Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.mft
File: 9XpIEqFZ72qekpcudXKtZi1yIVo.mft (raw, json)
Hash identifier: zQVbvOTEobs+QZp/YIks8Yk06nGEY/RtPKzxRxlsEAQ=
Subject key identifier: 28:DB:64:C3:45:82:B6:E6:F1:A1:C3:5A:BE:01:E0:48:33:30:7F:34
Authority key identifier: F5:7A:48:12:A1:59:EF:6A:9E:92:97:2E:75:72:AD:66:2D:72:21:5A
Certificate issuer: /CN=f57a4812a159ef6a9e92972e7572ad662d72215a
Certificate serial: 019A7225AEBFD92E44575DC6A04F12D72145
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XpIEqFZ72qekpcudXKtZi1yIVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.mft
Manifest number: 100A
Signing time: Tue 11 Nov 2025 09:01:03 +0000
Manifest this update: Tue 11 Nov 2025 09:01:03 +0000
Manifest next update: Wed 12 Nov 2025 09:01:03 +0000
Files and hashes: 1: 9XpIEqFZ72qekpcudXKtZi1yIVo.crl (hash: CddxbG6xawn5+vbMWPtehVD33vAYV1YRmpcOT38t8Js=)
2: Wwn9-ZCeqmzjX68bfgDgANWQIBU.roa (hash: SXq1+cMpW/SHgqnUXdFiB1yUFLsr835szRqOWcz8MK8=)
3: uiAj7bl-SXv7JRxYm2NXVOyGIhs.roa (hash: a//eeH8sFnN4/flxUlmU/77Maqj7B9717/MAcvQSTcQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XpIEqFZ72qekpcudXKtZi1yIVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ae:bf:d9:2e:44:57:5d:c6:a0:4f:12:d7:21:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57a4812a159ef6a9e92972e7572ad662d72215a
Validity
Not Before: Nov 11 09:01:03 2025 GMT
Not After : Nov 12 09:01:03 2025 GMT
Subject: CN=28db64c34582b6e6f1a1c35abe01e04833307f34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:0d:fb:5d:13:df:06:7b:e5:1a:17:4c:eb:06:
46:b5:a0:6c:17:2c:89:86:41:0e:7d:0c:df:ca:97:
be:48:53:88:44:43:d9:6a:9a:28:b1:84:11:72:28:
88:62:27:5b:a9:92:9f:96:36:bc:6d:a7:66:23:24:
27:0f:04:c9:23:30:cf:15:a9:3a:96:6b:b7:4a:29:
85:87:c5:b7:c4:82:e7:e3:0d:65:ec:b8:5b:20:9c:
b4:22:cd:15:79:ae:eb:51:26:57:ce:86:0f:87:7a:
85:71:66:e7:b8:68:c5:e1:f0:b0:0c:9a:a2:74:de:
34:d9:06:87:63:5b:2c:57:99:60:b0:6e:67:ef:f2:
95:f9:c8:7a:55:b7:8f:aa:64:56:44:06:ce:35:e7:
7f:60:20:a9:29:6f:e1:59:31:1b:88:3b:b3:21:b2:
8c:28:eb:4d:97:c0:35:75:9b:9a:fd:81:32:2f:d7:
e8:d7:6c:04:da:eb:55:cb:89:77:e1:b2:06:31:af:
96:22:2a:ea:57:11:6a:ec:9b:13:d5:45:71:41:5c:
dd:0c:12:9c:60:d7:3e:0b:69:7c:db:1f:7b:35:2f:
d8:e9:fc:1a:21:0d:52:93:74:c8:c1:7c:f4:83:22:
ce:12:aa:c0:bb:65:b7:1b:86:ea:87:e1:98:60:e9:
86:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:DB:64:C3:45:82:B6:E6:F1:A1:C3:5A:BE:01:E0:48:33:30:7F:34
X509v3 Authority Key Identifier:
keyid:F5:7A:48:12:A1:59:EF:6A:9E:92:97:2E:75:72:AD:66:2D:72:21:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XpIEqFZ72qekpcudXKtZi1yIVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4fbe10-9487-4115-9856-beb70fd415ca/1/9XpIEqFZ72qekpcudXKtZi1yIVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:2d:a3:77:a0:97:ce:ca:38:75:84:51:aa:b2:3d:8d:30:eb:
3a:d4:23:4a:a6:50:8f:66:ee:ad:7e:6c:64:e1:2a:05:34:46:
1b:07:40:86:b6:8a:d5:61:1e:d7:0f:67:50:2a:6d:61:f9:a1:
6d:fd:8b:a9:e4:b2:c7:d4:05:7b:2a:62:74:c0:32:b7:79:ed:
19:54:1c:4e:74:fd:60:82:1d:c9:1c:7e:cf:4e:8f:af:b9:89:
08:c4:c9:dd:07:ff:5e:98:8e:46:ae:d2:b8:c6:1b:56:de:d4:
ac:0c:29:67:9c:41:86:7f:c6:bc:9a:06:a7:23:f7:e0:3e:13:
58:cb:4e:2f:f9:47:2c:b9:92:f5:a0:a0:52:76:aa:ad:4f:4b:
61:01:75:28:ba:94:c3:eb:3e:ae:e6:e4:5e:12:c5:c6:d3:eb:
50:95:50:cb:f0:1c:49:3f:31:ba:94:9c:21:6d:69:f7:55:a2:
a6:55:87:18:98:da:c2:cc:29:c8:00:01:3e:06:69:d6:f0:c9:
15:f4:d7:fe:2c:35:36:cc:45:7a:76:16:3d:97:71:35:e7:eb:
87:5c:8d:36:36:75:ed:51:bc:cb:3a:7b:1e:3b:59:a7:a0:a4:
63:69:09:b8:aa:42:c1:bd:18:93:0e:02:2e:ec:dc:ec:4d:b7:
b6:9d:73:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJa6/2S5EV13GoE8S1yFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1N2E0ODEyYTE1OWVmNmE5ZTkyOTcyZTc1NzJhZDY2MmQ3
MjIxNWEwHhcNMjUxMTExMDkwMTAzWhcNMjUxMTEyMDkwMTAzWjAzMTEwLwYDVQQD
EygyOGRiNjRjMzQ1ODJiNmU2ZjFhMWMzNWFiZTAxZTA0ODMzMzA3ZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiw37XRPfBnvlGhdM6wZGtaBsFyyJ
hkEOfQzfype+SFOIREPZapoosYQRciiIYidbqZKflja8badmIyQnDwTJIzDPFak6
lmu3SimFh8W3xILn4w1l7LhbIJy0Is0Vea7rUSZXzoYPh3qFcWbnuGjF4fCwDJqi
dN402QaHY1ssV5lgsG5n7/KV+ch6VbePqmRWRAbONed/YCCpKW/hWTEbiDuzIbKM
KOtNl8A1dZua/YEyL9fo12wE2utVy4l34bIGMa+WIirqVxFq7JsT1UVxQVzdDBKc
YNc+C2l82x97NS/Y6fwaIQ1Sk3TIwXz0gyLOEqrAu2W3G4bqh+GYYOmGEwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjbZMNFgrbm8aHDWr4B4EgzMH80MB8GA1UdIwQY
MBaAFPV6SBKhWe9qnpKXLnVyrWYtciFaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhwSUVxRlo3MnFla3BjdWRYS3RaaTF5SVZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80ZmJlMTAtOTQ4Ny00MTE1LTk4NTYt
YmViNzBmZDQxNWNhLzEvOVhwSUVxRlo3MnFla3BjdWRYS3RaaTF5SVZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80ZmJlMTAtOTQ4Ny00MTE1LTk4NTYtYmViNzBmZDQxNWNh
LzEvOVhwSUVxRlo3MnFla3BjdWRYS3RaaTF5SVZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcS2jd6CX
zso4dYRRqrI9jTDrOtQjSqZQj2burX5sZOEqBTRGGwdAhraK1WEe1w9nUCptYfmh
bf2LqeSyx9QFeypidMAyt3ntGVQcTnT9YIIdyRx+z06Pr7mJCMTJ3Qf/XpiORq7S
uMYbVt7UrAwpZ5xBhn/GvJoGpyP34D4TWMtOL/lHLLmS9aCgUnaqrU9LYQF1KLqU
w+s+rubkXhLFxtPrUJVQy/AcST8xupScIW1p91WiplWHGJjawswpyAABPgZp1vDJ
FfTX/iw1NsxFenYWPZdxNefrh1yNNjZ17VG8yzp7HjtZp6CkY2kJuKpCwb0Ykw4C
Luzc7E23tp1zNw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:16:43 2025 by rpki-client