Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/1672d0-5b6d-4115-afb3-880a81b99cc5/1/1P97rGRNWVZyLl4YOiL7FFXnVUY.mft
File: 1P97rGRNWVZyLl4YOiL7FFXnVUY.mft (raw, json)
Hash identifier: foIVzmyeXyZP0mbbjmiBk5ZlKyilz2GzH98YqrHuekI=
Subject key identifier: 3A:86:DC:FB:79:1E:E6:C7:5B:92:08:47:94:82:C9:93:CA:F2:64:2D
Authority key identifier: D4:FF:7B:AC:64:4D:59:56:72:2E:5E:18:3A:22:FB:14:55:E7:55:46
Certificate issuer: /CN=d4ff7bac644d5956722e5e183a22fb1455e75546
Certificate serial: 019A4D73ABB594317CC6B7760211030B2C5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P97rGRNWVZyLl4YOiL7FFXnVUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/1672d0-5b6d-4115-afb3-880a81b99cc5/1/1P97rGRNWVZyLl4YOiL7FFXnVUY.mft
Manifest number: 0398
Signing time: Tue 04 Nov 2025 06:00:17 +0000
Manifest this update: Tue 04 Nov 2025 06:00:17 +0000
Manifest next update: Wed 05 Nov 2025 06:00:17 +0000
Files and hashes: 1: 1P97rGRNWVZyLl4YOiL7FFXnVUY.crl (hash: bXZRyrmm1v3EGUEoOUHgHfe9P1CXfoMqNi+4/hlWYws=)
2: BBrcZolorsy-tffprBkzb6kzxjw.roa (hash: LubTLYd6O/FVL7Y6tbf5xWEWtjZWCQG4GmiGhTzuDxo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/1672d0-5b6d-4115-afb3-880a81b99cc5/1/1P97rGRNWVZyLl4YOiL7FFXnVUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/1672d0-5b6d-4115-afb3-880a81b99cc5/1/1P97rGRNWVZyLl4YOiL7FFXnVUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1P97rGRNWVZyLl4YOiL7FFXnVUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:ab:b5:94:31:7c:c6:b7:76:02:11:03:0b:2c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff7bac644d5956722e5e183a22fb1455e75546
Validity
Not Before: Nov 4 06:00:17 2025 GMT
Not After : Nov 5 06:00:17 2025 GMT
Subject: CN=3a86dcfb791ee6c75b9208479482c993caf2642d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b9:1f:fe:55:75:ee:0f:0d:88:d5:d7:e5:a8:
82:f3:e2:f6:a0:fc:7c:f0:54:10:bc:6d:01:c3:e6:
11:c1:71:bb:00:2a:82:c3:97:34:9d:c7:eb:b7:03:
ae:22:8a:55:04:2d:ce:b9:60:da:fd:ca:49:80:61:
86:2a:ac:f8:58:a3:d9:6c:d1:70:75:08:dd:de:43:
ed:ad:37:cc:02:a9:20:4a:8e:d0:02:ee:d9:b7:66:
5e:b6:1b:0f:30:b2:cb:7c:55:50:df:c4:3c:8b:a1:
4e:e8:e2:d1:6b:a8:91:2e:48:63:e7:a0:24:d8:5b:
81:ba:dc:bd:bd:1f:73:99:b1:42:a7:d7:9b:b1:57:
2e:c9:47:a8:6c:f2:cb:51:50:ae:3c:c1:e1:97:b9:
29:34:11:74:e2:a4:4f:85:7e:1f:e8:cf:14:b9:ad:
74:8a:9f:3c:ef:12:03:42:eb:ca:88:15:46:22:66:
67:f1:ef:c4:53:ae:35:db:03:cc:52:62:7a:5e:c0:
8e:3b:7f:3f:13:93:54:2a:10:c0:92:6e:69:4d:08:
3a:39:80:26:8b:23:ec:37:0b:30:8a:94:df:52:8e:
9b:f1:dd:28:00:3c:79:aa:19:6b:f8:8b:8e:78:9e:
0f:2f:c3:7c:3f:ee:2e:f1:a3:49:95:e0:0b:5c:3d:
b9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:86:DC:FB:79:1E:E6:C7:5B:92:08:47:94:82:C9:93:CA:F2:64:2D
X509v3 Authority Key Identifier:
keyid:D4:FF:7B:AC:64:4D:59:56:72:2E:5E:18:3A:22:FB:14:55:E7:55:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P97rGRNWVZyLl4YOiL7FFXnVUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1672d0-5b6d-4115-afb3-880a81b99cc5/1/1P97rGRNWVZyLl4YOiL7FFXnVUY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1672d0-5b6d-4115-afb3-880a81b99cc5/1/1P97rGRNWVZyLl4YOiL7FFXnVUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:69:5c:93:ef:d3:2a:43:b7:5a:8d:75:aa:7c:fb:64:ca:0a:
74:ca:b5:6f:a7:e4:16:ac:42:bb:b6:3f:71:b5:83:6a:09:79:
b9:4f:7f:9f:e6:6d:31:af:8a:63:cd:1d:97:91:d6:ae:0e:44:
fc:1b:31:09:b9:d3:12:4f:4b:0d:ff:c1:45:45:66:37:31:73:
7a:7e:bd:bc:7f:e7:0e:5d:b4:8f:4f:84:d5:75:e4:d5:8c:7b:
6d:87:d2:0d:7e:9a:17:00:9c:b7:73:5e:61:73:99:67:b5:b0:
df:4d:e4:90:12:6d:21:e8:95:33:8b:8f:cc:17:67:ba:aa:2a:
de:bc:8e:bd:d6:0b:ea:ee:e9:bd:c9:2e:ee:58:5c:e6:bf:fd:
20:2a:b5:89:a7:15:07:8b:9b:3a:a6:c8:0a:e4:92:27:8b:75:
4c:8a:13:f5:0e:d5:b1:30:8a:71:cb:6e:30:60:2a:b3:b9:04:
34:1e:d0:a9:26:9b:d4:2a:6a:99:8b:05:2d:eb:e7:4b:fc:e3:
84:3f:b0:46:71:f6:83:94:9d:8d:44:74:9e:5e:23:35:24:d9:
4e:82:5d:4a:0e:ec:96:20:c5:c7:d5:af:35:5f:0a:43:db:f4:
2a:01:46:8d:12:d2:46:fd:c0:a7:98:ff:12:b2:47:5f:2e:24:
59:12:9e:6f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc6u1lDF8xrd2AhEDCyxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZmY3YmFjNjQ0ZDU5NTY3MjJlNWUxODNhMjJmYjE0NTVl
NzU1NDYwHhcNMjUxMTA0MDYwMDE3WhcNMjUxMTA1MDYwMDE3WjAzMTEwLwYDVQQD
EygzYTg2ZGNmYjc5MWVlNmM3NWI5MjA4NDc5NDgyYzk5M2NhZjI2NDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7kf/lV17g8NiNXX5aiC8+L2oPx8
8FQQvG0Bw+YRwXG7ACqCw5c0ncfrtwOuIopVBC3OuWDa/cpJgGGGKqz4WKPZbNFw
dQjd3kPtrTfMAqkgSo7QAu7Zt2ZethsPMLLLfFVQ38Q8i6FO6OLRa6iRLkhj56Ak
2FuButy9vR9zmbFCp9ebsVcuyUeobPLLUVCuPMHhl7kpNBF04qRPhX4f6M8Uua10
ip887xIDQuvKiBVGImZn8e/EU6412wPMUmJ6XsCOO38/E5NUKhDAkm5pTQg6OYAm
iyPsNwswipTfUo6b8d0oADx5qhlr+IuOeJ4PL8N8P+4u8aNJleALXD25NwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDqG3Pt5HubHW5IIR5SCyZPK8mQtMB8GA1UdIwQY
MBaAFNT/e6xkTVlWci5eGDoi+xRV51VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVA5N3JHUk5XVlp5TGw0WU9pTDdGRlhuVlVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8xNjcyZDAtNWI2ZC00MTE1LWFmYjMt
ODgwYTgxYjk5Y2M1LzEvMVA5N3JHUk5XVlp5TGw0WU9pTDdGRlhuVlVZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8xNjcyZDAtNWI2ZC00MTE1LWFmYjMtODgwYTgxYjk5Y2M1
LzEvMVA5N3JHUk5XVlp5TGw0WU9pTDdGRlhuVlVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApmlck+/T
KkO3Wo11qnz7ZMoKdMq1b6fkFqxCu7Y/cbWDagl5uU9/n+ZtMa+KY80dl5HWrg5E
/BsxCbnTEk9LDf/BRUVmNzFzen69vH/nDl20j0+E1XXk1Yx7bYfSDX6aFwCct3Ne
YXOZZ7Ww303kkBJtIeiVM4uPzBdnuqoq3ryOvdYL6u7pvcku7lhc5r/9ICq1iacV
B4ubOqbICuSSJ4t1TIoT9Q7VsTCKcctuMGAqs7kENB7QqSab1CpqmYsFLevnS/zj
hD+wRnH2g5SdjUR0nl4jNSTZToJdSg7sliDFx9WvNV8KQ9v0KgFGjRLSRv3Ap5j/
ErJHXy4kWRKebw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:48:15 2025 by rpki-client