Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft
File: MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft (raw, json)
Hash identifier: cmUlM9ra/s/mZDIYhAzVVm6Zpu93/TyLdSrBJjsGpMI=
Subject key identifier: C7:C5:1C:F9:0A:94:0D:78:A7:A4:BF:A5:56:2E:69:73:B7:0B:5B:DD
Authority key identifier: 31:D7:D9:D2:9C:EC:F8:E5:91:22:23:3D:71:6E:6B:05:0E:71:84:78
Certificate issuer: /CN=31d7d9d29cecf8e59122233d716e6b050e718478
Certificate serial: 019A4E189D320089D1EBEF48572BD477AED9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft
Manifest number: 02E7
Signing time: Tue 04 Nov 2025 09:00:27 +0000
Manifest this update: Tue 04 Nov 2025 09:00:27 +0000
Manifest next update: Wed 05 Nov 2025 09:00:27 +0000
Files and hashes: 1: DSrriY0kTNELG4oxKEIjyONHFzY.roa (hash: G+y9D4/mU3p2L2jX8635Per34u+yYnPZalrdKQqBsuo=)
2: MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl (hash: XLHeTqk7RXsLXQk+ohkb9YOTgyZSlMcubzXaC87KYR8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:9d:32:00:89:d1:eb:ef:48:57:2b:d4:77:ae:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31d7d9d29cecf8e59122233d716e6b050e718478
Validity
Not Before: Nov 4 09:00:27 2025 GMT
Not After : Nov 5 09:00:27 2025 GMT
Subject: CN=c7c51cf90a940d78a7a4bfa5562e6973b70b5bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b9:50:f5:81:f1:90:db:fd:39:c7:c7:e2:91:
02:17:52:6d:0c:33:2f:71:da:48:59:ff:af:27:88:
47:f9:04:dd:77:46:23:fc:df:d2:af:48:32:b2:28:
af:9c:cc:6f:02:ed:08:02:e8:2f:96:11:6b:91:fa:
a5:16:ef:14:9d:07:85:30:f4:52:02:c1:e4:b1:51:
47:b4:a8:24:d5:08:c5:17:6d:17:bc:75:90:04:52:
7c:7b:79:c9:be:fd:55:5e:1a:9d:dd:19:2a:c3:db:
d0:3f:d4:68:95:e0:fe:f6:35:3d:30:c9:09:9e:a5:
47:7f:0f:03:ec:fe:e8:82:34:f2:1a:a5:83:51:9c:
13:bf:80:e5:10:63:40:fd:71:68:94:86:bd:48:49:
6d:7f:c5:33:2e:48:60:0e:2b:f5:46:de:c0:0a:71:
ac:44:d9:24:bc:7d:e2:47:0f:9f:d1:8a:d4:51:73:
c6:4a:d9:fd:11:54:5e:70:f2:27:c7:d6:ed:7b:09:
de:a2:58:45:6c:e9:57:97:7e:25:36:d9:77:9c:9a:
c9:a1:94:fd:02:fe:c6:e7:f2:8c:6d:c7:18:e9:a4:
d4:84:5b:56:51:c5:73:98:89:e2:d1:40:dd:5e:2c:
aa:f0:1a:fc:63:52:a7:02:65:c7:38:89:df:c8:bb:
bb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:C5:1C:F9:0A:94:0D:78:A7:A4:BF:A5:56:2E:69:73:B7:0B:5B:DD
X509v3 Authority Key Identifier:
keyid:31:D7:D9:D2:9C:EC:F8:E5:91:22:23:3D:71:6E:6B:05:0E:71:84:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0f:ca:3e:45:16:11:6a:4c:18:ad:f8:d0:a2:30:f7:e5:2e:9e:
c7:81:85:3d:35:60:63:18:99:34:88:e9:1f:84:12:8f:4a:e2:
cf:f3:dc:32:f5:f2:b1:12:54:01:f5:5b:df:8d:04:6c:94:80:
ad:3a:13:3e:e1:7b:4b:65:2a:df:2b:2a:22:a9:85:5f:b0:4f:
b4:4f:d9:34:89:53:12:be:03:10:f2:ba:bf:e1:d2:79:70:42:
d7:18:46:39:e2:a9:fe:62:58:ae:54:cf:a6:5d:a8:11:38:3b:
bb:06:aa:2d:0b:46:39:bc:90:63:f6:e8:4e:84:4f:3e:86:15:
d2:4e:f1:00:c3:f3:ca:bf:88:fd:71:32:2c:8e:5c:f0:1f:de:
cf:f3:43:83:0c:3b:01:b3:ce:d3:9a:f2:26:be:ee:a8:4b:29:
51:fa:c5:ee:27:bf:92:13:ae:1d:02:21:0f:9d:99:ec:40:ee:
3d:f7:19:89:17:7f:5b:22:82:51:bf:c5:55:29:02:05:ad:aa:
2a:a5:9f:db:31:14:5b:82:c8:7e:84:47:ca:91:33:ac:83:11:
bb:9a:0f:5a:f4:f3:33:55:77:9b:7a:ac:cc:7e:a9:96:13:44:
69:4e:64:17:10:43:56:4d:b5:f0:e3:0e:e4:55:92:c4:75:15:
5d:8f:4e:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGJ0yAInR6+9IVyvUd67ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZDdkOWQyOWNlY2Y4ZTU5MTIyMjMzZDcxNmU2YjA1MGU3
MTg0NzgwHhcNMjUxMTA0MDkwMDI3WhcNMjUxMTA1MDkwMDI3WjAzMTEwLwYDVQQD
EyhjN2M1MWNmOTBhOTQwZDc4YTdhNGJmYTU1NjJlNjk3M2I3MGI1YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7lQ9YHxkNv9OcfH4pECF1JtDDMv
cdpIWf+vJ4hH+QTdd0Yj/N/Sr0gysiivnMxvAu0IAugvlhFrkfqlFu8UnQeFMPRS
AsHksVFHtKgk1QjFF20XvHWQBFJ8e3nJvv1VXhqd3Rkqw9vQP9RoleD+9jU9MMkJ
nqVHfw8D7P7ogjTyGqWDUZwTv4DlEGNA/XFolIa9SEltf8UzLkhgDiv1Rt7ACnGs
RNkkvH3iRw+f0YrUUXPGStn9EVRecPInx9btewneolhFbOlXl34lNtl3nJrJoZT9
Av7G5/KMbccY6aTUhFtWUcVzmIni0UDdXiyq8Br8Y1KnAmXHOInfyLu7xwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMfFHPkKlA14p6S/pVYuaXO3C1vdMB8GA1UdIwQY
MBaAFDHX2dKc7PjlkSIjPXFuawUOcYR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hZjgzMmItYTY0MS00ZTQ2LWE4MzYt
NDBmNGM2OGU5YTMxLzEvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9hZjgzMmItYTY0MS00ZTQ2LWE4MzYtNDBmNGM2OGU5YTMx
LzEvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD8o+RRYR
akwYrfjQojD35S6ex4GFPTVgYxiZNIjpH4QSj0riz/PcMvXysRJUAfVb340EbJSA
rToTPuF7S2Uq3ysqIqmFX7BPtE/ZNIlTEr4DEPK6v+HSeXBC1xhGOeKp/mJYrlTP
pl2oETg7uwaqLQtGObyQY/boToRPPoYV0k7xAMPzyr+I/XEyLI5c8B/ez/NDgww7
AbPO05ryJr7uqEspUfrF7ie/khOuHQIhD52Z7EDuPfcZiRd/WyKCUb/FVSkCBa2q
KqWf2zEUW4LIfoRHypEzrIMRu5oPWvTzM1V3m3qszH6plhNEaU5kFxBDVk218OMO
5FWSxHUVXY9OIg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:08:25 2025 by rpki-client