Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/ba0ff0-2be2-4286-a2d7-58a8a33d54a6/1/a0I7KaGCk2si34-YJt1YOgBZE0o.mft
File: a0I7KaGCk2si34-YJt1YOgBZE0o.mft (raw, json)
Hash identifier: I6fgRlVsUyKZ7f/P5VEygOoQA/aQ+FI+n+1T6J46s+0=
Subject key identifier: 21:8A:F6:24:14:84:A8:FE:CF:7B:1F:C9:1A:4C:D0:AD:02:99:F9:DC
Authority key identifier: 6B:42:3B:29:A1:82:93:6B:22:DF:8F:98:26:DD:58:3A:00:59:13:4A
Certificate issuer: /CN=6b423b29a182936b22df8f9826dd583a0059134a
Certificate serial: 019A4EF4D2D3A972FBAB0CDE1209BBFEA4D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0I7KaGCk2si34-YJt1YOgBZE0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/ba0ff0-2be2-4286-a2d7-58a8a33d54a6/1/a0I7KaGCk2si34-YJt1YOgBZE0o.mft
Manifest number: 0832
Signing time: Tue 04 Nov 2025 13:00:58 +0000
Manifest this update: Tue 04 Nov 2025 13:00:58 +0000
Manifest next update: Wed 05 Nov 2025 13:00:58 +0000
Files and hashes: 1: U_Lbl4dQRImqSP6zV_MXvnCzVro.roa (hash: k+fOfvjUjOj8hU8vOKkhlBwBO0V4NXX3JC8vdkG/viY=)
2: a0I7KaGCk2si34-YJt1YOgBZE0o.crl (hash: ZA9WdpzMvUUvNYyOmWzr7o0LV/+6QcNJXs5so9Epg3w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/ba0ff0-2be2-4286-a2d7-58a8a33d54a6/1/a0I7KaGCk2si34-YJt1YOgBZE0o.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/ba0ff0-2be2-4286-a2d7-58a8a33d54a6/1/a0I7KaGCk2si34-YJt1YOgBZE0o.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0I7KaGCk2si34-YJt1YOgBZE0o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:f4:d2:d3:a9:72:fb:ab:0c:de:12:09:bb:fe:a4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b423b29a182936b22df8f9826dd583a0059134a
Validity
Not Before: Nov 4 13:00:58 2025 GMT
Not After : Nov 5 13:00:58 2025 GMT
Subject: CN=218af6241484a8fecf7b1fc91a4cd0ad0299f9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:66:55:61:ee:e8:1f:0b:5d:c4:37:94:26:ee:
f2:5d:9d:47:66:5f:97:be:00:67:1b:1a:92:97:8b:
dc:54:ab:98:ae:91:0f:4a:25:83:73:1a:56:92:8f:
7d:08:13:fd:e2:5b:49:52:d4:95:fd:13:50:63:0c:
d9:d3:f7:6a:3c:93:41:30:89:14:e9:29:7d:3c:82:
e7:b7:81:f9:f2:e4:06:1e:9d:43:3a:ad:6f:7e:a0:
b3:dc:ec:4b:f9:10:11:ca:e4:53:2b:27:1a:0e:86:
6f:90:a6:4c:34:7e:85:93:ce:49:9f:31:c9:1f:3e:
e1:db:d5:1c:9e:15:7b:28:5a:15:66:de:f7:f9:67:
34:c8:4b:d3:a0:7c:b0:86:e1:be:3d:49:7f:02:fd:
60:32:e9:7b:64:44:ef:f9:32:84:31:e4:a7:a0:b9:
0e:7a:5d:7b:c3:bb:af:4c:a3:80:5f:d1:2d:d6:81:
b1:25:c9:b0:0f:93:49:31:e0:ad:82:cd:f3:25:e4:
67:96:a1:87:a4:53:95:b6:b0:54:9b:a5:43:37:35:
d4:85:01:8f:be:06:cf:6e:da:75:03:80:bb:c2:b2:
0d:ca:09:24:c0:3b:66:fa:d0:77:36:3c:ec:f2:c4:
94:93:0d:02:4e:a4:1e:d9:f6:ba:79:49:3d:39:ec:
38:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8A:F6:24:14:84:A8:FE:CF:7B:1F:C9:1A:4C:D0:AD:02:99:F9:DC
X509v3 Authority Key Identifier:
keyid:6B:42:3B:29:A1:82:93:6B:22:DF:8F:98:26:DD:58:3A:00:59:13:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0I7KaGCk2si34-YJt1YOgBZE0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ba0ff0-2be2-4286-a2d7-58a8a33d54a6/1/a0I7KaGCk2si34-YJt1YOgBZE0o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ba0ff0-2be2-4286-a2d7-58a8a33d54a6/1/a0I7KaGCk2si34-YJt1YOgBZE0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:d2:64:47:d8:87:f8:b6:f4:e8:fb:ea:37:72:7c:f2:cb:0d:
f3:1f:d1:94:2d:f1:3b:e6:67:17:53:56:88:44:a0:c4:97:d2:
4b:3f:6d:56:36:a4:b1:db:8b:cb:31:06:d4:b4:91:fd:37:f1:
14:0a:cb:e3:65:ec:c0:06:50:5b:45:63:1e:73:29:d2:e7:2a:
8f:4f:94:50:93:fa:e0:e7:74:5b:86:c5:fd:5c:0d:26:5e:b5:
e0:db:31:0f:94:a3:44:cb:81:96:0a:09:7a:bc:91:2e:55:02:
58:59:f9:36:7b:c6:c7:83:a9:d2:6e:f7:16:0d:ae:18:d7:6b:
9a:14:ac:86:d2:1c:f4:5f:69:33:c2:8d:66:44:cf:8a:d8:e9:
45:a0:ff:7b:a8:cc:97:d7:25:06:14:60:ae:fb:28:ce:95:39:
f7:d7:c2:92:21:92:fd:73:0d:03:64:8d:c9:ff:7e:f6:8e:9a:
c1:5c:e9:7e:75:74:10:d8:bb:ac:a6:dd:51:88:6a:da:cd:8d:
45:92:6a:f4:4f:64:88:07:87:25:85:67:27:f3:02:30:0f:06:
b9:d4:51:c6:03:ca:56:66:7d:d0:34:ee:8e:db:0f:2b:5f:01:
8d:b6:3f:c0:08:2b:e9:7c:82:cc:00:95:54:8b:1b:15:ae:4a:
b0:d2:c9:5a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpO9NLTqXL7qwzeEgm7/qTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNDIzYjI5YTE4MjkzNmIyMmRmOGY5ODI2ZGQ1ODNhMDA1
OTEzNGEwHhcNMjUxMTA0MTMwMDU4WhcNMjUxMTA1MTMwMDU4WjAzMTEwLwYDVQQD
EygyMThhZjYyNDE0ODRhOGZlY2Y3YjFmYzkxYTRjZDBhZDAyOTlmOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWZVYe7oHwtdxDeUJu7yXZ1HZl+X
vgBnGxqSl4vcVKuYrpEPSiWDcxpWko99CBP94ltJUtSV/RNQYwzZ0/dqPJNBMIkU
6Sl9PILnt4H58uQGHp1DOq1vfqCz3OxL+RARyuRTKycaDoZvkKZMNH6Fk85JnzHJ
Hz7h29UcnhV7KFoVZt73+Wc0yEvToHywhuG+PUl/Av1gMul7ZETv+TKEMeSnoLkO
el17w7uvTKOAX9Et1oGxJcmwD5NJMeCtgs3zJeRnlqGHpFOVtrBUm6VDNzXUhQGP
vgbPbtp1A4C7wrINygkkwDtm+tB3Njzs8sSUkw0CTqQe2fa6eUk9Oew4rwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCGK9iQUhKj+z3sfyRpM0K0CmfncMB8GA1UdIwQY
MBaAFGtCOymhgpNrIt+PmCbdWDoAWRNKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBJN0thR0NrMnNpMzQtWUp0MVlPZ0JaRTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYTBmZjAtMmJlMi00Mjg2LWEyZDct
NThhOGEzM2Q1NGE2LzEvYTBJN0thR0NrMnNpMzQtWUp0MVlPZ0JaRTBvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYTBmZjAtMmJlMi00Mjg2LWEyZDctNThhOGEzM2Q1NGE2
LzEvYTBJN0thR0NrMnNpMzQtWUp0MVlPZ0JaRTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi9JkR9iH
+Lb06PvqN3J88ssN8x/RlC3xO+ZnF1NWiESgxJfSSz9tVjaksduLyzEG1LSR/Tfx
FArL42XswAZQW0VjHnMp0ucqj0+UUJP64Od0W4bF/VwNJl614NsxD5SjRMuBlgoJ
eryRLlUCWFn5NnvGx4Op0m73Fg2uGNdrmhSshtIc9F9pM8KNZkTPitjpRaD/e6jM
l9clBhRgrvsozpU599fCkiGS/XMNA2SNyf9+9o6awVzpfnV0ENi7rKbdUYhq2s2N
RZJq9E9kiAeHJYVnJ/MCMA8GudRRxgPKVmZ90DTujtsPK18BjbY/wAgr6XyCzACV
VIsbFa5KsNLJWg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:08:45 2025 by rpki-client