Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json)
Hash identifier: N2UEfoyLsECNTY4FYEoMdrrUknegg5a6dAwpFs30yNM=
Subject key identifier: 8D:4C:32:4F:F5:FF:B1:32:8A:85:7B:5A:7E:AD:C4:63:CA:0A:81:06
Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea
Certificate serial: 019A522CA10F323BBD42E3C7F7129DB2EFA5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
Manifest number: 0D0F
Signing time: Wed 05 Nov 2025 04:00:47 +0000
Manifest this update: Wed 05 Nov 2025 04:00:47 +0000
Manifest next update: Thu 06 Nov 2025 04:00:47 +0000
Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: XyF4MRClWrEA60X+tPg+wJIkaeYew+oF0jemWpeSFTE=)
2: DQo4EErqs46yA4QIpyLHGlOprVU.roa (hash: jpEUtUNk7NIqvU0XQCmCZgYXNkApAZ2zVdQgWdhDGWc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:2c:a1:0f:32:3b:bd:42:e3:c7:f7:12:9d:b2:ef:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea
Validity
Not Before: Nov 5 04:00:47 2025 GMT
Not After : Nov 6 04:00:47 2025 GMT
Subject: CN=8d4c324ff5ffb1328a857b5a7eadc463ca0a8106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c0:97:45:56:e1:3c:4b:93:64:18:f6:1b:a2:
2b:d3:5d:19:fb:5d:34:27:79:d6:4f:4e:a9:78:7a:
bb:7f:28:cc:af:a7:09:5f:67:31:9b:2e:fc:5b:35:
ea:03:ee:09:85:8f:cf:4c:cf:90:67:61:c0:f0:3f:
68:c2:36:c2:33:f0:7f:41:c1:5d:5a:81:0d:80:0d:
dd:2a:4b:20:cb:8c:ed:6a:db:08:56:40:2c:19:64:
ba:6d:c1:2e:d4:d3:c9:58:21:0a:aa:95:14:8c:8f:
7a:5b:fe:a0:3f:f8:84:26:a1:be:6f:e4:7c:a2:8d:
21:9c:d4:8c:e8:dc:a7:74:4e:9d:73:8e:c5:44:29:
94:cb:08:fa:56:ac:a1:c7:db:bf:b8:2d:bf:c3:55:
83:97:9f:06:89:bd:2b:6f:55:03:31:e7:8e:1f:9d:
c3:52:07:67:6d:97:45:0e:46:06:e8:c0:86:3a:7a:
7b:c5:d2:ea:bc:d3:51:ae:ea:07:1c:cf:21:58:c3:
c2:5c:2b:e1:4b:e6:88:92:db:08:d7:58:d1:11:95:
af:00:05:39:56:31:46:c1:35:f1:f8:52:58:d9:85:
d6:f0:fc:a6:1a:89:c6:87:ce:25:80:07:d1:8e:77:
36:0e:11:dd:85:22:5b:60:86:0d:8f:e4:de:ec:8c:
98:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:4C:32:4F:F5:FF:B1:32:8A:85:7B:5A:7E:AD:C4:63:CA:0A:81:06
X509v3 Authority Key Identifier:
keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c8:82:10:43:dd:a3:3d:37:05:2f:df:53:8a:21:94:9b:7b:df:
51:8e:c9:1c:a4:c9:7e:42:b9:2e:94:26:54:0d:55:d0:7c:1b:
46:0a:68:ba:73:c1:5a:b2:2a:97:42:d7:e3:61:23:83:1a:82:
c6:50:57:08:14:37:ca:90:10:72:54:3b:9f:23:df:66:ab:94:
91:7f:7f:0c:5d:81:c0:c8:d5:4e:52:d6:12:43:56:9f:16:5d:
41:4b:b8:0b:8f:4d:1b:a8:3b:52:1e:66:58:1e:70:55:ea:0c:
96:df:ad:ed:e4:b0:ac:e7:e5:0f:fa:6c:9c:48:34:a9:ef:c9:
dd:dd:fa:c5:bd:f5:5a:77:c0:12:78:e2:8d:2f:81:6a:a7:fb:
20:8a:62:0e:0e:7f:40:8f:09:10:af:3f:31:ce:fd:6e:38:9b:
8d:7b:42:2a:61:ba:1f:db:3b:88:2f:e6:e1:59:e9:56:af:4d:
bb:be:7e:af:13:d7:26:d7:2d:0f:da:02:9b:0f:81:3f:ad:e5:
55:1e:b7:49:5e:a6:99:10:d3:bc:4d:b6:9e:65:0c:e1:28:0e:
27:c8:1a:e4:a4:e3:d4:39:3c:e3:6d:de:cd:9d:6f:99:62:7c:
1d:18:58:e4:e9:41:c8:58:24:dd:fc:70:31:8d:17:f4:12:35:
be:2d:12:51
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLKEPMju9QuPH9xKdsu+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi
ZDU0ZWEwHhcNMjUxMTA1MDQwMDQ3WhcNMjUxMTA2MDQwMDQ3WjAzMTEwLwYDVQQD
Eyg4ZDRjMzI0ZmY1ZmZiMTMyOGE4NTdiNWE3ZWFkYzQ2M2NhMGE4MTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MCXRVbhPEuTZBj2G6Ir010Z+100
J3nWT06peHq7fyjMr6cJX2cxmy78WzXqA+4JhY/PTM+QZ2HA8D9owjbCM/B/QcFd
WoENgA3dKksgy4ztatsIVkAsGWS6bcEu1NPJWCEKqpUUjI96W/6gP/iEJqG+b+R8
oo0hnNSM6NyndE6dc47FRCmUywj6Vqyhx9u/uC2/w1WDl58Gib0rb1UDMeeOH53D
UgdnbZdFDkYG6MCGOnp7xdLqvNNRruoHHM8hWMPCXCvhS+aIktsI11jREZWvAAU5
VjFGwTXx+FJY2YXW8PymGonGh84lgAfRjnc2DhHdhSJbYIYNj+Te7IyY+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI1MMk/1/7EyioV7Wn6txGPKCoEGMB8GA1UdIwQY
MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt
NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll
LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyIIQQ92j
PTcFL99TiiGUm3vfUY7JHKTJfkK5LpQmVA1V0HwbRgpounPBWrIql0LX42EjgxqC
xlBXCBQ3ypAQclQ7nyPfZquUkX9/DF2BwMjVTlLWEkNWnxZdQUu4C49NG6g7Uh5m
WB5wVeoMlt+t7eSwrOflD/psnEg0qe/J3d36xb31WnfAEnjijS+Baqf7IIpiDg5/
QI8JEK8/Mc79bjibjXtCKmG6H9s7iC/m4VnpVq9Nu75+rxPXJtctD9oCmw+BP63l
VR63SV6mmRDTvE22nmUM4SgOJ8ga5KTj1Dk8423ezZ1vmWJ8HRhY5OlByFgk3fxw
MY0X9BI1vi0SUQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:54:47 2025 by rpki-client