Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
File: sFcIRcI56ZkcibxcUEMekIeGDE0.mft (raw, json)
Hash identifier: r/uOAAOn6up98y1RzsXa5S53CmS+s5Vxiu11ben/9Rk=
Subject key identifier: D2:13:86:A5:19:71:CC:E2:1D:4E:49:0D:CF:07:93:26:43:F7:68:2D
Authority key identifier: B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
Certificate issuer: /CN=b0570845c239e9991c89bc5c50431e9087860c4d
Certificate serial: 019A7149E55CAFC43D61B987F9EF5EAB8BA4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
Manifest number: 0199
Signing time: Tue 11 Nov 2025 05:00:59 +0000
Manifest this update: Tue 11 Nov 2025 05:00:59 +0000
Manifest next update: Wed 12 Nov 2025 05:00:59 +0000
Files and hashes: 1: n2C0sjvTrbF7unBNdsXDONkHwzQ.roa (hash: jLl0pdc61DzddqyTuR7Io8Gkj/xajAEL7bTJB3EuzC8=)
2: sFcIRcI56ZkcibxcUEMekIeGDE0.crl (hash: DllHMLuNpVgz50vFzRY6TmpHxDZ6bZHznwGEg7jSL7M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:e5:5c:af:c4:3d:61:b9:87:f9:ef:5e:ab:8b:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0570845c239e9991c89bc5c50431e9087860c4d
Validity
Not Before: Nov 11 05:00:59 2025 GMT
Not After : Nov 12 05:00:59 2025 GMT
Subject: CN=d21386a51971cce21d4e490dcf07932643f7682d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:57:4c:b8:29:8a:43:1b:82:b8:5a:26:80:ce:
9c:e0:13:66:7c:d8:e1:c9:b0:91:bf:a3:38:a0:3e:
06:6d:e3:89:d9:92:63:6f:ac:04:90:9b:64:24:9f:
f6:db:fe:73:7c:47:94:bc:7f:4b:96:49:4b:73:0b:
e6:d7:ce:5c:c7:56:6a:96:db:98:35:94:60:7a:6e:
f6:39:65:f3:65:74:66:e9:8e:09:49:03:39:59:2a:
c9:5b:c0:f6:dc:44:53:fe:d6:e8:23:89:bc:b8:f8:
0e:f5:87:78:e5:c9:fd:e4:2f:ab:b0:91:61:a6:e7:
ff:42:b7:a6:f5:e2:8e:55:f4:c5:bf:45:53:62:1d:
67:b5:ac:26:3b:64:2f:8e:15:98:d5:4b:65:af:43:
84:ad:af:69:5c:dc:68:b0:cb:8d:5f:3e:86:17:52:
e9:c8:7b:1a:0e:a9:38:22:9b:0a:2c:fa:53:e5:0e:
5c:ac:e8:77:8d:98:af:10:8d:3c:b8:2e:30:9b:db:
64:92:7d:13:40:35:b4:86:87:c4:47:c4:7f:56:c5:
df:14:2e:4f:bb:de:c6:e2:c9:28:68:ea:47:32:c6:
1b:73:17:ef:52:a5:35:02:ab:01:e9:a4:51:58:ce:
6d:07:25:77:85:20:ab:38:03:f9:69:d7:74:79:88:
28:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:13:86:A5:19:71:CC:E2:1D:4E:49:0D:CF:07:93:26:43:F7:68:2D
X509v3 Authority Key Identifier:
keyid:B0:57:08:45:C2:39:E9:99:1C:89:BC:5C:50:43:1E:90:87:86:0C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sFcIRcI56ZkcibxcUEMekIeGDE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/1e7c48-f8c2-4679-b771-46ca26aff545/1/sFcIRcI56ZkcibxcUEMekIeGDE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
82:3b:99:20:61:a5:fb:a5:36:2a:58:ca:0e:11:7f:af:7f:32:
db:86:e2:91:eb:c1:3f:a8:9d:6e:c2:79:8c:68:03:88:11:c5:
7f:71:7d:76:dd:8c:dc:9c:d6:4d:1b:88:03:59:3f:4a:93:e3:
7e:71:c3:0d:25:90:3c:19:d8:33:3e:fc:97:66:65:e6:24:cb:
bf:ac:b0:54:b4:07:73:a8:83:a0:ca:4c:67:3a:a3:27:1e:a5:
45:48:49:cd:71:6b:81:02:83:6a:12:6a:3f:e3:79:e3:74:67:
86:5a:a4:2e:5a:64:f3:05:35:e1:52:b0:ea:6e:14:d7:70:aa:
10:85:f9:2f:f6:6b:12:17:8e:f1:0e:2f:8e:50:a2:f6:0f:1a:
13:9e:18:58:27:94:b9:0e:6e:87:85:b6:3a:00:b4:50:40:82:
98:35:3c:67:56:55:21:64:e1:48:a8:a0:dd:a1:8a:46:49:46:
12:48:63:1f:c2:36:f2:54:30:cc:6c:da:ae:87:4e:f2:84:40:
b6:c0:d4:2f:9f:76:65:d6:53:2b:81:c7:43:5c:75:47:6e:97:
fb:60:46:5d:11:70:19:84:fc:32:50:09:5f:80:42:47:ab:a2:
ff:43:8c:76:35:4e:6c:c1:58:78:14:a0:02:4a:bf:2e:29:3e:
98:7e:4d:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSeVcr8Q9YbmH+e9eq4ukMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNTcwODQ1YzIzOWU5OTkxYzg5YmM1YzUwNDMxZTkwODc4
NjBjNGQwHhcNMjUxMTExMDUwMDU5WhcNMjUxMTEyMDUwMDU5WjAzMTEwLwYDVQQD
EyhkMjEzODZhNTE5NzFjY2UyMWQ0ZTQ5MGRjZjA3OTMyNjQzZjc2ODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFdMuCmKQxuCuFomgM6c4BNmfNjh
ybCRv6M4oD4GbeOJ2ZJjb6wEkJtkJJ/22/5zfEeUvH9LlklLcwvm185cx1ZqltuY
NZRgem72OWXzZXRm6Y4JSQM5WSrJW8D23ERT/tboI4m8uPgO9Yd45cn95C+rsJFh
puf/Qrem9eKOVfTFv0VTYh1ntawmO2QvjhWY1Utlr0OEra9pXNxosMuNXz6GF1Lp
yHsaDqk4IpsKLPpT5Q5crOh3jZivEI08uC4wm9tkkn0TQDW0hofER8R/VsXfFC5P
u97G4skoaOpHMsYbcxfvUqU1AqsB6aRRWM5tByV3hSCrOAP5add0eYgofQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNIThqUZccziHU5JDc8HkyZD92gtMB8GA1UdIwQY
MBaAFLBXCEXCOemZHIm8XFBDHpCHhgxNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEt
NDZjYTI2YWZmNTQ1LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xZTdjNDgtZjhjMi00Njc5LWI3NzEtNDZjYTI2YWZmNTQ1
LzEvc0ZjSVJjSTU2WmtjaWJ4Y1VFTWVrSWVHREUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgjuZIGGl
+6U2KljKDhF/r38y24bikevBP6idbsJ5jGgDiBHFf3F9dt2M3JzWTRuIA1k/SpPj
fnHDDSWQPBnYMz78l2Zl5iTLv6ywVLQHc6iDoMpMZzqjJx6lRUhJzXFrgQKDahJq
P+N543RnhlqkLlpk8wU14VKw6m4U13CqEIX5L/ZrEheO8Q4vjlCi9g8aE54YWCeU
uQ5uh4W2OgC0UECCmDU8Z1ZVIWThSKig3aGKRklGEkhjH8I28lQwzGzarodO8oRA
tsDUL592ZdZTK4HHQ1x1R26X+2BGXRFwGYT8MlAJX4BCR6ui/0OMdjVObMFYeBSg
Akq/Lik+mH5NhA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:52 2025 by rpki-client