Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
File: v99XKOyr1W70Y3NWlVhmylRoaRo.mft (raw, json)
Hash identifier: ZWRkYQWiyCbirJ4UlZuN1hNzHr2rxd++fXOKBhzgHJU=
Subject key identifier: 06:BA:31:85:72:05:A6:01:1B:B7:5A:86:4F:F6:0F:0D:C9:17:61:D1
Authority key identifier: BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
Certificate issuer: /CN=bfdf5728ecabd56ef4637356955866ca5468691a
Certificate serial: 019A4DE1B59955CD34AB1978866D86AE3015
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
Manifest number: 032F
Signing time: Tue 04 Nov 2025 08:00:28 +0000
Manifest this update: Tue 04 Nov 2025 08:00:28 +0000
Manifest next update: Wed 05 Nov 2025 08:00:28 +0000
Files and hashes: 1: 5ZRHOA8DDg_XhJ8JjCvhTOGiC1w.roa (hash: eWpgjaoVJC0L+xFRvzTJa/HrtM2zzM7SykfE1sq9g2I=)
2: v99XKOyr1W70Y3NWlVhmylRoaRo.crl (hash: HEAmF2cXI/GC8qZYLZksrL3oGJO6l05ZFYyyftt8LjI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:e1:b5:99:55:cd:34:ab:19:78:86:6d:86:ae:30:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfdf5728ecabd56ef4637356955866ca5468691a
Validity
Not Before: Nov 4 08:00:28 2025 GMT
Not After : Nov 5 08:00:28 2025 GMT
Subject: CN=06ba31857205a6011bb75a864ff60f0dc91761d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:45:60:db:cc:a1:ea:77:a7:6c:18:4c:9d:0c:
21:b2:d0:b2:26:f1:4a:cd:15:e9:8b:4c:33:21:c3:
3e:1c:a0:95:90:07:57:44:18:8f:66:90:4a:84:2b:
4c:fc:52:b9:ce:27:19:8f:73:e6:96:6d:8f:71:9a:
15:8f:75:32:39:c6:52:78:e9:41:6e:7c:b1:46:e8:
2f:0a:3a:23:6a:99:b6:6a:43:07:dc:ce:00:bd:ee:
88:6d:8a:df:2a:36:26:d6:c8:85:49:bf:d0:05:bd:
89:91:7b:77:b3:d3:4b:ba:99:55:a1:62:a9:6c:8c:
13:83:cc:28:de:1d:e1:e2:52:70:57:9e:87:f6:75:
fb:d3:1e:d0:2d:4a:9a:0e:b6:35:b8:fa:6a:9f:ec:
bb:19:44:2f:1b:ad:ba:68:fc:16:69:f7:6a:fe:2d:
ef:ef:20:12:b1:e7:d5:56:39:7a:f6:9b:73:b1:ae:
19:44:ca:68:69:8a:42:b6:0b:a6:26:25:ae:32:0c:
cd:ea:7a:27:eb:36:cb:8a:a1:9b:95:3a:a9:9d:91:
7e:86:7e:c8:99:e8:37:48:42:e6:82:8d:ce:ba:23:
22:4c:24:07:7d:2c:86:e5:7e:2d:3d:01:6a:5d:aa:
24:e1:24:9f:07:32:10:5e:46:f4:cc:dd:32:f3:9d:
08:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:BA:31:85:72:05:A6:01:1B:B7:5A:86:4F:F6:0F:0D:C9:17:61:D1
X509v3 Authority Key Identifier:
keyid:BF:DF:57:28:EC:AB:D5:6E:F4:63:73:56:95:58:66:CA:54:68:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v99XKOyr1W70Y3NWlVhmylRoaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/fcf322-17c1-4f40-a618-bd14d344bbf2/1/v99XKOyr1W70Y3NWlVhmylRoaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
18:38:ef:13:11:d6:83:f0:d8:b7:18:43:a8:5e:ce:53:79:0e:
36:00:93:41:db:a9:32:f7:fc:70:5f:30:4e:d1:7f:1b:f1:6b:
53:5d:42:b8:f8:67:1c:fb:06:b5:e4:c8:49:aa:2e:97:76:bd:
b3:9a:7c:0a:e3:27:d3:b8:56:1b:fc:a5:94:67:65:4d:3e:ad:
50:22:76:1b:1e:c2:fd:55:1d:4f:98:92:26:76:97:7f:06:55:
38:6f:af:aa:26:30:8f:78:13:b8:c9:bc:bb:44:63:31:4a:c7:
5f:77:4c:ba:67:59:a3:a3:13:ca:6b:78:02:bf:ee:91:06:1e:
ef:bd:a5:91:31:92:ca:1d:bc:9b:9c:94:3c:69:db:46:00:77:
09:e9:e4:4b:24:68:f2:84:bb:d4:72:4d:c7:8e:74:21:e3:58:
a7:89:85:f5:00:b3:a8:05:64:31:28:39:dc:a1:35:f0:f5:dc:
a6:4e:86:f2:fc:3b:a4:02:1e:05:69:15:c0:3b:12:3d:c3:ea:
48:c3:c3:55:57:ad:15:18:0c:4a:e8:ae:aa:74:83:cb:eb:2a:
e5:a3:0b:68:b3:ab:fc:d7:49:38:ee:7d:ca:87:3a:3e:e9:e3:
10:c9:a4:84:eb:50:80:00:d7:ee:be:68:1c:8e:b0:ef:1b:2a:
61:db:cc:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpN4bWZVc00qxl4hm2GrjAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZGY1NzI4ZWNhYmQ1NmVmNDYzNzM1Njk1NTg2NmNhNTQ2
ODY5MWEwHhcNMjUxMTA0MDgwMDI4WhcNMjUxMTA1MDgwMDI4WjAzMTEwLwYDVQQD
EygwNmJhMzE4NTcyMDVhNjAxMWJiNzVhODY0ZmY2MGYwZGM5MTc2MWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEVg28yh6nenbBhMnQwhstCyJvFK
zRXpi0wzIcM+HKCVkAdXRBiPZpBKhCtM/FK5zicZj3Pmlm2PcZoVj3UyOcZSeOlB
bnyxRugvCjojapm2akMH3M4Ave6IbYrfKjYm1siFSb/QBb2JkXt3s9NLuplVoWKp
bIwTg8wo3h3h4lJwV56H9nX70x7QLUqaDrY1uPpqn+y7GUQvG626aPwWafdq/i3v
7yASsefVVjl69ptzsa4ZRMpoaYpCtgumJiWuMgzN6non6zbLiqGblTqpnZF+hn7I
meg3SELmgo3OuiMiTCQHfSyG5X4tPQFqXaok4SSfBzIQXkb0zN0y850IkQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAa6MYVyBaYBG7dahk/2Dw3JF2HRMB8GA1UdIwQY
MBaAFL/fVyjsq9Vu9GNzVpVYZspUaGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgt
YmQxNGQzNDRiYmYyLzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9mY2YzMjItMTdjMS00ZjQwLWE2MTgtYmQxNGQzNDRiYmYy
LzEvdjk5WEtPeXIxVzcwWTNOV2xWaG15bFJvYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGDjvExHW
g/DYtxhDqF7OU3kONgCTQdupMvf8cF8wTtF/G/FrU11CuPhnHPsGteTISaoul3a9
s5p8CuMn07hWG/yllGdlTT6tUCJ2Gx7C/VUdT5iSJnaXfwZVOG+vqiYwj3gTuMm8
u0RjMUrHX3dMumdZo6MTymt4Ar/ukQYe772lkTGSyh28m5yUPGnbRgB3CenkSyRo
8oS71HJNx450IeNYp4mF9QCzqAVkMSg53KE18PXcpk6G8vw7pAIeBWkVwDsSPcPq
SMPDVVetFRgMSuiuqnSDy+sq5aMLaLOr/NdJOO59yoc6PunjEMmkhOtQgADX7r5o
HI6w7xsqYdvM8A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:19:48 2025 by rpki-client