Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
File: 8PY2_se1stGN43l-aYTAaVXnFtc.mft (raw, json)
Hash identifier: eVWDrBlJoDRRWxcLWL5BfiC9nmBd3Um0p+589qTGhCM=
Subject key identifier: C1:9D:D9:EB:77:A5:6B:B6:B2:FF:41:41:4A:00:2C:CC:AE:51:79:D6
Authority key identifier: F0:F6:36:FE:C7:B5:B2:D1:8D:E3:79:7E:69:84:C0:69:55:E7:16:D7
Certificate issuer: /CN=f0f636fec7b5b2d18de3797e6984c06955e716d7
Certificate serial: 019A54C0185A4997DCF5F31D32A5E947C345
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
Manifest number: 1714
Signing time: Wed 05 Nov 2025 16:01:06 +0000
Manifest this update: Wed 05 Nov 2025 16:01:06 +0000
Manifest next update: Thu 06 Nov 2025 16:01:06 +0000
Files and hashes: 1: 8PY2_se1stGN43l-aYTAaVXnFtc.crl (hash: 3Mz2ucPqeLj/D4JkTfi9jwWGJa40iZDHu1ARxHYdzLk=)
2: N4NsUcZuS_9XiBDgAfw6eryV7HU.roa (hash: tpgeA/zfOVEAg9H115FFWM358l26uFQNlABFRgvWlU4=)
3: yV4dNy3NsBZVUNWCmHTLsnrsaLM.roa (hash: HeRl5vH7gTSirrF3z1irtqiGbkDXqM3OvljtYndKLgE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:c0:18:5a:49:97:dc:f5:f3:1d:32:a5:e9:47:c3:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f636fec7b5b2d18de3797e6984c06955e716d7
Validity
Not Before: Nov 5 16:01:06 2025 GMT
Not After : Nov 6 16:01:06 2025 GMT
Subject: CN=c19dd9eb77a56bb6b2ff41414a002cccae5179d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7b:6a:5b:3d:29:a0:0c:49:d0:1c:b4:9e:72:
bc:2b:22:3e:b0:bc:04:85:2f:3d:8a:f4:cf:39:94:
7b:54:02:47:f6:62:a2:ba:48:22:f1:72:53:15:e7:
ff:03:4e:7d:12:a7:23:00:35:b4:2e:3b:db:fc:d9:
32:59:15:ae:e9:26:ff:88:d8:98:b4:21:3a:75:f1:
9f:95:2e:82:bd:b8:6b:ad:eb:fe:67:eb:8d:59:2e:
13:93:cd:08:28:9f:d6:63:86:b3:e8:1b:6a:a1:d2:
29:9e:40:ba:b1:91:13:60:eb:5f:20:c5:77:0d:5c:
d3:8c:42:21:73:1f:90:aa:e8:ce:fa:b8:9f:8d:df:
c3:61:52:48:86:d3:ac:e5:44:45:d2:0d:7d:c5:0f:
bd:b0:20:d0:3a:56:14:a3:af:38:cf:15:4f:b8:a7:
ca:74:48:a3:64:14:3a:87:7a:6b:0b:50:a1:a9:37:
e9:9b:0e:ab:6b:33:ea:3c:30:93:2d:27:1a:5e:15:
ba:da:fd:2a:9c:45:6d:a8:f4:c1:d0:5b:07:0f:3c:
97:32:72:92:a6:e4:49:dd:ca:ad:d9:9b:f3:4a:18:
e1:03:ef:0d:45:4d:4b:53:c5:5c:f0:da:5b:46:09:
05:72:f8:7f:5f:1a:c2:f2:dd:f7:a4:8d:91:f3:e6:
a0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9D:D9:EB:77:A5:6B:B6:B2:FF:41:41:4A:00:2C:CC:AE:51:79:D6
X509v3 Authority Key Identifier:
keyid:F0:F6:36:FE:C7:B5:B2:D1:8D:E3:79:7E:69:84:C0:69:55:E7:16:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PY2_se1stGN43l-aYTAaVXnFtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/a01acd-a3de-4839-9d02-643c1fe38385/1/8PY2_se1stGN43l-aYTAaVXnFtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:85:0f:81:f8:32:94:ec:c5:4c:dc:7d:be:d7:0f:4a:61:8b:
00:07:34:58:16:5a:e7:71:95:69:20:49:2c:00:4a:cf:74:8f:
9a:1c:ed:b7:89:d2:86:24:e4:a4:4a:ad:fd:1f:8a:2d:79:d6:
2d:b2:ec:d0:54:d4:07:b5:7c:6a:cc:40:4b:8a:26:ee:e2:c0:
41:b6:c9:5a:2b:e7:60:a5:47:ae:d1:19:17:a2:d0:2b:ca:df:
64:84:99:1f:c4:ce:0d:06:c7:25:b8:35:bb:97:aa:a5:6c:6e:
b1:81:55:9a:9a:f7:e8:9b:c3:76:7f:16:34:b1:1f:98:4c:9b:
cd:bd:5e:2d:f7:a2:05:78:7f:5b:a8:f2:11:ed:43:82:cb:b3:
b3:2e:9b:26:b7:7e:e4:82:a7:00:f2:ea:a7:da:58:db:ef:14:
ce:9c:3a:e0:f0:d4:4c:68:92:4f:61:23:dd:02:17:3c:bc:26:
9d:d9:0f:98:ab:f6:21:d7:11:5d:45:1c:39:64:1b:05:6b:d6:
db:3e:5f:b3:07:d8:86:f2:a2:42:25:3f:f9:de:55:90:07:7f:
ee:b3:9e:89:da:d9:41:0a:41:f0:73:17:91:7e:1c:b2:52:a8:
77:3d:a7:f9:b5:a7:4f:9b:85:ab:a6:48:32:e1:8d:93:61:df:
57:22:8a:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUwBhaSZfc9fMdMqXpR8NFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjYzNmZlYzdiNWIyZDE4ZGUzNzk3ZTY5ODRjMDY5NTVl
NzE2ZDcwHhcNMjUxMTA1MTYwMTA2WhcNMjUxMTA2MTYwMTA2WjAzMTEwLwYDVQQD
EyhjMTlkZDllYjc3YTU2YmI2YjJmZjQxNDE0YTAwMmNjY2FlNTE3OWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnXtqWz0poAxJ0By0nnK8KyI+sLwE
hS89ivTPOZR7VAJH9mKiukgi8XJTFef/A059EqcjADW0Ljvb/NkyWRWu6Sb/iNiY
tCE6dfGflS6Cvbhrrev+Z+uNWS4Tk80IKJ/WY4az6BtqodIpnkC6sZETYOtfIMV3
DVzTjEIhcx+QqujO+rifjd/DYVJIhtOs5URF0g19xQ+9sCDQOlYUo684zxVPuKfK
dEijZBQ6h3prC1ChqTfpmw6razPqPDCTLScaXhW62v0qnEVtqPTB0FsHDzyXMnKS
puRJ3cqt2ZvzShjhA+8NRU1LU8Vc8NpbRgkFcvh/XxrC8t33pI2R8+ag7QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMGd2et3pWu2sv9BQUoALMyuUXnWMB8GA1UdIwQY
MBaAFPD2Nv7HtbLRjeN5fmmEwGlV5xbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9hMDFhY2QtYTNkZS00ODM5LTlkMDIt
NjQzYzFmZTM4Mzg1LzEvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9hMDFhY2QtYTNkZS00ODM5LTlkMDItNjQzYzFmZTM4Mzg1
LzEvOFBZMl9zZTFzdEdONDNsLWFZVEFhVlhuRnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAioUPgfgy
lOzFTNx9vtcPSmGLAAc0WBZa53GVaSBJLABKz3SPmhztt4nShiTkpEqt/R+KLXnW
LbLs0FTUB7V8asxAS4om7uLAQbbJWivnYKVHrtEZF6LQK8rfZISZH8TODQbHJbg1
u5eqpWxusYFVmpr36JvDdn8WNLEfmEybzb1eLfeiBXh/W6jyEe1Dgsuzsy6bJrd+
5IKnAPLqp9pY2+8Uzpw64PDUTGiST2Ej3QIXPLwmndkPmKv2IdcRXUUcOWQbBWvW
2z5fswfYhvKiQiU/+d5VkAd/7rOeidrZQQpB8HMXkX4cslKodz2n+bWnT5uFq6ZI
MuGNk2HfVyKKjQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 21:09:42 2025 by rpki-client