Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.mft
File: GtYaUvEILs9Ml7USK0YRIlBzRRs.mft (raw, json)
Hash identifier: k8s1A+XM43vtqs3g3i7Imkgg6cTKU3QsK9ZmSPFY8Vo=
Subject key identifier: 02:3F:4E:51:71:39:9E:32:7F:34:4C:37:7C:71:6D:6C:7B:74:A3:C2
Authority key identifier: 1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
Certificate issuer: /CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Certificate serial: 019A70A4D70A69F3305D2226AF097CEF1E42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 02:00:42 +0000
Manifest this update: Tue 11 Nov 2025 02:00:42 +0000
Manifest next update: Wed 12 Nov 2025 02:00:42 +0000
Files and hashes: 1: GtYaUvEILs9Ml7USK0YRIlBzRRs.crl (hash: f7n2kdDN/g5QeswV6Fe6W9AOqkMQo+LZoNQx72XoxqU=)
2: rDCQZOSrxJZ5t1EHBcAmewJ2zuE.roa (hash: 5o5LCz2EfBpIGStnQttGujPIzxdxxRQF2IZp5UipRj0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.mft
rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:d7:0a:69:f3:30:5d:22:26:af:09:7c:ef:1e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad61a52f1082ecf4c97b5122b4611225073451b
Validity
Not Before: Nov 11 02:00:42 2025 GMT
Not After : Nov 12 02:00:42 2025 GMT
Subject: CN=023f4e5171399e327f344c377c716d6c7b74a3c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:ef:d7:21:37:d5:6d:40:2b:26:e3:af:2c:5a:
ba:a7:c7:85:0a:65:3c:a1:68:b3:9d:ce:85:48:8f:
1d:be:bd:50:68:cc:6d:8c:12:35:c7:bf:69:bb:ab:
ba:4d:be:29:a6:eb:85:58:90:2a:97:01:ed:f4:32:
d9:8f:72:1f:fa:a1:2d:8f:e0:08:6d:45:00:44:76:
45:f3:8b:9e:f6:c6:1b:bb:98:ae:01:56:4b:6a:42:
b5:79:32:ae:4c:dc:a4:16:ef:24:91:42:48:84:d6:
a7:46:b4:70:85:b6:f4:15:1d:d9:55:b9:98:d3:e7:
e3:7e:93:2a:26:e3:64:6a:86:4e:3d:b2:0b:e6:48:
ab:98:34:c6:ab:df:25:b6:2d:58:8e:85:7c:69:62:
da:a8:5c:38:31:ce:d9:56:b3:18:96:3d:30:fc:64:
a6:3c:26:d2:65:de:fd:8a:78:ad:92:33:cc:2c:44:
0b:97:15:b9:34:71:51:aa:85:0b:87:49:2f:0a:20:
cc:f3:e3:7f:75:ac:f8:aa:90:74:9e:5c:ca:45:53:
60:ba:4e:f2:8e:7d:d9:66:be:37:dd:8d:6d:b4:d3:
1e:f2:f7:55:60:84:f8:9b:95:f0:e9:19:d6:05:be:
54:51:37:32:44:7b:fd:64:6e:c7:ad:fe:c7:70:2c:
97:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:3F:4E:51:71:39:9E:32:7F:34:4C:37:7C:71:6D:6C:7B:74:A3:C2
X509v3 Authority Key Identifier:
keyid:1A:D6:1A:52:F1:08:2E:CF:4C:97:B5:12:2B:46:11:22:50:73:45:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtYaUvEILs9Ml7USK0YRIlBzRRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/59d555-20bd-4c42-84ba-72ce95ba9afa/1/GtYaUvEILs9Ml7USK0YRIlBzRRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
17:7a:1f:a7:76:8e:ea:f2:6e:5a:31:99:da:d1:36:c3:d4:53:
65:09:71:96:d8:ff:32:7d:49:09:d7:66:ec:38:85:30:b4:92:
db:2a:71:40:62:61:fd:b2:45:98:b8:91:6b:4a:d6:f6:97:e9:
10:2d:22:71:c5:84:05:d2:31:54:0e:44:d0:fd:23:4e:44:02:
3a:cf:97:a4:0d:93:65:82:18:70:71:4d:4a:47:19:11:80:54:
01:31:55:94:93:4d:f8:5d:f5:be:0d:43:7e:42:52:25:0b:51:
8d:f0:b8:51:a5:d7:aa:5f:a4:bf:51:70:25:cc:32:c3:f3:7c:
fa:e7:e5:9c:6a:2d:e9:89:20:91:e9:85:44:d0:26:fb:9a:98:
5f:bb:bc:42:6c:2b:58:b2:a5:a4:cd:06:cd:16:ba:2f:51:4b:
4d:6f:24:a9:13:d8:c6:c0:f9:b0:21:e9:10:6d:e1:86:23:70:
2a:06:7f:5c:5d:f2:2d:ab:5b:c5:6d:64:42:4c:1d:ad:34:e8:
2a:03:dc:9b:6d:9a:38:f5:a9:07:9a:4b:60:0d:ca:fb:38:e2:
1f:ce:df:0c:f4:8f:86:80:b6:65:d6:e4:36:5c:51:ab:46:30:
b2:e6:94:24:22:7b:b3:22:83:e6:95:44:64:9f:d7:75:50:66:
7b:5e:e2:59
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpNcKafMwXSImrwl87x5CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDYxYTUyZjEwODJlY2Y0Yzk3YjUxMjJiNDYxMTIyNTA3
MzQ1MWIwHhcNMjUxMTExMDIwMDQyWhcNMjUxMTEyMDIwMDQyWjAzMTEwLwYDVQQD
EygwMjNmNGU1MTcxMzk5ZTMyN2YzNDRjMzc3YzcxNmQ2YzdiNzRhM2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnO/XITfVbUArJuOvLFq6p8eFCmU8
oWiznc6FSI8dvr1QaMxtjBI1x79pu6u6Tb4ppuuFWJAqlwHt9DLZj3If+qEtj+AI
bUUARHZF84ue9sYbu5iuAVZLakK1eTKuTNykFu8kkUJIhNanRrRwhbb0FR3ZVbmY
0+fjfpMqJuNkaoZOPbIL5kirmDTGq98lti1YjoV8aWLaqFw4Mc7ZVrMYlj0w/GSm
PCbSZd79initkjPMLEQLlxW5NHFRqoULh0kvCiDM8+N/daz4qpB0nlzKRVNguk7y
jn3ZZr433Y1ttNMe8vdVYIT4m5Xw6RnWBb5UUTcyRHv9ZG7Hrf7HcCyXmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAI/TlFxOZ4yfzRMN3xxbWx7dKPCMB8GA1UdIwQY
MBaAFBrWGlLxCC7PTJe1EitGESJQc0UbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81OWQ1NTUtMjBiZC00YzQyLTg0YmEt
NzJjZTk1YmE5YWZhLzEvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81OWQ1NTUtMjBiZC00YzQyLTg0YmEtNzJjZTk1YmE5YWZh
LzEvR3RZYVV2RUlMczlNbDdVU0swWVJJbEJ6UlJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3ofp3aO
6vJuWjGZ2tE2w9RTZQlxltj/Mn1JCddm7DiFMLSS2ypxQGJh/bJFmLiRa0rW9pfp
EC0iccWEBdIxVA5E0P0jTkQCOs+XpA2TZYIYcHFNSkcZEYBUATFVlJNN+F31vg1D
fkJSJQtRjfC4UaXXql+kv1FwJcwyw/N8+uflnGot6YkgkemFRNAm+5qYX7u8Qmwr
WLKlpM0GzRa6L1FLTW8kqRPYxsD5sCHpEG3hhiNwKgZ/XF3yLatbxW1kQkwdrTTo
KgPcm22aOPWpB5pLYA3K+zjiH87fDPSPhoC2ZdbkNlxRq0YwsuaUJCJ7syKD5pVE
ZJ/XdVBme17iWQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:10 2025 by rpki-client