Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
File: 23DOek5uSrOk6p8IH1kupfbSuao.mft (raw, json)
Hash identifier: Lx3p0zdb3jsCFpCTuUdknIvawZTNL2jHtFV+nq4rM7w=
Subject key identifier: 0D:15:7D:D2:64:EE:7E:14:D8:FD:8E:EE:85:62:B2:26:AA:80:3A:9D
Authority key identifier: DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
Certificate issuer: /CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Certificate serial: 019A7225D7742B0E9136F25B84A2BF850A90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
Manifest number: 0762
Signing time: Tue 11 Nov 2025 09:01:13 +0000
Manifest this update: Tue 11 Nov 2025 09:01:13 +0000
Manifest next update: Wed 12 Nov 2025 09:01:13 +0000
Files and hashes: 1: 1-zGyc8-sNFoNd9jrRwy0ohv-lr8.roa (hash: X6damPmptp3XphV2HfGbEnZgUQ5Ok8UVDdDjwWdsAA0=)
2: 23DOek5uSrOk6p8IH1kupfbSuao.crl (hash: ZErK4BfD8y82iCo52YuwmuNNS7goy80dEa67pXffF0o=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:d7:74:2b:0e:91:36:f2:5b:84:a2:bf:85:0a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db70ce7a4e6e4ab3a4ea9f081f592ea5f6d2b9aa
Validity
Not Before: Nov 11 09:01:13 2025 GMT
Not After : Nov 12 09:01:13 2025 GMT
Subject: CN=0d157dd264ee7e14d8fd8eee8562b226aa803a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:92:f0:8d:43:a5:c6:30:2e:9f:65:8a:ee:69:
d0:81:0d:14:64:37:a0:09:ba:06:55:bb:34:10:13:
46:cd:1a:ef:ac:a5:67:f7:77:88:d5:c7:02:52:f8:
0d:53:d6:81:d0:2a:b7:9a:8d:ab:9e:19:04:bd:36:
e1:a6:e6:3f:0f:3e:c0:eb:ed:fa:54:c1:42:fd:51:
bc:c9:50:d7:ba:11:a7:b3:e5:e2:58:57:31:3a:49:
ea:ec:07:2e:e4:60:f0:58:22:f7:4e:13:1c:ba:6f:
43:bb:82:41:2d:b4:65:cd:47:e0:25:cd:17:7e:30:
a1:19:d1:57:1a:e6:7e:f5:b1:ce:2e:f3:d7:91:e3:
eb:fb:33:c8:f9:fe:63:60:a8:23:11:27:9d:f9:fb:
ea:93:ad:95:00:68:a3:c2:63:4c:c6:69:c6:73:49:
98:8d:20:e3:ba:5d:7d:62:67:ae:e2:74:9e:06:b6:
c4:58:6b:1f:83:10:84:5b:a9:b7:70:f9:7b:11:62:
df:c3:cf:78:47:c8:08:73:d8:28:6e:3e:ee:fa:e8:
ca:4d:3e:09:6f:cf:f6:c0:ee:92:72:91:0e:81:31:
29:27:dc:3d:db:af:65:3b:e8:a9:4f:1e:bd:df:40:
42:63:d4:5b:20:1c:8f:59:02:0b:d7:90:2d:af:67:
96:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:15:7D:D2:64:EE:7E:14:D8:FD:8E:EE:85:62:B2:26:AA:80:3A:9D
X509v3 Authority Key Identifier:
keyid:DB:70:CE:7A:4E:6E:4A:B3:A4:EA:9F:08:1F:59:2E:A5:F6:D2:B9:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/23DOek5uSrOk6p8IH1kupfbSuao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9da601-635e-4d07-8096-2cb17b7bc618/1/23DOek5uSrOk6p8IH1kupfbSuao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:ea:8f:8d:62:d7:db:d3:f3:85:a0:4f:ab:d7:17:7e:2f:e4:
49:f9:f1:d0:4b:73:a9:f3:41:06:9b:ea:a1:2c:56:30:0e:53:
63:81:5e:21:79:b4:d8:e1:62:93:05:b4:7f:d9:f2:97:c8:ea:
e7:61:cd:9c:51:28:36:54:e0:bf:88:29:08:b9:db:09:ea:f3:
cf:75:72:7a:14:da:46:2c:91:57:24:12:42:07:e1:f6:a7:12:
f9:6a:82:77:30:27:c8:37:f4:fd:e8:ff:e8:4e:3d:31:78:c5:
14:01:cb:eb:cb:bc:ce:0a:69:da:4d:4a:f4:2c:81:7b:ba:b5:
55:97:01:ad:d8:d7:b5:cc:ee:d3:5a:9d:a5:ab:c5:2d:24:68:
58:ad:17:b1:7d:3b:f0:85:0c:ed:18:a0:43:cd:7b:92:59:76:
02:cb:22:3e:1a:55:2f:db:6f:16:36:5b:12:a7:28:12:38:25:
17:80:cf:cf:29:e9:18:9d:ba:4f:03:16:84:60:7d:cc:e7:fa:
3c:05:13:72:e7:e1:df:be:ac:aa:de:06:85:fb:0c:58:18:4a:
df:c7:3b:64:97:f2:f0:f4:04:06:6e:ca:8a:70:79:4e:1d:d3:
8b:05:8c:31:25:2b:bb:1a:a6:77:2e:9a:cd:f9:c6:e9:f6:6f:
72:ba:3f:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJdd0Kw6RNvJbhKK/hQqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNzBjZTdhNGU2ZTRhYjNhNGVhOWYwODFmNTkyZWE1ZjZk
MmI5YWEwHhcNMjUxMTExMDkwMTEzWhcNMjUxMTEyMDkwMTEzWjAzMTEwLwYDVQQD
EygwZDE1N2RkMjY0ZWU3ZTE0ZDhmZDhlZWU4NTYyYjIyNmFhODAzYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpLwjUOlxjAun2WK7mnQgQ0UZDeg
CboGVbs0EBNGzRrvrKVn93eI1ccCUvgNU9aB0Cq3mo2rnhkEvTbhpuY/Dz7A6+36
VMFC/VG8yVDXuhGns+XiWFcxOknq7Acu5GDwWCL3ThMcum9Du4JBLbRlzUfgJc0X
fjChGdFXGuZ+9bHOLvPXkePr+zPI+f5jYKgjESed+fvqk62VAGijwmNMxmnGc0mY
jSDjul19Ymeu4nSeBrbEWGsfgxCEW6m3cPl7EWLfw894R8gIc9gobj7u+ujKTT4J
b8/2wO6ScpEOgTEpJ9w9269lO+ipTx6930BCY9RbIByPWQIL15Atr2eWbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA0VfdJk7n4U2P2O7oVisiaqgDqdMB8GA1UdIwQY
MBaAFNtwznpObkqzpOqfCB9ZLqX20rmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYt
MmNiMTdiN2JjNjE4LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85ZGE2MDEtNjM1ZS00ZDA3LTgwOTYtMmNiMTdiN2JjNjE4
LzEvMjNET2VrNXVTck9rNnA4SUgxa3VwZmJTdWFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu+qPjWLX
29PzhaBPq9cXfi/kSfnx0EtzqfNBBpvqoSxWMA5TY4FeIXm02OFikwW0f9nyl8jq
52HNnFEoNlTgv4gpCLnbCerzz3VyehTaRiyRVyQSQgfh9qcS+WqCdzAnyDf0/ej/
6E49MXjFFAHL68u8zgpp2k1K9CyBe7q1VZcBrdjXtczu01qdpavFLSRoWK0XsX07
8IUM7RigQ817kll2AssiPhpVL9tvFjZbEqcoEjglF4DPzynpGJ26TwMWhGB9zOf6
PAUTcufh376sqt4GhfsMWBhK38c7ZJfy8PQEBm7KinB5Th3TiwWMMSUruxqmdy6a
zfnG6fZvcro//g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:41 2025 by rpki-client