Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
File: siDZG06dcPA0-hahaoh9QlV5Kt4.mft (raw, json)
Hash identifier: lWdyoZ9h5784nRADZ2T3jx831a8AIiuk9v0FIHc4HIQ=
Subject key identifier: 9B:14:54:3C:68:FE:4B:BC:E5:09:E1:EE:13:BE:10:94:B9:3B:9E:59
Authority key identifier: B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
Certificate issuer: /CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Certificate serial: 019A4E18D0EC2EE387AC08E75E0A54BB1A70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 09:00:40 +0000
Manifest this update: Tue 04 Nov 2025 09:00:40 +0000
Manifest next update: Wed 05 Nov 2025 09:00:40 +0000
Files and hashes: 1: mCm-KBIMQ6gtgsW9oEUxZqdGcRM.roa (hash: ItOlCehgUekOH/ud/IMp3e9dVCyKMOt54wV1YDUzoCg=)
2: siDZG06dcPA0-hahaoh9QlV5Kt4.crl (hash: IDYW4ZOF1vfvj7aLngCnHVKKeP+iJezFGp1o9P9HDnw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:18:d0:ec:2e:e3:87:ac:08:e7:5e:0a:54:bb:1a:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b220d91b4e9d70f034fa16a16a887d4255792ade
Validity
Not Before: Nov 4 09:00:40 2025 GMT
Not After : Nov 5 09:00:40 2025 GMT
Subject: CN=9b14543c68fe4bbce509e1ee13be1094b93b9e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:ca:b4:20:f8:55:0f:74:66:fd:ec:ad:d6:fe:
9f:cc:9e:d1:d7:38:ff:30:97:54:f8:37:a0:ad:05:
37:b3:6d:82:b0:e4:34:71:c9:55:52:f1:47:d1:89:
08:b9:e0:49:34:f0:af:6b:93:e8:db:22:61:67:a5:
0d:05:34:ec:50:1f:38:8c:66:5d:f2:e1:8a:e4:22:
bc:7f:d9:d9:fe:d1:37:a0:d9:e5:cf:98:6b:18:48:
41:b5:f1:3b:69:4e:29:aa:8c:9b:fb:f9:36:4a:df:
b8:4a:56:39:08:98:10:41:a7:d7:03:32:7c:24:84:
c7:20:a5:f1:69:da:3f:55:d0:9f:0c:83:d1:57:15:
6c:7a:4a:35:8a:10:24:34:e1:5c:3f:d0:19:53:27:
6d:68:a0:22:ca:6b:b3:db:7e:9b:81:7e:37:82:5b:
24:ec:d1:ab:2e:7b:dc:91:8f:49:c8:f3:0c:f4:f3:
c0:76:0e:d1:20:94:3c:19:81:33:34:a8:af:3c:09:
d5:9d:4d:ef:e1:0d:94:37:55:6c:3e:85:f6:3b:a0:
09:7e:88:1c:ce:4c:e8:78:9d:97:33:38:45:57:41:
d3:8e:89:ef:da:11:f9:7e:34:56:e1:a8:9f:e0:e2:
1d:d4:d8:76:de:8d:a2:29:65:c1:2a:04:57:49:d9:
75:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:14:54:3C:68:FE:4B:BC:E5:09:E1:EE:13:BE:10:94:B9:3B:9E:59
X509v3 Authority Key Identifier:
keyid:B2:20:D9:1B:4E:9D:70:F0:34:FA:16:A1:6A:88:7D:42:55:79:2A:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/siDZG06dcPA0-hahaoh9QlV5Kt4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/543221-f267-4731-a7ad-987173b9e987/1/siDZG06dcPA0-hahaoh9QlV5Kt4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:31:57:c5:33:c7:18:40:4b:7e:2b:39:ec:99:a0:9c:fa:40:
84:b8:3e:bc:02:33:5c:f6:3a:97:29:1d:a6:c2:2e:78:59:59:
3a:72:9f:e6:27:80:19:9f:fa:6c:e6:92:a8:0c:f6:af:7c:96:
90:ce:b9:b9:0a:df:35:21:46:11:49:1c:ba:05:d1:10:e7:9c:
1f:f2:d7:67:17:d6:92:ac:c0:2b:33:e7:ff:c1:16:9d:5b:1f:
cb:78:8b:97:ba:f4:fc:b8:3b:f8:ef:b7:47:69:ce:3d:0c:a4:
21:07:5d:5a:e4:16:8a:d1:41:ee:27:8f:d6:7c:5a:c4:22:5c:
96:c5:ea:43:b2:6c:7b:28:f0:71:4c:34:1b:d2:b8:80:3d:0f:
1c:21:18:5b:65:9e:14:5a:98:89:72:1e:34:4b:da:a4:82:be:
ad:01:95:54:6d:b8:28:31:ae:80:b1:ed:9a:b0:48:ad:5e:97:
20:65:4b:b3:c0:95:48:d8:31:11:50:90:23:8b:ef:3b:9d:df:
c9:67:04:dd:41:20:97:ef:ef:28:e4:5a:0c:a4:47:62:46:6a:
c5:9b:bd:af:58:83:9d:50:18:90:df:4f:0b:f9:20:eb:3c:4a:
83:f1:19:bd:0d:86:42:07:72:13:3a:7d:8f:ba:36:cd:79:ba:
53:4d:8e:5f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGNDsLuOHrAjnXgpUuxpwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMjBkOTFiNGU5ZDcwZjAzNGZhMTZhMTZhODg3ZDQyNTU3
OTJhZGUwHhcNMjUxMTA0MDkwMDQwWhcNMjUxMTA1MDkwMDQwWjAzMTEwLwYDVQQD
Eyg5YjE0NTQzYzY4ZmU0YmJjZTUwOWUxZWUxM2JlMTA5NGI5M2I5ZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Mq0IPhVD3Rm/eyt1v6fzJ7R1zj/
MJdU+DegrQU3s22CsOQ0cclVUvFH0YkIueBJNPCva5Po2yJhZ6UNBTTsUB84jGZd
8uGK5CK8f9nZ/tE3oNnlz5hrGEhBtfE7aU4pqoyb+/k2St+4SlY5CJgQQafXAzJ8
JITHIKXxado/VdCfDIPRVxVseko1ihAkNOFcP9AZUydtaKAiymuz236bgX43glsk
7NGrLnvckY9JyPMM9PPAdg7RIJQ8GYEzNKivPAnVnU3v4Q2UN1VsPoX2O6AJfogc
zkzoeJ2XMzhFV0HTjonv2hH5fjRW4aif4OId1Nh23o2iKWXBKgRXSdl1nwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJsUVDxo/ku85Qnh7hO+EJS5O55ZMB8GA1UdIwQY
MBaAFLIg2RtOnXDwNPoWoWqIfUJVeSreMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQt
OTg3MTczYjllOTg3LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi81NDMyMjEtZjI2Ny00NzMxLWE3YWQtOTg3MTczYjllOTg3
LzEvc2lEWkcwNmRjUEEwLWhhaGFvaDlRbFY1S3Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANTFXxTPH
GEBLfis57JmgnPpAhLg+vAIzXPY6lykdpsIueFlZOnKf5ieAGZ/6bOaSqAz2r3yW
kM65uQrfNSFGEUkcugXREOecH/LXZxfWkqzAKzPn/8EWnVsfy3iLl7r0/Lg7+O+3
R2nOPQykIQddWuQWitFB7ieP1nxaxCJclsXqQ7JseyjwcUw0G9K4gD0PHCEYW2We
FFqYiXIeNEvapIK+rQGVVG24KDGugLHtmrBIrV6XIGVLs8CVSNgxEVCQI4vvO53f
yWcE3UEgl+/vKORaDKRHYkZqxZu9r1iDnVAYkN9PC/kg6zxKg/EZvQ2GQgdyEzp9
j7o2zXm6U02OXw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:06:08 2025 by rpki-client