Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
File: rysOIXo1FoOSIGvac85hlTWgLzU.mft (raw, json)
Hash identifier: +fdKcbckUG11Q0lPlqxhiXvKes9QkH2D1HBdMN7xEmg=
Subject key identifier: 21:73:F3:35:21:6A:51:C4:66:D2:D8:00:06:9B:A7:BD:68:BB:E5:A0
Authority key identifier: AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
Certificate issuer: /CN=af2b0e217a35168392206bda73ce619535a02f35
Certificate serial: 019A711366142F93638A546DEEEA9EC2C1D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
Manifest number: 0BC6
Signing time: Tue 11 Nov 2025 04:01:27 +0000
Manifest this update: Tue 11 Nov 2025 04:01:27 +0000
Manifest next update: Wed 12 Nov 2025 04:01:27 +0000
Files and hashes: 1: rysOIXo1FoOSIGvac85hlTWgLzU.crl (hash: sebR6pC5/Ht3+jjCfzWumoGInE98jW6Yx8YuvDJKX1Q=)
2: tKwKl17jXwIeAtAZEyALLLwTexA.roa (hash: E9CmZ9NzF2HrbXjpDzFF0Gs0klh/PHaYx1PKsYvWrwA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:66:14:2f:93:63:8a:54:6d:ee:ea:9e:c2:c1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af2b0e217a35168392206bda73ce619535a02f35
Validity
Not Before: Nov 11 04:01:27 2025 GMT
Not After : Nov 12 04:01:27 2025 GMT
Subject: CN=2173f335216a51c466d2d800069ba7bd68bbe5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:62:52:a5:31:29:24:30:3c:b8:24:f7:14:
2a:23:e5:13:0f:04:49:5d:73:30:7e:2f:df:11:e7:
f3:54:7a:fb:02:7e:f6:db:c2:47:d6:b2:f0:de:dd:
ca:41:67:41:3e:70:44:16:fd:67:63:20:04:28:7f:
85:1f:54:a5:3b:9e:a8:0c:0b:09:70:ba:44:67:76:
cd:da:0f:ad:14:45:ce:0b:df:a6:d6:9d:5d:54:34:
c8:0b:95:70:94:a9:8a:77:d4:f5:f8:92:76:b9:f8:
c2:d8:6d:a1:69:ac:dd:ef:52:e9:8e:1f:54:41:7b:
a6:d6:f7:36:13:d9:cf:9a:a3:8a:2c:c0:0a:02:fe:
be:53:ec:a9:fa:97:52:8e:f0:1c:c5:b1:a6:67:0d:
26:7b:f8:51:5d:8f:f7:4e:98:41:7b:c9:76:2e:11:
86:8c:f2:a1:5b:d7:0f:09:a1:88:a3:09:58:12:10:
05:5c:9b:c2:67:5c:66:e5:37:6d:c3:d7:b9:ee:89:
fb:8b:98:2e:35:05:79:1a:fe:94:7b:06:ba:3b:18:
81:a0:4d:b6:3f:82:31:34:2a:71:f2:76:82:e0:09:
8e:0c:41:b7:ba:9b:3c:9e:9a:9e:13:ac:09:db:3d:
d2:0b:ef:2d:4f:44:fa:56:99:4e:f3:d4:81:28:d9:
bc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:73:F3:35:21:6A:51:C4:66:D2:D8:00:06:9B:A7:BD:68:BB:E5:A0
X509v3 Authority Key Identifier:
keyid:AF:2B:0E:21:7A:35:16:83:92:20:6B:DA:73:CE:61:95:35:A0:2F:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rysOIXo1FoOSIGvac85hlTWgLzU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d2541e-7597-4820-bed7-f0d19809874a/1/rysOIXo1FoOSIGvac85hlTWgLzU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
be:55:4a:7d:5c:9d:cc:9b:45:77:17:51:38:f7:5c:45:7f:96:
07:e9:e2:d7:91:d4:04:b2:5e:d7:56:44:98:1f:43:00:29:87:
a9:c9:11:4e:d1:76:80:75:84:2d:9d:ee:8f:a3:53:c3:0d:15:
12:9d:37:93:28:6f:48:78:aa:c6:2f:03:06:f4:f7:64:21:94:
69:ea:47:32:e9:b4:b4:a0:28:70:b4:ce:3d:aa:0d:6c:9f:d7:
93:72:aa:d7:bb:5f:a4:38:07:ac:5e:b0:1c:a1:b5:c1:5f:27:
93:0d:b9:c5:61:5a:a8:1e:13:8f:8d:d1:e8:3e:61:51:da:b9:
b1:ac:23:b6:00:b5:5c:c4:93:bc:ec:16:13:45:11:e7:4e:c6:
5d:13:20:86:33:64:00:76:af:14:7d:83:cb:f1:9f:e2:eb:be:
51:c5:d3:78:f2:75:11:af:40:6c:01:e2:4e:e1:c2:89:31:28:
7a:4a:16:ed:07:1c:40:d9:93:83:47:ed:e9:b4:c4:ad:f9:03:
06:4e:f3:c0:46:f2:f0:c3:52:f5:ec:4a:c7:c3:af:ad:3e:6d:
68:87:f8:58:db:f8:f9:93:32:d5:fa:7a:b9:16:50:fe:a1:36:
54:08:90:f5:2f:bc:19:ec:95:93:d9:3d:5d:74:10:b4:f7:ae:
b6:77:09:26
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE2YUL5NjilRt7uqewsHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMmIwZTIxN2EzNTE2ODM5MjIwNmJkYTczY2U2MTk1MzVh
MDJmMzUwHhcNMjUxMTExMDQwMTI3WhcNMjUxMTEyMDQwMTI3WjAzMTEwLwYDVQQD
EygyMTczZjMzNTIxNmE1MWM0NjZkMmQ4MDAwNjliYTdiZDY4YmJlNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YViUqUxKSQwPLgk9xQqI+UTDwRJ
XXMwfi/fEefzVHr7An7228JH1rLw3t3KQWdBPnBEFv1nYyAEKH+FH1SlO56oDAsJ
cLpEZ3bN2g+tFEXOC9+m1p1dVDTIC5VwlKmKd9T1+JJ2ufjC2G2haazd71Lpjh9U
QXum1vc2E9nPmqOKLMAKAv6+U+yp+pdSjvAcxbGmZw0me/hRXY/3TphBe8l2LhGG
jPKhW9cPCaGIowlYEhAFXJvCZ1xm5Tdtw9e57on7i5guNQV5Gv6Uewa6OxiBoE22
P4IxNCpx8naC4AmODEG3ups8npqeE6wJ2z3SC+8tT0T6VplO89SBKNm8FQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFz8zUhalHEZtLYAAabp71ou+WgMB8GA1UdIwQY
MBaAFK8rDiF6NRaDkiBr2nPOYZU1oC81MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDct
ZjBkMTk4MDk4NzRhLzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMjU0MWUtNzU5Ny00ODIwLWJlZDctZjBkMTk4MDk4NzRh
LzEvcnlzT0lYbzFGb09TSUd2YWM4NWhsVFdnTHpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvlVKfVyd
zJtFdxdROPdcRX+WB+ni15HUBLJe11ZEmB9DACmHqckRTtF2gHWELZ3uj6NTww0V
Ep03kyhvSHiqxi8DBvT3ZCGUaepHMum0tKAocLTOPaoNbJ/Xk3Kq17tfpDgHrF6w
HKG1wV8nkw25xWFaqB4Tj43R6D5hUdq5sawjtgC1XMSTvOwWE0UR507GXRMghjNk
AHavFH2Dy/Gf4uu+UcXTePJ1Ea9AbAHiTuHCiTEoekoW7QccQNmTg0ft6bTErfkD
Bk7zwEby8MNS9exKx8OvrT5taIf4WNv4+ZMy1fp6uRZQ/qE2VAiQ9S+8GeyVk9k9
XXQQtPeutncJJg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:09 2025 by rpki-client