Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.mft
File: DdL44N6hOH2vkDXSzfTrjJOticw.mft (raw, json)
Hash identifier: S1Ono1Rz+Z2u6ZoiKv9wzpah+tFlPBgi3OrvcII1kgU=
Subject key identifier: 21:45:90:8F:9F:A0:7C:F0:2A:17:02:97:37:C0:69:CC:69:04:97:E8
Authority key identifier: 0D:D2:F8:E0:DE:A1:38:7D:AF:90:35:D2:CD:F4:EB:8C:93:AD:89:CC
Certificate issuer: /CN=0dd2f8e0dea1387daf9035d2cdf4eb8c93ad89cc
Certificate serial: 019A29305606F5E5A2FF7C2D3BDE2BC48F3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.mft
Manifest number: 11B1
Signing time: Tue 28 Oct 2025 05:00:24 +0000
Manifest this update: Tue 28 Oct 2025 05:00:24 +0000
Manifest next update: Wed 29 Oct 2025 05:00:24 +0000
Files and hashes: 1: 5C3OBNWJVX0XYEPy1WMxBH9P3fA.roa (hash: paK6hyOcqXDBN745vkYjBiywiYBVzqMBn2uUtBINBBA=)
2: DdL44N6hOH2vkDXSzfTrjJOticw.crl (hash: VjUR+o1eTEo2SI8G9k/s/tUsHGUkZUgX1jhFvgetIt4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:30:56:06:f5:e5:a2:ff:7c:2d:3b:de:2b:c4:8f:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd2f8e0dea1387daf9035d2cdf4eb8c93ad89cc
Validity
Not Before: Oct 28 05:00:24 2025 GMT
Not After : Oct 29 05:00:24 2025 GMT
Subject: CN=2145908f9fa07cf02a17029737c069cc690497e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:93:4a:0b:9c:c0:8a:9a:66:8d:9c:f1:e8:80:
38:97:05:41:74:ed:aa:6b:f8:69:00:2f:7d:0e:ea:
c4:8f:f3:61:06:9c:cc:da:c7:0d:1b:c2:50:38:d2:
3c:68:8e:b0:94:d0:72:6e:3e:ed:14:e8:94:6e:26:
77:0e:3b:8a:c0:72:39:81:e5:56:19:1a:22:40:af:
32:23:5c:28:92:d6:69:b1:66:84:78:c7:85:c9:9a:
3a:2b:3b:36:32:0e:1b:42:98:0c:bc:34:58:c0:a6:
ef:8a:86:d6:33:d8:bd:0c:a7:d3:9c:dc:e3:e1:fe:
59:0a:c1:0b:46:24:1e:24:c6:02:78:4d:22:34:e7:
6c:5f:e8:3a:4a:4e:a7:31:8a:62:2c:b1:59:a6:48:
22:35:54:25:5f:b5:f1:fe:9e:ff:18:88:89:de:2b:
6a:1d:b3:63:39:c4:66:8d:48:5a:51:f1:5f:a9:48:
2e:ad:35:6b:86:9b:1d:c6:1f:16:4b:f4:5c:91:8f:
65:cc:1b:5e:94:fc:b8:56:4b:2b:d7:73:98:e6:68:
de:66:79:09:41:57:4a:71:80:e9:d8:9e:f5:1e:e0:
82:e4:60:4a:2c:cd:d1:c5:1c:57:c9:8b:c0:55:5d:
de:ec:f6:2c:16:9a:96:2a:1e:80:2a:ba:38:b2:22:
08:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:45:90:8F:9F:A0:7C:F0:2A:17:02:97:37:C0:69:CC:69:04:97:E8
X509v3 Authority Key Identifier:
keyid:0D:D2:F8:E0:DE:A1:38:7D:AF:90:35:D2:CD:F4:EB:8C:93:AD:89:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdL44N6hOH2vkDXSzfTrjJOticw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d3d466-d951-4c52-b330-aa8485cf3068/1/DdL44N6hOH2vkDXSzfTrjJOticw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7f:8e:86:02:6c:60:1f:11:0a:73:4a:5f:7b:38:d9:b6:95:96:
ba:87:02:72:65:eb:b4:a9:8b:a4:36:13:97:70:a3:09:65:8e:
65:74:3f:fb:fd:95:d3:a3:2a:75:e6:77:08:57:33:d0:07:9c:
2b:c5:d7:99:7b:a3:4f:34:7c:87:c7:c4:c1:aa:1a:99:d5:be:
e4:f1:6e:c9:a5:94:6c:ed:7a:c3:cd:b9:22:52:ed:68:82:5d:
66:82:a6:9c:81:42:03:cc:8a:d8:c4:4f:d1:64:ba:c9:1b:1d:
1e:87:79:9c:8c:e8:8c:b2:f9:dd:26:00:57:19:da:b5:20:22:
29:ed:14:35:29:f9:50:1d:af:e5:5f:85:d0:ed:1c:75:3a:63:
89:4c:6f:8b:57:7b:49:2c:ea:53:f4:18:b3:8e:41:4f:61:b2:
6a:7b:73:f4:3a:4d:37:9a:78:42:56:9e:cb:0a:3e:51:5a:9d:
04:04:d8:4a:df:8f:48:02:03:e8:02:ad:87:6e:05:2a:70:1a:
27:8b:39:81:b3:d9:f9:c5:3b:f2:20:f4:47:1e:7d:98:c3:3f:
4b:07:3d:e1:cd:32:2f:99:50:24:da:7c:38:88:2b:da:57:0d:
c1:60:8b:8e:e6:de:8d:eb:c4:8c:60:21:ef:73:b0:3a:b6:be:
7d:25:c8:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZopMFYG9eWi/3wtO94rxI8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDJmOGUwZGVhMTM4N2RhZjkwMzVkMmNkZjRlYjhjOTNh
ZDg5Y2MwHhcNMjUxMDI4MDUwMDI0WhcNMjUxMDI5MDUwMDI0WjAzMTEwLwYDVQQD
EygyMTQ1OTA4ZjlmYTA3Y2YwMmExNzAyOTczN2MwNjljYzY5MDQ5N2U4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ZNKC5zAippmjZzx6IA4lwVBdO2q
a/hpAC99DurEj/NhBpzM2scNG8JQONI8aI6wlNBybj7tFOiUbiZ3DjuKwHI5geVW
GRoiQK8yI1woktZpsWaEeMeFyZo6Kzs2Mg4bQpgMvDRYwKbviobWM9i9DKfTnNzj
4f5ZCsELRiQeJMYCeE0iNOdsX+g6Sk6nMYpiLLFZpkgiNVQlX7Xx/p7/GIiJ3itq
HbNjOcRmjUhaUfFfqUgurTVrhpsdxh8WS/RckY9lzBtelPy4Vksr13OY5mjeZnkJ
QVdKcYDp2J71HuCC5GBKLM3RxRxXyYvAVV3e7PYsFpqWKh6AKro4siIIeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCFFkI+foHzwKhcClzfAacxpBJfoMB8GA1UdIwQY
MBaAFA3S+ODeoTh9r5A10s3064yTrYnMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kM2Q0NjYtZDk1MS00YzUyLWIzMzAt
YWE4NDg1Y2YzMDY4LzEvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kM2Q0NjYtZDk1MS00YzUyLWIzMzAtYWE4NDg1Y2YzMDY4
LzEvRGRMNDRONmhPSDJ2a0RYU3pmVHJqSk90aWN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf46GAmxg
HxEKc0pfezjZtpWWuocCcmXrtKmLpDYTl3CjCWWOZXQ/+/2V06MqdeZ3CFcz0Aec
K8XXmXujTzR8h8fEwaoamdW+5PFuyaWUbO16w825IlLtaIJdZoKmnIFCA8yK2MRP
0WS6yRsdHod5nIzojLL53SYAVxnatSAiKe0UNSn5UB2v5V+F0O0cdTpjiUxvi1d7
SSzqU/QYs45BT2Gyantz9DpNN5p4Qlaeywo+UVqdBATYSt+PSAID6AKth24FKnAa
J4s5gbPZ+cU78iD0Rx59mMM/Swc94c0yL5lQJNp8OIgr2lcNwWCLjubejevEjGAh
73OwOra+fSXIcA==
-----END CERTIFICATE-----
Generated at Tue Oct 28 09:26:27 2025 by rpki-client