Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.mft
File: Y42aUATFktCTzImw2QdS4nnVGFQ.mft (raw, json)
Hash identifier: FntBth2u5BBzk5KqzoxYg7wqCgcfos8sQSAwxAt+Agg=
Subject key identifier: D5:BF:40:11:71:B4:C7:59:17:ED:B6:D9:43:69:D4:8D:E0:91:59:42
Authority key identifier: 63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54
Certificate issuer: /CN=638d9a5004c592d093cc89b0d90752e279d51854
Certificate serial: 019A4F625D6653601BD6BE5DF51C36994818
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 15:00:37 +0000
Manifest this update: Tue 04 Nov 2025 15:00:37 +0000
Manifest next update: Wed 05 Nov 2025 15:00:37 +0000
Files and hashes: 1: 5t5Dcx5tNkWQ_sy57yYX9uF0BSc.roa (hash: PzSrKv8Rw8leyPQ1z/odwxbCskApuD1oeaEEXKXPsNc=)
2: Y42aUATFktCTzImw2QdS4nnVGFQ.crl (hash: bRNsX4cvdmspIkJ/w5RSLd4Y1LO0OH235/9MQd31h5I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:62:5d:66:53:60:1b:d6:be:5d:f5:1c:36:99:48:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=638d9a5004c592d093cc89b0d90752e279d51854
Validity
Not Before: Nov 4 15:00:37 2025 GMT
Not After : Nov 5 15:00:37 2025 GMT
Subject: CN=d5bf401171b4c75917edb6d94369d48de0915942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ec:20:fc:83:df:11:5f:36:a6:5c:82:98:95:
d4:f3:d4:68:8e:87:a9:d2:8b:ad:05:75:a8:89:67:
87:6d:35:6a:cf:78:98:a5:00:02:f5:ac:9f:b4:57:
83:bc:9b:a9:a9:8f:be:0e:1e:69:ca:b4:f5:d3:19:
39:8c:a4:c3:ce:8e:40:72:82:13:36:2f:fa:ef:80:
89:15:9e:d5:b7:e9:21:09:18:df:38:61:cc:73:cb:
39:43:05:f2:57:f8:af:a2:a6:fb:eb:06:64:24:7e:
57:c3:ce:a1:95:41:45:78:f6:b5:ee:e5:1b:c0:17:
ef:c3:82:7a:bb:23:89:32:8e:42:05:19:1a:e9:63:
09:03:0b:40:e8:ab:ee:37:4a:fc:32:78:4b:fa:bb:
be:03:81:d0:df:06:37:e5:fa:4a:38:e7:d7:37:5a:
59:0c:ca:10:9a:08:eb:46:c5:6d:c8:6c:3c:a4:12:
24:b5:05:e0:78:d9:8c:99:b2:25:09:b4:e1:a7:d3:
78:3c:7c:36:95:8c:60:2c:de:37:60:34:91:66:c2:
ab:23:0b:85:c5:cf:87:50:64:bf:47:83:9a:e9:02:
fe:01:31:25:a8:64:de:88:f4:ec:a2:c6:b3:01:eb:
a5:70:ce:dd:af:bf:6c:2b:cc:ba:8e:6a:b3:94:f6:
66:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BF:40:11:71:B4:C7:59:17:ED:B6:D9:43:69:D4:8D:E0:91:59:42
X509v3 Authority Key Identifier:
keyid:63:8D:9A:50:04:C5:92:D0:93:CC:89:B0:D9:07:52:E2:79:D5:18:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y42aUATFktCTzImw2QdS4nnVGFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0cf6d7-d8ef-44a8-aa07-7768d4fbdcd3/1/Y42aUATFktCTzImw2QdS4nnVGFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9d:0b:84:92:e9:63:98:67:a0:62:44:ef:31:42:ee:05:25:de:
d1:50:a3:ee:d0:bc:23:04:75:3c:24:28:ef:29:f4:22:da:a6:
b6:f1:d5:f3:1e:b1:d8:f4:97:47:1b:28:60:bb:14:bc:a7:bc:
33:10:5d:45:6b:24:65:d4:13:0e:ec:00:d5:75:c2:0a:79:21:
f2:0f:b0:e6:a4:52:66:64:81:ee:79:87:ec:e4:44:6c:49:40:
59:54:40:17:dc:39:dc:49:63:e1:20:81:c1:0f:5b:bc:3d:84:
9d:b4:55:a4:14:36:12:98:b7:ee:3b:d7:4a:60:76:1a:b1:34:
89:80:f9:28:e9:cf:b6:27:42:53:e7:b6:c0:b3:12:fe:fd:09:
e8:9a:3c:b3:42:f9:40:ba:c8:ae:fa:24:ce:d4:00:60:e0:d0:
41:60:c9:84:4f:98:28:8e:da:69:34:d4:4a:56:5a:18:09:74:
19:f6:ec:d1:11:b9:78:a1:da:31:96:15:3c:17:3a:16:b7:28:
4f:0c:5e:40:ad:f3:c6:41:d6:23:ff:0f:79:80:b7:60:c8:c2:
30:32:7a:1f:6c:f1:4a:d7:3e:3b:3f:55:73:2b:14:86:31:5d:
c7:be:77:b4:41:f2:bf:1d:5b:0a:90:7f:a9:17:c7:05:86:86:
dc:79:76:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpPYl1mU2Ab1r5d9Rw2mUgYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzOGQ5YTUwMDRjNTkyZDA5M2NjODliMGQ5MDc1MmUyNzlk
NTE4NTQwHhcNMjUxMTA0MTUwMDM3WhcNMjUxMTA1MTUwMDM3WjAzMTEwLwYDVQQD
EyhkNWJmNDAxMTcxYjRjNzU5MTdlZGI2ZDk0MzY5ZDQ4ZGUwOTE1OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxewg/IPfEV82plyCmJXU89Rojoep
0outBXWoiWeHbTVqz3iYpQAC9ayftFeDvJupqY++Dh5pyrT10xk5jKTDzo5AcoIT
Ni/674CJFZ7Vt+khCRjfOGHMc8s5QwXyV/ivoqb76wZkJH5Xw86hlUFFePa17uUb
wBfvw4J6uyOJMo5CBRka6WMJAwtA6KvuN0r8MnhL+ru+A4HQ3wY35fpKOOfXN1pZ
DMoQmgjrRsVtyGw8pBIktQXgeNmMmbIlCbThp9N4PHw2lYxgLN43YDSRZsKrIwuF
xc+HUGS/R4Oa6QL+ATElqGTeiPTsosazAeulcM7dr79sK8y6jmqzlPZmywIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNW/QBFxtMdZF+222UNp1I3gkVlCMB8GA1UdIwQY
MBaAFGONmlAExZLQk8yJsNkHUuJ51RhUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wY2Y2ZDctZDhlZi00NGE4LWFhMDct
Nzc2OGQ0ZmJkY2QzLzEvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wY2Y2ZDctZDhlZi00NGE4LWFhMDctNzc2OGQ0ZmJkY2Qz
LzEvWTQyYVVBVEZrdENUekltdzJRZFM0bm5WR0ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnQuEkulj
mGegYkTvMULuBSXe0VCj7tC8IwR1PCQo7yn0ItqmtvHV8x6x2PSXRxsoYLsUvKe8
MxBdRWskZdQTDuwA1XXCCnkh8g+w5qRSZmSB7nmH7OREbElAWVRAF9w53Elj4SCB
wQ9bvD2EnbRVpBQ2Epi37jvXSmB2GrE0iYD5KOnPtidCU+e2wLMS/v0J6Jo8s0L5
QLrIrvokztQAYODQQWDJhE+YKI7aaTTUSlZaGAl0Gfbs0RG5eKHaMZYVPBc6Frco
TwxeQK3zxkHWI/8PeYC3YMjCMDJ6H2zxStc+Oz9VcysUhjFdx753tEHyvx1bCpB/
qRfHBYaG3Hl2NA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:27:51 2025 by rpki-client