Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
File: vygFmS5lMdPaMe4a9rzVwG0Ctso.mft (raw, json)
Hash identifier: 6funwWSI2VcRqUvKitHWHhx0/K84ePwbp9wJg4cN//w=
Subject key identifier: 28:CD:25:7B:4C:16:3C:8C:C3:D3:0D:55:A6:9F:49:11:B5:3E:1C:DC
Authority key identifier: BF:28:05:99:2E:65:31:D3:DA:31:EE:1A:F6:BC:D5:C0:6D:02:B6:CA
Certificate issuer: /CN=bf2805992e6531d3da31ee1af6bcd5c06d02b6ca
Certificate serial: 019A51F5A473E05BF1478E79F2CE6735F409
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
Manifest number: 170E
Signing time: Wed 05 Nov 2025 03:00:44 +0000
Manifest this update: Wed 05 Nov 2025 03:00:44 +0000
Manifest next update: Thu 06 Nov 2025 03:00:44 +0000
Files and hashes: 1: ZA2eo4PhOO6YarPBjFuZYerlXM8.roa (hash: OaUR9ntwZSMTqF4rae/f45ntDF7DCdGD74N9a3x5n8s=)
2: iU6o8UX2fMqdnVT4GPBZLMHQUVk.roa (hash: L7qS2Pktcg+3MFOhFw0UCguQbXdIgIfJZ4PXXKIQFAI=)
3: vygFmS5lMdPaMe4a9rzVwG0Ctso.crl (hash: rwf0bnfLBP+YkaYBZGVdG5VtgiCnFDwANbDkOqtPMag=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:a4:73:e0:5b:f1:47:8e:79:f2:ce:67:35:f4:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf2805992e6531d3da31ee1af6bcd5c06d02b6ca
Validity
Not Before: Nov 5 03:00:44 2025 GMT
Not After : Nov 6 03:00:44 2025 GMT
Subject: CN=28cd257b4c163c8cc3d30d55a69f4911b53e1cdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:75:56:ca:92:78:88:47:cc:61:8e:89:5d:5d:
25:37:50:7c:af:04:a1:1b:ed:d6:7a:29:ae:f1:f7:
9e:fa:56:a9:9e:82:06:ce:64:47:df:6c:d9:a5:82:
c4:d4:6e:06:81:02:ec:43:e8:e7:1c:60:7f:c8:64:
4e:cb:49:f4:31:9c:d1:da:f6:25:61:f2:42:7e:2e:
ac:4a:20:81:23:8e:0a:68:0b:76:f9:4b:a6:f5:03:
d5:37:8a:5e:cd:44:35:89:29:4d:23:c7:be:88:73:
92:d6:f7:c3:14:54:46:68:b6:72:1b:2c:89:24:0d:
6e:4b:3f:0a:d0:92:b1:8f:b8:89:e0:7c:c5:dd:1d:
7b:4a:e9:ad:79:64:19:8f:9c:22:f5:2e:5a:d6:ba:
c6:cc:4f:77:40:e9:91:f3:b3:51:e4:bd:59:f9:27:
cd:22:75:0c:14:ba:4b:bc:cc:e5:96:e3:4a:fe:db:
b6:a0:db:65:c2:ef:27:f2:c1:26:d0:00:a1:2f:f6:
98:ab:51:8f:2b:34:12:0e:04:57:fa:39:40:b1:fb:
af:01:0a:62:95:03:c0:a4:cb:a1:2f:4c:e6:33:13:
65:77:50:a5:bb:7d:ba:d8:7a:b6:0f:d5:09:e7:52:
0b:65:99:c8:33:22:df:19:3d:99:6d:4f:06:73:33:
93:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:CD:25:7B:4C:16:3C:8C:C3:D3:0D:55:A6:9F:49:11:B5:3E:1C:DC
X509v3 Authority Key Identifier:
keyid:BF:28:05:99:2E:65:31:D3:DA:31:EE:1A:F6:BC:D5:C0:6D:02:B6:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vygFmS5lMdPaMe4a9rzVwG0Ctso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/758467-6818-4e84-87ba-5d838668bebe/1/vygFmS5lMdPaMe4a9rzVwG0Ctso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:03:3e:25:4d:38:69:af:0e:5a:1e:a6:a2:ce:74:db:69:c0:
eb:6f:b1:b4:0f:d1:e0:44:9f:d6:c8:e0:8c:c3:74:21:0e:28:
5c:19:5a:d9:5b:71:37:1f:a5:8d:ca:ec:62:97:dc:e4:c3:d8:
68:fa:25:17:18:a1:7e:a5:75:7b:45:36:2f:50:ef:29:d6:e4:
1e:49:23:f5:80:21:80:f7:9f:bf:80:06:8c:f6:89:49:53:45:
5c:d6:35:f6:cc:b4:c6:da:6e:6f:c6:d7:39:af:2d:89:e8:e3:
12:c5:64:77:86:fa:99:fa:00:82:64:66:06:71:30:ab:9e:30:
23:1a:c4:0e:d2:a7:d9:44:16:c4:bb:ae:a5:2b:5c:19:5e:35:
49:fd:08:38:27:c4:ba:e7:c9:00:d5:7d:94:66:3e:f7:2f:92:
cb:56:dd:73:46:f7:bb:69:25:de:36:c5:67:64:21:df:1f:84:
af:13:21:d5:13:14:f5:25:7e:d4:0e:5f:8c:9d:dd:82:ff:47:
9f:f1:e2:37:68:cf:f5:2a:3a:73:1f:70:b5:0e:95:0e:80:41:
7f:0a:e7:09:89:75:fd:56:90:c7:6c:00:9a:a6:3b:36:5e:eb:
56:b2:80:4b:f0:8f:d9:3b:14:4b:72:8a:7f:7e:26:a2:98:0c:
7e:46:e5:43
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9aRz4FvxR4558s5nNfQJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMjgwNTk5MmU2NTMxZDNkYTMxZWUxYWY2YmNkNWMwNmQw
MmI2Y2EwHhcNMjUxMTA1MDMwMDQ0WhcNMjUxMTA2MDMwMDQ0WjAzMTEwLwYDVQQD
EygyOGNkMjU3YjRjMTYzYzhjYzNkMzBkNTVhNjlmNDkxMWI1M2UxY2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnVWypJ4iEfMYY6JXV0lN1B8rwSh
G+3Weimu8fee+lapnoIGzmRH32zZpYLE1G4GgQLsQ+jnHGB/yGROy0n0MZzR2vYl
YfJCfi6sSiCBI44KaAt2+Uum9QPVN4pezUQ1iSlNI8e+iHOS1vfDFFRGaLZyGyyJ
JA1uSz8K0JKxj7iJ4HzF3R17SumteWQZj5wi9S5a1rrGzE93QOmR87NR5L1Z+SfN
InUMFLpLvMzlluNK/tu2oNtlwu8n8sEm0AChL/aYq1GPKzQSDgRX+jlAsfuvAQpi
lQPApMuhL0zmMxNld1Clu3262Hq2D9UJ51ILZZnIMyLfGT2ZbU8GczOTZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCjNJXtMFjyMw9MNVaafSRG1PhzcMB8GA1UdIwQY
MBaAFL8oBZkuZTHT2jHuGva81cBtArbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi83NTg0NjctNjgxOC00ZTg0LTg3YmEt
NWQ4Mzg2NjhiZWJlLzEvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi83NTg0NjctNjgxOC00ZTg0LTg3YmEtNWQ4Mzg2NjhiZWJl
LzEvdnlnRm1TNWxNZFBhTWU0YTlyelZ3RzBDdHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACwM+JU04
aa8OWh6mos5022nA62+xtA/R4ESf1sjgjMN0IQ4oXBla2VtxNx+ljcrsYpfc5MPY
aPolFxihfqV1e0U2L1DvKdbkHkkj9YAhgPefv4AGjPaJSVNFXNY19sy0xtpub8bX
Oa8tiejjEsVkd4b6mfoAgmRmBnEwq54wIxrEDtKn2UQWxLuupStcGV41Sf0IOCfE
uufJANV9lGY+9y+Sy1bdc0b3u2kl3jbFZ2Qh3x+ErxMh1RMU9SV+1A5fjJ3dgv9H
n/HiN2jP9So6cx9wtQ6VDoBBfwrnCYl1/VaQx2wAmqY7Nl7rVrKAS/CP2TsUS3KK
f34mopgMfkblQw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:04:15 2025 by rpki-client