Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
File: 9Y3yxGnJeIlfhFgCTFBugByPsho.mft (raw, json)
Hash identifier: 9O4tWN/vMCUY5QODrYaW+k0I01a/nf9JjnLRoQtTTzI=
Subject key identifier: 6A:E7:82:47:EC:3A:CA:1E:B9:F8:FD:95:A4:46:9B:B9:35:8F:6C:8E
Authority key identifier: F5:8D:F2:C4:69:C9:78:89:5F:84:58:02:4C:50:6E:80:1C:8F:B2:1A
Certificate issuer: /CN=f58df2c469c978895f8458024c506e801c8fb21a
Certificate serial: 019A72935F06B1B7A34AFEDACA24D96CACDF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
Manifest number: 14A7
Signing time: Tue 11 Nov 2025 11:00:51 +0000
Manifest this update: Tue 11 Nov 2025 11:00:51 +0000
Manifest next update: Wed 12 Nov 2025 11:00:51 +0000
Files and hashes: 1: 9Y3yxGnJeIlfhFgCTFBugByPsho.crl (hash: VKP2UonsGxLq5Lo2wMQLihk8Hh4dZRuayetn/r1JV9Y=)
2: uTgF90O7aHLO_G7cSzTbj_nzdao.roa (hash: lwZMpyCYU1xDcN6IVFSHMP6G+054GMvXirawB6lbtsU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:5f:06:b1:b7:a3:4a:fe:da:ca:24:d9:6c:ac:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f58df2c469c978895f8458024c506e801c8fb21a
Validity
Not Before: Nov 11 11:00:51 2025 GMT
Not After : Nov 12 11:00:51 2025 GMT
Subject: CN=6ae78247ec3aca1eb9f8fd95a4469bb9358f6c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e1:d6:d1:0a:a2:61:87:17:3a:92:5e:d3:99:
55:16:f8:a9:61:ad:22:37:f1:14:a2:dc:e1:2e:af:
95:4f:62:0e:9b:c1:96:b6:de:23:c7:9e:b6:72:a1:
cb:53:4c:8d:c0:78:4e:74:35:a8:7a:a2:e3:61:30:
92:2c:85:15:fd:cb:14:f4:8f:4d:bd:b1:28:30:5c:
e8:3f:e8:01:57:c2:dd:16:c4:39:e6:2c:54:f6:c5:
11:e9:dd:81:1b:d8:d5:88:7e:48:a9:3f:e4:06:9f:
fa:c4:ce:26:66:86:af:a1:6c:00:22:b6:fe:aa:64:
21:3b:3d:bb:e7:64:45:9b:f9:11:37:70:5a:f4:4d:
af:37:56:e4:d7:8e:1a:13:57:5f:26:57:b2:d3:1c:
9c:2e:b1:29:88:6c:bc:f1:67:7e:9b:7a:0c:8d:d5:
c7:34:0c:4c:0c:71:13:25:3e:5f:ae:14:29:33:44:
c2:5a:7b:08:d3:15:8a:fc:f6:75:2e:fd:c1:0c:b3:
0e:4e:47:51:8a:3b:ca:0b:64:41:6b:2e:57:1c:e6:
64:ea:ba:df:92:07:80:73:c5:87:4f:8b:bb:2f:2d:
09:01:69:17:bb:0a:fd:71:dc:ab:d0:9f:0b:12:70:
02:64:24:72:37:c7:7e:38:0a:aa:ff:87:76:65:a0:
e1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E7:82:47:EC:3A:CA:1E:B9:F8:FD:95:A4:46:9B:B9:35:8F:6C:8E
X509v3 Authority Key Identifier:
keyid:F5:8D:F2:C4:69:C9:78:89:5F:84:58:02:4C:50:6E:80:1C:8F:B2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Y3yxGnJeIlfhFgCTFBugByPsho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/1e9621-626e-4032-9b54-76e3349c97c2/1/9Y3yxGnJeIlfhFgCTFBugByPsho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
54:4b:cd:1a:1d:ef:d0:a0:83:a0:46:53:d9:1c:55:38:fb:ee:
97:bd:4e:0a:9b:01:a2:dc:a0:ec:b4:ee:b3:d3:e9:83:ef:52:
cf:e5:22:c4:be:23:bb:ba:ea:43:51:cd:08:c4:dd:48:a5:28:
c3:ef:63:84:75:40:56:c1:fa:42:47:a2:f0:8d:ef:71:07:5b:
f0:7f:e3:4e:a7:9c:58:e4:a0:80:b7:54:c5:66:97:0b:e9:ee:
25:23:b6:f2:17:9a:dd:ea:9d:06:f4:81:25:a4:05:97:6f:35:
15:c0:70:87:1c:53:18:33:90:20:dc:63:70:31:f3:93:5e:40:
0d:a8:a4:f1:4a:aa:fc:72:4e:ef:42:99:b2:a5:44:1d:2e:78:
f1:5c:c5:4f:5f:6f:2c:01:f6:a4:34:9f:aa:d9:77:38:9f:22:
08:22:11:84:3c:1b:2f:b2:98:fa:15:62:c0:a0:b4:7d:46:0c:
56:87:f1:c5:38:d9:a2:80:7d:30:ea:14:c0:36:0f:ff:63:56:
c7:60:26:1a:99:7e:91:b0:f8:46:51:f5:75:2e:91:a8:c1:a5:
b9:90:0b:02:fb:e8:0d:4b:7f:fb:90:b2:cf:78:14:87:4f:8b:
1d:12:6f:88:d5:34:54:c0:b5:6b:e3:4f:e5:e0:8e:26:68:d3:
a2:82:80:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk18GsbejSv7ayiTZbKzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1OGRmMmM0NjljOTc4ODk1Zjg0NTgwMjRjNTA2ZTgwMWM4
ZmIyMWEwHhcNMjUxMTExMTEwMDUxWhcNMjUxMTEyMTEwMDUxWjAzMTEwLwYDVQQD
Eyg2YWU3ODI0N2VjM2FjYTFlYjlmOGZkOTVhNDQ2OWJiOTM1OGY2YzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+HW0QqiYYcXOpJe05lVFvipYa0i
N/EUotzhLq+VT2IOm8GWtt4jx562cqHLU0yNwHhOdDWoeqLjYTCSLIUV/csU9I9N
vbEoMFzoP+gBV8LdFsQ55ixU9sUR6d2BG9jViH5IqT/kBp/6xM4mZoavoWwAIrb+
qmQhOz2752RFm/kRN3Ba9E2vN1bk144aE1dfJley0xycLrEpiGy88Wd+m3oMjdXH
NAxMDHETJT5frhQpM0TCWnsI0xWK/PZ1Lv3BDLMOTkdRijvKC2RBay5XHOZk6rrf
kgeAc8WHT4u7Ly0JAWkXuwr9cdyr0J8LEnACZCRyN8d+OAqq/4d2ZaDhawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGrngkfsOsoeufj9laRGm7k1j2yOMB8GA1UdIwQY
MBaAFPWN8sRpyXiJX4RYAkxQboAcj7IaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVkzeXhHbkplSWxmaEZnQ1RGQnVnQnlQc2hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xZTk2MjEtNjI2ZS00MDMyLTliNTQt
NzZlMzM0OWM5N2MyLzEvOVkzeXhHbkplSWxmaEZnQ1RGQnVnQnlQc2hvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xZTk2MjEtNjI2ZS00MDMyLTliNTQtNzZlMzM0OWM5N2My
LzEvOVkzeXhHbkplSWxmaEZnQ1RGQnVnQnlQc2hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVEvNGh3v
0KCDoEZT2RxVOPvul71OCpsBotyg7LTus9Ppg+9Sz+UixL4ju7rqQ1HNCMTdSKUo
w+9jhHVAVsH6Qkei8I3vcQdb8H/jTqecWOSggLdUxWaXC+nuJSO28hea3eqdBvSB
JaQFl281FcBwhxxTGDOQINxjcDHzk15ADaik8Uqq/HJO70KZsqVEHS548VzFT19v
LAH2pDSfqtl3OJ8iCCIRhDwbL7KY+hViwKC0fUYMVofxxTjZooB9MOoUwDYP/2NW
x2AmGpl+kbD4RlH1dS6RqMGluZALAvvoDUt/+5Cyz3gUh0+LHRJviNU0VMC1a+NP
5eCOJmjTooKAIw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:42 2025 by rpki-client