Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
File: 20IFnOKR1Jpmkgcxx2faVj7yESQ.mft (raw, json)
Hash identifier: zaKgsMviZOPnAcpgQbzGgnXT3OEi4mqbSLj5rqvps7Q=
Subject key identifier: 50:22:60:74:D8:75:A9:9E:FD:E1:7E:B4:5C:2F:DB:11:30:2F:5D:5A
Authority key identifier: DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
Certificate issuer: /CN=db42059ce291d49a66920731c767da563ef21124
Certificate serial: 019A5150C4BBF8E199414A568FFBBC618B14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
Manifest number: 0A0A
Signing time: Wed 05 Nov 2025 00:00:39 +0000
Manifest this update: Wed 05 Nov 2025 00:00:39 +0000
Manifest next update: Thu 06 Nov 2025 00:00:39 +0000
Files and hashes: 1: 20IFnOKR1Jpmkgcxx2faVj7yESQ.crl (hash: s/+b9ftcIqXOgGkSiw3Vyb99GzbSsyto6awS579l28I=)
2: 4Eso2GRh3TFlocCc5lcI1-kD4Pk.roa (hash: ZZWcQEmA2vmSeltVrHKBZfPJ+X7E/tLB/wKbTZ0f8BU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:50:c4:bb:f8:e1:99:41:4a:56:8f:fb:bc:61:8b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db42059ce291d49a66920731c767da563ef21124
Validity
Not Before: Nov 5 00:00:39 2025 GMT
Not After : Nov 6 00:00:39 2025 GMT
Subject: CN=50226074d875a99efde17eb45c2fdb11302f5d5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c5:15:de:dc:43:2f:84:8c:ae:7a:e8:90:a0:
fe:2d:4d:da:f7:0f:b1:28:3e:78:aa:bf:78:79:10:
dc:d4:c9:02:cf:fe:d0:6e:22:e5:d3:71:fb:8f:02:
8e:56:d8:98:1c:97:64:12:48:08:a5:b2:fd:bb:34:
4d:95:60:bb:de:12:1f:25:77:db:f1:85:87:a0:f1:
e5:df:a8:5c:fb:c9:f6:ca:c2:64:bc:38:f3:9f:8f:
6f:ed:ff:c1:46:32:70:c3:ce:a7:27:21:cf:c9:35:
58:e6:5d:54:33:ad:cb:e0:04:ee:32:86:e8:3f:76:
88:89:d6:42:31:2c:c8:ba:41:95:82:38:c9:e6:5a:
f8:21:74:26:7c:9a:07:45:c4:4d:5f:a6:45:07:3a:
2b:2d:8e:31:86:68:c7:8a:fa:d3:f3:7a:d3:e5:1e:
a6:b0:3e:83:7c:84:dd:60:2b:c7:02:5a:b1:b3:02:
8b:a0:18:f1:43:db:5e:f5:66:74:08:81:d7:38:96:
b8:4b:01:30:3a:ca:19:6e:d3:f8:a3:ef:13:7f:17:
54:8c:a1:52:12:d8:a4:e4:3b:7a:81:7c:6e:35:c1:
f2:1f:89:e4:23:85:46:fa:5a:ab:25:62:0b:b2:82:
d0:f4:00:21:fe:3b:99:42:d4:ff:f2:06:9b:9e:a2:
3b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:22:60:74:D8:75:A9:9E:FD:E1:7E:B4:5C:2F:DB:11:30:2F:5D:5A
X509v3 Authority Key Identifier:
keyid:DB:42:05:9C:E2:91:D4:9A:66:92:07:31:C7:67:DA:56:3E:F2:11:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20IFnOKR1Jpmkgcxx2faVj7yESQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/9e3f2a-1440-4084-84c2-9312d087dfca/1/20IFnOKR1Jpmkgcxx2faVj7yESQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:b0:9b:5f:60:12:7b:89:e1:14:6e:eb:d4:bc:32:e1:1b:70:
76:f3:cf:79:9d:fa:c9:76:21:cb:f9:3a:e6:ed:d4:e1:c7:30:
98:20:2f:1f:03:b9:2a:66:65:71:31:ef:96:32:54:2b:59:c3:
35:1f:6c:3a:81:33:51:52:40:39:97:8e:53:26:48:a6:ea:09:
ed:ba:b8:5f:82:a2:f1:01:a3:60:02:a2:58:7a:f9:43:e9:3d:
1f:94:95:a3:31:08:b0:06:c5:42:ed:f2:c1:83:13:de:97:4c:
ef:ed:f4:15:c4:43:e7:e7:ef:da:a2:68:06:be:b4:46:0c:12:
ca:a9:cf:bd:59:4a:a7:d0:0b:e9:70:4b:e1:c6:d6:f6:08:17:
5d:bf:60:15:04:b7:40:f6:70:a4:70:bd:5f:e4:cd:15:2e:0c:
df:d4:28:8d:2a:5c:9d:bc:49:37:24:3d:76:da:48:d2:20:71:
e4:48:7e:94:cf:34:57:6d:8a:38:f7:df:36:08:ff:35:94:c0:
53:e5:b6:6b:ae:b1:cb:68:75:24:ce:64:fd:eb:45:d0:c1:81:
5e:ac:14:3c:a5:c5:69:44:c0:bf:da:68:7e:0b:58:6c:3d:c9:
dd:a1:75:9f:f7:2a:86:7b:7b:87:8f:9c:e3:05:22:52:38:79:
5f:27:2f:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUMS7+OGZQUpWj/u8YYsUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDIwNTljZTI5MWQ0OWE2NjkyMDczMWM3NjdkYTU2M2Vm
MjExMjQwHhcNMjUxMTA1MDAwMDM5WhcNMjUxMTA2MDAwMDM5WjAzMTEwLwYDVQQD
Eyg1MDIyNjA3NGQ4NzVhOTllZmRlMTdlYjQ1YzJmZGIxMTMwMmY1ZDVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMUV3txDL4SMrnrokKD+LU3a9w+x
KD54qr94eRDc1MkCz/7QbiLl03H7jwKOVtiYHJdkEkgIpbL9uzRNlWC73hIfJXfb
8YWHoPHl36hc+8n2ysJkvDjzn49v7f/BRjJww86nJyHPyTVY5l1UM63L4ATuMobo
P3aIidZCMSzIukGVgjjJ5lr4IXQmfJoHRcRNX6ZFBzorLY4xhmjHivrT83rT5R6m
sD6DfITdYCvHAlqxswKLoBjxQ9te9WZ0CIHXOJa4SwEwOsoZbtP4o+8TfxdUjKFS
Etik5Dt6gXxuNcHyH4nkI4VG+lqrJWILsoLQ9AAh/juZQtT/8gabnqI77wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFAiYHTYdame/eF+tFwv2xEwL11aMB8GA1UdIwQY
MBaAFNtCBZzikdSaZpIHMcdn2lY+8hEkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzIt
OTMxMmQwODdkZmNhLzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni85ZTNmMmEtMTQ0MC00MDg0LTg0YzItOTMxMmQwODdkZmNh
LzEvMjBJRm5PS1IxSnBta2djeHgyZmFWajd5RVNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXrCbX2AS
e4nhFG7r1Lwy4RtwdvPPeZ36yXYhy/k65u3U4ccwmCAvHwO5KmZlcTHvljJUK1nD
NR9sOoEzUVJAOZeOUyZIpuoJ7bq4X4Ki8QGjYAKiWHr5Q+k9H5SVozEIsAbFQu3y
wYMT3pdM7+30FcRD5+fv2qJoBr60RgwSyqnPvVlKp9AL6XBL4cbW9ggXXb9gFQS3
QPZwpHC9X+TNFS4M39QojSpcnbxJNyQ9dtpI0iBx5Eh+lM80V22KOPffNgj/NZTA
U+W2a66xy2h1JM5k/etF0MGBXqwUPKXFaUTAv9pofgtYbD3J3aF1n/cqhnt7h4+c
4wUiUjh5XycvCw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 04:27:26 2025 by rpki-client