Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft
File: vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft (raw, json)
Hash identifier: 96F592Ish8JGObmsfkYdKYBj+7awk1A6op7TMaa8x18=
Subject key identifier: AC:9C:14:5D:C8:A3:92:C3:04:0F:66:C9:FC:FF:85:FE:C4:A6:15:83
Authority key identifier: BD:B2:4D:F4:A7:C9:AA:21:31:D8:57:50:3B:93:D6:0F:7F:B5:1B:D9
Certificate issuer: /CN=bdb24df4a7c9aa2131d857503b93d60f7fb51bd9
Certificate serial: 019A4D74873FF2258755698126079B077A49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft
Manifest number: 03DA
Signing time: Tue 04 Nov 2025 06:01:13 +0000
Manifest this update: Tue 04 Nov 2025 06:01:13 +0000
Manifest next update: Wed 05 Nov 2025 06:01:13 +0000
Files and hashes: 1: AFVAjCiROQ32Z_efvRaORNpa2fQ.roa (hash: STiLszZIpw1MlrUzOI5Ii3ZfZdoAbfQenvPasDTHJCA=)
2: vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl (hash: 0/oTWWC5qtJ059X2ljXMPpJxzH4V9kCZ8/mk+UCOIQ8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft
rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:87:3f:f2:25:87:55:69:81:26:07:9b:07:7a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdb24df4a7c9aa2131d857503b93d60f7fb51bd9
Validity
Not Before: Nov 4 06:01:13 2025 GMT
Not After : Nov 5 06:01:13 2025 GMT
Subject: CN=ac9c145dc8a392c3040f66c9fcff85fec4a61583
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d9:47:58:c3:4b:76:57:18:d5:11:5d:94:96:
e0:17:29:39:b7:66:eb:48:52:7d:da:8a:64:c5:99:
de:ac:ad:a9:95:e1:f8:44:eb:57:77:f6:20:f0:71:
4e:53:2a:61:e0:85:ae:d7:95:4e:fb:77:78:57:47:
09:ab:ab:a9:a4:2c:f0:b4:1a:52:1a:73:51:af:55:
12:c4:2f:5b:a2:ba:bb:cf:e8:62:e7:1f:24:1b:cc:
f8:1a:32:e2:d5:b2:2d:bd:51:4f:60:ad:fb:15:40:
84:23:68:69:df:9c:ff:fb:bc:f5:82:80:d6:a9:ed:
b8:51:74:b0:eb:24:00:55:db:f0:c7:1d:03:ce:c6:
25:5d:00:c0:b4:25:3e:9d:01:04:0c:9b:85:e4:04:
13:17:95:e5:d8:bf:e3:70:d8:41:97:77:50:81:2e:
9e:77:60:93:1d:7d:4e:85:74:6d:8c:f0:6a:10:b1:
85:e8:e4:fe:ce:3f:8c:ff:85:99:ae:af:93:b8:99:
5a:9f:a9:eb:d4:1a:ba:1b:16:61:6d:8e:72:6f:30:
d8:9b:f2:ff:cf:5a:6a:c1:d6:46:0d:48:83:20:0c:
a7:39:95:f4:3e:5d:53:ff:33:0b:e0:83:12:54:e7:
2e:1e:3d:dc:90:3e:0d:d0:e7:b1:5b:79:af:6d:13:
50:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:9C:14:5D:C8:A3:92:C3:04:0F:66:C9:FC:FF:85:FE:C4:A6:15:83
X509v3 Authority Key Identifier:
keyid:BD:B2:4D:F4:A7:C9:AA:21:31:D8:57:50:3B:93:D6:0F:7F:B5:1B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vbJN9KfJqiEx2FdQO5PWD3-1G9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0102c7-b4ea-4bab-b770-d30aeb1c20ca/1/vbJN9KfJqiEx2FdQO5PWD3-1G9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:5c:cf:c1:2d:57:ec:c7:12:8c:b9:29:95:df:65:3d:72:fb:
51:3d:b8:f6:c8:23:3d:83:78:ca:b3:51:04:1a:b3:55:16:cf:
2b:ad:f7:ea:0c:fe:3f:c9:20:9e:cf:ed:d9:68:4a:d6:88:99:
bb:f6:6a:ae:13:73:fb:29:50:01:71:26:ad:51:73:5d:75:55:
19:d1:b6:cc:ca:9b:a5:68:6e:f8:5d:ac:a6:a1:a8:17:b7:f9:
bf:4f:76:32:f6:fb:b9:e8:0d:26:a2:b5:4f:5a:cc:4a:cc:97:
a6:d6:c8:91:5f:02:e6:d5:5d:c0:62:42:48:a2:9f:ed:8c:a9:
3e:09:96:8f:fe:22:d2:5b:7a:4b:21:1a:32:7d:bc:7f:e4:18:
35:30:23:3b:de:c8:a4:b6:bd:17:38:bf:35:69:e4:1d:0a:b6:
00:ca:f7:77:fe:64:b3:31:53:92:2d:20:1f:db:20:30:01:c6:
0b:b3:f9:f0:a8:5b:4e:98:b5:85:b8:8c:17:e3:ec:e2:49:45:
a2:11:9e:c9:a1:8c:ee:94:82:58:aa:ca:76:ce:0e:38:3d:14:
cb:ea:7b:b0:8e:f8:7c:48:0b:de:25:e7:63:04:43:21:8a:1a:
fc:18:dd:91:9c:c6:18:c7:d4:ec:fd:6a:f0:40:3f:dc:40:c3:
2f:0e:e5:ae
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdIc/8iWHVWmBJgebB3pJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYjI0ZGY0YTdjOWFhMjEzMWQ4NTc1MDNiOTNkNjBmN2Zi
NTFiZDkwHhcNMjUxMTA0MDYwMTEzWhcNMjUxMTA1MDYwMTEzWjAzMTEwLwYDVQQD
EyhhYzljMTQ1ZGM4YTM5MmMzMDQwZjY2YzlmY2ZmODVmZWM0YTYxNTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNlHWMNLdlcY1RFdlJbgFyk5t2br
SFJ92opkxZnerK2pleH4ROtXd/Yg8HFOUyph4IWu15VO+3d4V0cJq6uppCzwtBpS
GnNRr1USxC9borq7z+hi5x8kG8z4GjLi1bItvVFPYK37FUCEI2hp35z/+7z1goDW
qe24UXSw6yQAVdvwxx0DzsYlXQDAtCU+nQEEDJuF5AQTF5Xl2L/jcNhBl3dQgS6e
d2CTHX1OhXRtjPBqELGF6OT+zj+M/4WZrq+TuJlan6nr1Bq6GxZhbY5ybzDYm/L/
z1pqwdZGDUiDIAynOZX0Pl1T/zML4IMSVOcuHj3ckD4N0OexW3mvbRNQiQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKycFF3Io5LDBA9myfz/hf7EphWDMB8GA1UdIwQY
MBaAFL2yTfSnyaohMdhXUDuT1g9/tRvZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wMTAyYzctYjRlYS00YmFiLWI3NzAt
ZDMwYWViMWMyMGNhLzEvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wMTAyYzctYjRlYS00YmFiLWI3NzAtZDMwYWViMWMyMGNh
LzEvdmJKTjlLZkpxaUV4MkZkUU81UFdEMy0xRzlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZFzPwS1X
7McSjLkpld9lPXL7UT249sgjPYN4yrNRBBqzVRbPK6336gz+P8kgns/t2WhK1oiZ
u/ZqrhNz+ylQAXEmrVFzXXVVGdG2zMqbpWhu+F2spqGoF7f5v092Mvb7uegNJqK1
T1rMSsyXptbIkV8C5tVdwGJCSKKf7YypPgmWj/4i0lt6SyEaMn28f+QYNTAjO97I
pLa9Fzi/NWnkHQq2AMr3d/5kszFTki0gH9sgMAHGC7P58KhbTpi1hbiMF+Ps4klF
ohGeyaGM7pSCWKrKds4OOD0Uy+p7sI74fEgL3iXnYwRDIYoa/BjdkZzGGMfU7P1q
8EA/3EDDLw7lrg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:52:10 2025 by rpki-client