Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.mft
File: ds5jfUe3gATQzPrjceaBh2isP6U.mft (raw, json)
Hash identifier: VzVWHcYn0gF7yG2/kVnpli7h4s8quJXg4Sk9GQC5wAQ=
Subject key identifier: 56:2D:61:5C:6C:1D:BE:4E:74:45:A0:AE:C1:D5:B0:26:FE:15:C1:96
Authority key identifier: 76:CE:63:7D:47:B7:80:04:D0:CC:FA:E3:71:E6:81:87:68:AC:3F:A5
Certificate issuer: /CN=76ce637d47b78004d0ccfae371e6818768ac3fa5
Certificate serial: 019A53E4380F10C12088ABBB93B8AF26CD8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.mft
Manifest number: 1531
Signing time: Wed 05 Nov 2025 12:00:56 +0000
Manifest this update: Wed 05 Nov 2025 12:00:56 +0000
Manifest next update: Thu 06 Nov 2025 12:00:56 +0000
Files and hashes: 1: 2v9WLSFviNLhCEs3PI8ghWfG43g.roa (hash: s4HF4L3IMaVI3bReAfOPFKeWOp26BrTGFcFThVgszh4=)
2: ds5jfUe3gATQzPrjceaBh2isP6U.crl (hash: yfdMAjcVrPTJesAFzVaQ91QJqi3RuLfT+CR/jYKmPnU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:e4:38:0f:10:c1:20:88:ab:bb:93:b8:af:26:cd:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ce637d47b78004d0ccfae371e6818768ac3fa5
Validity
Not Before: Nov 5 12:00:56 2025 GMT
Not After : Nov 6 12:00:56 2025 GMT
Subject: CN=562d615c6c1dbe4e7445a0aec1d5b026fe15c196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:3f:77:5d:ea:54:e5:0b:01:df:b0:01:bd:
b5:aa:09:50:e5:11:c1:30:17:8b:10:98:d8:2c:61:
11:b2:e5:32:de:6f:34:53:bf:07:a2:d4:e5:56:cc:
8d:83:cb:2c:ef:9e:0f:1e:ab:23:8d:c9:a4:45:07:
29:4b:cc:ff:47:d3:ae:85:3c:97:68:c0:d9:06:75:
b8:7d:93:0f:eb:ba:cc:9b:99:3c:b2:56:f3:8f:e0:
1f:5d:5a:18:e0:3c:93:24:bd:a3:a2:c4:59:16:82:
f4:7f:5e:2c:e9:b1:c0:89:c8:b9:81:47:4a:55:e6:
1f:f7:b9:be:45:8a:ad:cb:51:62:ee:17:09:a7:c2:
64:23:c8:66:78:82:1c:ca:82:45:41:0b:ca:8b:62:
ad:30:a3:8d:dc:51:c6:39:37:f9:b8:95:d9:c3:92:
6d:5f:de:81:23:85:73:66:7c:c0:90:59:13:03:ac:
3b:92:e4:df:56:ca:ec:29:46:e2:61:2b:c6:fc:4a:
57:1f:07:36:76:de:33:1b:40:83:e0:e5:e2:e5:2d:
1a:61:69:fb:0f:de:2b:04:1c:cd:d8:04:25:73:7e:
ed:eb:5a:98:c1:f5:c4:d7:0f:d2:6e:5e:13:6a:8d:
d5:4d:d9:4d:f8:1a:49:b4:15:04:ef:6b:88:14:5e:
c6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:2D:61:5C:6C:1D:BE:4E:74:45:A0:AE:C1:D5:B0:26:FE:15:C1:96
X509v3 Authority Key Identifier:
keyid:76:CE:63:7D:47:B7:80:04:D0:CC:FA:E3:71:E6:81:87:68:AC:3F:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ds5jfUe3gATQzPrjceaBh2isP6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/7309a9-46c8-4240-afef-840881a4d30d/1/ds5jfUe3gATQzPrjceaBh2isP6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
b0:cc:cb:25:7a:67:51:ab:87:cf:ae:40:db:79:60:d6:ba:2c:
1f:3e:9d:53:3a:a1:41:12:ac:c4:b4:fe:a7:3d:6c:d6:49:7f:
b6:58:a5:6c:8e:e9:8e:5b:3d:e3:2b:46:d5:ce:1f:13:2c:2e:
a4:40:0d:af:e3:1a:8a:3f:a9:0b:55:ff:f3:3e:c5:65:1c:f4:
a9:2b:7f:d4:1b:96:ca:b7:f6:d4:62:f0:1d:48:89:7b:44:80:
69:0c:b9:1f:af:57:b5:f7:93:58:74:9b:82:73:66:6f:17:32:
7a:c0:06:9d:a0:19:ac:b7:cf:35:53:e1:0c:a5:2e:78:8c:79:
cd:35:cf:49:f0:8e:8d:b1:e7:42:52:e6:f2:31:00:89:e2:91:
4e:d5:31:7f:78:93:63:31:b3:1c:9f:78:ec:0c:6e:52:7d:64:
cf:13:9e:32:95:f8:50:2d:7f:83:a8:30:35:8f:f0:03:42:47:
3b:ac:9e:41:5c:a8:de:ac:6e:5b:fb:8a:c9:22:8a:00:3f:43:
a1:bf:87:fb:1b:f4:47:e8:96:89:bf:e0:26:e1:1f:79:01:b4:
0f:7a:c2:cd:c5:05:25:0d:f3:35:a0:6a:ec:fa:05:89:a8:4c:
6e:aa:27:8f:97:94:d2:18:59:d3:06:da:3d:e3:4f:bb:c5:fa:
5f:56:80:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpT5DgPEMEgiKu7k7ivJs2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2Y2U2MzdkNDdiNzgwMDRkMGNjZmFlMzcxZTY4MTg3Njhh
YzNmYTUwHhcNMjUxMTA1MTIwMDU2WhcNMjUxMTA2MTIwMDU2WjAzMTEwLwYDVQQD
Eyg1NjJkNjE1YzZjMWRiZTRlNzQ0NWEwYWVjMWQ1YjAyNmZlMTVjMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0M/d13qVOULAd+wAb21qglQ5RHB
MBeLEJjYLGERsuUy3m80U78HotTlVsyNg8ss754PHqsjjcmkRQcpS8z/R9OuhTyX
aMDZBnW4fZMP67rMm5k8slbzj+AfXVoY4DyTJL2josRZFoL0f14s6bHAici5gUdK
VeYf97m+RYqty1Fi7hcJp8JkI8hmeIIcyoJFQQvKi2KtMKON3FHGOTf5uJXZw5Jt
X96BI4VzZnzAkFkTA6w7kuTfVsrsKUbiYSvG/EpXHwc2dt4zG0CD4OXi5S0aYWn7
D94rBBzN2AQlc37t61qYwfXE1w/Sbl4Tao3VTdlN+BpJtBUE72uIFF7GPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFYtYVxsHb5OdEWgrsHVsCb+FcGWMB8GA1UdIwQY
MBaAFHbOY31Ht4AE0Mz643HmgYdorD+lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHM1amZVZTNnQVRRelByamNlYUJoMmlzUDZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS83MzA5YTktNDZjOC00MjQwLWFmZWYt
ODQwODgxYTRkMzBkLzEvZHM1amZVZTNnQVRRelByamNlYUJoMmlzUDZVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS83MzA5YTktNDZjOC00MjQwLWFmZWYtODQwODgxYTRkMzBk
LzEvZHM1amZVZTNnQVRRelByamNlYUJoMmlzUDZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsMzLJXpn
UauHz65A23lg1rosHz6dUzqhQRKsxLT+pz1s1kl/tlilbI7pjls94ytG1c4fEywu
pEANr+Maij+pC1X/8z7FZRz0qSt/1BuWyrf21GLwHUiJe0SAaQy5H69XtfeTWHSb
gnNmbxcyesAGnaAZrLfPNVPhDKUueIx5zTXPSfCOjbHnQlLm8jEAieKRTtUxf3iT
YzGzHJ947AxuUn1kzxOeMpX4UC1/g6gwNY/wA0JHO6yeQVyo3qxuW/uKySKKAD9D
ob+H+xv0R+iWib/gJuEfeQG0D3rCzcUFJQ3zNaBq7PoFiahMbqonj5eU0hhZ0wba
PeNPu8X6X1aAXg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:37:26 2025 by rpki-client