Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
File: D6j7U5miekMK5yfFMs0iSZnohk8.mft (raw, json)
Hash identifier: bsBB8oK8EJ4iQZTuu7fWV8bqnQungFcydljI5aDYdzg=
Subject key identifier: 99:82:D8:92:76:4B:28:74:16:FC:3E:FD:FF:56:12:89:5E:0C:A5:45
Authority key identifier: 0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
Certificate issuer: /CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Certificate serial: 019A4E18EA10097BD6246B7D6B008C6A9505
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
Manifest number: 0396
Signing time: Tue 04 Nov 2025 09:00:46 +0000
Manifest this update: Tue 04 Nov 2025 09:00:46 +0000
Manifest next update: Wed 05 Nov 2025 09:00:46 +0000
Files and hashes: 1: 5jBhyCclhjBWCSh1O-0WT6aKzvs.roa (hash: MRjgNDdW46vQb+SgK5+muMmigtF72q9wmhV3HqxuIuc=)
2: D6j7U5miekMK5yfFMs0iSZnohk8.crl (hash: 41uzBO6huCl4t13BS6Zs5BXLFKX1Cjb25EzmPEu87IE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:ea:10:09:7b:d6:24:6b:7d:6b:00:8c:6a:95:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fa8fb5399a27a430ae727c532cd224999e8864f
Validity
Not Before: Nov 4 09:00:46 2025 GMT
Not After : Nov 5 09:00:46 2025 GMT
Subject: CN=9982d892764b287416fc3efdff5612895e0ca545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e3:ba:d0:5c:89:00:4d:4b:b5:83:46:cd:a1:
fe:0e:a0:2f:f2:25:d7:83:1f:f6:12:3c:61:41:a2:
aa:57:8e:c9:bf:62:61:0f:dd:c3:c0:ec:14:ad:d9:
7f:2d:8d:4e:f4:75:14:83:c1:8e:bb:10:d3:4d:1b:
89:48:b8:13:e1:bb:79:81:82:26:62:e9:1e:db:33:
3a:7e:1c:11:ba:4a:f6:c7:92:d7:83:06:c0:d3:ae:
9d:0a:9b:63:62:cf:3a:58:fd:5a:89:d9:30:65:84:
92:75:ba:b5:f6:17:bd:10:46:a6:0f:32:76:12:1f:
09:cf:2b:8d:19:11:74:d0:a8:1e:5b:90:4d:40:7b:
35:4d:79:a1:b8:00:36:6b:5c:16:73:19:7e:9a:21:
55:32:00:0e:1e:20:e0:c4:5a:a8:f0:00:d7:3e:74:
8c:8b:43:bd:a8:8f:ec:60:a1:6c:58:39:dc:32:f2:
8c:01:68:8d:35:df:cd:cd:fe:b6:e0:95:f0:95:02:
5e:e6:91:c6:f4:66:38:ec:0d:70:39:04:de:8c:ab:
f7:83:71:e8:38:92:af:17:37:5e:f7:1b:3c:2d:26:
f6:f0:94:96:af:5b:b7:85:b1:bd:ac:0c:5e:95:08:
0d:71:da:35:67:6e:01:88:13:81:6a:d1:a7:7d:25:
4d:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:82:D8:92:76:4B:28:74:16:FC:3E:FD:FF:56:12:89:5E:0C:A5:45
X509v3 Authority Key Identifier:
keyid:0F:A8:FB:53:99:A2:7A:43:0A:E7:27:C5:32:CD:22:49:99:E8:86:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D6j7U5miekMK5yfFMs0iSZnohk8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/386f81-b139-48af-bcea-a71fb4635065/1/D6j7U5miekMK5yfFMs0iSZnohk8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9c:b2:69:82:9a:e8:13:71:d8:33:24:c8:b6:45:43:a4:01:bf:
3c:09:60:39:f9:8f:8d:36:17:e9:b8:a5:c8:3c:b6:92:56:2a:
9b:fa:41:f6:4b:c7:43:46:ba:6e:2b:87:9d:25:05:d9:b8:c2:
0a:26:cf:f6:65:b0:42:f7:89:76:47:06:1c:90:ce:2e:0f:1d:
a2:d8:dc:58:22:75:cc:70:1a:bd:5f:be:fa:3c:6f:c0:b2:22:
13:15:02:a3:d9:a3:df:fb:ad:0d:84:e6:22:14:e4:63:0b:76:
15:10:e4:50:03:86:ed:48:88:81:ea:55:cb:af:a6:08:46:a3:
3f:64:d8:e5:8f:6b:36:d2:4c:7c:8f:cc:e5:f8:e8:06:e1:63:
f8:48:08:9c:18:4d:64:37:66:57:33:6f:27:b4:81:5f:dc:34:
de:d3:fa:05:d2:df:9c:fb:57:84:de:4d:f6:f3:65:39:ec:47:
c3:5d:29:c3:3d:ff:67:f5:1d:40:8a:65:32:4d:19:84:7c:36:
47:41:e7:5d:4d:f4:6c:a6:eb:66:0e:16:87:d1:6c:c3:07:57:
9c:cd:9b:b5:36:d4:26:40:0c:c9:9b:66:9d:6d:49:66:46:e3:
81:58:03:76:7c:48:ac:70:7d:92:22:cd:af:64:06:a1:94:8b:
5f:dd:9a:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGOoQCXvWJGt9awCMapUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmYThmYjUzOTlhMjdhNDMwYWU3MjdjNTMyY2QyMjQ5OTll
ODg2NGYwHhcNMjUxMTA0MDkwMDQ2WhcNMjUxMTA1MDkwMDQ2WjAzMTEwLwYDVQQD
Eyg5OTgyZDg5Mjc2NGIyODc0MTZmYzNlZmRmZjU2MTI4OTVlMGNhNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquO60FyJAE1LtYNGzaH+DqAv8iXX
gx/2EjxhQaKqV47Jv2JhD93DwOwUrdl/LY1O9HUUg8GOuxDTTRuJSLgT4bt5gYIm
Yuke2zM6fhwRukr2x5LXgwbA066dCptjYs86WP1aidkwZYSSdbq19he9EEamDzJ2
Eh8JzyuNGRF00KgeW5BNQHs1TXmhuAA2a1wWcxl+miFVMgAOHiDgxFqo8ADXPnSM
i0O9qI/sYKFsWDncMvKMAWiNNd/Nzf624JXwlQJe5pHG9GY47A1wOQTejKv3g3Ho
OJKvFzde9xs8LSb28JSWr1u3hbG9rAxelQgNcdo1Z24BiBOBatGnfSVNiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJmC2JJ2Syh0Fvw+/f9WEoleDKVFMB8GA1UdIwQY
MBaAFA+o+1OZonpDCucnxTLNIkmZ6IZPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEt
YTcxZmI0NjM1MDY1LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8zODZmODEtYjEzOS00OGFmLWJjZWEtYTcxZmI0NjM1MDY1
LzEvRDZqN1U1bWlla01LNXlmRk1zMGlTWm5vaGs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnLJpgpro
E3HYMyTItkVDpAG/PAlgOfmPjTYX6bilyDy2klYqm/pB9kvHQ0a6biuHnSUF2bjC
CibP9mWwQveJdkcGHJDOLg8dotjcWCJ1zHAavV+++jxvwLIiExUCo9mj3/utDYTm
IhTkYwt2FRDkUAOG7UiIgepVy6+mCEajP2TY5Y9rNtJMfI/M5fjoBuFj+EgInBhN
ZDdmVzNvJ7SBX9w03tP6BdLfnPtXhN5N9vNlOexHw10pwz3/Z/UdQIplMk0ZhHw2
R0HnXU30bKbrZg4Wh9FswwdXnM2btTbUJkAMyZtmnW1JZkbjgVgDdnxIrHB9kiLN
r2QGoZSLX92asA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:34 2025 by rpki-client