Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft
File: y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft (raw, json)
Hash identifier: 6iylmpU+/QHou+FaucarlYGFZb3ledo7Qq3R5EklTq4=
Subject key identifier: 7A:FC:0E:8F:45:0C:9B:68:74:A3:17:A4:45:7C:9C:4F:ED:70:13:AF
Authority key identifier: CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D
Certificate issuer: /CN=cbb525e263a95b1652064bdff8964d4bf62b533d
Certificate serial: 019A522C70F3A0635CCA2E12ED93F8BAC642
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft
Manifest number: 03C2
Signing time: Wed 05 Nov 2025 04:00:35 +0000
Manifest this update: Wed 05 Nov 2025 04:00:35 +0000
Manifest next update: Thu 06 Nov 2025 04:00:35 +0000
Files and hashes: 1: q6cfXUDveWHdgQWTYKqVwvvOAe0.roa (hash: BJPMM6GNYN6IqCj9i2G5fXzbZjuTVnz0OtAPd8t+eZk=)
2: y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl (hash: IFhc3czHNwaDabnhCz6qGkrLo7tqs/987ihEXdRekMQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:2c:70:f3:a0:63:5c:ca:2e:12:ed:93:f8:ba:c6:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbb525e263a95b1652064bdff8964d4bf62b533d
Validity
Not Before: Nov 5 04:00:35 2025 GMT
Not After : Nov 6 04:00:35 2025 GMT
Subject: CN=7afc0e8f450c9b6874a317a4457c9c4fed7013af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3f:49:53:85:d2:32:be:a1:57:ac:34:20:4c:
19:da:81:39:ef:66:24:09:a2:5e:d1:46:d6:52:cb:
6b:91:e6:1a:01:a3:bb:32:58:8f:e7:7b:03:1d:71:
21:d3:28:cc:7e:11:93:1d:04:29:72:0f:d8:bf:9f:
e5:a9:b9:0e:a4:8c:03:0c:ac:76:0e:3f:bd:4a:59:
62:9a:cf:50:88:c0:24:0b:36:9f:b0:b4:cc:5a:d8:
03:45:7f:73:db:11:61:be:f4:88:33:60:c8:48:0a:
e5:1d:8c:20:f2:94:4e:fe:28:8f:6b:80:91:97:fe:
3d:8a:44:39:ce:5e:fd:46:24:73:0d:db:db:9b:f7:
51:86:8b:df:1d:d8:7c:0f:f7:4e:98:03:3b:7c:b9:
42:5f:77:f3:6a:fd:14:79:54:82:a4:c4:80:53:9e:
30:06:8a:ad:0e:e1:25:e3:45:fd:ac:9f:05:75:63:
83:c7:62:69:fa:c2:e0:67:a0:66:e8:57:27:06:29:
5a:72:b5:8c:0b:49:9c:9e:49:81:56:c1:a8:19:2f:
96:2f:de:22:26:5c:6c:14:46:b7:f5:8d:22:3d:63:
a1:a2:1a:1f:27:63:02:d9:34:fc:a8:64:c3:a4:f8:
c1:3e:4d:25:73:6e:1a:9f:e9:a7:aa:6b:fb:e9:9d:
1d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:FC:0E:8F:45:0C:9B:68:74:A3:17:A4:45:7C:9C:4F:ED:70:13:AF
X509v3 Authority Key Identifier:
keyid:CB:B5:25:E2:63:A9:5B:16:52:06:4B:DF:F8:96:4D:4B:F6:2B:53:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/bd7209-44e9-423e-84a4-b89dc4fd6ee0/1/y7Ul4mOpWxZSBkvf-JZNS_YrUz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:3c:40:4f:7f:b2:a5:58:b0:e5:e5:14:59:71:4e:44:6e:6e:
48:5e:07:5a:39:b5:d2:ff:cf:54:56:1d:1c:95:d2:b8:f4:12:
61:ba:51:96:1e:ae:91:c3:75:55:72:a6:de:25:58:7c:fe:23:
48:27:d9:75:56:33:8c:a9:1b:10:30:63:a8:ef:a2:f9:6e:1a:
7c:1c:df:6e:21:68:74:80:e4:b4:98:f6:b1:7e:a3:93:cb:ea:
06:70:a1:06:a0:ca:ec:19:91:23:15:71:77:68:70:9c:bc:c4:
90:44:5b:37:a7:52:a4:2b:b6:3f:27:f9:93:3e:5b:05:88:30:
ef:a3:e2:81:e3:a4:b8:4c:98:23:97:13:56:6b:44:ee:58:1f:
69:e7:f1:bc:0e:5d:58:8c:eb:52:02:d0:0a:8f:0e:ed:48:47:
77:7f:b5:76:47:50:c8:ab:b8:40:b2:c7:3d:ff:7e:82:b8:18:
b9:97:8f:01:27:4c:33:3d:5a:26:d4:36:c2:ab:35:f4:fc:32:
c2:2e:a1:09:53:17:db:28:f4:6d:8e:fc:b0:70:be:70:45:7f:
83:71:a4:3f:29:2e:ca:22:4a:b1:fc:43:7a:bb:8b:93:ca:7c:
19:9a:9c:6c:7c:3a:66:ea:ec:ef:a4:08:f6:56:34:b6:f9:ab:
d2:c7:73:6b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpSLHDzoGNcyi4S7ZP4usZCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiYjUyNWUyNjNhOTViMTY1MjA2NGJkZmY4OTY0ZDRiZjYy
YjUzM2QwHhcNMjUxMTA1MDQwMDM1WhcNMjUxMTA2MDQwMDM1WjAzMTEwLwYDVQQD
Eyg3YWZjMGU4ZjQ1MGM5YjY4NzRhMzE3YTQ0NTdjOWM0ZmVkNzAxM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3T9JU4XSMr6hV6w0IEwZ2oE572Yk
CaJe0UbWUstrkeYaAaO7MliP53sDHXEh0yjMfhGTHQQpcg/Yv5/lqbkOpIwDDKx2
Dj+9Sllims9QiMAkCzafsLTMWtgDRX9z2xFhvvSIM2DISArlHYwg8pRO/iiPa4CR
l/49ikQ5zl79RiRzDdvbm/dRhovfHdh8D/dOmAM7fLlCX3fzav0UeVSCpMSAU54w
BoqtDuEl40X9rJ8FdWODx2Jp+sLgZ6Bm6FcnBilacrWMC0mcnkmBVsGoGS+WL94i
JlxsFEa39Y0iPWOhohofJ2MC2TT8qGTDpPjBPk0lc24an+mnqmv76Z0doQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHr8Do9FDJtodKMXpEV8nE/tcBOvMB8GA1UdIwQY
MBaAFMu1JeJjqVsWUgZL3/iWTUv2K1M9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQt
Yjg5ZGM0ZmQ2ZWUwLzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9iZDcyMDktNDRlOS00MjNlLTg0YTQtYjg5ZGM0ZmQ2ZWUw
LzEveTdVbDRtT3BXeFpTQmt2Zi1KWk5TX1lyVXowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArDxAT3+y
pViw5eUUWXFORG5uSF4HWjm10v/PVFYdHJXSuPQSYbpRlh6ukcN1VXKm3iVYfP4j
SCfZdVYzjKkbEDBjqO+i+W4afBzfbiFodIDktJj2sX6jk8vqBnChBqDK7BmRIxVx
d2hwnLzEkERbN6dSpCu2Pyf5kz5bBYgw76PigeOkuEyYI5cTVmtE7lgfaefxvA5d
WIzrUgLQCo8O7UhHd3+1dkdQyKu4QLLHPf9+grgYuZePASdMMz1aJtQ2wqs19Pwy
wi6hCVMX2yj0bY78sHC+cEV/g3GkPykuyiJKsfxDeruLk8p8GZqcbHw6Zurs76QI
9lY0tvmr0sdzaw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:40:03 2025 by rpki-client