Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
File: duK6XMFQs1PL00ufBF6gUJdAhE0.mft (raw, json)
Hash identifier: RpwvTEDuAbY5OG5R4D5Fr5utzsdEzqw12Gmizu7QsXI=
Subject key identifier: A8:30:07:B7:B8:07:B9:6B:82:34:C3:04:36:42:79:D1:60:31:B3:02
Authority key identifier: 76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
Certificate issuer: /CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Certificate serial: 019A4DAB169015215F5D6571265CE3BB6F3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 07:00:49 +0000
Manifest this update: Tue 04 Nov 2025 07:00:49 +0000
Manifest next update: Wed 05 Nov 2025 07:00:49 +0000
Files and hashes: 1: Bia10WQI4xw0UI_i-ndQUbuN950.roa (hash: cjV4yJiHMdoyYcYcYJ8yPol8C2FCborf12L6f+mp+8Y=)
2: duK6XMFQs1PL00ufBF6gUJdAhE0.crl (hash: 0E4jE3KCPMEJXqjGmihTc/OEcl7sLsMPEHVgMvFuc/4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ab:16:90:15:21:5f:5d:65:71:26:5c:e3:bb:6f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76e2ba5cc150b353cbd34b9f045ea0509740844d
Validity
Not Before: Nov 4 07:00:49 2025 GMT
Not After : Nov 5 07:00:49 2025 GMT
Subject: CN=a83007b7b807b96b8234c304364279d16031b302
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:a7:92:b8:d9:7a:e1:7a:20:11:de:a1:01:0b:
0b:9e:b1:17:40:4a:64:bc:32:67:34:ed:c9:ac:96:
fa:46:32:fe:d5:5b:7c:68:11:d8:8b:e8:bb:ba:af:
af:a4:78:76:75:8d:80:e9:b5:b9:4d:a2:2b:69:16:
fb:7d:02:df:d8:da:41:dd:7c:82:24:87:2e:d1:06:
e8:e2:26:35:48:72:d9:69:41:aa:ea:56:d2:35:dc:
c2:dd:de:09:04:7d:a5:a0:e8:0e:03:ff:f5:72:6e:
27:15:1d:11:be:b9:bb:66:d5:68:92:08:f1:85:8a:
35:a1:30:d8:90:dd:28:bc:8f:af:27:22:28:3e:6f:
41:12:0b:cb:a3:c2:da:9a:87:35:e1:ee:f4:64:02:
bf:8e:23:05:19:0c:a1:21:9a:59:4a:49:82:e1:31:
06:bd:2c:da:fa:d6:18:d1:6a:27:05:d1:55:be:3a:
75:bd:05:fb:29:08:d2:4c:7f:2b:84:b0:fc:f6:d4:
9c:71:ed:87:4b:3e:49:53:49:bd:60:21:a6:87:56:
cf:ac:2d:e3:15:cf:04:50:fd:66:17:fb:48:e3:26:
89:f9:6a:3d:df:b0:24:90:2f:0a:d4:05:d6:e5:81:
75:f6:e1:94:df:d5:37:6b:0b:06:48:ef:01:8c:a3:
e8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:30:07:B7:B8:07:B9:6B:82:34:C3:04:36:42:79:D1:60:31:B3:02
X509v3 Authority Key Identifier:
keyid:76:E2:BA:5C:C1:50:B3:53:CB:D3:4B:9F:04:5E:A0:50:97:40:84:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/duK6XMFQs1PL00ufBF6gUJdAhE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/31d2ed-8e2f-4fa9-83ca-70405e3528af/1/duK6XMFQs1PL00ufBF6gUJdAhE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
49:85:6b:20:fc:ba:19:60:dc:97:1d:da:41:cb:d5:d3:05:66:
4b:96:e3:10:e0:ff:fe:cb:05:16:56:a9:8b:12:2c:0e:db:9d:
50:6d:4e:2d:7a:87:01:c1:eb:de:76:ca:4d:b8:fa:ff:ca:a6:
dd:a4:e3:5a:20:a9:15:62:db:3c:b9:00:9d:49:35:63:94:07:
2e:1d:c5:55:cd:ae:a8:ea:c7:ff:87:a4:c4:92:ba:8b:67:2c:
b0:3c:b4:90:7a:53:82:61:bf:20:0c:71:a2:61:b4:0a:20:1c:
f7:97:99:e7:a3:93:6a:e5:a6:a7:ad:50:33:94:ff:5d:fd:51:
9a:f5:91:81:bf:11:a9:64:39:cc:0d:4d:9b:87:2b:82:dc:42:
13:90:74:b6:8e:11:12:c0:3e:41:7f:cd:aa:f4:27:1e:05:25:
ed:8f:21:5e:b8:51:cd:b8:5d:47:3d:3f:0a:b8:2d:4f:95:a4:
cc:86:e0:9c:8b:49:b7:ce:31:c2:a8:5d:56:8e:8c:46:4a:92:
04:db:f0:6e:dc:23:2f:07:ba:a6:93:99:ce:1d:d9:a2:8d:f9:
71:a0:7f:d2:6a:bf:00:9a:26:53:9f:76:91:3a:f9:b0:0c:68:
18:ab:4a:34:24:f8:c6:54:21:19:99:6b:ea:9c:25:83:a5:b5:
48:b9:c0:02
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNqxaQFSFfXWVxJlzju289MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZTJiYTVjYzE1MGIzNTNjYmQzNGI5ZjA0NWVhMDUwOTc0
MDg0NGQwHhcNMjUxMTA0MDcwMDQ5WhcNMjUxMTA1MDcwMDQ5WjAzMTEwLwYDVQQD
EyhhODMwMDdiN2I4MDdiOTZiODIzNGMzMDQzNjQyNzlkMTYwMzFiMzAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaeSuNl64XogEd6hAQsLnrEXQEpk
vDJnNO3JrJb6RjL+1Vt8aBHYi+i7uq+vpHh2dY2A6bW5TaIraRb7fQLf2NpB3XyC
JIcu0Qbo4iY1SHLZaUGq6lbSNdzC3d4JBH2loOgOA//1cm4nFR0Rvrm7ZtVokgjx
hYo1oTDYkN0ovI+vJyIoPm9BEgvLo8Lamoc14e70ZAK/jiMFGQyhIZpZSkmC4TEG
vSza+tYY0WonBdFVvjp1vQX7KQjSTH8rhLD89tScce2HSz5JU0m9YCGmh1bPrC3j
Fc8EUP1mF/tI4yaJ+Wo937AkkC8K1AXW5YF19uGU39U3awsGSO8BjKPo6QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKgwB7e4B7lrgjTDBDZCedFgMbMCMB8GA1UdIwQY
MBaAFHbiulzBULNTy9NLnwReoFCXQIRNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2Et
NzA0MDVlMzUyOGFmLzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zMWQyZWQtOGUyZi00ZmE5LTgzY2EtNzA0MDVlMzUyOGFm
LzEvZHVLNlhNRlFzMVBMMDB1ZkJGNmdVSmRBaEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASYVrIPy6
GWDclx3aQcvV0wVmS5bjEOD//ssFFlapixIsDtudUG1OLXqHAcHr3nbKTbj6/8qm
3aTjWiCpFWLbPLkAnUk1Y5QHLh3FVc2uqOrH/4ekxJK6i2cssDy0kHpTgmG/IAxx
omG0CiAc95eZ56OTauWmp61QM5T/Xf1RmvWRgb8RqWQ5zA1Nm4crgtxCE5B0to4R
EsA+QX/NqvQnHgUl7Y8hXrhRzbhdRz0/CrgtT5WkzIbgnItJt84xwqhdVo6MRkqS
BNvwbtwjLwe6ppOZzh3Zoo35caB/0mq/AJomU592kTr5sAxoGKtKNCT4xlQhGZlr
6pwlg6W1SLnAAg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:49:51 2025 by rpki-client