Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
File: dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft (raw, json)
Hash identifier: 4k6ydeoOrOcf+AG1Si2sFIDHbTNM1TGDah4H05r92/o=
Subject key identifier: CA:D1:EB:0D:8E:A3:89:52:6A:86:62:09:5E:98:F4:4B:80:5C:7F:71
Authority key identifier: 74:D7:DA:63:92:99:99:60:33:95:87:74:48:CE:50:AC:6E:02:13:A9
Certificate issuer: /CN=74d7da63929999603395877448ce50ac6e0213a9
Certificate serial: 019959B160902DD7449C269D408736DA2ED0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
Manifest number: 0EF5
Signing time: Wed 17 Sep 2025 22:00:20 +0000
Manifest this update: Wed 17 Sep 2025 22:00:20 +0000
Manifest next update: Thu 18 Sep 2025 22:00:20 +0000
Files and hashes: 1: dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl (hash: kJqraYmiPncBtAlMKVcX35ehah7DQ76lpvfAuuwRcg4=)
2: fU3MlRUECyf8Mob8gpdjGa0WFt0.roa (hash: 1bRjiSyIpRcT6gpZZI2DT+oOrLLRlf7RVwqkDF08rbw=)
3: fzU99qCGkV_CIT5aPe-FRXxnYbQ.roa (hash: vzw9SWyMsFCc6IE8QjYq1it7590sCq4Ux6IdTNIF19M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:59:b1:60:90:2d:d7:44:9c:26:9d:40:87:36:da:2e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74d7da63929999603395877448ce50ac6e0213a9
Validity
Not Before: Sep 17 22:00:20 2025 GMT
Not After : Sep 18 22:00:20 2025 GMT
Subject: CN=cad1eb0d8ea389526a8662095e98f44b805c7f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:94:fb:15:6e:5c:f3:ab:ea:b2:7c:8c:4b:dd:
13:f2:3d:90:c9:d3:68:7b:49:52:14:15:66:25:64:
bd:bb:6b:4d:bd:e2:0d:df:f2:6d:b2:26:03:27:80:
4f:da:4f:c7:f3:28:f2:8d:71:21:43:d5:d8:61:b8:
10:2c:21:97:a3:86:09:1c:40:c4:99:89:ad:3f:e3:
9e:df:7c:ff:2e:47:10:9d:5b:23:ba:69:b9:18:8d:
30:b2:32:09:7f:92:61:2e:2f:e3:0e:93:37:2e:db:
86:a6:20:12:29:be:58:73:a1:6b:ed:29:61:97:16:
86:24:3a:3c:3f:d1:d1:4f:f6:0d:78:24:96:69:64:
1b:20:b6:41:ce:bc:97:96:cc:87:07:5d:72:78:83:
d6:64:34:9f:c2:93:ab:82:18:75:97:cb:4b:fe:ed:
8a:93:d0:2d:00:af:9f:7c:81:0c:9f:13:d7:d8:e3:
df:67:c9:5d:68:75:3f:6f:c5:86:01:80:8a:a1:79:
5c:62:ab:43:c1:59:00:85:68:e1:46:49:0d:c2:f2:
53:9e:0c:b2:0d:12:04:ca:76:a4:5c:d1:43:01:89:
cb:06:16:fc:28:7b:0f:77:2d:32:3d:30:eb:9e:30:
46:b2:6f:dc:75:10:08:e8:67:34:39:3e:05:89:c4:
4d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:D1:EB:0D:8E:A3:89:52:6A:86:62:09:5E:98:F4:4B:80:5C:7F:71
X509v3 Authority Key Identifier:
keyid:74:D7:DA:63:92:99:99:60:33:95:87:74:48:CE:50:AC:6E:02:13:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dNfaY5KZmWAzlYd0SM5QrG4CE6k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/0eb852-af34-4cb9-872e-4b5d5d5f8699/1/dNfaY5KZmWAzlYd0SM5QrG4CE6k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:49:06:12:a1:6c:4e:a9:80:85:a4:13:6f:7c:40:3f:f7:21:
a8:28:fe:f8:bc:f9:1e:1b:6a:9d:da:e7:2a:f9:f5:70:b8:9e:
16:7b:59:3e:c9:6a:1c:76:63:46:72:d8:b9:74:af:4b:fb:c8:
a8:35:7a:a0:a2:1e:43:a8:a9:8c:7b:98:e5:2d:e1:bb:24:09:
b4:cf:2b:83:24:67:98:53:99:4c:c9:f4:1b:aa:4a:1d:f8:9d:
49:d6:04:cf:b1:3a:37:6f:38:4d:aa:eb:4f:55:5f:05:93:82:
64:e5:b1:12:11:77:25:77:e8:95:55:22:3e:0f:d0:37:ed:db:
c3:a9:35:ca:28:0b:e3:91:34:31:f7:a0:6f:92:c0:2a:7b:f2:
13:0c:b6:c0:28:65:4a:c7:80:b7:a6:98:94:54:4b:38:19:1f:
78:ea:e1:80:c9:6b:01:a8:ae:9f:6c:14:69:45:26:d0:11:1d:
df:36:12:95:24:7c:99:59:09:29:17:15:4e:39:bd:69:96:81:
6e:b5:17:a0:c1:42:b9:5f:a2:c9:65:2f:cb:12:f0:67:a9:b9:
ca:0d:19:ec:22:56:d3:01:bd:03:f1:8f:66:e5:75:ff:84:74:
f3:8b:eb:d6:32:8c:a7:b4:d7:b6:a6:f1:df:f5:a5:14:25:d8:
b2:55:43:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlZsWCQLddEnCadQIc22i7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZDdkYTYzOTI5OTk5NjAzMzk1ODc3NDQ4Y2U1MGFjNmUw
MjEzYTkwHhcNMjUwOTE3MjIwMDIwWhcNMjUwOTE4MjIwMDIwWjAzMTEwLwYDVQQD
EyhjYWQxZWIwZDhlYTM4OTUyNmE4NjYyMDk1ZTk4ZjQ0YjgwNWM3ZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpT7FW5c86vqsnyMS90T8j2QydNo
e0lSFBVmJWS9u2tNveIN3/JtsiYDJ4BP2k/H8yjyjXEhQ9XYYbgQLCGXo4YJHEDE
mYmtP+Oe33z/LkcQnVsjumm5GI0wsjIJf5JhLi/jDpM3LtuGpiASKb5Yc6Fr7Slh
lxaGJDo8P9HRT/YNeCSWaWQbILZBzryXlsyHB11yeIPWZDSfwpOrghh1l8tL/u2K
k9AtAK+ffIEMnxPX2OPfZ8ldaHU/b8WGAYCKoXlcYqtDwVkAhWjhRkkNwvJTngyy
DRIEynakXNFDAYnLBhb8KHsPdy0yPTDrnjBGsm/cdRAI6Gc0OT4FicRNBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMrR6w2Oo4lSaoZiCV6Y9EuAXH9xMB8GA1UdIwQY
MBaAFHTX2mOSmZlgM5WHdEjOUKxuAhOpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC8wZWI4NTItYWYzNC00Y2I5LTg3MmUt
NGI1ZDVkNWY4Njk5LzEvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC8wZWI4NTItYWYzNC00Y2I5LTg3MmUtNGI1ZDVkNWY4Njk5
LzEvZE5mYVk1S1ptV0F6bFlkMFNNNVFyRzRDRTZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYkkGEqFs
TqmAhaQTb3xAP/chqCj++Lz5HhtqndrnKvn1cLieFntZPslqHHZjRnLYuXSvS/vI
qDV6oKIeQ6ipjHuY5S3huyQJtM8rgyRnmFOZTMn0G6pKHfidSdYEz7E6N284Tarr
T1VfBZOCZOWxEhF3JXfolVUiPg/QN+3bw6k1yigL45E0Mfegb5LAKnvyEwy2wChl
SseAt6aYlFRLOBkfeOrhgMlrAaiun2wUaUUm0BEd3zYSlSR8mVkJKRcVTjm9aZaB
brUXoMFCuV+iyWUvyxLwZ6m5yg0Z7CJW0wG9A/GPZuV1/4R084vr1jKMp7TXtqbx
3/WlFCXYslVDDA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:28:23 2025 by rpki-client