Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft
File: rwMNO0xYnpSj72Hd1UAajz_3m20.mft (raw, json)
Hash identifier: 9jZObEwFJaB9Je903CKHxwgojFuZYwZpYErQtKZSnHo=
Subject key identifier: A5:F8:2E:84:5D:47:01:70:DF:20:11:1D:8B:54:9D:80:DA:5D:F0:49
Authority key identifier: AF:03:0D:3B:4C:58:9E:94:A3:EF:61:DD:D5:40:1A:8F:3F:F7:9B:6D
Certificate issuer: /CN=af030d3b4c589e94a3ef61ddd5401a8f3ff79b6d
Certificate serial: 019A533F39F1616552B413EAEE675189F387
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwMNO0xYnpSj72Hd1UAajz_3m20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft
Manifest number: 0545
Signing time: Wed 05 Nov 2025 09:00:43 +0000
Manifest this update: Wed 05 Nov 2025 09:00:43 +0000
Manifest next update: Thu 06 Nov 2025 09:00:43 +0000
Files and hashes: 1: lhPT8Z32dm5HBnSDBqDW1qERmiA.roa (hash: 0NqD/8/FwQf4n6Nk71zoiew6bzyeCyV72ogP7Shiesg=)
2: rwMNO0xYnpSj72Hd1UAajz_3m20.crl (hash: Dk1IZ7JkkmMukQOO/rJQMpI8B1QNGSkXpUcp4xzPbjM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft
rsync://rpki.ripe.net/repository/DEFAULT/rwMNO0xYnpSj72Hd1UAajz_3m20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:3f:39:f1:61:65:52:b4:13:ea:ee:67:51:89:f3:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af030d3b4c589e94a3ef61ddd5401a8f3ff79b6d
Validity
Not Before: Nov 5 09:00:43 2025 GMT
Not After : Nov 6 09:00:43 2025 GMT
Subject: CN=a5f82e845d470170df20111d8b549d80da5df049
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:48:13:84:a2:6a:39:46:0b:50:73:29:07:8f:
4c:8d:2f:1c:65:09:30:b4:8b:1b:ab:16:c2:55:4f:
a1:64:3a:91:7f:14:ae:f3:e9:e3:eb:54:0b:83:64:
91:ce:d3:00:f7:27:35:57:9b:b4:8a:34:5c:9c:6d:
46:c6:ae:7e:19:d3:bd:4c:13:b1:21:ce:9d:84:bd:
46:a7:de:4d:30:e2:c5:e5:ad:b9:1f:7e:53:b6:28:
d1:6e:45:3f:d5:f9:37:f6:c8:96:23:ac:98:4f:ff:
d5:e4:b1:f6:cf:23:e4:31:4c:f1:15:91:78:37:cc:
41:b0:c7:de:ac:5b:4e:f4:3f:4d:93:dd:28:63:58:
0e:f2:63:96:fa:43:d1:ec:3b:89:17:2a:01:bb:6c:
10:58:14:a7:df:4f:60:48:1a:08:62:64:ff:23:5b:
7b:2c:2c:53:b5:be:93:f8:f2:41:88:9c:56:41:21:
c2:cf:94:4d:8e:ea:36:c4:fe:cc:e7:fa:c8:d0:b2:
fd:67:10:c2:fa:b6:10:90:6d:f6:46:1b:bb:d6:3b:
77:9f:5d:e1:d4:b0:05:8f:fa:ba:7d:d1:4b:9a:d7:
72:a0:bf:ff:4c:51:aa:94:4c:58:5e:7c:4a:51:75:
be:e9:47:63:32:85:7f:59:bb:e6:d6:7c:b4:54:db:
02:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:F8:2E:84:5D:47:01:70:DF:20:11:1D:8B:54:9D:80:DA:5D:F0:49
X509v3 Authority Key Identifier:
keyid:AF:03:0D:3B:4C:58:9E:94:A3:EF:61:DD:D5:40:1A:8F:3F:F7:9B:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwMNO0xYnpSj72Hd1UAajz_3m20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/0da847-1ae9-496c-89fa-9245a9ab978b/1/rwMNO0xYnpSj72Hd1UAajz_3m20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:dd:1f:c2:72:27:d6:b8:04:c7:07:6b:27:6c:f3:39:96:17:
be:ee:d9:76:cb:28:a2:59:e9:10:b1:16:39:2f:9c:c2:29:82:
c3:1d:0e:84:02:3e:e9:d4:7e:ca:bb:fd:39:5a:e5:c8:f4:07:
09:fe:37:85:cb:45:d0:39:5d:c8:1e:25:a1:ae:ac:7d:0f:9f:
52:6a:55:09:28:0f:18:50:33:68:b4:94:f2:a5:45:37:0b:40:
22:af:c2:d0:80:80:2c:1a:78:88:89:73:99:6b:14:22:a0:b3:
e0:5b:f8:fe:fe:7a:e1:08:8e:5a:14:dc:2b:f0:e7:29:8d:7d:
ce:54:0c:c3:2d:99:da:35:c8:23:a7:4d:01:4b:f2:a7:ce:c6:
72:c0:73:f7:ed:dc:2a:d6:a0:1d:0a:88:d3:93:51:86:55:4d:
61:6f:f9:06:ad:1b:d3:ae:2b:42:96:a4:58:0c:8b:5c:c8:93:
44:fa:60:73:11:1b:71:0a:fe:e8:9b:d2:91:b1:41:2b:85:68:
1c:07:25:b8:aa:07:74:73:33:b8:c8:30:71:27:62:2b:01:87:
3a:cf:88:58:cf:9f:cf:1b:cd:78:c0:91:4d:47:d9:2b:29:c4:
e6:d5:73:c1:4b:e8:6f:7d:6f:50:eb:be:ff:b1:c2:26:65:18:
47:c5:e5:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTPznxYWVStBPq7mdRifOHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMDMwZDNiNGM1ODllOTRhM2VmNjFkZGQ1NDAxYThmM2Zm
NzliNmQwHhcNMjUxMTA1MDkwMDQzWhcNMjUxMTA2MDkwMDQzWjAzMTEwLwYDVQQD
EyhhNWY4MmU4NDVkNDcwMTcwZGYyMDExMWQ4YjU0OWQ4MGRhNWRmMDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkgThKJqOUYLUHMpB49MjS8cZQkw
tIsbqxbCVU+hZDqRfxSu8+nj61QLg2SRztMA9yc1V5u0ijRcnG1Gxq5+GdO9TBOx
Ic6dhL1Gp95NMOLF5a25H35TtijRbkU/1fk39siWI6yYT//V5LH2zyPkMUzxFZF4
N8xBsMferFtO9D9Nk90oY1gO8mOW+kPR7DuJFyoBu2wQWBSn309gSBoIYmT/I1t7
LCxTtb6T+PJBiJxWQSHCz5RNjuo2xP7M5/rI0LL9ZxDC+rYQkG32Rhu71jt3n13h
1LAFj/q6fdFLmtdyoL//TFGqlExYXnxKUXW+6UdjMoV/Wbvm1ny0VNsC+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKX4LoRdRwFw3yARHYtUnYDaXfBJMB8GA1UdIwQY
MBaAFK8DDTtMWJ6Uo+9h3dVAGo8/95ttMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcndNTk8weFlucFNqNzJIZDFVQWFqel8zbTIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8wZGE4NDctMWFlOS00OTZjLTg5ZmEt
OTI0NWE5YWI5NzhiLzEvcndNTk8weFlucFNqNzJIZDFVQWFqel8zbTIwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi8wZGE4NDctMWFlOS00OTZjLTg5ZmEtOTI0NWE5YWI5Nzhi
LzEvcndNTk8weFlucFNqNzJIZDFVQWFqel8zbTIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkd0fwnIn
1rgExwdrJ2zzOZYXvu7ZdssoolnpELEWOS+cwimCwx0OhAI+6dR+yrv9OVrlyPQH
Cf43hctF0DldyB4loa6sfQ+fUmpVCSgPGFAzaLSU8qVFNwtAIq/C0ICALBp4iIlz
mWsUIqCz4Fv4/v564QiOWhTcK/DnKY19zlQMwy2Z2jXII6dNAUvyp87GcsBz9+3c
KtagHQqI05NRhlVNYW/5Bq0b064rQpakWAyLXMiTRPpgcxEbcQr+6JvSkbFBK4Vo
HAcluKoHdHMzuMgwcSdiKwGHOs+IWM+fzxvNeMCRTUfZKynE5tVzwUvob31vUOu+
/7HCJmUYR8XlIw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:53:19 2025 by rpki-client