Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
File: S2MqdYtZMJ6GEInWVTruBnprNT8.mft (raw, json)
Hash identifier: htNqZrDxRMbJwKSCeVxi4Tm233QddQcQjLzNIHxsGaA=
Subject key identifier: 9D:E9:AD:13:4B:2A:06:43:C6:90:4E:CF:B1:AA:5A:19:A5:EE:85:FA
Authority key identifier: 4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F
Certificate issuer: /CN=4b632a758b59309e861089d6553aee067a6b353f
Certificate serial: 019A4C610CC15CA746DCA7643DB6820D874F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 01:00:19 +0000
Manifest this update: Tue 04 Nov 2025 01:00:19 +0000
Manifest next update: Wed 05 Nov 2025 01:00:19 +0000
Files and hashes: 1: BFmKhRFnCi2AJyutOk-Yxml708c.roa (hash: 30fgE+QkDlz/nOmXI9WzL3BXCW8rLDMyhnps4H9jCSs=)
2: S2MqdYtZMJ6GEInWVTruBnprNT8.crl (hash: 1HpxmsAYTjm6VNCNy7acge4itwLTEPs1i1C3Vwfm7Qk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 01:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4c:61:0c:c1:5c:a7:46:dc:a7:64:3d:b6:82:0d:87:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b632a758b59309e861089d6553aee067a6b353f
Validity
Not Before: Nov 4 01:00:19 2025 GMT
Not After : Nov 5 01:00:19 2025 GMT
Subject: CN=9de9ad134b2a0643c6904ecfb1aa5a19a5ee85fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:b8:d7:60:0a:40:7b:8e:56:9d:01:30:b8:10:
42:97:78:81:87:69:c7:11:31:85:60:da:58:11:f2:
2e:00:ab:56:50:90:74:95:ad:57:2d:61:22:9c:be:
97:6a:f5:03:36:a1:66:ac:2e:46:dc:96:b0:b7:a3:
ae:40:2d:fe:08:c8:5e:4e:6c:a7:de:99:56:d5:03:
62:da:85:d5:14:de:44:58:6d:ef:40:f2:09:a9:e1:
91:d4:35:8f:17:fe:64:97:89:c3:c2:cd:9a:f8:89:
07:50:f6:a1:f4:91:de:1e:cc:31:29:79:32:cc:91:
31:0a:ff:5e:e0:ea:f6:7d:2e:d1:fa:21:09:a5:58:
90:16:28:37:0d:c3:61:50:7c:2e:7f:f1:b4:17:ef:
06:ae:f2:a8:1a:b9:44:c0:f3:2c:a5:06:f0:1e:2a:
85:8b:b0:bb:ea:2c:2f:90:d6:af:18:6f:c5:86:3f:
dc:80:9a:cd:cd:15:f2:68:d0:23:0d:8b:5b:d6:3c:
0f:b9:cc:d6:b9:bc:af:9f:a7:5e:d3:70:bc:94:21:
e5:5c:88:86:d7:f3:16:ec:e6:69:8c:84:41:be:3a:
da:ad:cc:51:0e:f2:58:4e:ef:0c:09:29:2f:e3:a9:
d3:11:f6:01:5f:7e:4f:92:45:4d:0f:a2:db:e4:9c:
6e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:E9:AD:13:4B:2A:06:43:C6:90:4E:CF:B1:AA:5A:19:A5:EE:85:FA
X509v3 Authority Key Identifier:
keyid:4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7b:cb:53:dd:af:2b:dc:6f:96:af:4a:df:b1:98:76:2d:0a:d5:
c0:17:36:3b:56:ee:d3:6b:c3:a2:0d:f5:26:a6:97:38:e4:a1:
b1:44:d5:6e:f9:23:7f:2c:71:91:99:5c:73:cd:61:16:75:f4:
0a:fc:b1:89:81:58:49:44:90:ea:7b:4a:0c:fb:1e:ee:7e:65:
98:ed:5e:9d:11:ef:02:f7:b4:70:42:2e:1a:1e:6a:48:3e:78:
cd:19:3f:be:b9:0d:28:a3:33:94:52:35:e2:de:aa:54:ec:67:
86:15:fa:d1:aa:e6:3a:83:7f:dd:51:f2:93:f9:39:b3:ff:43:
59:65:44:7a:d2:6c:e6:d7:df:38:ac:1c:5b:86:48:d9:3f:0e:
3d:66:10:7e:da:0c:83:2f:e5:41:d3:28:b7:30:0a:74:cf:ec:
47:9d:02:4f:2a:5c:91:ec:87:dd:55:14:80:e1:59:8e:d4:f5:
2e:12:ba:af:b8:ea:bc:86:38:6f:7d:1d:15:2b:5b:47:6d:be:
18:37:8d:75:1e:ff:9e:ec:35:16:14:47:5e:e5:bd:be:e9:3f:
7e:62:0b:2b:25:4a:3c:45:82:a9:ae:8e:73:99:0d:b0:97:c1:
6b:cf:96:4c:9b:2c:47:f2:89:1e:60:91:68:1a:1b:bf:bd:62:
92:18:12:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpMYQzBXKdG3KdkPbaCDYdPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjMyYTc1OGI1OTMwOWU4NjEwODlkNjU1M2FlZTA2N2E2
YjM1M2YwHhcNMjUxMTA0MDEwMDE5WhcNMjUxMTA1MDEwMDE5WjAzMTEwLwYDVQQD
Eyg5ZGU5YWQxMzRiMmEwNjQzYzY5MDRlY2ZiMWFhNWExOWE1ZWU4NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1LjXYApAe45WnQEwuBBCl3iBh2nH
ETGFYNpYEfIuAKtWUJB0la1XLWEinL6XavUDNqFmrC5G3Jawt6OuQC3+CMheTmyn
3plW1QNi2oXVFN5EWG3vQPIJqeGR1DWPF/5kl4nDws2a+IkHUPah9JHeHswxKXky
zJExCv9e4Or2fS7R+iEJpViQFig3DcNhUHwuf/G0F+8GrvKoGrlEwPMspQbwHiqF
i7C76iwvkNavGG/Fhj/cgJrNzRXyaNAjDYtb1jwPuczWubyvn6de03C8lCHlXIiG
1/MW7OZpjIRBvjrarcxRDvJYTu8MCSkv46nTEfYBX35PkkVND6Lb5JxuSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJ3prRNLKgZDxpBOz7GqWhml7oX6MB8GA1UdIwQY
MBaAFEtjKnWLWTCehhCJ1lU67gZ6azU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMt
OTRjMGIwYjc2MDI5LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMtOTRjMGIwYjc2MDI5
LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe8tT3a8r
3G+Wr0rfsZh2LQrVwBc2O1bu02vDog31JqaXOOShsUTVbvkjfyxxkZlcc81hFnX0
CvyxiYFYSUSQ6ntKDPse7n5lmO1enRHvAve0cEIuGh5qSD54zRk/vrkNKKMzlFI1
4t6qVOxnhhX60armOoN/3VHyk/k5s/9DWWVEetJs5tffOKwcW4ZI2T8OPWYQftoM
gy/lQdMotzAKdM/sR50CTypckeyH3VUUgOFZjtT1LhK6r7jqvIY4b30dFStbR22+
GDeNdR7/nuw1FhRHXuW9vuk/fmILKyVKPEWCqa6Oc5kNsJfBa8+WTJssR/KJHmCR
aBobv71ikhgSDg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 10:49:42 2025 by rpki-client