Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
File: 2PuW6jr1HFMtfo_oyUN29R4epAI.mft (raw, json)
Hash identifier: MQHWgsX29/hdtoDVbtbI/XsQBL63q0JUoQavijPLvWw=
Subject key identifier: FF:BC:94:69:4A:56:8A:17:7C:A5:B1:C2:0B:69:02:3B:85:B3:3E:3E
Authority key identifier: D8:FB:96:EA:3A:F5:1C:53:2D:7E:8F:E8:C9:43:76:F5:1E:1E:A4:02
Certificate issuer: /CN=d8fb96ea3af51c532d7e8fe8c94376f51e1ea402
Certificate serial: 019A503DD5307D811417D11DFD4CF032A5EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
Manifest number: 1532
Signing time: Tue 04 Nov 2025 19:00:20 +0000
Manifest this update: Tue 04 Nov 2025 19:00:20 +0000
Manifest next update: Wed 05 Nov 2025 19:00:20 +0000
Files and hashes: 1: 2PuW6jr1HFMtfo_oyUN29R4epAI.crl (hash: 0gNsfFa/Un2fv8E8jBK0/0YnOZcu/I3Z4DGcwSp9Dh0=)
2: qvV18edZ4nG1g9Z6XFGjfB91HGk.roa (hash: xA0FHg4k3qhHIOcw440t6o/vgKfLrTtDa1pgd5bBDMs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:3d:d5:30:7d:81:14:17:d1:1d:fd:4c:f0:32:a5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8fb96ea3af51c532d7e8fe8c94376f51e1ea402
Validity
Not Before: Nov 4 19:00:20 2025 GMT
Not After : Nov 5 19:00:20 2025 GMT
Subject: CN=ffbc94694a568a177ca5b1c20b69023b85b33e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:31:4e:29:91:4c:98:21:b3:c2:7b:1b:e7:d2:
4f:b8:8a:77:c4:30:1b:23:3b:ba:59:34:bb:75:c8:
09:e9:d3:be:12:cc:8f:86:15:30:4b:5f:99:82:45:
25:71:b7:74:58:77:9e:b8:89:61:51:c7:8e:5d:bf:
e8:03:88:c4:13:e0:71:95:8d:86:b6:71:46:b5:4c:
04:2f:7a:db:d7:03:a0:dc:d5:ec:db:14:b3:d1:43:
52:21:b4:44:97:ca:de:92:8a:48:9f:7a:2e:e9:ac:
06:58:43:66:79:dd:13:86:b0:a2:79:96:38:95:63:
73:d5:3a:6a:2d:ec:9d:e6:92:aa:0c:ca:dd:f7:c4:
02:e7:40:e9:d6:de:66:6b:d4:47:e4:41:76:8e:8c:
b1:d5:04:6f:0a:29:ae:0f:bf:1a:fc:da:47:d2:c2:
7b:ef:63:59:6e:96:4b:4a:28:84:31:e2:e1:71:0d:
10:59:a7:28:a2:58:ce:63:c6:42:e9:26:59:3e:15:
43:36:32:44:d8:ee:50:3f:4f:c2:8d:73:14:4b:95:
45:5a:52:b7:f9:aa:62:f0:53:c6:93:cb:e7:b3:a4:
e4:8d:f6:40:2e:af:95:7c:32:5d:8b:f2:a4:ff:33:
42:30:0e:a2:0a:58:e4:92:33:99:3d:4b:5a:99:11:
35:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:BC:94:69:4A:56:8A:17:7C:A5:B1:C2:0B:69:02:3B:85:B3:3E:3E
X509v3 Authority Key Identifier:
keyid:D8:FB:96:EA:3A:F5:1C:53:2D:7E:8F:E8:C9:43:76:F5:1E:1E:A4:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
63:68:39:4d:ec:e9:3d:63:fa:11:ee:cb:fd:d7:c2:bc:5c:3d:
92:b2:b4:17:14:21:b1:31:4f:7b:ea:6b:b7:f7:a9:87:50:1d:
35:88:24:e6:f7:4c:2c:f6:5c:4c:a9:c4:d6:31:5b:61:4a:1f:
e7:8b:46:ca:24:49:d6:f6:eb:45:c0:b9:f2:42:73:35:5d:6d:
f5:dd:1d:1a:25:ea:50:87:f8:a8:b9:29:e5:cd:4b:25:18:9e:
4a:6d:31:94:6a:86:a2:95:f7:b4:a3:1c:1b:6d:31:58:eb:d3:
d3:bb:64:e1:f1:82:69:e9:ce:02:9f:f3:69:bb:4a:89:47:a6:
bf:7d:29:1d:73:e2:40:2b:63:9e:f2:f4:51:90:f6:4d:be:71:
4c:5b:6a:20:36:1d:f4:3c:83:95:14:f3:5c:52:46:9b:ac:e9:
07:eb:93:3b:f9:eb:d4:0c:d3:15:14:88:12:7a:c9:2e:df:c8:
36:a2:63:85:0b:b6:17:23:ec:59:71:4a:a0:f7:95:11:f5:95:
45:aa:f9:97:f2:79:57:22:8f:ec:37:7b:fe:1d:44:2c:2f:42:
e9:2f:e7:54:06:f3:60:6b:82:f3:c7:aa:ed:37:e7:cb:ce:28:
a0:2f:a1:96:25:93:f6:71:3e:ff:61:f2:cc:60:1e:1d:a0:77:
12:e3:3d:f0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpQPdUwfYEUF9Ed/UzwMqXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmI5NmVhM2FmNTFjNTMyZDdlOGZlOGM5NDM3NmY1MWUx
ZWE0MDIwHhcNMjUxMTA0MTkwMDIwWhcNMjUxMTA1MTkwMDIwWjAzMTEwLwYDVQQD
EyhmZmJjOTQ2OTRhNTY4YTE3N2NhNWIxYzIwYjY5MDIzYjg1YjMzZTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApjFOKZFMmCGzwnsb59JPuIp3xDAb
Izu6WTS7dcgJ6dO+EsyPhhUwS1+ZgkUlcbd0WHeeuIlhUceOXb/oA4jEE+BxlY2G
tnFGtUwEL3rb1wOg3NXs2xSz0UNSIbREl8rekopIn3ou6awGWENmed0ThrCieZY4
lWNz1TpqLeyd5pKqDMrd98QC50Dp1t5ma9RH5EF2joyx1QRvCimuD78a/NpH0sJ7
72NZbpZLSiiEMeLhcQ0QWacooljOY8ZC6SZZPhVDNjJE2O5QP0/CjXMUS5VFWlK3
+api8FPGk8vns6TkjfZALq+VfDJdi/Kk/zNCMA6iCljkkjOZPUtamRE12wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFP+8lGlKVooXfKWxwgtpAjuFsz4+MB8GA1UdIwQY
MBaAFNj7luo69RxTLX6P6MlDdvUeHqQCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81M2ZmYTAtOTA2MC00NzJjLWFhYzIt
OGViODVlMzI4M2UyLzEvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81M2ZmYTAtOTA2MC00NzJjLWFhYzItOGViODVlMzI4M2Uy
LzEvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY2g5Tezp
PWP6Ee7L/dfCvFw9krK0FxQhsTFPe+prt/eph1AdNYgk5vdMLPZcTKnE1jFbYUof
54tGyiRJ1vbrRcC58kJzNV1t9d0dGiXqUIf4qLkp5c1LJRieSm0xlGqGopX3tKMc
G20xWOvT07tk4fGCaenOAp/zabtKiUemv30pHXPiQCtjnvL0UZD2Tb5xTFtqIDYd
9DyDlRTzXFJGm6zpB+uTO/nr1AzTFRSIEnrJLt/INqJjhQu2FyPsWXFKoPeVEfWV
Rar5l/J5VyKP7Dd7/h1ELC9C6S/nVAbzYGuC88eq7Tfny84ooC+hliWT9nE+/2Hy
zGAeHaB3EuM98A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:56:09 2025 by rpki-client