Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
File: D97nlErE2jERKV2B4p3roAwWOpY.mft (raw, json)
Hash identifier: nf8bIuz/WA1JJbu4OErhZ6WPUPIj9PemzpSmhbdrNrQ=
Subject key identifier: 67:35:64:A2:6A:89:41:15:C2:19:8A:C3:ED:0C:D9:BB:02:19:BD:7B
Authority key identifier: 0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
Certificate issuer: /CN=0fdee7944ac4da3111295d81e29deba00c163a96
Certificate serial: 019A51507D373650ADC007B523BCEBF96A85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
Manifest number: 1109
Signing time: Wed 05 Nov 2025 00:00:20 +0000
Manifest this update: Wed 05 Nov 2025 00:00:20 +0000
Manifest next update: Thu 06 Nov 2025 00:00:20 +0000
Files and hashes: 1: D97nlErE2jERKV2B4p3roAwWOpY.crl (hash: omWBIBL4bMWC9GIL4hmsm8nEOrUmvJyeYUiZurE3j8o=)
2: Fe73gwKx3TfChZQCePRdIEAemH0.roa (hash: qBzf7ILpA60OZzhZbHEoimpJXoZWWGpm51oGlU43AdU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:50:7d:37:36:50:ad:c0:07:b5:23:bc:eb:f9:6a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0fdee7944ac4da3111295d81e29deba00c163a96
Validity
Not Before: Nov 5 00:00:20 2025 GMT
Not After : Nov 6 00:00:20 2025 GMT
Subject: CN=673564a26a894115c2198ac3ed0cd9bb0219bd7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2b:90:89:d5:be:81:5a:49:bf:61:ce:ce:c0:
a3:57:1d:70:de:ac:39:a9:ed:20:6c:76:ce:05:dd:
94:4c:d0:e9:45:59:03:f1:6a:8b:59:9d:18:7a:a8:
bc:43:c5:ec:95:e0:56:56:f1:ff:55:66:65:c6:91:
35:52:01:06:72:52:ec:32:1b:83:60:12:d6:de:a5:
bc:23:64:a8:ed:75:33:12:a7:e2:7e:0c:2d:72:66:
c7:1c:00:42:71:10:ab:45:39:89:19:ab:53:a3:92:
cf:ce:76:83:c2:44:2c:c9:3e:ab:f2:e5:28:62:4c:
e2:db:dc:b6:25:73:0b:a5:28:3d:32:08:b9:4c:b2:
34:53:cc:43:b0:d9:19:45:4a:8c:44:83:ee:4e:9c:
98:b6:57:de:fe:29:f6:14:ca:91:dc:16:80:f9:7d:
22:56:d7:a4:8d:df:b8:47:88:a3:4a:90:18:3b:43:
22:7b:c5:5c:91:71:7b:86:fb:8b:d9:1f:8a:35:61:
ce:30:5a:63:38:c7:9e:5c:11:17:24:cf:07:3d:33:
a7:66:e0:52:c6:22:4a:3d:71:ac:e3:5f:fb:91:fc:
8a:08:62:f2:6a:ae:db:c2:40:dc:df:f4:f8:3e:b9:
5f:c7:80:2e:12:7a:6b:60:d5:f7:57:9a:57:ab:3f:
74:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:35:64:A2:6A:89:41:15:C2:19:8A:C3:ED:0C:D9:BB:02:19:BD:7B
X509v3 Authority Key Identifier:
keyid:0F:DE:E7:94:4A:C4:DA:31:11:29:5D:81:E2:9D:EB:A0:0C:16:3A:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D97nlErE2jERKV2B4p3roAwWOpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/544bea-f1ec-4666-81c0-78a4d65693fe/1/D97nlErE2jERKV2B4p3roAwWOpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:0a:70:49:da:e2:f4:58:90:5f:af:89:d8:2c:f2:0c:18:e1:
06:18:76:26:55:5e:f5:ac:36:78:3a:a2:d0:f2:15:26:49:b1:
ae:ee:36:89:b9:5a:cf:58:5b:59:fb:d2:77:55:4c:f1:40:0a:
55:e6:c3:29:ab:aa:30:6c:ed:18:69:e4:ee:70:56:17:ee:e3:
ef:83:d9:7b:81:1d:7a:da:1b:07:0f:27:77:79:30:47:35:86:
14:55:70:ab:65:d3:56:37:5a:f1:52:4d:eb:a9:d2:6b:59:cf:
d6:36:6a:0e:13:84:06:7d:08:26:0b:fa:b6:b8:69:75:99:0e:
46:b4:b0:e5:31:53:cd:12:6d:4e:8e:71:39:2c:9d:95:91:0a:
2f:a9:4c:c9:7c:c2:99:f2:78:20:96:d9:b9:ed:61:04:f4:7f:
30:d8:89:c8:81:ac:87:ac:20:95:63:8b:f8:79:4c:71:f2:57:
80:35:fd:7a:2a:78:2f:0f:16:11:66:a1:98:11:9a:83:2f:74:
dc:8d:51:68:52:7f:ef:dd:84:36:7c:b5:ca:97:11:50:04:a4:
b9:ad:d9:be:d6:f9:10:2b:47:02:6b:9a:fb:b7:05:1c:9e:d7:
41:2a:62:0c:d8:f3:e2:1f:42:bc:9b:b8:b1:de:ef:18:01:5c:
7d:2a:7f:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpRUH03NlCtwAe1I7zr+WqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZGVlNzk0NGFjNGRhMzExMTI5NWQ4MWUyOWRlYmEwMGMx
NjNhOTYwHhcNMjUxMTA1MDAwMDIwWhcNMjUxMTA2MDAwMDIwWjAzMTEwLwYDVQQD
Eyg2NzM1NjRhMjZhODk0MTE1YzIxOThhYzNlZDBjZDliYjAyMTliZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiuQidW+gVpJv2HOzsCjVx1w3qw5
qe0gbHbOBd2UTNDpRVkD8WqLWZ0Yeqi8Q8XsleBWVvH/VWZlxpE1UgEGclLsMhuD
YBLW3qW8I2So7XUzEqfifgwtcmbHHABCcRCrRTmJGatTo5LPznaDwkQsyT6r8uUo
Ykzi29y2JXMLpSg9Mgi5TLI0U8xDsNkZRUqMRIPuTpyYtlfe/in2FMqR3BaA+X0i
Vtekjd+4R4ijSpAYO0Mie8VckXF7hvuL2R+KNWHOMFpjOMeeXBEXJM8HPTOnZuBS
xiJKPXGs41/7kfyKCGLyaq7bwkDc3/T4Prlfx4AuEnprYNX3V5pXqz90eQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGc1ZKJqiUEVwhmKw+0M2bsCGb17MB8GA1UdIwQY
MBaAFA/e55RKxNoxESldgeKd66AMFjqWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAt
NzhhNGQ2NTY5M2ZlLzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS81NDRiZWEtZjFlYy00NjY2LTgxYzAtNzhhNGQ2NTY5M2Zl
LzEvRDk3bmxFckUyakVSS1YyQjRwM3JvQXdXT3BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOQpwSdri
9FiQX6+J2CzyDBjhBhh2JlVe9aw2eDqi0PIVJkmxru42iblaz1hbWfvSd1VM8UAK
VebDKauqMGztGGnk7nBWF+7j74PZe4EdetobBw8nd3kwRzWGFFVwq2XTVjda8VJN
66nSa1nP1jZqDhOEBn0IJgv6trhpdZkORrSw5TFTzRJtTo5xOSydlZEKL6lMyXzC
mfJ4IJbZue1hBPR/MNiJyIGsh6wglWOL+HlMcfJXgDX9eip4Lw8WEWahmBGagy90
3I1RaFJ/792ENny1ypcRUASkua3Zvtb5ECtHAmua+7cFHJ7XQSpiDNjz4h9CvJu4
sd7vGAFcfSp/Gw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:52:46 2025 by rpki-client