Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
File: vaYQQ1QkhQlrDfQ1HMDal383cN0.mft (raw, json)
Hash identifier: 3IFj9F/VIyxEiKrdEuVKPL+NuxHHmXbAGJaTq7tWn6Y=
Subject key identifier: E9:43:7D:C9:2D:EC:F3:CA:C1:94:D3:FF:F6:9C:BD:7A:19:8F:FE:40
Authority key identifier: BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD
Certificate issuer: /CN=bda61043542485096b0df4351cc0da977f3770dd
Certificate serial: 019A4C97E0DB81A1F8E4E9E902B4623AFFD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
Manifest number: 170E
Signing time: Tue 04 Nov 2025 02:00:12 +0000
Manifest this update: Tue 04 Nov 2025 02:00:12 +0000
Manifest next update: Wed 05 Nov 2025 02:00:12 +0000
Files and hashes: 1: RYZ_HUggvvOzHTuXBACbgajQpo0.roa (hash: Fp6s79hRrwq+bZ12gZrNnH0nQeo4puoviWIdP4EjMXQ=)
2: vaYQQ1QkhQlrDfQ1HMDal383cN0.crl (hash: WwJRA++XQKKQcse6pvzCDkKySShdC6VI1u3xLQOH/TM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 02:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:97:e0:db:81:a1:f8:e4:e9:e9:02:b4:62:3a:ff:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda61043542485096b0df4351cc0da977f3770dd
Validity
Not Before: Nov 4 02:00:12 2025 GMT
Not After : Nov 5 02:00:12 2025 GMT
Subject: CN=e9437dc92decf3cac194d3fff69cbd7a198ffe40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:20:78:76:c1:d3:0b:94:ed:ce:e3:46:0c:f3:
67:37:82:98:08:00:c3:bd:66:af:47:5f:cf:1e:f6:
e7:73:4a:f6:3a:01:f7:55:d9:71:6a:be:db:bc:f1:
53:5e:4a:6a:b4:41:75:50:e8:16:ce:f9:af:bd:16:
19:f2:ae:32:f8:11:fe:42:28:f0:05:05:c9:33:d5:
26:8e:dc:4e:bd:ef:0b:34:b4:42:84:92:e5:87:ad:
e1:9d:c4:9b:5a:5a:ae:76:a6:24:fb:a5:a9:b9:1a:
a0:7b:90:d2:4b:3f:c0:5f:f5:05:42:44:da:02:45:
4a:5b:24:2f:97:18:58:2f:6b:d8:00:98:65:92:e4:
00:84:39:d4:e0:dc:70:68:bb:c0:64:ba:2c:c7:70:
42:68:7b:70:82:51:ad:76:53:f0:ae:ca:e1:06:e8:
48:d5:aa:c2:35:8a:7d:f5:13:ce:9e:92:68:67:dc:
ad:2e:ad:65:3a:09:91:fe:c2:da:70:24:81:7d:db:
61:3e:28:c6:d1:4c:1c:bb:2b:11:8f:9a:af:0d:5c:
4f:6d:57:16:f9:6d:f3:87:d4:e2:e4:c4:fc:c4:fd:
f6:71:bc:19:67:25:c0:44:06:a6:68:a5:1f:12:77:
39:ee:29:a0:6e:72:e5:f4:2b:fa:7a:35:b7:7a:97:
86:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:43:7D:C9:2D:EC:F3:CA:C1:94:D3:FF:F6:9C:BD:7A:19:8F:FE:40
X509v3 Authority Key Identifier:
keyid:BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:bc:ac:b5:3c:58:8d:e9:4b:ea:44:47:40:7a:f9:8e:ec:4c:
c0:f7:4f:a9:a0:1c:b8:cc:0e:57:1d:88:96:e7:99:83:26:84:
d8:c2:c5:31:04:d4:27:ec:4c:19:d8:1d:83:39:de:21:ab:53:
2e:19:b4:17:89:0d:09:98:03:e7:f5:1f:30:68:32:ec:86:a5:
e8:fe:43:8d:d5:96:34:9d:20:4b:7d:8d:e7:5e:7e:fe:39:54:
f6:04:c9:07:da:19:5e:e8:97:b2:4b:a9:eb:11:95:82:bd:27:
b6:1f:27:e5:b2:30:3b:f7:54:bb:0f:60:92:cc:fb:7e:d0:32:
0a:40:7f:b7:49:22:00:e5:f6:a9:2f:9c:27:ae:fb:07:1d:53:
63:9c:d7:fc:b4:2d:61:72:7d:33:67:0a:f3:d2:f6:f3:3a:8c:
63:fe:2a:30:e5:4b:b5:6b:3d:54:08:2f:9f:d8:8c:78:9a:28:
e2:fe:b7:47:2f:32:bf:10:eb:6f:7b:f0:13:30:89:18:38:78:
38:b4:2c:f8:db:64:57:1f:5a:35:56:66:52:19:69:ba:3b:fc:
ff:fa:a1:bb:20:dd:13:6e:fd:d6:53:0e:da:5e:fb:9f:88:d0:
e5:b0:cd:67:6a:4a:35:75:2b:e4:30:8d:38:d3:16:2d:50:e5:
ba:22:c7:82
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMl+DbgaH45OnpArRiOv/ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTYxMDQzNTQyNDg1MDk2YjBkZjQzNTFjYzBkYTk3N2Yz
NzcwZGQwHhcNMjUxMTA0MDIwMDEyWhcNMjUxMTA1MDIwMDEyWjAzMTEwLwYDVQQD
EyhlOTQzN2RjOTJkZWNmM2NhYzE5NGQzZmZmNjljYmQ3YTE5OGZmZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvyB4dsHTC5TtzuNGDPNnN4KYCADD
vWavR1/PHvbnc0r2OgH3Vdlxar7bvPFTXkpqtEF1UOgWzvmvvRYZ8q4y+BH+Qijw
BQXJM9UmjtxOve8LNLRChJLlh63hncSbWlqudqYk+6WpuRqge5DSSz/AX/UFQkTa
AkVKWyQvlxhYL2vYAJhlkuQAhDnU4NxwaLvAZLosx3BCaHtwglGtdlPwrsrhBuhI
1arCNYp99RPOnpJoZ9ytLq1lOgmR/sLacCSBfdthPijG0UwcuysRj5qvDVxPbVcW
+W3zh9Ti5MT8xP32cbwZZyXARAamaKUfEnc57imgbnLl9Cv6ejW3epeGhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOlDfckt7PPKwZTT//acvXoZj/5AMB8GA1UdIwQY
MBaAFL2mEENUJIUJaw30NRzA2pd/N3DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMt
M2EyYWQ4OGRlYWRlLzEvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMtM2EyYWQ4OGRlYWRl
LzEvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmbystTxY
jelL6kRHQHr5juxMwPdPqaAcuMwOVx2IlueZgyaE2MLFMQTUJ+xMGdgdgzneIatT
Lhm0F4kNCZgD5/UfMGgy7Ial6P5DjdWWNJ0gS32N515+/jlU9gTJB9oZXuiXskup
6xGVgr0nth8n5bIwO/dUuw9gksz7ftAyCkB/t0kiAOX2qS+cJ677Bx1TY5zX/LQt
YXJ9M2cK89L28zqMY/4qMOVLtWs9VAgvn9iMeJoo4v63Ry8yvxDrb3vwEzCJGDh4
OLQs+NtkVx9aNVZmUhlpujv8//qhuyDdE2791lMO2l77n4jQ5bDNZ2pKNXUr5DCN
ONMWLVDluiLHgg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:00:45 2025 by rpki-client