Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
File: Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft (raw, json)
Hash identifier: fP6RBL6clkkQ78AsA5uRRKywgun6kQ+aCEMmHVi5wws=
Subject key identifier: 8F:BB:9C:94:EC:B2:75:ED:87:85:04:04:FA:45:86:CA:5C:F4:4A:20
Authority key identifier: 0F:3F:13:32:CF:F0:5B:22:A3:A6:6A:6D:4C:34:8F:BC:01:DE:11:5C
Certificate issuer: /CN=0f3f1332cff05b22a3a66a6d4c348fbc01de115c
Certificate serial: 019A4EF52E6DADA87EA574276968DA8C8B2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Dz8TMs_wWyKjpmptTDSPvAHeEVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
Manifest number: 170C
Signing time: Tue 04 Nov 2025 13:01:22 +0000
Manifest this update: Tue 04 Nov 2025 13:01:22 +0000
Manifest next update: Wed 05 Nov 2025 13:01:22 +0000
Files and hashes: 1: 8GPy1nq-d8qyd5DzcEoD7_wmnRk.roa (hash: VU25KKsH1DHg8pytMPBtSMEdGMuo9BZsAecAtygfZnk=)
2: Dz8TMs_wWyKjpmptTDSPvAHeEVw.crl (hash: IR+nZxt8jlY6/nFShVM/QM9NnVzbR6cCq/qLveXYF/c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Dz8TMs_wWyKjpmptTDSPvAHeEVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 13:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f5:2e:6d:ad:a8:7e:a5:74:27:69:68:da:8c:8b:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f3f1332cff05b22a3a66a6d4c348fbc01de115c
Validity
Not Before: Nov 4 13:01:22 2025 GMT
Not After : Nov 5 13:01:22 2025 GMT
Subject: CN=8fbb9c94ecb275ed87850404fa4586ca5cf44a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:8c:c1:6d:06:09:cb:13:83:d3:a4:23:f4:e8:
17:d6:68:91:22:30:7d:ea:81:97:c2:f7:5d:38:ef:
e9:5c:5a:d0:6b:55:cd:60:27:e9:94:24:22:2a:86:
30:8e:29:23:ac:f3:e2:12:ac:f0:eb:88:a7:4a:13:
a3:2f:cd:fa:e6:16:e9:c6:2a:5d:7a:23:d0:e8:02:
a4:3f:22:4b:c3:4e:fb:b0:b5:7d:0a:81:0a:6e:b7:
31:ec:f2:88:a2:22:30:3b:fd:37:3c:2f:51:ba:87:
ea:80:ce:35:31:1b:d5:ad:97:43:09:cd:a4:fb:82:
3f:7e:32:93:68:5c:38:48:b0:18:66:74:bc:05:88:
bc:9d:af:23:0c:6a:e0:d1:06:ff:5d:70:1e:06:30:
65:a4:ab:e2:70:6b:8f:59:fc:f7:15:96:f6:1f:95:
bc:6b:ed:c0:7c:4e:94:42:e7:e8:e8:11:9d:32:4b:
38:30:f0:20:48:50:d9:9a:94:55:0a:70:d0:66:ff:
de:96:dc:a7:ae:78:79:f4:ef:b0:e4:1f:ee:ca:6c:
e7:19:44:3c:37:fc:85:fb:93:f5:0c:d4:d4:27:17:
fe:0e:dd:74:83:1d:3d:3b:21:0f:f1:b1:6e:b5:4a:
c2:24:37:29:ab:38:39:73:38:ee:16:d1:a7:39:ef:
bc:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:BB:9C:94:EC:B2:75:ED:87:85:04:04:FA:45:86:CA:5C:F4:4A:20
X509v3 Authority Key Identifier:
keyid:0F:3F:13:32:CF:F0:5B:22:A3:A6:6A:6D:4C:34:8F:BC:01:DE:11:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Dz8TMs_wWyKjpmptTDSPvAHeEVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/523b95-3ddc-4818-9265-daaf29211949/1/Dz8TMs_wWyKjpmptTDSPvAHeEVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
38:65:7e:4d:07:6c:07:a3:6d:5e:41:78:ef:41:39:18:39:59:
87:8f:fb:9e:cd:dd:49:46:4b:02:2e:57:9a:91:c6:5b:b9:df:
a3:82:77:aa:7c:2b:31:31:ce:46:6a:cb:b0:9a:29:33:2f:03:
3a:8e:98:60:a6:fb:a2:77:45:ec:ae:5f:7c:60:0e:89:2f:a4:
95:74:ce:fc:f3:24:1a:e7:cc:28:42:ed:e4:3e:d8:30:ad:af:
7d:e9:21:07:7a:bf:2f:c4:20:90:d9:27:70:52:76:7e:be:ef:
d6:e0:f8:2f:c5:e6:4d:a6:d9:84:6c:6b:1f:e3:ac:80:f6:be:
9e:9f:26:1c:aa:dc:4f:3a:13:0f:ee:02:8e:35:1d:1f:f0:52:
d7:f5:0b:96:83:de:51:35:d0:0a:27:68:cd:a7:8a:1c:84:b0:
ff:75:5b:6e:d9:4d:d7:cd:31:62:b6:60:44:1b:bc:c1:83:95:
03:0d:09:ca:e1:4f:8e:c5:52:a1:89:da:70:ef:c2:df:50:85:
60:a1:12:4c:45:e3:b5:85:bf:97:39:f6:3f:bb:bd:ff:47:fb:
ba:a8:d1:1c:d5:32:1a:44:b2:06:60:cc:e2:bc:74:31:0f:3e:
be:8a:c0:af:09:92:30:87:74:a2:f5:10:33:6f:4c:46:0f:e0:
b6:ab:a8:2d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9S5trah+pXQnaWjajIsuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmM2YxMzMyY2ZmMDViMjJhM2E2NmE2ZDRjMzQ4ZmJjMDFk
ZTExNWMwHhcNMjUxMTA0MTMwMTIyWhcNMjUxMTA1MTMwMTIyWjAzMTEwLwYDVQQD
Eyg4ZmJiOWM5NGVjYjI3NWVkODc4NTA0MDRmYTQ1ODZjYTVjZjQ0YTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuozBbQYJyxOD06Qj9OgX1miRIjB9
6oGXwvddOO/pXFrQa1XNYCfplCQiKoYwjikjrPPiEqzw64inShOjL8365hbpxipd
eiPQ6AKkPyJLw077sLV9CoEKbrcx7PKIoiIwO/03PC9RuofqgM41MRvVrZdDCc2k
+4I/fjKTaFw4SLAYZnS8BYi8na8jDGrg0Qb/XXAeBjBlpKvicGuPWfz3FZb2H5W8
a+3AfE6UQufo6BGdMks4MPAgSFDZmpRVCnDQZv/eltynrnh59O+w5B/uymznGUQ8
N/yF+5P1DNTUJxf+Dt10gx09OyEP8bFutUrCJDcpqzg5czjuFtGnOe+8owIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI+7nJTssnXth4UEBPpFhspc9EogMB8GA1UdIwQY
MBaAFA8/EzLP8Fsio6ZqbUw0j7wB3hFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHo4VE1zX3dXeUtqcG1wdFREU1B2QUhlRVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi81MjNiOTUtM2RkYy00ODE4LTkyNjUt
ZGFhZjI5MjExOTQ5LzEvRHo4VE1zX3dXeUtqcG1wdFREU1B2QUhlRVZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi81MjNiOTUtM2RkYy00ODE4LTkyNjUtZGFhZjI5MjExOTQ5
LzEvRHo4VE1zX3dXeUtqcG1wdFREU1B2QUhlRVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOGV+TQds
B6NtXkF470E5GDlZh4/7ns3dSUZLAi5XmpHGW7nfo4J3qnwrMTHORmrLsJopMy8D
Oo6YYKb7ondF7K5ffGAOiS+klXTO/PMkGufMKELt5D7YMK2vfekhB3q/L8QgkNkn
cFJ2fr7v1uD4L8XmTabZhGxrH+OsgPa+np8mHKrcTzoTD+4CjjUdH/BS1/ULloPe
UTXQCidozaeKHISw/3VbbtlN180xYrZgRBu8wYOVAw0JyuFPjsVSoYnacO/C31CF
YKESTEXjtYW/lzn2P7u9/0f7uqjRHNUyGkSyBmDM4rx0MQ8+vorArwmSMId0ovUQ
M29MRg/gtquoLQ==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:20:56 2025 by rpki-client