Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
File: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft (raw, json)
Hash identifier: qNv4ZyHaeP1+kQJsSHv8gUOYEWXuy4sOGndZiktVq6A=
Subject key identifier: 3A:4B:11:5D:6B:C7:4E:CE:39:05:BD:26:C2:CE:65:A2:9E:38:66:F4
Authority key identifier: AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
Certificate issuer: /CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Certificate serial: 019A326A926F56026C117D9DD392CB3D735B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
Manifest number: 03DB
Signing time: Thu 30 Oct 2025 00:00:36 +0000
Manifest this update: Thu 30 Oct 2025 00:00:36 +0000
Manifest next update: Fri 31 Oct 2025 00:00:36 +0000
Files and hashes: 1: HlRrYVzs80ZJA5_JZ3csPGXIkEY.roa (hash: 2WA22A/U8/r4tDX+UDoYIX+va554GCdeOFSCw5V25j8=)
2: r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl (hash: tJWXVPcyq3YAXQhyI9E1DCbp9Hw3DMASk+kfJsRXfPg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:32:6a:92:6f:56:02:6c:11:7d:9d:d3:92:cb:3d:73:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af9b2cefe389a1ae49756edc2b3293e58830cb82
Validity
Not Before: Oct 30 00:00:36 2025 GMT
Not After : Oct 31 00:00:36 2025 GMT
Subject: CN=3a4b115d6bc74ece3905bd26c2ce65a29e3866f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:08:ba:f0:95:1f:cb:40:33:bd:2a:43:0b:e6:
3c:fa:c9:0f:dd:f2:4a:68:02:57:94:96:57:12:f4:
d7:3b:20:30:1b:4e:c9:ea:ac:f6:b5:95:6c:3b:f2:
58:bb:b7:1b:15:d0:22:c3:ea:5e:20:1a:02:c6:33:
7b:9b:38:19:c9:a5:87:af:bd:52:cb:8c:50:92:bb:
4c:6a:62:05:84:d1:f6:1f:76:9a:61:57:56:8b:5d:
b3:54:92:8c:a2:c4:b7:81:f9:00:1d:43:8c:5c:ac:
2d:28:1b:0d:ed:2e:66:7c:d7:36:6d:fd:cb:85:4f:
bc:89:93:f1:5d:c0:34:38:5b:bc:9a:84:68:3b:75:
a1:9e:7c:41:bf:d2:29:98:48:47:de:9e:cb:10:d0:
6e:b7:14:7a:e3:a5:90:a9:06:1d:b1:53:28:68:3c:
20:83:e8:9f:75:a9:3c:de:07:1f:ac:e4:01:7d:2b:
ba:ea:b5:56:52:fa:85:f9:2c:2a:c8:85:14:9a:e8:
8b:64:f0:58:09:9f:e0:c3:2f:13:8b:25:7c:c8:7c:
a3:6a:30:01:04:94:bf:f8:ea:61:ea:8b:08:38:d7:
e2:e1:0a:c7:e7:f4:38:d0:92:69:ca:97:b2:57:95:
d8:16:81:93:42:be:a3:63:79:7b:fc:34:0d:48:13:
7a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:4B:11:5D:6B:C7:4E:CE:39:05:BD:26:C2:CE:65:A2:9E:38:66:F4
X509v3 Authority Key Identifier:
keyid:AF:9B:2C:EF:E3:89:A1:AE:49:75:6E:DC:2B:32:93:E5:88:30:CB:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf0bfe-9554-4b7e-95da-469619d4ecdb/1/r5ss7-OJoa5JdW7cKzKT5Ygwy4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:ac:74:a9:82:cb:a1:fc:7a:d1:3c:c6:6a:ed:5a:1e:bc:fd:
8b:cc:a7:1c:32:2f:1d:cb:43:84:bf:7a:38:e5:99:0a:84:c7:
f0:53:3b:30:4a:e7:71:e1:5b:f8:12:3b:91:ed:ef:44:7d:7f:
aa:14:26:24:af:a0:0c:b9:46:d3:9e:95:30:c7:88:72:90:e0:
d0:4e:d0:6c:90:2f:c7:24:61:f4:0a:99:a7:85:b8:65:63:f6:
cf:b1:4f:a1:b1:5c:78:21:86:59:97:ac:80:60:fd:d7:fa:9d:
a0:84:3b:86:b9:72:a1:bf:07:7e:7a:2d:75:ac:46:54:ab:38:
57:20:9b:4f:4a:b5:81:3c:38:53:18:b2:d2:8f:01:a6:2c:5c:
f8:fe:e0:a4:27:6c:22:0d:71:c3:43:db:93:07:ac:18:11:d5:
02:fe:5c:1b:e0:f8:8b:11:9d:1c:44:1d:47:f3:22:0e:ee:f4:
92:a4:ca:64:dd:6d:eb:4d:ee:1a:4b:95:8d:3b:dc:1a:b9:c6:
ec:a0:57:de:c6:ff:1e:3c:44:39:e4:d3:27:4a:1f:a5:b6:56:
6e:c6:54:86:5e:22:f2:29:ae:ae:60:16:33:21:da:87:5a:84:
9e:74:de:7a:11:5c:28:84:eb:1f:ad:50:73:da:06:4f:ed:32:
34:5d:ef:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoyapJvVgJsEX2d05LLPXNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOWIyY2VmZTM4OWExYWU0OTc1NmVkYzJiMzI5M2U1ODgz
MGNiODIwHhcNMjUxMDMwMDAwMDM2WhcNMjUxMDMxMDAwMDM2WjAzMTEwLwYDVQQD
EygzYTRiMTE1ZDZiYzc0ZWNlMzkwNWJkMjZjMmNlNjVhMjllMzg2NmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3wi68JUfy0AzvSpDC+Y8+skP3fJK
aAJXlJZXEvTXOyAwG07J6qz2tZVsO/JYu7cbFdAiw+peIBoCxjN7mzgZyaWHr71S
y4xQkrtMamIFhNH2H3aaYVdWi12zVJKMosS3gfkAHUOMXKwtKBsN7S5mfNc2bf3L
hU+8iZPxXcA0OFu8moRoO3WhnnxBv9IpmEhH3p7LENButxR646WQqQYdsVMoaDwg
g+ifdak83gcfrOQBfSu66rVWUvqF+SwqyIUUmuiLZPBYCZ/gwy8TiyV8yHyjajAB
BJS/+Oph6osIONfi4QrH5/Q40JJpypeyV5XYFoGTQr6jY3l7/DQNSBN6cQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDpLEV1rx07OOQW9JsLOZaKeOGb0MB8GA1UdIwQY
MBaAFK+bLO/jiaGuSXVu3Csyk+WIMMuCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEt
NDY5NjE5ZDRlY2RiLzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iZjBiZmUtOTU1NC00YjdlLTk1ZGEtNDY5NjE5ZDRlY2Ri
LzEvcjVzczctT0pvYTVKZFc3Y0t6S1Q1WWd3eTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhKx0qYLL
ofx60TzGau1aHrz9i8ynHDIvHctDhL96OOWZCoTH8FM7MErnceFb+BI7ke3vRH1/
qhQmJK+gDLlG056VMMeIcpDg0E7QbJAvxyRh9AqZp4W4ZWP2z7FPobFceCGGWZes
gGD91/qdoIQ7hrlyob8HfnotdaxGVKs4VyCbT0q1gTw4Uxiy0o8Bpixc+P7gpCds
Ig1xw0PbkwesGBHVAv5cG+D4ixGdHEQdR/MiDu70kqTKZN1t603uGkuVjTvcGrnG
7KBX3sb/HjxEOeTTJ0ofpbZWbsZUhl4i8imurmAWMyHah1qEnnTeehFcKITrH61Q
c9oGT+0yNF3v7w==
-----END CERTIFICATE-----
Generated at Thu Oct 30 06:18:45 2025 by rpki-client