Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
File: sd-OADfxroL3viI1rmEsQBD2_pE.mft (raw, json)
Hash identifier: 4J0Y6lQO70pRyEqDJbbpuMSg2D2wAnlSV803mwPMTxg=
Subject key identifier: CC:F9:D3:EE:F0:DC:89:BE:59:1F:67:40:ED:36:06:5D:BF:1D:CF:9E
Authority key identifier: B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91
Certificate issuer: /CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91
Certificate serial: 019A51BE597512604A223B3BDFE2E7330C15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
Manifest number: 0224
Signing time: Wed 05 Nov 2025 02:00:20 +0000
Manifest this update: Wed 05 Nov 2025 02:00:20 +0000
Manifest next update: Thu 06 Nov 2025 02:00:20 +0000
Files and hashes: 1: GdRMKH6WdmmVubPmURRtVnS8GV8.roa (hash: gQYTKVfews/6lfRAQlloM0LgEpj91iqOXwXozcwIpNc=)
2: sd-OADfxroL3viI1rmEsQBD2_pE.crl (hash: ylTCoAVu1HLt44Attpb7/315KXwWdyN4+siqCBuTyn4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:be:59:75:12:60:4a:22:3b:3b:df:e2:e7:33:0c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1df8e0037f1ae82f7be2235ae612c4010f6fe91
Validity
Not Before: Nov 5 02:00:20 2025 GMT
Not After : Nov 6 02:00:20 2025 GMT
Subject: CN=ccf9d3eef0dc89be591f6740ed36065dbf1dcf9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:14:b3:c8:3e:b2:2a:c8:ba:10:02:36:48:53:
d0:bb:e3:7a:04:5a:d6:af:bf:c5:9f:aa:a0:c5:ea:
26:40:d2:2d:07:80:5a:cf:c4:19:17:b7:1d:bb:80:
f5:51:41:84:7e:67:f5:a3:a9:52:89:60:dc:02:2a:
99:29:97:30:34:7b:14:3a:e3:10:83:39:cf:61:01:
30:32:e4:89:d0:8a:40:b4:3a:f8:24:05:6c:5d:16:
34:9e:74:a9:b7:34:73:66:57:34:b1:4e:43:b7:73:
b5:92:0d:0b:af:13:6d:40:46:11:7c:5d:bb:53:a3:
fa:9f:01:f4:74:0e:49:ed:df:3a:3e:a3:61:4b:29:
87:fc:3c:4a:a9:19:31:03:60:1a:af:1b:dc:5c:47:
b4:f7:85:47:f9:62:eb:54:89:6a:60:63:98:d9:40:
e0:73:4d:ce:ca:06:de:27:5c:28:8d:28:fa:0d:82:
95:92:62:cb:05:3f:3a:79:e6:fe:a9:31:b8:f4:22:
e4:29:3c:51:14:43:9b:2f:5c:9f:98:0b:ec:57:1c:
d8:c9:85:25:b3:6b:2d:ac:ca:c3:ae:d3:e8:db:cb:
a8:02:4a:64:5b:7e:9b:9a:d6:dc:6c:1d:70:a1:ad:
c3:d6:46:b7:26:8a:94:a3:b5:5a:57:1c:6e:f0:16:
53:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:F9:D3:EE:F0:DC:89:BE:59:1F:67:40:ED:36:06:5D:BF:1D:CF:9E
X509v3 Authority Key Identifier:
keyid:B1:DF:8E:00:37:F1:AE:82:F7:BE:22:35:AE:61:2C:40:10:F6:FE:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-OADfxroL3viI1rmEsQBD2_pE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/6b4a18-07bc-4353-b7ea-19ca50cf34ab/1/sd-OADfxroL3viI1rmEsQBD2_pE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2b:0a:db:05:0d:0f:e4:a8:9f:2f:8a:cb:e4:10:38:12:24:51:
70:b8:38:16:c5:7c:fc:95:51:b5:e3:03:54:cd:02:19:87:e8:
03:a9:ba:18:eb:71:dd:25:6c:59:e3:c6:54:01:d3:ca:0b:7d:
bd:e3:d3:18:99:a3:82:66:21:e5:35:18:a1:ac:68:e7:8d:4a:
64:7d:8e:7d:e6:46:66:3d:f9:59:f0:32:b2:63:e5:5b:84:ae:
a1:30:8e:9d:32:4a:86:2c:41:76:64:8c:be:a2:07:b3:ec:88:
fb:01:9f:d1:da:01:09:18:3d:fd:60:1e:f2:82:e1:89:7a:82:
44:69:6e:64:35:11:21:c7:c7:aa:e5:7e:e6:21:e8:2e:78:d1:
7d:81:a8:76:42:83:3b:eb:e1:f0:0d:62:e8:0a:bc:e3:43:d7:
e5:47:90:9f:42:d8:52:e3:b6:bf:83:54:11:ba:41:92:9c:88:
ca:f1:aa:87:5a:1d:45:40:71:74:09:cd:b0:f9:70:2d:a9:0c:
28:07:82:4b:c4:17:30:fd:3e:3b:af:57:7e:1e:04:84:93:da:
6d:01:99:b9:ef:60:70:df:c9:cd:fe:7c:03:74:1d:31:0b:38:
41:ea:9b:6b:74:d9:1e:64:36:14:23:38:f6:ba:15:4b:cc:45:
04:83:81:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRvll1EmBKIjs73+LnMwwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGY4ZTAwMzdmMWFlODJmN2JlMjIzNWFlNjEyYzQwMTBm
NmZlOTEwHhcNMjUxMTA1MDIwMDIwWhcNMjUxMTA2MDIwMDIwWjAzMTEwLwYDVQQD
EyhjY2Y5ZDNlZWYwZGM4OWJlNTkxZjY3NDBlZDM2MDY1ZGJmMWRjZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRSzyD6yKsi6EAI2SFPQu+N6BFrW
r7/Fn6qgxeomQNItB4Baz8QZF7cdu4D1UUGEfmf1o6lSiWDcAiqZKZcwNHsUOuMQ
gznPYQEwMuSJ0IpAtDr4JAVsXRY0nnSptzRzZlc0sU5Dt3O1kg0LrxNtQEYRfF27
U6P6nwH0dA5J7d86PqNhSymH/DxKqRkxA2AarxvcXEe094VH+WLrVIlqYGOY2UDg
c03OygbeJ1wojSj6DYKVkmLLBT86eeb+qTG49CLkKTxRFEObL1yfmAvsVxzYyYUl
s2strMrDrtPo28uoAkpkW36bmtbcbB1woa3D1ka3JoqUo7VaVxxu8BZTAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMz50+7w3Im+WR9nQO02Bl2/Hc+eMB8GA1UdIwQY
MBaAFLHfjgA38a6C974iNa5hLEAQ9v6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEt
MTljYTUwY2YzNGFiLzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My82YjRhMTgtMDdiYy00MzUzLWI3ZWEtMTljYTUwY2YzNGFi
LzEvc2QtT0FEZnhyb0wzdmlJMXJtRXNRQkQyX3BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKwrbBQ0P
5KifL4rL5BA4EiRRcLg4FsV8/JVRteMDVM0CGYfoA6m6GOtx3SVsWePGVAHTygt9
vePTGJmjgmYh5TUYoaxo541KZH2OfeZGZj35WfAysmPlW4SuoTCOnTJKhixBdmSM
vqIHs+yI+wGf0doBCRg9/WAe8oLhiXqCRGluZDURIcfHquV+5iHoLnjRfYGodkKD
O+vh8A1i6Aq840PX5UeQn0LYUuO2v4NUEbpBkpyIyvGqh1odRUBxdAnNsPlwLakM
KAeCS8QXMP0+O69Xfh4EhJPabQGZue9gcN/Jzf58A3QdMQs4Qeqba3TZHmQ2FCM4
9roVS8xFBIOBbQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:11:59 2025 by rpki-client