Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json)
Hash identifier: IoLR0fy0yu0q457+8alIDbeckiiUjWlvwi66/EOkGUE=
Subject key identifier: 7D:EA:EC:45:12:3C:01:A0:FF:81:51:D5:C5:78:71:AA:1E:A7:81:42
Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Certificate serial: 019A55644CCA3D377116ED06F5CD851B13F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
Manifest number: F2
Signing time: Wed 05 Nov 2025 19:00:27 +0000
Manifest this update: Wed 05 Nov 2025 19:00:27 +0000
Manifest next update: Thu 06 Nov 2025 19:00:27 +0000
Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: HMDtXlTqAOMaG1CBvrzEHrX3qLzSR2kXGUkQ+oi0hYs=)
2: G9oTd4bBpmlm3pZMn3YyyXAVIyI.roa (hash: XC2pyO3ZNZCKadVf4J0EDWPKrfSqScmOhmM8oMNNkCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:55:64:4c:ca:3d:37:71:16:ed:06:f5:cd:85:1b:13:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Validity
Not Before: Nov 5 19:00:27 2025 GMT
Not After : Nov 6 19:00:27 2025 GMT
Subject: CN=7deaec45123c01a0ff8151d5c57871aa1ea78142
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:35:9c:0c:7d:ef:81:f5:6f:2e:5c:09:e1:83:
d3:fd:22:c6:27:37:fa:a4:28:e7:26:93:c2:86:08:
45:25:02:10:55:d4:f4:f7:21:0c:9c:98:f4:64:59:
13:a8:6c:bc:0b:92:87:60:13:34:4a:1d:a4:24:58:
2c:e9:d0:5b:01:6a:91:c3:8c:b8:38:11:e8:52:a5:
45:40:b7:50:bf:21:d8:bc:92:37:d6:cd:81:d1:4a:
2d:2b:12:ee:f2:06:e9:c3:02:b7:0d:db:b8:35:0f:
87:2f:19:10:a3:c0:3e:d8:99:19:df:15:da:ce:d5:
8c:5b:20:05:0e:9a:37:57:a6:86:9e:1a:9b:85:67:
52:d0:1a:16:fc:39:13:6e:88:46:f9:41:9c:0d:6b:
2a:f7:63:8c:50:ce:7f:7e:a7:2a:78:00:5a:a6:be:
c9:08:37:f7:5a:fd:05:bd:65:d1:83:7b:b7:9f:70:
ff:61:02:07:59:d5:21:ed:bf:4f:03:74:77:b0:b6:
aa:2c:2b:64:19:7f:b1:6a:15:0d:70:11:06:4b:f1:
f3:75:f3:09:c9:e0:f5:fa:5b:ca:7f:0d:c1:89:c5:
47:ad:2f:fb:d4:64:79:61:66:b4:bf:84:74:f0:bd:
4a:d0:50:46:83:bc:86:6c:07:85:9c:47:74:b9:9e:
ff:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:EA:EC:45:12:3C:01:A0:FF:81:51:D5:C5:78:71:AA:1E:A7:81:42
X509v3 Authority Key Identifier:
keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:72:44:be:4b:1c:0e:b3:07:ec:ae:ed:15:64:f4:bf:f7:f1:
cd:c1:85:e0:71:4b:fb:4d:15:ae:7a:d5:07:7f:6b:66:61:61:
a1:62:17:48:64:6b:34:43:1e:52:94:fb:56:37:44:9f:5e:28:
e7:08:1e:ba:ff:34:c5:7a:ca:76:64:a6:ef:91:02:c5:9c:59:
01:d6:df:8b:87:91:e8:c5:c4:67:1c:c3:6b:d0:5f:0a:44:57:
74:1b:9b:b1:1c:60:49:b4:2d:06:b9:a9:71:b6:d3:68:2d:27:
1c:c8:d6:db:27:81:25:63:74:54:b9:38:36:42:03:f5:0b:68:
85:a1:93:86:c3:35:36:0d:c0:b3:0b:c3:a7:46:16:9c:46:05:
14:06:7f:56:21:f5:fc:38:a4:6e:4e:1c:c5:dc:b1:f2:48:05:
b2:37:9a:4b:d8:5f:68:e6:94:54:3c:ca:f7:2b:b6:a4:0c:aa:
94:5b:c0:3b:55:ca:21:bc:cc:cc:96:22:18:5c:50:cf:09:62:
1f:6a:75:ec:2f:9b:18:ff:d7:48:94:b0:d5:01:cb:74:f7:8e:
2b:9d:c5:22:4d:9e:aa:ae:3f:38:00:26:4a:a7:57:6c:60:ab:
68:86:42:68:51:3d:0f:2e:35:0b:a9:48:4b:73:98:d4:d8:e1:
30:01:b8:8e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpVZEzKPTdxFu0G9c2FGxPxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm
ZTUyYjkwHhcNMjUxMTA1MTkwMDI3WhcNMjUxMTA2MTkwMDI3WjAzMTEwLwYDVQQD
Eyg3ZGVhZWM0NTEyM2MwMWEwZmY4MTUxZDVjNTc4NzFhYTFlYTc4MTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2jWcDH3vgfVvLlwJ4YPT/SLGJzf6
pCjnJpPChghFJQIQVdT09yEMnJj0ZFkTqGy8C5KHYBM0Sh2kJFgs6dBbAWqRw4y4
OBHoUqVFQLdQvyHYvJI31s2B0UotKxLu8gbpwwK3Ddu4NQ+HLxkQo8A+2JkZ3xXa
ztWMWyAFDpo3V6aGnhqbhWdS0BoW/DkTbohG+UGcDWsq92OMUM5/fqcqeABapr7J
CDf3Wv0FvWXRg3u3n3D/YQIHWdUh7b9PA3R3sLaqLCtkGX+xahUNcBEGS/HzdfMJ
yeD1+lvKfw3BicVHrS/71GR5YWa0v4R08L1K0FBGg7yGbAeFnEd0uZ7/kQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH3q7EUSPAGg/4FR1cV4caoep4FCMB8GA1UdIwQY
MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt
NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0
LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbHJEvksc
DrMH7K7tFWT0v/fxzcGF4HFL+00VrnrVB39rZmFhoWIXSGRrNEMeUpT7VjdEn14o
5wgeuv80xXrKdmSm75ECxZxZAdbfi4eR6MXEZxzDa9BfCkRXdBubsRxgSbQtBrmp
cbbTaC0nHMjW2yeBJWN0VLk4NkID9QtohaGThsM1Ng3AswvDp0YWnEYFFAZ/ViH1
/Dikbk4cxdyx8kgFsjeaS9hfaOaUVDzK9yu2pAyqlFvAO1XKIbzMzJYiGFxQzwli
H2p17C+bGP/XSJSw1QHLdPeOK53FIk2eqq4/OAAmSqdXbGCraIZCaFE9Dy41C6lI
S3OY1NjhMAG4jg==
-----END CERTIFICATE-----
Generated at Thu Nov 6 04:24:28 2025 by rpki-client