Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
File: s7a21-XdDDKPbOr36enA0cuMHSI.mft (raw, json)
Hash identifier: jSAZnGn8U7Mll3c0n0xioBZWUmhyzi4AHPZOj/e3iGU=
Subject key identifier: 01:7F:04:FB:8A:70:EE:99:42:2F:1D:07:B5:02:10:33:F1:E1:42:40
Authority key identifier: B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
Certificate issuer: /CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Certificate serial: 019A4EF4C96A118F877DA231DF3B0C668D9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
Manifest number: 14D0
Signing time: Tue 04 Nov 2025 13:00:56 +0000
Manifest this update: Tue 04 Nov 2025 13:00:56 +0000
Manifest next update: Wed 05 Nov 2025 13:00:56 +0000
Files and hashes: 1: hzoYOWaigOBhVgvLojtyU6Dx7N4.roa (hash: T/q+Lugm+i1exm5XgQ+QByz6sPtwXurIWQU3uySV9uU=)
2: s7a21-XdDDKPbOr36enA0cuMHSI.crl (hash: cjOZKI4t/ve8Nazm/bzvoUFBwg5bgXiJPXr5UZEtNnI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:c9:6a:11:8f:87:7d:a2:31:df:3b:0c:66:8d:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Validity
Not Before: Nov 4 13:00:56 2025 GMT
Not After : Nov 5 13:00:56 2025 GMT
Subject: CN=017f04fb8a70ee99422f1d07b5021033f1e14240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:90:62:67:34:1c:89:5a:8e:a7:51:07:4b:0d:
1a:11:3e:9c:43:53:33:94:95:19:00:3a:ff:a8:8d:
c3:77:06:d8:52:de:34:14:e9:b6:a7:42:9e:24:cb:
fa:d6:d9:65:f2:03:44:d1:ac:c0:63:0a:fa:71:53:
9d:f6:b8:0a:7d:61:83:27:0f:9c:3a:f2:c5:c1:fc:
09:0d:67:65:59:11:7a:7a:39:dc:63:fc:bc:9e:49:
5b:6e:1f:1c:89:95:f8:cc:11:ce:3d:9b:8d:36:ee:
2e:d9:96:4d:61:47:a2:59:4f:d1:c4:d2:a6:fb:92:
24:94:ba:26:ef:e3:fe:38:74:b7:c6:29:50:7b:2c:
e4:0f:03:d2:46:e5:b7:0d:da:35:5c:3f:8f:8e:f0:
e6:5c:c0:5b:81:36:8f:7e:bb:f1:93:66:17:a3:c8:
d7:79:c8:4d:c3:02:aa:6e:c3:5e:c1:04:33:c6:ff:
e8:c3:7f:c5:78:ec:f8:38:cb:36:c2:c5:80:61:95:
12:8b:be:16:04:2f:99:31:2d:94:72:38:32:e8:33:
7c:43:62:83:84:6e:da:76:24:02:52:03:a3:74:f3:
01:28:4b:5f:f1:d7:1d:b4:33:be:7a:35:f4:8a:cc:
7a:03:18:82:34:22:21:f7:26:2c:fe:a0:8d:05:25:
3d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7F:04:FB:8A:70:EE:99:42:2F:1D:07:B5:02:10:33:F1:E1:42:40
X509v3 Authority Key Identifier:
keyid:B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:02:20:1f:4e:98:b9:07:93:a9:5a:83:18:af:05:81:c4:06:
71:bf:6d:e5:c1:5f:7e:96:f2:5d:cd:fb:41:96:45:56:87:56:
b5:7f:c6:b7:9f:96:d1:da:2e:6d:b4:b5:f7:7b:cc:a3:cc:54:
13:3a:e4:65:bd:20:d9:39:f5:1d:44:f2:ad:81:f1:ee:a2:cb:
78:34:d9:94:79:b2:60:d6:08:ef:cd:ba:94:7a:f1:76:f3:ed:
6d:2c:30:91:0e:f9:55:8c:88:45:36:88:79:db:d1:9e:aa:40:
d4:bd:72:cc:de:b7:a4:df:63:cc:11:fe:e7:b8:6a:5e:d9:59:
60:94:69:27:15:4c:55:5f:78:7e:cb:55:94:cc:e4:fa:37:b2:
63:64:a9:d4:ac:11:88:c3:6b:06:2b:70:0f:a9:ca:0d:77:82:
af:b1:fb:1c:c1:7e:81:9f:3b:d1:a6:37:c8:e5:4e:42:d9:bd:
0b:83:7f:62:9c:20:f5:c6:41:8c:a0:ea:43:e9:7c:02:cf:0a:
d7:93:09:5d:45:22:e4:70:87:8e:fe:f1:1d:c3:b7:f5:fb:c8:
e8:26:8f:c0:6c:13:d1:c3:d4:34:e3:03:10:cc:b9:7b:c4:f7:
f5:3c:95:61:1e:7f:fa:6a:e3:9b:bf:24:8b:a0:fe:92:c3:db:
b5:da:36:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9MlqEY+HfaIx3zsMZo2dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZiNmQ3ZTVkZDBjMzI4ZjZjZWFmN2U5ZTljMGQxY2I4
YzFkMjIwHhcNMjUxMTA0MTMwMDU2WhcNMjUxMTA1MTMwMDU2WjAzMTEwLwYDVQQD
EygwMTdmMDRmYjhhNzBlZTk5NDIyZjFkMDdiNTAyMTAzM2YxZTE0MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3pBiZzQciVqOp1EHSw0aET6cQ1Mz
lJUZADr/qI3DdwbYUt40FOm2p0KeJMv61tll8gNE0azAYwr6cVOd9rgKfWGDJw+c
OvLFwfwJDWdlWRF6ejncY/y8nklbbh8ciZX4zBHOPZuNNu4u2ZZNYUeiWU/RxNKm
+5IklLom7+P+OHS3xilQeyzkDwPSRuW3Ddo1XD+PjvDmXMBbgTaPfrvxk2YXo8jX
echNwwKqbsNewQQzxv/ow3/FeOz4OMs2wsWAYZUSi74WBC+ZMS2Ucjgy6DN8Q2KD
hG7adiQCUgOjdPMBKEtf8dcdtDO+ejX0isx6AxiCNCIh9yYs/qCNBSU9BwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAF/BPuKcO6ZQi8dB7UCEDPx4UJAMB8GA1UdIwQY
MBaAFLO2ttfl3Qwyj2zq9+npwNHLjB0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGIt
MjA3MTU0NmI3MGY5LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGItMjA3MTU0NmI3MGY5
LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQgIgH06Y
uQeTqVqDGK8FgcQGcb9t5cFffpbyXc37QZZFVodWtX/Gt5+W0doubbS193vMo8xU
EzrkZb0g2Tn1HUTyrYHx7qLLeDTZlHmyYNYI7826lHrxdvPtbSwwkQ75VYyIRTaI
edvRnqpA1L1yzN63pN9jzBH+57hqXtlZYJRpJxVMVV94fstVlMzk+jeyY2Sp1KwR
iMNrBitwD6nKDXeCr7H7HMF+gZ870aY3yOVOQtm9C4N/Ypwg9cZBjKDqQ+l8As8K
15MJXUUi5HCHjv7xHcO39fvI6CaPwGwT0cPUNOMDEMy5e8T39TyVYR5/+mrjm78k
i6D+ksPbtdo25g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:25:59 2025 by rpki-client