Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.mft
File: 1dzeISXwQFitT0eOF4iEFCzy2tA.mft (raw, json)
Hash identifier: K/hIKl6hBvkQa+pCXl7taWU+32Mbfy5tzKjnx80i1Yc=
Subject key identifier: CC:21:CD:8A:23:42:8C:DA:8D:EE:3B:F7:DE:EF:54:FC:45:5F:DF:58
Authority key identifier: D5:DC:DE:21:25:F0:40:58:AD:4F:47:8E:17:88:84:14:2C:F2:DA:D0
Certificate issuer: /CN=d5dcde2125f04058ad4f478e178884142cf2dad0
Certificate serial: 019A7112DF71DFCF9AA7E62F9B4EB3FF47B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1dzeISXwQFitT0eOF4iEFCzy2tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.mft
Manifest number: 10E7
Signing time: Tue 11 Nov 2025 04:00:53 +0000
Manifest this update: Tue 11 Nov 2025 04:00:53 +0000
Manifest next update: Wed 12 Nov 2025 04:00:53 +0000
Files and hashes: 1: 1dzeISXwQFitT0eOF4iEFCzy2tA.crl (hash: 14gRbAdBwY+3s7MMHxDuivLbwRpOtAY5n56oKBN5RyM=)
2: 7RKc8XFi1ZBpZ1fyV1l65spfKVc.roa (hash: hdKthzCCiG0nuzNYJsrtq6rpWOtWCqRiyWfbA+gnE5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1dzeISXwQFitT0eOF4iEFCzy2tA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:df:71:df:cf:9a:a7:e6:2f:9b:4e:b3:ff:47:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5dcde2125f04058ad4f478e178884142cf2dad0
Validity
Not Before: Nov 11 04:00:53 2025 GMT
Not After : Nov 12 04:00:53 2025 GMT
Subject: CN=cc21cd8a23428cda8dee3bf7deef54fc455fdf58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:13:0f:a8:d7:ea:2d:81:0c:bd:1f:cb:ef:6f:
a5:2a:f5:87:5f:90:88:6f:b3:82:1c:71:e7:f1:96:
7f:b5:8d:6e:c1:24:6c:af:96:be:df:9b:e2:3d:50:
11:b8:d7:82:31:bb:7e:d4:22:e6:19:5e:5c:78:51:
86:d8:08:53:c9:62:22:bb:a3:ed:e2:a8:f6:dc:10:
4f:63:8d:55:fe:96:fe:ed:62:6b:7e:a5:a0:e5:e2:
f8:02:13:8e:a3:80:07:50:da:5a:72:c0:07:a9:30:
ec:92:d6:21:ad:1d:9f:25:d0:b0:7f:2b:d2:df:63:
ee:e8:7f:56:f2:e5:9d:ec:fb:95:79:64:9e:41:47:
5d:52:17:7e:4f:7c:04:0d:0b:b1:87:2d:51:5e:37:
93:ac:d0:84:4e:fd:d0:6c:a2:9a:81:09:da:c7:ed:
9c:09:14:5f:b0:39:4e:4a:33:85:20:14:c8:cb:bb:
21:83:31:16:3d:fc:cc:29:17:2b:ff:06:19:61:c7:
ef:91:3c:a4:b0:c0:43:1d:9a:69:d1:f5:ad:41:e1:
d3:75:ba:1f:9e:2c:03:48:55:d7:da:da:3b:1a:f7:
c2:b5:e1:d7:d5:1f:09:97:1e:82:24:02:d6:f2:89:
b7:48:7e:02:f0:9d:cb:4c:16:c6:70:cd:e0:57:0a:
35:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:21:CD:8A:23:42:8C:DA:8D:EE:3B:F7:DE:EF:54:FC:45:5F:DF:58
X509v3 Authority Key Identifier:
keyid:D5:DC:DE:21:25:F0:40:58:AD:4F:47:8E:17:88:84:14:2C:F2:DA:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1dzeISXwQFitT0eOF4iEFCzy2tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/5915c8-003c-4d98-8243-cfdadbdc48ec/1/1dzeISXwQFitT0eOF4iEFCzy2tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1e:0d:4a:b7:c9:3d:7b:0a:93:48:34:83:7a:dc:82:0a:00:d1:
45:03:9c:4c:49:60:f4:ee:39:56:59:a1:6e:86:21:3c:aa:06:
ca:d2:73:f4:fd:9a:8b:22:45:fa:a3:cb:ca:fb:69:81:53:be:
f3:c8:6c:e6:9a:ed:dc:e9:ef:1c:16:d1:83:75:30:0a:83:c9:
7b:d8:c1:c1:42:22:4f:8a:d3:f0:38:f6:f7:f9:65:f3:a2:2f:
04:e2:f1:d5:4c:14:75:84:ac:3d:9b:78:b0:cd:8f:dc:7f:7b:
0b:ef:4b:b7:43:b7:19:c2:55:85:61:06:eb:e1:bf:59:50:26:
3c:0e:0c:8a:1f:9b:66:c9:97:27:28:fb:9c:ad:d4:60:dd:fd:
31:50:bf:e4:c1:55:2f:e7:08:00:c5:3b:17:8d:26:0a:d6:72:
9a:02:30:e7:02:be:9a:14:0f:33:5a:cd:cd:45:5f:54:c1:63:
4b:ad:39:ad:59:2c:5a:0f:38:af:22:73:3f:06:59:05:a5:d5:
c5:41:cd:92:45:68:9b:52:da:b4:ec:8c:6e:47:5a:05:ca:bc:
15:57:2f:f9:4e:bd:76:d5:dc:3c:26:c0:12:dc:53:c7:1a:3b:
f0:e8:65:a7:09:70:70:37:13:7f:53:a7:0b:5b:31:c4:a9:de:
29:3d:ea:64
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEt9x38+ap+Yvm06z/0e5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1ZGNkZTIxMjVmMDQwNThhZDRmNDc4ZTE3ODg4NDE0MmNm
MmRhZDAwHhcNMjUxMTExMDQwMDUzWhcNMjUxMTEyMDQwMDUzWjAzMTEwLwYDVQQD
EyhjYzIxY2Q4YTIzNDI4Y2RhOGRlZTNiZjdkZWVmNTRmYzQ1NWZkZjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhMPqNfqLYEMvR/L72+lKvWHX5CI
b7OCHHHn8ZZ/tY1uwSRsr5a+35viPVARuNeCMbt+1CLmGV5ceFGG2AhTyWIiu6Pt
4qj23BBPY41V/pb+7WJrfqWg5eL4AhOOo4AHUNpacsAHqTDsktYhrR2fJdCwfyvS
32Pu6H9W8uWd7PuVeWSeQUddUhd+T3wEDQuxhy1RXjeTrNCETv3QbKKagQnax+2c
CRRfsDlOSjOFIBTIy7shgzEWPfzMKRcr/wYZYcfvkTyksMBDHZpp0fWtQeHTdbof
niwDSFXX2to7GvfCteHX1R8Jlx6CJALW8om3SH4C8J3LTBbGcM3gVwo1rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMwhzYojQozaje47997vVPxFX99YMB8GA1UdIwQY
MBaAFNXc3iEl8EBYrU9HjheIhBQs8trQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWR6ZUlTWHdRRml0VDBlT0Y0aUVGQ3p5MnRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy81OTE1YzgtMDAzYy00ZDk4LTgyNDMt
Y2ZkYWRiZGM0OGVjLzEvMWR6ZUlTWHdRRml0VDBlT0Y0aUVGQ3p5MnRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy81OTE1YzgtMDAzYy00ZDk4LTgyNDMtY2ZkYWRiZGM0OGVj
LzEvMWR6ZUlTWHdRRml0VDBlT0Y0aUVGQ3p5MnRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHg1Kt8k9
ewqTSDSDetyCCgDRRQOcTElg9O45VlmhboYhPKoGytJz9P2aiyJF+qPLyvtpgVO+
88hs5prt3OnvHBbRg3UwCoPJe9jBwUIiT4rT8Dj29/ll86IvBOLx1UwUdYSsPZt4
sM2P3H97C+9Lt0O3GcJVhWEG6+G/WVAmPA4Mih+bZsmXJyj7nK3UYN39MVC/5MFV
L+cIAMU7F40mCtZymgIw5wK+mhQPM1rNzUVfVMFjS605rVksWg84ryJzPwZZBaXV
xUHNkkVom1LatOyMbkdaBcq8FVcv+U69dtXcPCbAEtxTxxo78OhlpwlwcDcTf1On
C1sxxKneKT3qZA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:55 2025 by rpki-client