+KV4ypD32e75on
dKmZ9ONQTbxTzL34mKzhEp483s3II1jh4zbU3fkxdP5ElQ2Uk+AIhE7wDSlG2glx
La5KWCo0cK0SAOBtYhkAkjXj3tlDr7IctDiKokecFwymrOGOTuq8js4L4xePmEJr
cm6sAti7qoBF9iJnxpRgG9/lIpdCuSpsDBmVFoU2ghjH3IEabZFW/+Jo6dkSEev6
dNGx4OwwPlhDtt95CeQJBWcyt63L3nx2iH0P+1DmTVXfbNn7Izmc6m6ZSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOeKOA075G5IBuKCJc58W4FpHJq9MB8GA1UdIwQY
MBaAFHQE4W8zPYllDGYTrGyV00jcS3lQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xNTMyYzYtYTJmNS00OGU2LWIwMzct
MThjNWViZWYyN2E4LzEvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xNTMyYzYtYTJmNS00OGU2LWIwMzctMThjNWViZWYyN2E4
LzEvZEFUaGJ6TTlpV1VNWmhPc2JKWFRTTnhMZVZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAitRQk6v
fPB/ksf4nI0LKPEutqROJxqLa1MaHleKIFSHj0SjuWj7QlPKZWml+yYjcKGz0JA9
AhNKNfukSQ2fqzGpBLE8CFiiuyVLPHOuCDPYcsCbILh03sAR8zolF0xwHwDy9Pzs
ztvy69GExCIGTyt0LHyeEfFwdf6ty6NBjVGpjhUeiSBJa8/FvV6EV/seUqSZCtU6
ETTF0wqHFsBSeaukBvG/+hBqgg0UNE4ZVyFVy490Q/D2w3VA6JFQCOz+t+8ZmDSH
+WyKr8gImyxskXaKVyHT2DgKwPnYuVMx+yTInzfLPLUWUaAP7BTd0UR4Uc7D+4SW
iM34Gty4yZr4/Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:55 2025 by rpki-client