Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.mft
File: rJpRvqG1cP-nLZxS0aUYwkvHjAI.mft (raw, json)
Hash identifier: t6cz8km2wQkSzIDLs6bcnovu6P+8A72x7EUXywj19c4=
Subject key identifier: 55:00:90:D0:C5:B7:85:73:73:F0:3D:A7:48:69:D4:D7:41:ED:3A:69
Authority key identifier: AC:9A:51:BE:A1:B5:70:FF:A7:2D:9C:52:D1:A5:18:C2:4B:C7:8C:02
Certificate issuer: /CN=ac9a51bea1b570ffa72d9c52d1a518c24bc78c02
Certificate serial: 019A725CA3F0FEE1B0CC91A2140BB5CD6D50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.mft
Manifest number: 133D
Signing time: Tue 11 Nov 2025 10:01:05 +0000
Manifest this update: Tue 11 Nov 2025 10:01:05 +0000
Manifest next update: Wed 12 Nov 2025 10:01:05 +0000
Files and hashes: 1: rJpRvqG1cP-nLZxS0aUYwkvHjAI.crl (hash: +FQVTo1TX6EEtQGya6ieyWf/h2ZNapzcDofPWsf1050=)
2: w5lUFfISkdR1rbXpw9EFPEpBgSE.roa (hash: aLxhVjIpLB1JtYTTNVzOUaAGXHTvMRlaiMUbkJdp7PY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:a3:f0:fe:e1:b0:cc:91:a2:14:0b:b5:cd:6d:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac9a51bea1b570ffa72d9c52d1a518c24bc78c02
Validity
Not Before: Nov 11 10:01:05 2025 GMT
Not After : Nov 12 10:01:05 2025 GMT
Subject: CN=550090d0c5b7857373f03da74869d4d741ed3a69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c8:7c:43:f6:e9:db:7d:2b:e4:5e:b8:af:45:
12:e6:e7:f9:a2:31:7e:d6:9b:42:74:71:90:a8:a6:
54:91:d1:76:b1:cd:97:18:73:36:42:29:54:88:ba:
90:5a:da:5e:24:4f:00:25:6c:22:ec:85:cc:7e:f8:
5b:84:f1:c3:5a:cd:3e:c1:7f:32:af:2a:85:dc:1e:
3f:b4:f3:04:16:99:82:31:a2:1c:2f:e9:38:f3:cf:
d2:28:61:90:70:3d:f4:d5:e8:f4:86:80:78:21:35:
c7:2e:1d:85:4f:04:49:16:d2:f4:a6:c7:3c:99:df:
31:85:cb:8e:8a:6c:83:25:90:04:fb:f5:a2:2c:7b:
4d:5b:39:ab:92:67:7c:a8:b5:fc:91:c5:7c:d6:59:
25:c4:c1:c2:39:3d:ac:d0:2e:ce:34:12:f6:4d:1e:
f1:04:96:69:12:80:81:06:58:0a:2a:a4:94:c7:5a:
b7:d8:7e:ec:ab:56:bc:c6:25:3c:04:63:e6:b6:7c:
ea:e7:bf:bf:15:ff:9d:56:be:b3:de:ac:4d:5a:39:
0a:f2:fd:0c:bb:c0:57:1e:23:62:4d:ab:dc:eb:38:
58:14:a3:98:81:97:af:f6:5f:03:fc:45:8e:1d:67:
8e:2e:34:15:c0:17:d6:5a:49:eb:8a:f1:f4:a2:b5:
23:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:00:90:D0:C5:B7:85:73:73:F0:3D:A7:48:69:D4:D7:41:ED:3A:69
X509v3 Authority Key Identifier:
keyid:AC:9A:51:BE:A1:B5:70:FF:A7:2D:9C:52:D1:A5:18:C2:4B:C7:8C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rJpRvqG1cP-nLZxS0aUYwkvHjAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/2de87a-0176-4f19-b0e8-ab5630211f7a/1/rJpRvqG1cP-nLZxS0aUYwkvHjAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7a:ff:6a:f7:8a:e2:68:da:2a:75:08:73:8d:d6:35:b2:9f:0a:
af:70:de:31:c4:ac:00:31:d6:96:ce:9b:98:ad:68:84:9f:3a:
80:88:9d:48:f7:c1:c5:2b:ab:e5:18:e3:6f:90:46:a5:c6:10:
59:e9:ed:57:fc:f1:b1:30:8f:0e:35:97:4f:ef:1d:62:dd:0e:
f5:f7:db:78:bc:9d:3f:21:05:22:0a:42:f7:47:41:4e:45:11:
3a:64:53:2c:01:c3:2f:b4:f6:86:c5:c0:ae:26:ab:e4:40:e0:
ac:e6:c2:c7:84:a3:1d:e5:39:0c:f5:f6:8a:a9:ac:5b:f8:89:
39:4d:da:4f:59:98:1c:4f:db:26:b4:ab:d7:6c:23:a5:15:2b:
1f:bd:16:96:42:78:7a:47:70:34:1a:4f:01:7b:d7:e8:6a:d1:
95:0b:b8:0c:96:e0:e2:6b:52:c5:02:e7:3f:cc:de:6f:55:21:
6a:3f:c8:f0:e4:c0:bd:4f:97:f1:0e:1d:a2:f2:db:3a:9c:e2:
d5:4e:f1:d7:e2:8c:f4:1d:44:27:d2:61:c3:b4:e4:ba:be:1e:
b9:3a:e8:24:81:d1:d2:41:90:74:14:d3:6d:fc:de:ea:5d:07:
87:77:69:c0:78:2d:a0:67:6a:bf:3b:26:83:cb:84:05:b6:a3:
73:fe:bd:f5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXKPw/uGwzJGiFAu1zW1QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjOWE1MWJlYTFiNTcwZmZhNzJkOWM1MmQxYTUxOGMyNGJj
NzhjMDIwHhcNMjUxMTExMTAwMTA1WhcNMjUxMTEyMTAwMTA1WjAzMTEwLwYDVQQD
Eyg1NTAwOTBkMGM1Yjc4NTczNzNmMDNkYTc0ODY5ZDRkNzQxZWQzYTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMh8Q/bp230r5F64r0US5uf5ojF+
1ptCdHGQqKZUkdF2sc2XGHM2QilUiLqQWtpeJE8AJWwi7IXMfvhbhPHDWs0+wX8y
ryqF3B4/tPMEFpmCMaIcL+k488/SKGGQcD301ej0hoB4ITXHLh2FTwRJFtL0psc8
md8xhcuOimyDJZAE+/WiLHtNWzmrkmd8qLX8kcV81lklxMHCOT2s0C7ONBL2TR7x
BJZpEoCBBlgKKqSUx1q32H7sq1a8xiU8BGPmtnzq57+/Ff+dVr6z3qxNWjkK8v0M
u8BXHiNiTavc6zhYFKOYgZev9l8D/EWOHWeOLjQVwBfWWknrivH0orUjoQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFUAkNDFt4Vzc/A9p0hp1NdB7TppMB8GA1UdIwQY
MBaAFKyaUb6htXD/py2cUtGlGMJLx4wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckpwUnZxRzFjUC1uTFp4UzBhVVl3a3ZIakFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8yZGU4N2EtMDE3Ni00ZjE5LWIwZTgt
YWI1NjMwMjExZjdhLzEvckpwUnZxRzFjUC1uTFp4UzBhVVl3a3ZIakFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8yZGU4N2EtMDE3Ni00ZjE5LWIwZTgtYWI1NjMwMjExZjdh
LzEvckpwUnZxRzFjUC1uTFp4UzBhVVl3a3ZIakFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAev9q94ri
aNoqdQhzjdY1sp8Kr3DeMcSsADHWls6bmK1ohJ86gIidSPfBxSur5Rjjb5BGpcYQ
WentV/zxsTCPDjWXT+8dYt0O9ffbeLydPyEFIgpC90dBTkUROmRTLAHDL7T2hsXA
riar5EDgrObCx4SjHeU5DPX2iqmsW/iJOU3aT1mYHE/bJrSr12wjpRUrH70WlkJ4
ekdwNBpPAXvX6GrRlQu4DJbg4mtSxQLnP8zeb1Uhaj/I8OTAvU+X8Q4dovLbOpzi
1U7x1+KM9B1EJ9Jhw7Tkur4euTroJIHR0kGQdBTTbfze6l0Hh3dpwHgtoGdqvzsm
g8uEBbajc/699Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:51 2025 by rpki-client