Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
File: 0krezYS7F0i9NbmezqRncuAeyTU.mft (raw, json)
Hash identifier: ws1h0VSAqp84cYhGtTPJvdrU3bv1b/W4M8ocPxWv27A=
Subject key identifier: 6D:B2:B1:B2:15:8C:45:BC:11:E4:C9:35:68:8A:EC:21:D3:E1:5C:35
Authority key identifier: D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
Certificate issuer: /CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Certificate serial: 019A725C7E1FD5488BC1417B86CE537F5A57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
Manifest number: 1722
Signing time: Tue 11 Nov 2025 10:00:55 +0000
Manifest this update: Tue 11 Nov 2025 10:00:55 +0000
Manifest next update: Wed 12 Nov 2025 10:00:55 +0000
Files and hashes: 1: 0krezYS7F0i9NbmezqRncuAeyTU.crl (hash: nhhJhJGoKDBSUNUno0gXy3mJxeL2/lGge5Lp5yK3feI=)
2: UON5AT9SXUWq39L68I_y2_ZUikk.roa (hash: JwjZjFuzIaj/y6AQtmJH9bJqGEr4cg/qlCiSjx+pXxc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:7e:1f:d5:48:8b:c1:41:7b:86:ce:53:7f:5a:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d24adecd84bb1748bd35b99ecea46772e01ec935
Validity
Not Before: Nov 11 10:00:55 2025 GMT
Not After : Nov 12 10:00:55 2025 GMT
Subject: CN=6db2b1b2158c45bc11e4c935688aec21d3e15c35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f1:68:18:74:13:15:75:a1:16:c4:eb:0c:37:
ad:7a:cb:f4:1c:31:aa:b9:4d:9e:37:e8:5e:0d:59:
2c:95:51:18:a2:c0:5b:21:f7:c8:e2:2d:98:d4:0b:
80:0f:e3:fe:38:56:33:05:d6:b9:2c:4a:d6:ff:02:
1d:a9:54:10:b1:3c:93:01:3d:e0:08:e2:d9:67:08:
45:6d:58:a7:04:74:04:d0:ba:07:09:7c:c7:4a:11:
86:e4:50:60:e7:0e:39:3b:06:1b:9b:8a:69:df:76:
c1:0b:a1:26:1b:2b:be:93:c4:3a:75:89:4e:63:d5:
e8:5a:00:37:44:1f:94:17:4f:3b:4b:40:11:2a:96:
d0:33:dd:7a:aa:da:5a:e7:9c:d4:1d:0e:c1:5b:18:
9f:d1:cf:25:8c:70:9a:19:5a:71:64:0a:6e:d8:30:
92:36:20:71:7b:a9:a5:ee:09:54:58:46:3f:34:0f:
88:85:b5:bc:fe:02:54:dd:35:93:42:94:d1:45:d1:
ee:d7:7a:d0:cf:c8:71:ab:ca:0c:df:a1:af:e2:19:
d1:70:00:ec:66:0d:a9:44:56:04:11:b4:f3:a1:85:
cd:17:8f:c8:9f:a7:16:ec:8a:55:1e:14:7f:88:53:
8c:70:1c:23:4c:e4:07:e9:01:3d:72:28:ad:61:f7:
67:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B2:B1:B2:15:8C:45:BC:11:E4:C9:35:68:8A:EC:21:D3:E1:5C:35
X509v3 Authority Key Identifier:
keyid:D2:4A:DE:CD:84:BB:17:48:BD:35:B9:9E:CE:A4:67:72:E0:1E:C9:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0krezYS7F0i9NbmezqRncuAeyTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/63a845-8c09-4d69-a771-48a607bbe25e/1/0krezYS7F0i9NbmezqRncuAeyTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:da:63:6a:78:58:fc:0d:e3:80:28:77:17:64:fe:97:b0:df:
86:69:c1:db:18:31:35:d7:81:ab:d5:b9:b7:66:87:74:c9:54:
0c:40:ff:8c:e2:36:0d:30:63:4d:ad:e2:73:15:8a:40:fd:71:
2e:a2:d0:0f:58:68:28:b8:0d:b1:c8:6b:f9:7e:db:35:a3:17:
78:d6:b4:0f:9d:a8:83:1c:b6:2b:07:e6:6f:e8:12:20:ab:6a:
2b:22:e7:92:04:f2:83:55:15:4f:1e:f9:c1:5f:c7:51:3a:a6:
3b:4c:b7:b8:0d:27:2d:e2:9b:4a:2c:cb:ee:95:2e:50:bc:c5:
9b:8a:78:77:ca:35:53:b2:e9:6d:e0:c1:1d:b1:d6:26:fa:ac:
1e:10:41:dd:f8:75:fd:b4:04:f3:d7:ec:b9:e4:fd:cf:a6:ab:
84:a1:11:ef:43:b3:81:23:ae:ee:4d:a0:da:d7:ce:8e:a1:61:
e9:1c:b2:d8:41:04:fb:2d:c2:c6:4c:ed:c0:05:57:8d:85:b6:
62:73:5c:08:a7:43:b7:a3:fd:68:68:04:28:01:37:1d:ed:e2:
31:41:85:20:5c:a7:7d:f3:ca:ba:fc:5f:a8:39:23:ed:d8:7a:
3a:2f:a8:c6:fe:5d:c7:a3:6a:cb:4b:9c:ae:43:65:62:9c:68:
eb:cd:d7:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXH4f1UiLwUF7hs5Tf1pXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNGFkZWNkODRiYjE3NDhiZDM1Yjk5ZWNlYTQ2NzcyZTAx
ZWM5MzUwHhcNMjUxMTExMTAwMDU1WhcNMjUxMTEyMTAwMDU1WjAzMTEwLwYDVQQD
Eyg2ZGIyYjFiMjE1OGM0NWJjMTFlNGM5MzU2ODhhZWMyMWQzZTE1YzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fFoGHQTFXWhFsTrDDetesv0HDGq
uU2eN+heDVkslVEYosBbIffI4i2Y1AuAD+P+OFYzBda5LErW/wIdqVQQsTyTAT3g
COLZZwhFbVinBHQE0LoHCXzHShGG5FBg5w45OwYbm4pp33bBC6EmGyu+k8Q6dYlO
Y9XoWgA3RB+UF087S0ARKpbQM916qtpa55zUHQ7BWxif0c8ljHCaGVpxZApu2DCS
NiBxe6ml7glUWEY/NA+IhbW8/gJU3TWTQpTRRdHu13rQz8hxq8oM36Gv4hnRcADs
Zg2pRFYEEbTzoYXNF4/In6cW7IpVHhR/iFOMcBwjTOQH6QE9ciitYfdnLwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG2ysbIVjEW8EeTJNWiK7CHT4Vw1MB8GA1UdIwQY
MBaAFNJK3s2EuxdIvTW5ns6kZ3LgHsk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEt
NDhhNjA3YmJlMjVlLzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS82M2E4NDUtOGMwOS00ZDY5LWE3NzEtNDhhNjA3YmJlMjVl
LzEvMGtyZXpZUzdGMGk5TmJtZXpxUm5jdUFleVRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsNpjanhY
/A3jgCh3F2T+l7DfhmnB2xgxNdeBq9W5t2aHdMlUDED/jOI2DTBjTa3icxWKQP1x
LqLQD1hoKLgNschr+X7bNaMXeNa0D52ogxy2Kwfmb+gSIKtqKyLnkgTyg1UVTx75
wV/HUTqmO0y3uA0nLeKbSizL7pUuULzFm4p4d8o1U7LpbeDBHbHWJvqsHhBB3fh1
/bQE89fsueT9z6arhKER70OzgSOu7k2g2tfOjqFh6Ryy2EEE+y3CxkztwAVXjYW2
YnNcCKdDt6P9aGgEKAE3He3iMUGFIFynffPKuvxfqDkj7dh6Oi+oxv5dx6Nqy0uc
rkNlYpxo683XDg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:06 2025 by rpki-client