Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
File: dHnfUKMVAp6AqhlHr-EtselIYos.mft (raw, json)
Hash identifier: KYDwMZOtT4ItdFfw54p7pMAkp82lPEQ9JFSrRt/tizU=
Subject key identifier: ED:7D:9F:E8:7D:CA:8E:81:C9:6B:8C:79:76:B4:32:F0:DB:0E:C3:A3
Authority key identifier: 74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B
Certificate issuer: /CN=7479df50a315029e80aa1947afe12db1e948628b
Certificate serial: 019A71135BB5C64621BD27BB6CFA0F315763
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
Manifest number: 1022
Signing time: Tue 11 Nov 2025 04:01:25 +0000
Manifest this update: Tue 11 Nov 2025 04:01:25 +0000
Manifest next update: Wed 12 Nov 2025 04:01:25 +0000
Files and hashes: 1: KvOchdw6AYfLt261W6RR4KIthYY.roa (hash: WXdEqSkBC/gQsasA/7q/ZdUFdpwAbrzjieJX5Z97f4U=)
2: dHnfUKMVAp6AqhlHr-EtselIYos.crl (hash: N48dZF2oQMpHBc1GFKK0114sNHyhJUGNXzJpYQnZK7w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:5b:b5:c6:46:21:bd:27:bb:6c:fa:0f:31:57:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7479df50a315029e80aa1947afe12db1e948628b
Validity
Not Before: Nov 11 04:01:25 2025 GMT
Not After : Nov 12 04:01:25 2025 GMT
Subject: CN=ed7d9fe87dca8e81c96b8c7976b432f0db0ec3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c4:b9:d9:09:11:c6:4d:3f:5b:63:ec:b7:a1:
a5:c0:b3:6d:a4:a2:71:0c:c5:fa:c5:20:49:4f:69:
a9:65:8a:0b:74:d8:53:7a:fe:1b:f5:14:38:02:47:
07:ae:e4:34:80:b7:52:19:c8:f1:ce:ac:33:af:d5:
0a:bd:59:52:cd:d4:f3:99:2b:43:15:84:ab:18:a0:
78:65:eb:c8:60:bb:d0:55:94:b6:57:5e:61:87:1e:
ed:a6:b8:46:f4:88:e6:d0:d4:5f:a4:a6:52:31:7e:
70:05:45:52:ad:c0:8f:1d:17:9a:af:42:f5:ce:85:
b4:0b:d1:83:87:49:c9:c8:52:6c:29:b7:b4:ee:44:
9b:0c:71:87:df:35:ce:e0:50:38:8b:ff:fa:99:98:
30:33:6a:c7:66:a8:d4:df:0a:15:5a:d0:90:0e:4a:
35:e7:d7:9b:bb:d0:90:97:85:bd:bf:b4:83:c8:dd:
58:19:cf:5e:f0:c5:e9:80:52:b4:ca:74:05:0e:b1:
93:be:42:00:b5:df:cc:3f:ac:71:5d:d0:54:ef:ea:
f5:1f:ce:44:92:9c:d0:c1:90:a6:68:bb:cb:f8:c2:
9d:d6:3a:6f:6a:4a:2e:a2:5b:cf:bc:31:09:a1:0d:
f6:ae:b0:8a:a4:72:4a:66:af:5c:39:62:56:34:a4:
6a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:7D:9F:E8:7D:CA:8E:81:C9:6B:8C:79:76:B4:32:F0:DB:0E:C3:A3
X509v3 Authority Key Identifier:
keyid:74:79:DF:50:A3:15:02:9E:80:AA:19:47:AF:E1:2D:B1:E9:48:62:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHnfUKMVAp6AqhlHr-EtselIYos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/16735d-6658-4b6f-a261-97ba37345aa8/1/dHnfUKMVAp6AqhlHr-EtselIYos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
14:8f:eb:64:ba:c0:6a:17:dd:81:9a:d6:3a:72:bc:53:93:02:
72:5d:84:ab:91:72:24:bc:b1:d0:a3:c0:d7:df:2a:8e:6e:7a:
a8:63:31:a9:f5:c2:f8:ce:1e:b5:61:10:e7:f9:c7:40:66:cc:
09:75:f7:73:d3:2b:91:77:30:a2:02:51:72:19:29:c9:52:f1:
f0:e4:22:6d:a5:ff:8b:5d:5c:29:81:31:00:2e:09:35:21:a8:
92:68:56:8a:c7:fc:ff:35:34:a6:b0:3d:47:b6:66:d7:56:98:
36:de:57:ed:26:16:89:38:bf:60:06:c6:eb:f4:89:42:ed:82:
21:ef:ec:52:6c:47:73:0e:9c:cb:20:49:c7:42:16:bc:a0:c6:
46:a9:70:1d:c2:55:22:9d:af:c5:62:89:c9:f2:f5:00:ef:dc:
cc:95:6b:a7:a4:d7:50:e3:b4:ed:fa:d7:8e:64:42:8d:47:1a:
ee:e9:1a:a2:c3:4e:b6:c4:0d:bf:7a:6f:24:6a:06:30:e0:cb:
11:f6:4d:88:13:d7:b4:d7:d0:f1:99:88:f3:82:e5:01:de:c0:
cb:0e:e9:4e:4f:3d:17:86:34:78:eb:ab:37:cd:c1:47:2b:66:
ff:f7:7d:dd:3d:dc:4c:d0:11:35:b1:61:60:80:7a:45:e1:9a:
3a:8e:da:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE1u1xkYhvSe7bPoPMVdjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NzlkZjUwYTMxNTAyOWU4MGFhMTk0N2FmZTEyZGIxZTk0
ODYyOGIwHhcNMjUxMTExMDQwMTI1WhcNMjUxMTEyMDQwMTI1WjAzMTEwLwYDVQQD
EyhlZDdkOWZlODdkY2E4ZTgxYzk2YjhjNzk3NmI0MzJmMGRiMGVjM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMS52QkRxk0/W2Pst6GlwLNtpKJx
DMX6xSBJT2mpZYoLdNhTev4b9RQ4AkcHruQ0gLdSGcjxzqwzr9UKvVlSzdTzmStD
FYSrGKB4ZevIYLvQVZS2V15hhx7tprhG9Ijm0NRfpKZSMX5wBUVSrcCPHRear0L1
zoW0C9GDh0nJyFJsKbe07kSbDHGH3zXO4FA4i//6mZgwM2rHZqjU3woVWtCQDko1
59ebu9CQl4W9v7SDyN1YGc9e8MXpgFK0ynQFDrGTvkIAtd/MP6xxXdBU7+r1H85E
kpzQwZCmaLvL+MKd1jpvakouolvPvDEJoQ32rrCKpHJKZq9cOWJWNKRqHQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO19n+h9yo6ByWuMeXa0MvDbDsOjMB8GA1UdIwQY
MBaAFHR531CjFQKegKoZR6/hLbHpSGKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEt
OTdiYTM3MzQ1YWE4LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNjczNWQtNjY1OC00YjZmLWEyNjEtOTdiYTM3MzQ1YWE4
LzEvZEhuZlVLTVZBcDZBcWhsSHItRXRzZWxJWW9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFI/rZLrA
ahfdgZrWOnK8U5MCcl2Eq5FyJLyx0KPA198qjm56qGMxqfXC+M4etWEQ5/nHQGbM
CXX3c9MrkXcwogJRchkpyVLx8OQibaX/i11cKYExAC4JNSGokmhWisf8/zU0prA9
R7Zm11aYNt5X7SYWiTi/YAbG6/SJQu2CIe/sUmxHcw6cyyBJx0IWvKDGRqlwHcJV
Ip2vxWKJyfL1AO/czJVrp6TXUOO07frXjmRCjUca7ukaosNOtsQNv3pvJGoGMODL
EfZNiBPXtNfQ8ZmI84LlAd7Ayw7pTk89F4Y0eOurN83BRytm//d93T3cTNARNbFh
YIB6ReGaOo7apQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:08 2025 by rpki-client