Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.mft
File: dGMyObqiEDEGpiYN39fni4CUNVw.mft (raw, json)
Hash identifier: oLX4n1mBframCSENFeNmeLZsmRhDzmnD5W/YsLgTEv0=
Subject key identifier: A3:CA:45:06:67:10:70:BD:90:18:8B:C9:26:4E:30:C8:FB:73:44:9A
Authority key identifier: 74:63:32:39:BA:A2:10:31:06:A6:26:0D:DF:D7:E7:8B:80:94:35:5C
Certificate issuer: /CN=74633239baa2103106a6260ddfd7e78b8094355c
Certificate serial: 019A71133B39490336A9AE0835CC3A56BA7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGMyObqiEDEGpiYN39fni4CUNVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.mft
Manifest number: 0DF3
Signing time: Tue 11 Nov 2025 04:01:16 +0000
Manifest this update: Tue 11 Nov 2025 04:01:16 +0000
Manifest next update: Wed 12 Nov 2025 04:01:16 +0000
Files and hashes: 1: GndNIt9G7qZhnR5IIBXP3kbyL_4.roa (hash: SBp7dhTz+pfIJxl9syItY+Kj164I5JLZ7F2dz4iFPso=)
2: dGMyObqiEDEGpiYN39fni4CUNVw.crl (hash: rTonvIEqDI88tF4ayLTRn64TAOozTkOENYWk7zzf5yY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGMyObqiEDEGpiYN39fni4CUNVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:3b:39:49:03:36:a9:ae:08:35:cc:3a:56:ba:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74633239baa2103106a6260ddfd7e78b8094355c
Validity
Not Before: Nov 11 04:01:16 2025 GMT
Not After : Nov 12 04:01:16 2025 GMT
Subject: CN=a3ca4506671070bd90188bc9264e30c8fb73449a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:2d:b6:94:76:78:85:e4:52:f3:5d:0d:78:39:
d9:6e:68:8a:77:60:25:85:40:17:df:e2:57:55:0e:
02:55:da:f1:17:9d:8f:07:96:f6:80:4e:a9:c7:14:
af:cd:9a:ee:77:26:14:47:f1:4a:db:1c:5e:ee:c2:
4c:1a:1b:72:ed:f0:88:30:15:a5:c7:6f:06:29:e1:
7f:02:d8:da:02:99:83:63:72:e0:f3:dd:0a:e4:b0:
4f:7c:99:6b:94:cf:c1:8d:94:d2:dd:67:3b:56:a4:
fd:59:57:4f:20:80:bf:d3:8f:83:69:93:9f:5e:4e:
61:86:33:3e:0c:23:5e:d2:bc:e6:e2:71:22:6b:86:
a7:97:82:8a:5d:b0:02:f6:89:d3:d5:26:91:41:a8:
ea:03:c4:ec:1f:bc:77:e0:ae:c4:8d:66:84:0c:ba:
35:88:b0:b2:f9:98:a4:37:4a:f8:7a:86:a7:61:f0:
41:fb:be:35:6c:e9:b6:e8:20:0e:a9:12:76:d4:45:
e7:b2:5a:17:a1:29:b2:0d:d6:11:b0:6e:cd:73:0d:
2f:9d:57:8b:c4:d5:46:bc:d9:27:4b:d9:ee:1b:39:
b8:1a:6c:e0:3b:be:f2:25:ff:ee:b3:93:c0:8b:ec:
01:ba:fb:cd:6d:b9:71:ff:7f:1a:1f:f5:ed:71:0d:
52:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CA:45:06:67:10:70:BD:90:18:8B:C9:26:4E:30:C8:FB:73:44:9A
X509v3 Authority Key Identifier:
keyid:74:63:32:39:BA:A2:10:31:06:A6:26:0D:DF:D7:E7:8B:80:94:35:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGMyObqiEDEGpiYN39fni4CUNVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/8f35e8-ac2e-4e15-a0b4-b2ec6117ce9e/1/dGMyObqiEDEGpiYN39fni4CUNVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c0:ac:07:27:98:20:df:21:9d:58:eb:f8:f2:af:cb:43:fe:73:
da:0d:11:39:2b:cb:27:cd:b3:0d:d3:24:7f:39:3d:f9:e8:fc:
07:21:22:4b:84:ce:13:35:b4:a0:e1:22:68:c5:ac:bd:6b:76:
c9:e6:d8:33:6a:91:47:1c:00:db:22:86:28:e3:ab:9b:be:ca:
27:72:75:b5:f6:61:e5:6b:a0:0b:69:d6:fb:54:ca:84:3e:fe:
75:ea:f7:39:76:3b:12:e8:7d:0e:17:4b:04:32:b6:f1:b7:15:
07:81:b5:2e:2d:a6:e6:64:f5:be:4b:54:22:73:fa:69:dc:05:
00:f2:9c:1b:d1:89:5f:f0:b1:f0:42:68:b5:1b:ca:e1:ce:58:
0b:0e:f8:79:1a:4a:85:d0:5f:e2:31:b6:18:de:27:b6:dd:e3:
22:ce:56:53:0e:c2:ef:2d:36:c0:17:42:b8:ff:7f:f9:85:b1:
9c:84:ce:8c:b6:0f:f2:fe:f9:37:0d:95:f8:22:56:eb:1b:86:
a8:40:14:7b:63:71:b1:0a:20:6e:79:07:3c:8b:80:bb:63:c6:
87:ce:35:0f:fa:1a:e2:1d:da:90:b2:a1:e3:6c:d3:c0:ad:e4:
e4:d7:5c:9f:76:c2:be:c4:47:09:ce:d5:fe:df:98:de:af:00:
f1:22:44:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEzs5SQM2qa4INcw6Vrp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjMzMjM5YmFhMjEwMzEwNmE2MjYwZGRmZDdlNzhiODA5
NDM1NWMwHhcNMjUxMTExMDQwMTE2WhcNMjUxMTEyMDQwMTE2WjAzMTEwLwYDVQQD
EyhhM2NhNDUwNjY3MTA3MGJkOTAxODhiYzkyNjRlMzBjOGZiNzM0NDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApy22lHZ4heRS810NeDnZbmiKd2Al
hUAX3+JXVQ4CVdrxF52PB5b2gE6pxxSvzZrudyYUR/FK2xxe7sJMGhty7fCIMBWl
x28GKeF/AtjaApmDY3Lg890K5LBPfJlrlM/BjZTS3Wc7VqT9WVdPIIC/04+DaZOf
Xk5hhjM+DCNe0rzm4nEia4anl4KKXbAC9onT1SaRQajqA8TsH7x34K7EjWaEDLo1
iLCy+ZikN0r4eoanYfBB+741bOm26CAOqRJ21EXnsloXoSmyDdYRsG7Ncw0vnVeL
xNVGvNknS9nuGzm4GmzgO77yJf/us5PAi+wBuvvNbblx/38aH/XtcQ1SSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKPKRQZnEHC9kBiLySZOMMj7c0SaMB8GA1UdIwQY
MBaAFHRjMjm6ohAxBqYmDd/X54uAlDVcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdNeU9icWlFREVHcGlZTjM5Zm5pNENVTlZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84ZjM1ZTgtYWMyZS00ZTE1LWEwYjQt
YjJlYzYxMTdjZTllLzEvZEdNeU9icWlFREVHcGlZTjM5Zm5pNENVTlZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84ZjM1ZTgtYWMyZS00ZTE1LWEwYjQtYjJlYzYxMTdjZTll
LzEvZEdNeU9icWlFREVHcGlZTjM5Zm5pNENVTlZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwKwHJ5gg
3yGdWOv48q/LQ/5z2g0ROSvLJ82zDdMkfzk9+ej8ByEiS4TOEzW0oOEiaMWsvWt2
yebYM2qRRxwA2yKGKOOrm77KJ3J1tfZh5WugC2nW+1TKhD7+der3OXY7Euh9DhdL
BDK28bcVB4G1Li2m5mT1vktUInP6adwFAPKcG9GJX/Cx8EJotRvK4c5YCw74eRpK
hdBf4jG2GN4ntt3jIs5WUw7C7y02wBdCuP9/+YWxnITOjLYP8v75Nw2V+CJW6xuG
qEAUe2NxsQogbnkHPIuAu2PGh841D/oa4h3akLKh42zTwK3k5Ndcn3bCvsRHCc7V
/t+Y3q8A8SJEhw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:57 2025 by rpki-client