Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
File: dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft (raw, json)
Hash identifier: f710MDmotR6ZzgnVUGBaewBVJgUYELDsxoCXb42CiVY=
Subject key identifier: 1E:02:99:CD:E4:40:12:82:9D:20:09:A8:CB:7A:A4:98:19:43:D1:C0
Authority key identifier: 74:D7:DA:63:92:99:99:60:33:95:87:74:48:CE:50:AC:6E:02:13:A9
Certificate issuer: /CN=74d7da63929999603395877448ce50ac6e0213a9
Certificate serial: 019A71B7F1F283EC175D133C735A2E898FFF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
Manifest number: 0F86
Signing time: Tue 11 Nov 2025 07:01:11 +0000
Manifest this update: Tue 11 Nov 2025 07:01:11 +0000
Manifest next update: Wed 12 Nov 2025 07:01:11 +0000
Files and hashes: 1: dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl (hash: YsA1b7ARwGzWzNTvGl9ojzaDHHhy854LpFNRnSifeQc=)
2: fU3MlRUECyf8Mob8gpdjGa0WFt0.roa (hash: 1bRjiSyIpRcT6gpZZI2DT+oOrLLRlf7RVwqkDF08rbw=)
3: fzU99qCGkV_CIT5aPe-FRXxnYbQ.roa (hash: vzw9SWyMsFCc6IE8QjYq1it7590sCq4Ux6IdTNIF19M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:f1:f2:83:ec:17:5d:13:3c:73:5a:2e:89:8f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d7da63929999603395877448ce50ac6e0213a9
Validity
Not Before: Nov 11 07:01:11 2025 GMT
Not After : Nov 12 07:01:11 2025 GMT
Subject: CN=1e0299cde44012829d2009a8cb7aa4981943d1c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:31:cf:37:c4:b6:dd:1c:6b:ea:b2:ba:e8:f1:
2b:0c:08:c1:da:dd:86:48:9f:08:51:77:ae:10:0b:
36:d6:54:06:32:af:36:bc:91:05:fa:e0:68:d8:56:
e5:2e:a3:c3:9a:6f:fa:72:af:1d:a7:51:33:c0:ac:
e0:4e:8c:6b:1c:47:3e:8b:d7:8e:d4:6a:99:72:f6:
47:cf:f7:38:40:a2:12:0f:39:f7:ff:a4:ff:cb:7a:
34:06:e4:43:f3:ec:48:5c:3e:c4:46:d7:03:62:c0:
fb:52:0b:40:0e:b6:2f:21:3d:bc:c7:ef:46:1f:74:
0e:c1:31:96:b7:84:98:2c:83:43:a2:fb:5c:07:95:
b6:fe:be:80:c4:e8:46:bc:39:ec:bc:89:ac:02:32:
6d:d7:3e:32:ed:80:bc:00:68:f4:ee:58:6a:1b:90:
76:b9:77:91:07:2c:12:ff:7a:f4:26:e0:0b:c3:34:
28:5f:aa:09:10:64:16:6b:2b:cb:37:aa:c1:d7:68:
77:d9:a8:e0:45:e1:0b:e7:45:4d:15:46:00:3b:57:
e8:00:14:83:a4:b2:c3:66:01:92:e3:78:96:79:dd:
fd:05:5a:66:06:39:fd:69:c0:57:e9:6c:39:0e:2b:
5a:53:49:99:3e:ba:51:4b:0f:3d:dd:3f:f5:c0:af:
b9:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:02:99:CD:E4:40:12:82:9D:20:09:A8:CB:7A:A4:98:19:43:D1:C0
X509v3 Authority Key Identifier:
keyid:74:D7:DA:63:92:99:99:60:33:95:87:74:48:CE:50:AC:6E:02:13:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
28:e0:41:36:c0:63:c0:b2:d7:bc:20:d7:aa:80:06:f3:8c:34:
df:35:3e:b0:b2:c4:8f:d9:8f:d9:9c:1a:6f:94:af:19:f6:71:
00:6b:26:38:12:aa:8c:c7:10:fd:65:98:26:a3:37:38:ec:fa:
77:ca:35:b3:f2:6b:5b:26:a8:c3:22:cb:0c:f8:33:d0:e6:e8:
cd:50:8e:1b:98:8f:d5:02:ba:6a:f6:f0:2e:c1:8a:9b:7c:ce:
36:f4:3a:ed:1a:de:a3:96:8e:af:1f:1d:e6:04:3e:b7:84:df:
bd:81:08:36:45:fa:50:c1:96:05:58:93:14:b0:a8:3b:94:4f:
f9:72:ab:5e:41:16:23:ef:c6:a2:b3:19:62:97:76:29:75:ff:
9a:cb:7f:4c:f4:1f:07:0a:71:a1:79:c3:b3:4b:5e:af:b3:da:
9b:ac:a9:2d:ff:55:8b:b8:3f:6c:be:1a:ea:84:a7:cf:d7:6c:
37:55:9e:64:72:81:2f:18:a1:c3:ed:1a:c0:76:51:db:0e:4a:
9e:92:54:c4:53:a8:4b:9c:c9:f3:68:37:9a:49:f8:b0:8e:2c:
9b:2a:05:f3:02:f3:e1:7a:21:cc:18:fe:60:ee:4e:c9:68:e8:
48:b0:5a:4f:cb:2a:ad:0f:0c:51:90:eb:03:e5:cc:ee:3f:4e:
73:ed:28:9e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/Hyg+wXXRM8c1ouiY//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDdkYTYzOTI5OTk5NjAzMzk1ODc3NDQ4Y2U1MGFjNmUw
MjEzYTkwHhcNMjUxMTExMDcwMTExWhcNMjUxMTEyMDcwMTExWjAzMTEwLwYDVQQD
EygxZTAyOTljZGU0NDAxMjgyOWQyMDA5YThjYjdhYTQ5ODE5NDNkMWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjHPN8S23Rxr6rK66PErDAjB2t2G
SJ8IUXeuEAs21lQGMq82vJEF+uBo2FblLqPDmm/6cq8dp1EzwKzgToxrHEc+i9eO
1GqZcvZHz/c4QKISDzn3/6T/y3o0BuRD8+xIXD7ERtcDYsD7UgtADrYvIT28x+9G
H3QOwTGWt4SYLINDovtcB5W2/r6AxOhGvDnsvImsAjJt1z4y7YC8AGj07lhqG5B2
uXeRBywS/3r0JuALwzQoX6oJEGQWayvLN6rB12h32ajgReEL50VNFUYAO1foABSD
pLLDZgGS43iWed39BVpmBjn9acBX6Ww5DitaU0mZPrpRSw893T/1wK+5XQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFB4Cmc3kQBKCnSAJqMt6pJgZQ9HAMB8GA1UdIwQY
MBaAFHTX2mOSmZlgM5WHdEjOUKxuAhOpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wZWI4NTItYWYzNC00Y2I5LTg3MmUt
NGI1ZDVkNWY4Njk5LzEvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wZWI4NTItYWYzNC00Y2I5LTg3MmUtNGI1ZDVkNWY4Njk5
LzEvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKOBBNsBj
wLLXvCDXqoAG84w03zU+sLLEj9mP2Zwab5SvGfZxAGsmOBKqjMcQ/WWYJqM3OOz6
d8o1s/JrWyaowyLLDPgz0ObozVCOG5iP1QK6avbwLsGKm3zONvQ67Rreo5aOrx8d
5gQ+t4TfvYEINkX6UMGWBViTFLCoO5RP+XKrXkEWI+/GorMZYpd2KXX/mst/TPQf
BwpxoXnDs0ter7Pam6ypLf9Vi7g/bL4a6oSnz9dsN1WeZHKBLxihw+0awHZR2w5K
npJUxFOoS5zJ82g3mkn4sI4smyoF8wLz4XohzBj+YO5OyWjoSLBaT8sqrQ8MUZDr
A+XM7j9Oc+0ong==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:45:19 2025 by rpki-client