Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.mft
File: DkGjlotidBs200i-DSyRxdSxM6I.mft (raw, json)
Hash identifier: AENxG4e93pgI1MtXBtrnBY6Hk09e9LeIiWz7KkGWOJA=
Subject key identifier: 88:A7:00:16:C2:E7:12:7C:E1:6D:BB:33:6B:CE:F9:2D:C6:CD:D9:86
Authority key identifier: 0E:41:A3:96:8B:62:74:1B:36:D3:48:BE:0D:2C:91:C5:D4:B1:33:A2
Certificate issuer: /CN=0e41a3968b62741b36d348be0d2c91c5d4b133a2
Certificate serial: 019A4E18821D87D27A3F814424167EC2AB3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkGjlotidBs200i-DSyRxdSxM6I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 09:00:20 +0000
Manifest this update: Tue 04 Nov 2025 09:00:20 +0000
Manifest next update: Wed 05 Nov 2025 09:00:20 +0000
Files and hashes: 1: DkGjlotidBs200i-DSyRxdSxM6I.crl (hash: 7+HFKSNs2SDzOiSXUu8crRrNK2yni7nVyivM5JEv/q4=)
2: nHnuu4F-Ic_WUkHgNlM9Go5lrwU.roa (hash: 5dkmrGwUAjAB3N+7M+2yibV5BDpF46oezVix+Yio7q4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.mft
rsync://rpki.ripe.net/repository/DEFAULT/DkGjlotidBs200i-DSyRxdSxM6I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:82:1d:87:d2:7a:3f:81:44:24:16:7e:c2:ab:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e41a3968b62741b36d348be0d2c91c5d4b133a2
Validity
Not Before: Nov 4 09:00:20 2025 GMT
Not After : Nov 5 09:00:20 2025 GMT
Subject: CN=88a70016c2e7127ce16dbb336bcef92dc6cdd986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b9:03:b4:6c:12:ed:94:d3:8c:36:f0:d8:55:
46:72:1d:3e:9f:af:4d:ad:66:a8:f6:d4:c2:ad:a3:
08:4d:11:99:eb:5e:a3:38:e9:88:ed:02:2b:e3:8e:
ec:29:11:62:64:6e:21:a1:ad:e8:1a:32:80:7d:a2:
98:24:b7:a2:6c:30:96:43:e3:ac:c6:7f:69:33:5c:
da:8a:d0:64:9e:33:04:71:4a:c6:f6:18:d2:f2:ef:
39:0b:33:73:11:ae:ba:57:02:60:1d:82:4c:93:85:
a1:f3:1d:d1:d1:2e:4d:1a:16:bc:3e:5d:a3:18:89:
14:59:d2:5a:ae:14:7a:f0:51:8f:89:0f:c0:3b:31:
3c:16:47:18:aa:b6:c3:8b:4d:f1:93:a4:dc:68:19:
26:91:3d:41:77:ef:ed:bf:97:a7:bd:77:49:9d:7b:
a2:f8:64:83:45:82:4a:22:c9:1a:ea:59:b0:54:ce:
dd:12:74:2f:ae:64:81:a9:62:71:44:1f:4f:18:45:
ec:9a:96:29:d5:a3:67:3d:16:a4:49:12:3f:47:01:
8f:eb:e1:30:80:04:31:33:e3:bd:15:67:92:f9:64:
a9:eb:dc:68:b2:2e:45:7b:d9:78:f9:c2:a8:cc:f1:
ba:1f:c7:94:4d:d8:e2:1f:2c:25:cb:ee:a0:e5:68:
ff:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:A7:00:16:C2:E7:12:7C:E1:6D:BB:33:6B:CE:F9:2D:C6:CD:D9:86
X509v3 Authority Key Identifier:
keyid:0E:41:A3:96:8B:62:74:1B:36:D3:48:BE:0D:2C:91:C5:D4:B1:33:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkGjlotidBs200i-DSyRxdSxM6I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/05b1f8-4b35-40bb-a034-747523192363/1/DkGjlotidBs200i-DSyRxdSxM6I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a3:82:01:1d:9b:df:02:48:1b:75:1f:61:fe:77:7c:da:30:bc:
d0:aa:0b:dc:6d:c9:48:f5:a4:7f:81:7c:dc:c4:91:68:5d:68:
ee:a9:33:db:b9:01:28:61:be:a4:51:92:ee:e1:aa:ee:c8:17:
65:41:a8:f7:04:dd:52:f2:3a:f7:8c:3b:b0:c1:e0:ad:2d:7f:
da:4b:b4:27:c0:fc:94:c9:f8:c3:f8:41:45:6d:13:d0:22:5a:
e5:f2:75:7c:ae:a1:71:93:77:93:5e:ef:3e:55:cc:2e:ae:7c:
7a:25:4b:3d:c6:0f:4c:5c:9a:55:41:0f:34:c9:46:07:07:45:
a1:48:28:3a:f1:1b:b8:e3:4f:a2:46:bd:ef:82:e3:ae:85:0e:
7a:77:fb:0c:ea:f3:fd:64:75:81:21:54:f2:e5:d2:10:3a:eb:
52:ed:6e:a8:20:d5:0d:b9:e8:1d:aa:ea:37:1a:93:c3:32:40:
d2:0c:df:20:a2:5f:2e:a2:9b:97:b7:fc:65:bb:b1:af:47:ff:
4c:ca:f9:4b:93:2a:c8:de:6a:5b:27:3a:e0:62:ec:90:a6:87:
f1:17:4f:02:44:18:f3:83:92:bd:cb:a7:91:c6:02:f0:dd:89:
6b:c1:29:1d:b0:0d:f6:02:ef:9e:7b:0c:f5:df:b8:13:38:d1:
79:92:61:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGIIdh9J6P4FEJBZ+wqs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDFhMzk2OGI2Mjc0MWIzNmQzNDhiZTBkMmM5MWM1ZDRi
MTMzYTIwHhcNMjUxMTA0MDkwMDIwWhcNMjUxMTA1MDkwMDIwWjAzMTEwLwYDVQQD
Eyg4OGE3MDAxNmMyZTcxMjdjZTE2ZGJiMzM2YmNlZjkyZGM2Y2RkOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLkDtGwS7ZTTjDbw2FVGch0+n69N
rWao9tTCraMITRGZ616jOOmI7QIr447sKRFiZG4hoa3oGjKAfaKYJLeibDCWQ+Os
xn9pM1zaitBknjMEcUrG9hjS8u85CzNzEa66VwJgHYJMk4Wh8x3R0S5NGha8Pl2j
GIkUWdJarhR68FGPiQ/AOzE8FkcYqrbDi03xk6TcaBkmkT1Bd+/tv5envXdJnXui
+GSDRYJKIska6lmwVM7dEnQvrmSBqWJxRB9PGEXsmpYp1aNnPRakSRI/RwGP6+Ew
gAQxM+O9FWeS+WSp69xosi5Fe9l4+cKozPG6H8eUTdjiHywly+6g5Wj/wQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIinABbC5xJ84W27M2vO+S3GzdmGMB8GA1UdIwQY
MBaAFA5Bo5aLYnQbNtNIvg0skcXUsTOiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtHamxvdGlkQnMyMDBpLURTeVJ4ZFN4TTZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wNWIxZjgtNGIzNS00MGJiLWEwMzQt
NzQ3NTIzMTkyMzYzLzEvRGtHamxvdGlkQnMyMDBpLURTeVJ4ZFN4TTZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8wNWIxZjgtNGIzNS00MGJiLWEwMzQtNzQ3NTIzMTkyMzYz
LzEvRGtHamxvdGlkQnMyMDBpLURTeVJ4ZFN4TTZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo4IBHZvf
AkgbdR9h/nd82jC80KoL3G3JSPWkf4F83MSRaF1o7qkz27kBKGG+pFGS7uGq7sgX
ZUGo9wTdUvI694w7sMHgrS1/2ku0J8D8lMn4w/hBRW0T0CJa5fJ1fK6hcZN3k17v
PlXMLq58eiVLPcYPTFyaVUEPNMlGBwdFoUgoOvEbuONPoka974LjroUOenf7DOrz
/WR1gSFU8uXSEDrrUu1uqCDVDbnoHarqNxqTwzJA0gzfIKJfLqKbl7f8Zbuxr0f/
TMr5S5MqyN5qWyc64GLskKaH8RdPAkQY84OSvcunkcYC8N2Ja8EpHbAN9gLvnnsM
9d+4EzjReZJhbQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:11:39 2025 by rpki-client