
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
File: D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft (raw, json)
Hash identifier: acAJDrl2TCQuD8duWQy7F1NYM+U9hr2jlZ7fxAB3jyo=
Subject key identifier: DD:EB:2F:32:D3:15:6C:05:D6:1C:B3:4E:56:96:D4:46:DF:AB:67:AA
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 01989335ACF8BEFAFA3A5F5243B3B1284EA3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
Manifest number: 1405
Signing time: Sun 10 Aug 2025 09:00:25 +0000
Manifest this update: Sun 10 Aug 2025 09:00:25 +0000
Manifest next update: Mon 11 Aug 2025 09:00:25 +0000
Files and hashes: 1: D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl (hash: xog5CHf0Gbkq1i1oshAsypDnw7c3yfSDQbdHWP2HplQ=)
2: O_uEU5a5hFxcQ9cF5vOgcBailtI.roa (hash: am+LoRbwPcUWGmyLF541pRdLLSbuzmsIRCZ85z19J6M=)
3: _MZl5mAk0VStSl6-Iutzl1XZEmc.roa (hash: GAxNehsNlSM4VBui+WLkl0ufFvlsHnC2diPLD2P3m8s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:93:35:ac:f8:be:fa:fa:3a:5f:52:43:b3:b1:28:4e:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Aug 10 09:00:25 2025 GMT
Not After : Aug 11 09:00:25 2025 GMT
Subject: CN=ddeb2f32d3156c05d61cb34e5696d446dfab67aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:19:24:09:23:56:66:bc:30:bb:99:fc:7d:
a2:4b:66:c9:5b:cb:55:1c:d5:2e:f3:e0:38:4a:57:
d5:fa:c1:c4:f6:ba:9f:e4:46:99:cd:18:84:6c:11:
9c:cf:2e:a9:bd:64:98:96:e3:cd:0b:fa:83:89:c9:
d4:fd:e3:e9:27:7c:ac:94:b6:66:b5:d0:2f:8a:9a:
5f:3d:95:78:dc:73:79:83:81:48:15:c4:00:59:18:
1d:f0:51:b8:46:5d:64:36:a8:9e:49:d6:ce:08:85:
f0:3a:84:36:b9:0d:ca:8b:e0:cf:3a:03:eb:83:95:
de:47:50:89:dd:d5:df:6d:0c:b5:bf:6f:c7:fa:d1:
ee:65:14:ec:b6:91:1b:53:fa:4c:c0:64:24:a2:c6:
59:4f:6b:e6:56:ee:c1:d5:2a:6b:21:3d:01:05:06:
84:cc:62:d4:f0:5d:b8:dc:b5:35:f4:47:ae:9b:af:
ea:6b:41:39:ca:bc:02:b9:b6:48:75:dd:67:42:bf:
a6:ab:b1:a4:c0:d8:db:9d:94:22:35:e5:cf:d7:ed:
4e:cf:08:8e:75:63:83:cd:3d:0b:27:7c:f3:fc:dd:
64:4a:8b:97:fc:d9:51:65:3e:e6:fd:09:49:7e:94:
07:3d:75:56:28:56:52:ce:fe:50:2b:db:69:d7:fc:
04:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:EB:2F:32:D3:15:6C:05:D6:1C:B3:4E:56:96:D4:46:DF:AB:67:AA
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:1a:fa:f6:3b:dc:02:1b:b9:d3:7a:fa:e5:c8:ef:6e:37:65:
9c:62:e6:de:13:dd:d9:0a:db:df:2e:f5:8f:28:2a:7c:a6:c0:
d8:28:42:e0:fd:f0:92:ae:ae:e0:c5:a7:55:8c:85:40:b8:83:
d5:a0:9b:67:85:b9:df:d1:fc:37:9c:f4:77:8d:62:7f:80:d8:
61:eb:bc:71:9e:0e:20:09:a0:16:52:c7:cc:c2:4d:5f:b7:c4:
25:48:b6:41:91:4e:a8:54:d5:52:9c:2b:fc:fd:20:48:2c:21:
81:eb:ed:42:9b:eb:54:03:9c:0d:29:02:fb:62:38:30:8d:e4:
ec:a5:16:88:90:0c:be:db:1f:8f:fb:60:16:09:cf:1b:3c:26:
e2:04:91:fb:32:7e:f7:4f:27:b3:71:64:98:8d:64:7b:41:5b:
a4:52:6d:50:3e:b9:8b:cb:66:94:d5:fd:85:79:37:9c:f9:98:
c2:a6:91:c3:84:0b:6c:c7:88:67:fc:db:29:2d:a1:97:69:72:
e2:63:43:1c:cf:0b:61:a2:c9:1d:65:60:e2:ca:be:47:8b:46:
ce:ad:5a:4e:9a:ec:98:1a:b5:05:3f:5f:16:df:b3:85:19:c4:
be:8f:4e:90:47:8a:92:3c:a6:42:4f:3e:19:32:03:bb:1b:4e:
fe:5e:84:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiTNaz4vvr6Ol9SQ7OxKE6jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjViZDIxYzY4MzIwN2RhMGMzOWZiMzc5ODUzNWFmNDll
MGJmZjUwHhcNMjUwODEwMDkwMDI1WhcNMjUwODExMDkwMDI1WjAzMTEwLwYDVQQD
EyhkZGViMmYzMmQzMTU2YzA1ZDYxY2IzNGU1Njk2ZDQ0NmRmYWI2N2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7UZJAkjVma8MLuZ/H2iS2bJW8tV
HNUu8+A4SlfV+sHE9rqf5EaZzRiEbBGczy6pvWSYluPNC/qDicnU/ePpJ3yslLZm
tdAvippfPZV43HN5g4FIFcQAWRgd8FG4Rl1kNqieSdbOCIXwOoQ2uQ3Ki+DPOgPr
g5XeR1CJ3dXfbQy1v2/H+tHuZRTstpEbU/pMwGQkosZZT2vmVu7B1SprIT0BBQaE
zGLU8F243LU19Eeum6/qa0E5yrwCubZIdd1nQr+mq7GkwNjbnZQiNeXP1+1OzwiO
dWODzT0LJ3zz/N1kSouX/NlRZT7m/QlJfpQHPXVWKFZSzv5QK9tp1/wEiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN3rLzLTFWwF1hyzTlaW1Ebfq2eqMB8GA1UdIwQY
MBaAFA9lvSHGgyB9oMOfs3mFNa9J4L/1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgt
ZTIzZjEwZTRiOTFjLzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS80YTk5OWYtZDFmYS00ODg3LWJhZTgtZTIzZjEwZTRiOTFj
LzEvRDJXOUljYURJSDJndzUtemVZVTFyMG5ndl9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApBr69jvc
Ahu503r65cjvbjdlnGLm3hPd2Qrb3y71jygqfKbA2ChC4P3wkq6u4MWnVYyFQLiD
1aCbZ4W539H8N5z0d41if4DYYeu8cZ4OIAmgFlLHzMJNX7fEJUi2QZFOqFTVUpwr
/P0gSCwhgevtQpvrVAOcDSkC+2I4MI3k7KUWiJAMvtsfj/tgFgnPGzwm4gSR+zJ+
908ns3FkmI1ke0FbpFJtUD65i8tmlNX9hXk3nPmYwqaRw4QLbMeIZ/zbKS2hl2ly
4mNDHM8LYaLJHWVg4sq+R4tGzq1aTprsmBq1BT9fFt+zhRnEvo9OkEeKkjymQk8+
GTIDuxtO/l6EfQ==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:40:55 2025 by rpki-client