Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
File: 2xTnpr6Xzsb1vBpninbqbRYZwwY.mft (raw, json)
Hash identifier: 7Jgw9gx58CVq74xIstE8JPo0jgG/X7g8sBo/54ZiHN4=
Subject key identifier: 1C:20:E2:CA:2C:4E:C2:D0:59:F2:31:13:CE:9B:13:1F:3E:02:05:7F
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 019A4E19009FEFAB10683ACB453BAA54BCF9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
Manifest number: 14D0
Signing time: Tue 04 Nov 2025 09:00:52 +0000
Manifest this update: Tue 04 Nov 2025 09:00:52 +0000
Manifest next update: Wed 05 Nov 2025 09:00:52 +0000
Files and hashes: 1: 2xTnpr6Xzsb1vBpninbqbRYZwwY.crl (hash: RS1Z2XjcFl4bbc/JoW8Yq3N9j9E9MAAARZ8BKaFeUsA=)
2: FjL5MqcK0dv0phSETNIP5t1SBWg.roa (hash: HghvVzu9hsO9wX3NaFq2EgUKtQhDl/MHwAlkrJlofBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:19:00:9f:ef:ab:10:68:3a:cb:45:3b:aa:54:bc:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Nov 4 09:00:52 2025 GMT
Not After : Nov 5 09:00:52 2025 GMT
Subject: CN=1c20e2ca2c4ec2d059f23113ce9b131f3e02057f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:95:bc:10:6e:30:e1:28:cb:74:d7:a2:70:3e:
81:8d:e1:75:df:4d:8a:85:ea:78:1c:71:0a:27:51:
09:6a:72:91:3d:30:7b:cd:6c:0d:43:ea:0f:ff:3e:
4f:30:0c:4c:a9:ae:bf:48:0d:f4:0e:71:4e:aa:6e:
4e:77:4a:44:3d:bb:90:66:19:20:d4:48:37:cf:f5:
cd:db:77:ad:7a:73:ac:6f:5f:ef:e3:f9:51:55:53:
ee:11:99:17:21:22:2f:79:f5:c6:87:31:ab:cc:06:
22:d7:a9:3a:5a:64:7e:aa:15:b4:99:bb:89:a3:bb:
43:fa:ff:4b:5d:da:d0:fb:6f:d9:f2:c1:20:36:b4:
97:13:6f:e4:43:82:14:c5:7c:23:98:98:d9:ac:b6:
19:51:b1:ed:46:1d:b7:0c:0e:89:df:e5:f7:cf:03:
44:49:a0:48:7e:c0:36:91:13:04:f2:40:11:60:13:
f5:6e:28:f6:cf:54:82:5b:02:4a:a5:34:a8:10:73:
1f:ba:c8:cc:48:9e:16:5b:fe:10:9e:e6:9f:a6:1b:
fe:ec:99:51:5c:78:53:f3:e5:84:de:4c:1f:6f:57:
43:ec:72:de:9d:ca:fd:67:80:b9:65:f7:37:89:7c:
26:32:69:a3:da:d9:aa:e6:64:78:fc:17:11:96:85:
2b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:20:E2:CA:2C:4E:C2:D0:59:F2:31:13:CE:9B:13:1F:3E:02:05:7F
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2f:1a:8b:c4:ec:49:1e:0a:53:a9:01:f0:55:2e:94:51:79:8a:
6a:13:e4:e2:32:0a:a8:6c:b5:37:33:8b:d1:12:c5:89:47:77:
d4:8e:62:98:e5:7a:d5:bc:d9:91:b5:3f:1f:55:84:0c:18:72:
43:60:e7:4c:12:28:a9:e2:c4:ac:f9:8d:7a:44:d7:13:3d:ab:
ca:c0:1f:18:d2:bd:54:76:a8:f8:ed:7d:5f:a7:a8:ca:df:e0:
c0:04:e0:d9:70:7d:de:df:d7:ab:9a:38:46:35:a1:73:d9:8b:
63:4e:c7:6b:88:fe:99:b9:89:ec:4c:85:29:20:54:92:04:dd:
c5:0b:05:8f:5e:b2:53:42:69:17:27:72:0f:9d:d0:e9:a3:2a:
24:d4:7b:85:6a:be:ad:c9:ed:77:f2:d2:4b:fd:85:e5:68:dd:
dd:84:d0:f1:70:20:8b:49:e1:28:dd:9f:e4:80:e8:28:58:3a:
7c:10:9e:d7:b5:12:4f:8a:ed:66:e5:98:24:98:99:98:71:ed:
21:91:1e:36:73:c0:45:77:b7:71:f7:41:4e:b4:b9:b5:f1:f5:
2b:7d:d4:d4:f8:6b:86:63:a3:f1:cb:fd:1c:58:e1:64:12:60:
8d:0e:5b:e6:35:63:bd:2e:9a:ea:6f:7b:e6:27:05:ce:6f:14:
b1:29:5b:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOGQCf76sQaDrLRTuqVLz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx
OWMzMDYwHhcNMjUxMTA0MDkwMDUyWhcNMjUxMTA1MDkwMDUyWjAzMTEwLwYDVQQD
EygxYzIwZTJjYTJjNGVjMmQwNTlmMjMxMTNjZTliMTMxZjNlMDIwNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA65W8EG4w4SjLdNeicD6BjeF1302K
hep4HHEKJ1EJanKRPTB7zWwNQ+oP/z5PMAxMqa6/SA30DnFOqm5Od0pEPbuQZhkg
1Eg3z/XN23etenOsb1/v4/lRVVPuEZkXISIvefXGhzGrzAYi16k6WmR+qhW0mbuJ
o7tD+v9LXdrQ+2/Z8sEgNrSXE2/kQ4IUxXwjmJjZrLYZUbHtRh23DA6J3+X3zwNE
SaBIfsA2kRME8kARYBP1bij2z1SCWwJKpTSoEHMfusjMSJ4WW/4Qnuafphv+7JlR
XHhT8+WE3kwfb1dD7HLencr9Z4C5Zfc3iXwmMmmj2tmq5mR4/BcRloUrQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBwg4sosTsLQWfIxE86bEx8+AgV/MB8GA1UdIwQY
MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt
MTFmOTFkMDczOWM5LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5
LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALxqLxOxJ
HgpTqQHwVS6UUXmKahPk4jIKqGy1NzOL0RLFiUd31I5imOV61bzZkbU/H1WEDBhy
Q2DnTBIoqeLErPmNekTXEz2rysAfGNK9VHao+O19X6eoyt/gwATg2XB93t/Xq5o4
RjWhc9mLY07Ha4j+mbmJ7EyFKSBUkgTdxQsFj16yU0JpFydyD53Q6aMqJNR7hWq+
rcntd/LSS/2F5Wjd3YTQ8XAgi0nhKN2f5IDoKFg6fBCe17UST4rtZuWYJJiZmHHt
IZEeNnPARXe3cfdBTrS5tfH1K33U1PhrhmOj8cv9HFjhZBJgjQ5b5jVjvS6a6m97
5icFzm8UsSlbGw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:18:47 2025 by rpki-client