Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
File: d9LZKEIxBOXDSA4htKPtFJiyon4.mft (raw, json)
Hash identifier: rzuLnDyDHf40hgtXceXVZ8zqJJu9JaONcZmlI2SzCeA=
Subject key identifier: 6D:69:84:AB:7E:06:85:BD:CD:ED:96:5D:9E:C1:B1:38:D3:DB:19:17
Authority key identifier: 77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
Certificate issuer: /CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Certificate serial: 019A4EF4B02A876DA9E28550F877EDB0F3E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
Manifest number: 0C85
Signing time: Tue 04 Nov 2025 13:00:49 +0000
Manifest this update: Tue 04 Nov 2025 13:00:49 +0000
Manifest next update: Wed 05 Nov 2025 13:00:49 +0000
Files and hashes: 1: HX3f5FZnDXBVPEnE5bxp-46XcDI.roa (hash: Cn4L/fOgVlSahDb0v8tdmodjivbISS4FJEJArlg0b+Y=)
2: d9LZKEIxBOXDSA4htKPtFJiyon4.crl (hash: vxDQL39Hotn+IxdzyqM/IcIjRYchSi3iCFSAZF9dEto=)
3: jKFJgU1IkNXTMlJ4fb3SLPhpIEs.roa (hash: gVNSWZlrE4CqYnhrjWkiPYyY6GBkTGDHd/hL4ezDiUs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:b0:2a:87:6d:a9:e2:85:50:f8:77:ed:b0:f3:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77d2d928423104e5c3480e21b4a3ed1498b2a27e
Validity
Not Before: Nov 4 13:00:49 2025 GMT
Not After : Nov 5 13:00:49 2025 GMT
Subject: CN=6d6984ab7e0685bdcded965d9ec1b138d3db1917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4c:9c:9e:49:cc:44:de:22:31:76:58:65:54:
73:58:92:6d:67:41:3f:72:8c:11:70:34:30:59:72:
50:85:a9:11:a9:a3:b2:7a:2c:db:57:ef:0d:56:92:
85:bc:e7:2a:5f:97:a3:b0:70:10:54:7f:30:fe:94:
fb:7d:1d:40:f7:80:89:40:4b:ff:43:9f:a0:f5:8a:
f1:91:f6:b1:ed:1c:b2:87:18:97:3d:29:4e:bb:88:
9b:6d:40:9c:74:31:79:a6:fe:0b:7e:30:7a:41:88:
89:17:54:6d:fe:73:ca:1f:10:b1:f8:a2:f6:f0:33:
f8:52:da:f0:93:6f:42:d5:d6:75:ea:67:6c:3c:dd:
6f:b8:a9:3c:c9:58:72:f3:36:96:ec:7e:fd:ae:be:
72:2b:51:5f:49:67:4b:88:6e:43:5c:02:58:50:19:
6f:5f:13:35:98:83:88:1b:8f:ff:55:b7:df:ef:3b:
8d:e6:10:ec:20:8e:2b:56:76:9d:7e:4c:34:84:7d:
ae:93:40:fa:81:74:fa:0e:d5:1b:88:71:74:3f:0c:
dd:7c:74:42:9e:23:4b:71:e6:33:e8:51:d0:c6:93:
60:f9:9c:8f:03:03:cd:59:a9:d1:1f:f7:47:43:04:
f7:86:49:94:6a:a1:13:e9:15:31:a2:44:86:81:91:
2e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:69:84:AB:7E:06:85:BD:CD:ED:96:5D:9E:C1:B1:38:D3:DB:19:17
X509v3 Authority Key Identifier:
keyid:77:D2:D9:28:42:31:04:E5:C3:48:0E:21:B4:A3:ED:14:98:B2:A2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9LZKEIxBOXDSA4htKPtFJiyon4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/2b9e29-d568-4d53-b128-488792388e5b/1/d9LZKEIxBOXDSA4htKPtFJiyon4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:ab:55:0f:84:89:bb:d0:48:e8:33:ee:63:40:7e:26:20:eb:
1a:ec:3b:22:af:de:bc:8c:d0:be:f7:02:30:7d:fa:4e:50:cc:
d6:e2:73:97:7f:08:00:3e:b1:7f:1a:24:1c:47:c7:0b:8a:b2:
69:15:5b:73:b9:ed:0e:57:bf:07:58:06:e4:67:37:86:49:f4:
1f:8b:bd:c2:b3:f0:b4:96:4a:84:74:ab:8d:f6:68:b9:8a:2d:
04:79:cf:c1:f8:be:ca:7d:44:3e:f6:6e:55:19:0f:af:ba:79:
4d:7e:87:a7:05:15:7a:f6:d0:f5:3d:b1:f4:03:74:ee:8b:4d:
7d:ab:0e:9c:e8:38:12:f6:83:6f:c3:67:d8:be:34:ba:94:37:
bc:ee:1f:d0:bf:ba:ec:cd:4e:e6:92:54:e9:04:e0:07:23:aa:
c1:b6:b4:cd:21:04:c4:19:2f:88:8c:f1:8a:77:c4:ef:31:88:
29:3f:25:28:de:68:eb:aa:c6:bc:ee:38:a4:97:30:e1:c3:80:
65:f2:12:8a:20:37:20:86:fe:6d:27:c6:4f:41:a9:3f:fe:4f:
24:5c:53:82:19:0a:d1:22:cf:fa:80:2c:f2:ac:6d:6e:2f:c0:
b6:3a:df:69:d6:07:0a:fb:e1:4c:4e:cf:73:8a:48:7c:f1:1b:
6a:85:1c:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9LAqh22p4oVQ+HftsPPnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3ZDJkOTI4NDIzMTA0ZTVjMzQ4MGUyMWI0YTNlZDE0OThi
MmEyN2UwHhcNMjUxMTA0MTMwMDQ5WhcNMjUxMTA1MTMwMDQ5WjAzMTEwLwYDVQQD
Eyg2ZDY5ODRhYjdlMDY4NWJkY2RlZDk2NWQ5ZWMxYjEzOGQzZGIxOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UycnknMRN4iMXZYZVRzWJJtZ0E/
cowRcDQwWXJQhakRqaOyeizbV+8NVpKFvOcqX5ejsHAQVH8w/pT7fR1A94CJQEv/
Q5+g9Yrxkfax7RyyhxiXPSlOu4ibbUCcdDF5pv4LfjB6QYiJF1Rt/nPKHxCx+KL2
8DP4Utrwk29C1dZ16mdsPN1vuKk8yVhy8zaW7H79rr5yK1FfSWdLiG5DXAJYUBlv
XxM1mIOIG4//Vbff7zuN5hDsII4rVnadfkw0hH2uk0D6gXT6DtUbiHF0PwzdfHRC
niNLceYz6FHQxpNg+ZyPAwPNWanRH/dHQwT3hkmUaqET6RUxokSGgZEuuQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG1phKt+BoW9ze2WXZ7BsTjT2xkXMB8GA1UdIwQY
MBaAFHfS2ShCMQTlw0gOIbSj7RSYsqJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgt
NDg4NzkyMzg4ZTViLzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8yYjllMjktZDU2OC00ZDUzLWIxMjgtNDg4NzkyMzg4ZTVi
LzEvZDlMWktFSXhCT1hEU0E0aHRLUHRGSml5b240LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiqtVD4SJ
u9BI6DPuY0B+JiDrGuw7Iq/evIzQvvcCMH36TlDM1uJzl38IAD6xfxokHEfHC4qy
aRVbc7ntDle/B1gG5Gc3hkn0H4u9wrPwtJZKhHSrjfZouYotBHnPwfi+yn1EPvZu
VRkPr7p5TX6HpwUVevbQ9T2x9AN07otNfasOnOg4EvaDb8Nn2L40upQ3vO4f0L+6
7M1O5pJU6QTgByOqwba0zSEExBkviIzxinfE7zGIKT8lKN5o66rGvO44pJcw4cOA
ZfISiiA3IIb+bSfGT0GpP/5PJFxTghkK0SLP+oAs8qxtbi/AtjrfadYHCvvhTE7P
c4pIfPEbaoUcVQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:55:43 2025 by rpki-client