Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft
File: D5XJyafxmprXF-TapTDIXPmauXU.mft (raw, json)
Hash identifier: z/SJVCfSl3YLczrfHMu0YokEf4OJeISnZAjbuOKhIP0=
Subject key identifier: DE:4D:27:B3:79:33:31:B0:FA:BF:8F:63:FD:FB:42:1B:6E:CC:01:FF
Authority key identifier: 0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75
Certificate issuer: /CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975
Certificate serial: 019A50E32F0B29E5B8AC5610FBE5FE52DD1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft
Manifest number: 073E
Signing time: Tue 04 Nov 2025 22:00:57 +0000
Manifest this update: Tue 04 Nov 2025 22:00:57 +0000
Manifest next update: Wed 05 Nov 2025 22:00:57 +0000
Files and hashes: 1: D5XJyafxmprXF-TapTDIXPmauXU.crl (hash: DIWc7fS/XQmyqZGrOoq/KgPECF3KZmhUxMO8ufIUkxQ=)
2: dJjjOIsvcmwG1yw0BY5P71sFVUw.roa (hash: 71ssAltTmbpploHF43pU09n+JXavvKYPHb8mMd4Firs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:e3:2f:0b:29:e5:b8:ac:56:10:fb:e5:fe:52:dd:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f95c9c9a7f19a9ad717e4daa530c85cf99ab975
Validity
Not Before: Nov 4 22:00:57 2025 GMT
Not After : Nov 5 22:00:57 2025 GMT
Subject: CN=de4d27b3793331b0fabf8f63fdfb421b6ecc01ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:26:df:1b:91:de:df:0a:ed:32:ee:a3:66:
62:2d:bc:52:d1:16:0f:6c:a5:1c:23:e4:06:2c:ce:
dc:c3:e2:ba:b8:1a:d2:ae:e7:ea:67:fa:81:9e:2f:
fb:77:a8:bc:08:c5:85:94:a4:be:be:47:df:a3:33:
ff:a1:07:12:5f:0f:9f:29:e7:24:4c:15:d2:49:4b:
3c:34:da:4d:fd:5b:43:25:08:aa:d8:ab:82:5f:f5:
b1:6c:be:6f:08:2f:ab:fa:2f:a7:9f:3a:27:64:84:
18:15:dc:bc:04:0b:ca:91:8c:c1:a6:71:db:4d:93:
44:ea:a8:90:e7:f0:d1:22:5b:fc:4a:05:59:4b:16:
f6:28:78:4e:0d:5f:c8:97:f9:49:0f:0a:21:c6:b2:
6d:90:9d:7d:75:63:02:aa:70:21:09:a5:c1:f0:fc:
50:5c:14:b7:ec:21:82:e0:52:92:9a:e7:f4:52:7d:
c5:8e:0c:6f:99:b2:ec:52:ff:2e:cf:ea:92:b4:3e:
5f:5c:a9:94:6e:35:8e:98:99:ba:53:46:79:e2:11:
c5:0e:98:58:b5:82:65:e4:5c:22:93:89:4f:e6:e3:
0a:d3:93:5a:f2:85:74:3d:04:5b:e4:d7:08:fe:aa:
1a:18:08:b1:0a:af:6d:1e:3b:56:ef:08:2a:f9:10:
3a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:4D:27:B3:79:33:31:B0:FA:BF:8F:63:FD:FB:42:1B:6E:CC:01:FF
X509v3 Authority Key Identifier:
keyid:0F:95:C9:C9:A7:F1:9A:9A:D7:17:E4:DA:A5:30:C8:5C:F9:9A:B9:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D5XJyafxmprXF-TapTDIXPmauXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/08f5cd-8eec-4d55-8812-c93659f76737/1/D5XJyafxmprXF-TapTDIXPmauXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:5b:60:83:33:b9:12:09:f2:11:15:58:8b:21:c0:40:6f:7a:
b5:8c:bb:b0:c3:5c:36:03:ea:4a:63:f4:ec:2b:66:b8:38:cf:
b9:bd:bf:a4:e2:54:2a:5b:cb:aa:d4:0c:87:93:76:cf:6d:d5:
d8:9e:7d:a3:15:c3:6a:3e:97:07:1d:45:34:b9:16:a7:d1:e8:
f9:a7:5d:01:13:66:13:c1:e3:c9:e0:a8:fc:40:3b:57:ab:02:
ac:c8:6e:b6:4f:fe:90:92:0e:16:f8:95:9d:79:92:1f:2d:f7:
e5:3a:56:5a:14:de:67:cb:92:9a:dc:68:c8:99:57:e1:a4:5e:
28:83:33:92:09:83:bb:ab:12:27:45:fc:cf:08:c1:08:dc:8b:
c9:8e:52:36:26:68:2b:97:dd:db:01:9d:c3:00:9c:50:9f:f2:
3e:56:bb:d1:27:98:8f:0d:cd:e4:a9:47:ef:2f:f5:ec:9d:29:
10:99:73:9e:e2:ce:9e:46:9d:74:31:b5:13:bf:02:ac:21:65:
56:89:d1:0b:6d:40:30:47:0e:a8:bf:42:88:db:be:60:44:3e:
69:67:ab:6b:40:8f:04:55:31:91:27:5e:db:c2:f1:f7:f5:c4:
c2:0b:94:5b:44:69:ab:ec:49:d9:51:dd:5e:9a:e7:d8:88:97:
4d:86:2b:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQ4y8LKeW4rFYQ++X+Ut0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmOTVjOWM5YTdmMTlhOWFkNzE3ZTRkYWE1MzBjODVjZjk5
YWI5NzUwHhcNMjUxMTA0MjIwMDU3WhcNMjUxMTA1MjIwMDU3WjAzMTEwLwYDVQQD
EyhkZTRkMjdiMzc5MzMzMWIwZmFiZjhmNjNmZGZiNDIxYjZlY2MwMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv68m3xuR3t8K7TLuo2ZiLbxS0RYP
bKUcI+QGLM7cw+K6uBrSrufqZ/qBni/7d6i8CMWFlKS+vkffozP/oQcSXw+fKeck
TBXSSUs8NNpN/VtDJQiq2KuCX/WxbL5vCC+r+i+nnzonZIQYFdy8BAvKkYzBpnHb
TZNE6qiQ5/DRIlv8SgVZSxb2KHhODV/Il/lJDwohxrJtkJ19dWMCqnAhCaXB8PxQ
XBS37CGC4FKSmuf0Un3FjgxvmbLsUv8uz+qStD5fXKmUbjWOmJm6U0Z54hHFDphY
tYJl5Fwik4lP5uMK05Na8oV0PQRb5NcI/qoaGAixCq9tHjtW7wgq+RA6QQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN5NJ7N5MzGw+r+PY/37QhtuzAH/MB8GA1UdIwQY
MBaAFA+Vycmn8Zqa1xfk2qUwyFz5mrl1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wOGY1Y2QtOGVlYy00ZDU1LTg4MTIt
YzkzNjU5Zjc2NzM3LzEvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wOGY1Y2QtOGVlYy00ZDU1LTg4MTItYzkzNjU5Zjc2NzM3
LzEvRDVYSnlhZnhtcHJYRi1UYXBURElYUG1hdVhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP1tggzO5
EgnyERVYiyHAQG96tYy7sMNcNgPqSmP07CtmuDjPub2/pOJUKlvLqtQMh5N2z23V
2J59oxXDaj6XBx1FNLkWp9Ho+addARNmE8HjyeCo/EA7V6sCrMhutk/+kJIOFviV
nXmSHy335TpWWhTeZ8uSmtxoyJlX4aReKIMzkgmDu6sSJ0X8zwjBCNyLyY5SNiZo
K5fd2wGdwwCcUJ/yPla70SeYjw3N5KlH7y/17J0pEJlznuLOnkaddDG1E78CrCFl
VonRC21AMEcOqL9CiNu+YEQ+aWera0CPBFUxkSde28Lx9/XEwguUW0Rpq+xJ2VHd
Xprn2IiXTYYrZQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:59:59 2025 by rpki-client