Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft
File: toF3Ytn8jxGwHPUjS25DHPvsG80.mft (raw, json)
Hash identifier: JkgNrS/COSYd8K/73Nlg6tzlFGBpnUYXAAY7VDQnPNw=
Subject key identifier: ED:E4:D0:62:EE:47:B8:20:89:1B:B6:72:25:BD:B6:33:21:4F:11:0F
Authority key identifier: B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD
Certificate issuer: /CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd
Certificate serial: 019A71EEAE092343DD1D0ACB75FEE6144BA1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft
Manifest number: 0A7F
Signing time: Tue 11 Nov 2025 08:00:58 +0000
Manifest this update: Tue 11 Nov 2025 08:00:58 +0000
Manifest next update: Wed 12 Nov 2025 08:00:58 +0000
Files and hashes: 1: iFeMzfeEdL5eLiPhJVZH9fOR9os.roa (hash: Hluf44L3umjh9a1sEhuox24mM0+jKftFeuevrlqeW6M=)
2: toF3Ytn8jxGwHPUjS25DHPvsG80.crl (hash: D3A4wI09z3UnaFUVUclYHoezsO2gzB/s+CLi3h8piYQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft
rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:ae:09:23:43:dd:1d:0a:cb:75:fe:e6:14:4b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd
Validity
Not Before: Nov 11 08:00:58 2025 GMT
Not After : Nov 12 08:00:58 2025 GMT
Subject: CN=ede4d062ee47b820891bb67225bdb633214f110f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:01:5e:ac:b9:4e:70:1d:81:71:57:bb:67:
40:d5:5c:7c:4e:e6:2d:db:32:9a:6c:3d:fd:d1:94:
f1:77:ef:f0:71:4e:7b:1b:2f:a9:0e:a5:2a:9e:98:
91:94:80:0d:1f:c1:ff:e7:7f:80:0f:4a:ce:7a:8e:
ed:11:85:da:3f:8e:50:d2:9d:01:e9:26:46:48:8d:
d7:0b:13:f2:d7:ff:a3:00:92:4f:ef:b4:a8:64:11:
f7:e2:74:83:c0:a3:30:a6:17:c9:4f:c3:6b:d9:b7:
a6:ad:f6:eb:6c:73:61:94:be:4b:85:48:fe:21:5f:
22:97:44:14:7c:ea:fb:70:2b:e6:d7:b3:00:06:4a:
8c:43:71:8d:d6:f6:01:00:0b:c5:43:49:cd:11:43:
16:bf:bf:1f:41:0b:01:38:a7:8c:98:3b:8d:17:61:
56:0e:01:af:4f:02:2f:c2:bd:dc:f6:60:8d:9b:cf:
b2:02:21:22:a3:c8:de:5b:b1:ff:d9:fb:73:bd:da:
78:9e:ee:52:03:39:44:fe:c4:be:73:b2:11:be:49:
c5:a2:51:ac:2d:ce:b5:3e:3b:8c:97:a1:72:29:37:
3e:67:fc:07:31:52:83:9a:e6:21:2d:af:0a:d3:35:
67:f0:a4:98:d3:f0:95:85:ee:72:f8:1d:66:60:76:
48:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:E4:D0:62:EE:47:B8:20:89:1B:B6:72:25:BD:B6:33:21:4F:11:0F
X509v3 Authority Key Identifier:
keyid:B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:43:d3:a2:b4:e2:db:a8:75:d0:38:b1:c7:0d:5a:bc:86:60:
d4:12:e8:9c:72:30:47:db:71:0f:51:94:43:10:57:c4:f2:bd:
31:c6:95:ec:a3:84:8d:aa:d1:ee:d2:c8:a5:e4:cf:32:ed:66:
92:b1:c2:5a:f7:28:40:86:90:c1:a8:ca:05:57:db:57:74:c4:
c3:56:9d:5c:ae:fa:45:93:3c:2e:0b:6d:ae:0b:a0:d0:55:44:
14:92:dd:35:42:9c:01:75:a4:75:e1:8a:78:55:b4:02:08:5a:
d5:eb:8a:27:a9:fe:06:22:48:81:4d:c4:e8:94:62:d2:b5:4d:
d4:a2:ac:bf:27:da:1f:4e:3a:0e:56:31:d4:f5:e3:d2:69:55:
7d:2c:c8:8b:5a:67:3d:97:2d:e8:74:15:99:f7:98:51:a2:f6:
a3:dc:c0:5b:fd:29:0f:f9:b4:43:ec:64:9c:33:d8:f7:54:a5:
1b:c3:11:91:63:6a:99:e6:2b:be:0c:06:56:cc:d1:78:46:21:
c6:5f:09:81:0c:80:dd:2d:97:4c:f3:b4:da:ba:0f:b8:ca:25:
b6:57:78:91:96:2a:ff:50:23:53:92:64:21:09:8b:25:a1:ee:
44:bd:85:04:da:91:1b:e9:18:4a:81:d9:7e:f6:87:62:5c:91:
6d:28:3a:cb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7q4JI0PdHQrLdf7mFEuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ODE3NzYyZDlmYzhmMTFiMDFjZjUyMzRiNmU0MzFjZmJl
YzFiY2QwHhcNMjUxMTExMDgwMDU4WhcNMjUxMTEyMDgwMDU4WjAzMTEwLwYDVQQD
EyhlZGU0ZDA2MmVlNDdiODIwODkxYmI2NzIyNWJkYjYzMzIxNGYxMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugcBXqy5TnAdgXFXu2dA1Vx8TuYt
2zKabD390ZTxd+/wcU57Gy+pDqUqnpiRlIANH8H/53+AD0rOeo7tEYXaP45Q0p0B
6SZGSI3XCxPy1/+jAJJP77SoZBH34nSDwKMwphfJT8Nr2bemrfbrbHNhlL5LhUj+
IV8il0QUfOr7cCvm17MABkqMQ3GN1vYBAAvFQ0nNEUMWv78fQQsBOKeMmDuNF2FW
DgGvTwIvwr3c9mCNm8+yAiEio8jeW7H/2ftzvdp4nu5SAzlE/sS+c7IRvknFolGs
Lc61PjuMl6FyKTc+Z/wHMVKDmuYhLa8K0zVn8KSY0/CVhe5y+B1mYHZIvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO3k0GLuR7ggiRu2ciW9tjMhTxEPMB8GA1UdIwQY
MBaAFLaBd2LZ/I8RsBz1I0tuQxz77BvNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQt
ZDNmMjY1YWQ1MTRmLzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQtZDNmMjY1YWQ1MTRm
LzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGkPTorTi
26h10Dixxw1avIZg1BLonHIwR9txD1GUQxBXxPK9McaV7KOEjarR7tLIpeTPMu1m
krHCWvcoQIaQwajKBVfbV3TEw1adXK76RZM8Lgttrgug0FVEFJLdNUKcAXWkdeGK
eFW0Agha1euKJ6n+BiJIgU3E6JRi0rVN1KKsvyfaH046DlYx1PXj0mlVfSzIi1pn
PZct6HQVmfeYUaL2o9zAW/0pD/m0Q+xknDPY91SlG8MRkWNqmeYrvgwGVszReEYh
xl8JgQyA3S2XTPO02roPuMoltld4kZYq/1AjU5JkIQmLJaHuRL2FBNqRG+kYSoHZ
fvaHYlyRbSg6yw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:22 2025 by rpki-client