Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
File: vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft (raw, json)
Hash identifier: tslFwsSx8xOXUCKJgYUgkRp0D9knbW73cNwXSblA/6Q=
Subject key identifier: CE:2D:33:76:59:9A:46:02:9C:2F:F5:B1:F8:CA:B1:E8:66:AF:91:54
Authority key identifier: BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
Certificate issuer: /CN=be722a99732c9c3cbc20b0a47292a823782603ac
Certificate serial: 019A4D745C45394EB66F712C69586FF2698C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
Manifest number: 169D
Signing time: Tue 04 Nov 2025 06:01:02 +0000
Manifest this update: Tue 04 Nov 2025 06:01:02 +0000
Manifest next update: Wed 05 Nov 2025 06:01:02 +0000
Files and hashes: 1: KEoMu2N6_T8O9ufaf0Y2clZ16n8.roa (hash: TtnWx5gcstoPtaU3BdfsPkG0EZi+JY/3eJmxv3P7PTM=)
2: vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl (hash: gC3TSX2O4cD8h0cTD1qKktZj2xpzsMm+5ejy9qgF5PA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:74:5c:45:39:4e:b6:6f:71:2c:69:58:6f:f2:69:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be722a99732c9c3cbc20b0a47292a823782603ac
Validity
Not Before: Nov 4 06:01:02 2025 GMT
Not After : Nov 5 06:01:02 2025 GMT
Subject: CN=ce2d3376599a46029c2ff5b1f8cab1e866af9154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:9c:62:c1:41:7d:80:c0:9d:1d:2a:8d:d3:7a:
22:b1:0f:29:a5:62:46:13:0c:32:d4:d4:84:ee:04:
6f:f2:81:ae:fe:c5:e9:a4:c6:e5:36:e5:d6:b7:04:
79:ed:8c:fb:a0:6c:8c:17:13:3b:b8:f5:e8:03:49:
39:73:6d:0f:2f:c4:c3:3c:d9:98:6a:cc:31:87:c2:
82:46:11:6f:cc:49:5c:b5:64:0b:72:b9:a0:43:91:
79:c5:20:0a:24:91:2f:b7:a1:17:29:a9:70:30:f2:
51:40:49:cd:5e:f4:17:d0:7b:ca:f1:97:df:af:07:
bb:6e:a7:1b:8c:da:5a:ae:78:d7:50:1c:43:1a:16:
0c:15:f4:4e:dd:1c:14:a6:bc:c0:8f:f0:00:06:7a:
8e:31:6a:0e:5f:be:11:8f:71:96:64:1d:c0:30:dd:
d8:dc:4e:e0:59:68:0f:c2:f3:9d:f9:07:36:4a:1d:
e4:5e:38:fd:e2:8e:09:da:53:04:16:b1:ed:9a:6c:
d1:16:1d:18:fb:6a:2c:42:86:5b:80:6d:d4:27:b6:
2c:78:61:c9:7b:8a:df:a7:b9:56:36:6b:bb:c5:f1:
95:7b:74:5d:a0:a6:03:3e:75:40:21:81:80:5e:cb:
9b:e6:ac:29:4e:52:a0:c5:35:df:66:72:9f:a5:d1:
b5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:2D:33:76:59:9A:46:02:9C:2F:F5:B1:F8:CA:B1:E8:66:AF:91:54
X509v3 Authority Key Identifier:
keyid:BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
13:78:19:32:35:85:87:c2:cb:08:5b:3d:e7:55:18:91:ed:a6:
cd:16:e2:d5:3c:75:41:c8:4c:ad:a8:f1:6d:ec:d8:ce:bf:dd:
60:16:ba:88:0c:ef:2c:99:44:98:07:ee:e6:9a:34:2d:3b:9d:
36:c7:55:9a:a6:c7:90:f8:71:bd:99:8b:5d:ec:ce:71:19:7f:
cc:9f:16:d5:d0:02:65:55:8b:50:35:05:78:e7:0b:df:e9:6e:
c3:9e:55:f0:05:2a:42:f0:91:b4:69:f0:9a:49:23:13:fe:da:
59:5f:8d:2d:85:22:83:54:04:dd:e3:f8:91:82:d9:dc:cb:00:
5f:e3:2e:18:8c:83:8f:e4:c0:08:ec:8e:08:0a:64:8f:e3:bb:
65:3f:83:5b:ad:7f:81:d5:cf:c5:f6:6f:8f:91:e6:a3:65:19:
1b:9c:7c:bb:8d:8d:2a:df:4f:e9:04:6f:fc:56:5b:97:9b:4e:
ed:90:65:1a:40:7f:f4:fe:6b:dc:4e:91:e9:de:be:05:35:cb:
ec:b5:2e:60:df:bf:94:da:6f:a6:f4:16:a4:40:fa:84:d8:40:
62:ef:b3:1b:c1:f9:a0:aa:a1:55:4c:df:8f:ee:c2:27:f7:e2:
f5:ac:72:d9:87:3c:53:8e:9e:25:66:19:de:af:87:7a:63:f4:
7e:a7:d3:74
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNdFxFOU62b3EsaVhv8mmMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNzIyYTk5NzMyYzljM2NiYzIwYjBhNDcyOTJhODIzNzgy
NjAzYWMwHhcNMjUxMTA0MDYwMTAyWhcNMjUxMTA1MDYwMTAyWjAzMTEwLwYDVQQD
EyhjZTJkMzM3NjU5OWE0NjAyOWMyZmY1YjFmOGNhYjFlODY2YWY5MTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpxiwUF9gMCdHSqN03oisQ8ppWJG
Ewwy1NSE7gRv8oGu/sXppMblNuXWtwR57Yz7oGyMFxM7uPXoA0k5c20PL8TDPNmY
aswxh8KCRhFvzElctWQLcrmgQ5F5xSAKJJEvt6EXKalwMPJRQEnNXvQX0HvK8Zff
rwe7bqcbjNparnjXUBxDGhYMFfRO3RwUprzAj/AABnqOMWoOX74Rj3GWZB3AMN3Y
3E7gWWgPwvOd+Qc2Sh3kXjj94o4J2lMEFrHtmmzRFh0Y+2osQoZbgG3UJ7YseGHJ
e4rfp7lWNmu7xfGVe3RdoKYDPnVAIYGAXsub5qwpTlKgxTXfZnKfpdG18QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM4tM3ZZmkYCnC/1sfjKsehmr5FUMB8GA1UdIwQY
MBaAFL5yKplzLJw8vCCwpHKSqCN4JgOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODct
MjliOTdhMTg3N2ZiLzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODctMjliOTdhMTg3N2Zi
LzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAE3gZMjWF
h8LLCFs951UYke2mzRbi1Tx1QchMrajxbezYzr/dYBa6iAzvLJlEmAfu5po0LTud
NsdVmqbHkPhxvZmLXezOcRl/zJ8W1dACZVWLUDUFeOcL3+luw55V8AUqQvCRtGnw
mkkjE/7aWV+NLYUig1QE3eP4kYLZ3MsAX+MuGIyDj+TACOyOCApkj+O7ZT+DW61/
gdXPxfZvj5Hmo2UZG5x8u42NKt9P6QRv/FZbl5tO7ZBlGkB/9P5r3E6R6d6+BTXL
7LUuYN+/lNpvpvQWpED6hNhAYu+zG8H5oKqhVUzfj+7CJ/fi9axy2Yc8U46eJWYZ
3q+HemP0fqfTdA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 11:18:59 2025 by rpki-client