Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
File: y9lerW0qHa8u9oestMKedgdrKAk.mft (raw, json)
Hash identifier: QPd02bQ75fE2vjA0nJ6ivhNAvnkKrod4tNo+nrlhsEg=
Subject key identifier: 89:3E:8A:61:77:BB:C5:8A:EF:A4:84:98:74:8B:71:0A:C6:AD:1F:BD
Authority key identifier: CB:D9:5E:AD:6D:2A:1D:AF:2E:F6:87:AC:B4:C2:9E:76:07:6B:28:09
Certificate issuer: /CN=cbd95ead6d2a1daf2ef687acb4c29e76076b2809
Certificate serial: 019A70DC831EF867091A567824E3F58287AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9lerW0qHa8u9oestMKedgdrKAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
Manifest number: 0B00
Signing time: Tue 11 Nov 2025 03:01:30 +0000
Manifest this update: Tue 11 Nov 2025 03:01:30 +0000
Manifest next update: Wed 12 Nov 2025 03:01:30 +0000
Files and hashes: 1: dLJ0i3DKxKOgLSZU6DT_1_-wzDs.roa (hash: R+7BGQyfLFShlywgi4Re33H2XJ0XnH/YSJRVXJB4EDE=)
2: y9lerW0qHa8u9oestMKedgdrKAk.crl (hash: 08pyboSqpNpl0q0is+9Tw1S7KyD1xl6+YhrMgOCmf8s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9lerW0qHa8u9oestMKedgdrKAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:83:1e:f8:67:09:1a:56:78:24:e3:f5:82:87:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd95ead6d2a1daf2ef687acb4c29e76076b2809
Validity
Not Before: Nov 11 03:01:30 2025 GMT
Not After : Nov 12 03:01:30 2025 GMT
Subject: CN=893e8a6177bbc58aefa48498748b710ac6ad1fbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ae:13:f8:b6:87:f2:82:7d:3d:e9:75:94:f2:
3a:dd:7a:44:41:60:8d:ae:1b:16:40:b0:e7:7c:b9:
39:87:67:5c:c4:f1:29:6a:8f:f3:1a:02:40:f7:7d:
64:2f:50:c2:fd:67:1f:f8:83:32:80:17:a3:ec:dc:
d6:98:c0:fb:32:4b:3c:68:d6:fd:e0:b9:23:b5:51:
f7:25:34:4e:a6:00:fd:3b:5c:c6:a3:e0:64:d3:af:
64:d9:74:07:6d:a5:0d:f8:6a:e0:7f:81:31:32:ca:
bd:1e:d2:92:12:d7:5c:6b:ed:fd:a7:73:47:a7:50:
c1:68:7f:e0:8f:9f:1d:64:7e:7b:36:bc:bc:67:4c:
0c:74:7d:ae:32:51:cb:ea:f5:09:33:fd:e1:b1:3b:
d1:cb:cf:35:17:df:34:a0:6f:a9:bb:1b:23:30:d8:
d2:ab:25:6a:47:f0:a8:62:a3:49:ac:7f:1e:5b:e6:
12:cd:50:09:01:b9:05:77:ec:ae:ad:d9:e0:9d:f9:
2d:c6:90:23:6d:0d:48:9b:13:47:39:76:fa:c2:1f:
b6:18:40:d4:90:91:52:aa:f4:8b:22:b1:d0:b0:d7:
bf:69:2f:51:ca:8c:4a:d6:8d:a0:a4:5f:3e:f6:f8:
bd:ae:24:65:12:ec:54:6a:2e:59:a0:1c:3b:42:63:
da:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3E:8A:61:77:BB:C5:8A:EF:A4:84:98:74:8B:71:0A:C6:AD:1F:BD
X509v3 Authority Key Identifier:
keyid:CB:D9:5E:AD:6D:2A:1D:AF:2E:F6:87:AC:B4:C2:9E:76:07:6B:28:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9lerW0qHa8u9oestMKedgdrKAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16463-89be-4f5b-b2f2-acc41cacf7e1/1/y9lerW0qHa8u9oestMKedgdrKAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:08:a4:ee:0e:34:75:6e:76:ed:7d:dc:b2:a8:e1:bd:a5:bf:
7d:22:2b:90:ac:6e:05:88:9e:62:bd:bc:54:50:f7:7f:9b:62:
91:26:09:f1:ea:91:2a:b8:6b:ab:7c:09:8d:27:8b:fa:ce:52:
87:c7:95:36:b4:73:fa:6e:d3:8d:37:04:50:49:c8:f8:15:8c:
7c:ad:6a:d7:7b:79:2d:1d:b9:a0:08:b4:6b:bb:3a:8a:2d:4e:
80:27:e9:12:e5:35:f8:4f:5a:39:7c:03:f8:6e:29:02:b1:10:
88:cf:45:cd:7a:58:37:a5:82:8f:d9:dd:2f:03:2f:3d:64:c6:
4a:f3:01:7e:95:08:5a:a6:42:36:d8:d5:5f:ac:5e:13:80:36:
d1:7b:bb:6d:32:46:68:0a:2d:6c:33:ce:a2:8b:65:12:54:7d:
4a:3a:c1:27:da:85:8d:ec:31:e5:8f:5e:9a:9b:3b:10:fc:f1:
84:f1:16:78:93:be:3b:53:23:c9:c2:83:a2:c2:b9:ab:05:83:
cc:e2:39:bb:ba:2a:37:df:ff:5c:d8:e5:61:a4:09:7f:6f:9b:
36:8a:70:ff:db:ab:7a:e2:7c:e8:4e:9b:ae:43:db:77:7e:32:
72:43:45:3f:30:e2:45:02:67:ae:e2:97:ab:e6:4a:b1:f8:f9:
17:7d:4a:33
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3IMe+GcJGlZ4JOP1goevMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDk1ZWFkNmQyYTFkYWYyZWY2ODdhY2I0YzI5ZTc2MDc2
YjI4MDkwHhcNMjUxMTExMDMwMTMwWhcNMjUxMTEyMDMwMTMwWjAzMTEwLwYDVQQD
Eyg4OTNlOGE2MTc3YmJjNThhZWZhNDg0OTg3NDhiNzEwYWM2YWQxZmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla4T+LaH8oJ9Pel1lPI63XpEQWCN
rhsWQLDnfLk5h2dcxPEpao/zGgJA931kL1DC/Wcf+IMygBej7NzWmMD7Mks8aNb9
4LkjtVH3JTROpgD9O1zGo+Bk069k2XQHbaUN+Grgf4ExMsq9HtKSEtdca+39p3NH
p1DBaH/gj58dZH57Nry8Z0wMdH2uMlHL6vUJM/3hsTvRy881F980oG+puxsjMNjS
qyVqR/CoYqNJrH8eW+YSzVAJAbkFd+yurdngnfktxpAjbQ1ImxNHOXb6wh+2GEDU
kJFSqvSLIrHQsNe/aS9RyoxK1o2gpF8+9vi9riRlEuxUai5ZoBw7QmPafQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIk+imF3u8WK76SEmHSLcQrGrR+9MB8GA1UdIwQY
MBaAFMvZXq1tKh2vLvaHrLTCnnYHaygJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlsZXJXMHFIYTh1OW9lc3RNS2VkZ2RyS0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMTY0NjMtODliZS00ZjViLWIyZjIt
YWNjNDFjYWNmN2UxLzEveTlsZXJXMHFIYTh1OW9lc3RNS2VkZ2RyS0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMTY0NjMtODliZS00ZjViLWIyZjItYWNjNDFjYWNmN2Ux
LzEveTlsZXJXMHFIYTh1OW9lc3RNS2VkZ2RyS0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgQik7g40
dW527X3csqjhvaW/fSIrkKxuBYieYr28VFD3f5tikSYJ8eqRKrhrq3wJjSeL+s5S
h8eVNrRz+m7TjTcEUEnI+BWMfK1q13t5LR25oAi0a7s6ii1OgCfpEuU1+E9aOXwD
+G4pArEQiM9FzXpYN6WCj9ndLwMvPWTGSvMBfpUIWqZCNtjVX6xeE4A20Xu7bTJG
aAotbDPOootlElR9SjrBJ9qFjewx5Y9emps7EPzxhPEWeJO+O1MjycKDosK5qwWD
zOI5u7oqN9//XNjlYaQJf2+bNopw/9ureuJ86E6brkPbd34yckNFPzDiRQJnruKX
q+ZKsfj5F31KMw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:17 2025 by rpki-client