Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
File: 2pa1va-ygzLa_oR87RT3pfrUXmk.mft (raw, json)
Hash identifier: ePrBhkVPsMolRRETO7klf6B0mWSzdV84r9RQvJVYpCY=
Subject key identifier: CD:65:15:7F:18:F8:8C:41:D6:59:25:5C:25:28:3B:E9:0A:49:66:C4
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial: 019A52D14283E21404DD2C0AF09FE0ED60B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
Manifest number: 170E
Signing time: Wed 05 Nov 2025 07:00:36 +0000
Manifest this update: Wed 05 Nov 2025 07:00:36 +0000
Manifest next update: Thu 06 Nov 2025 07:00:36 +0000
Files and hashes: 1: 2pa1va-ygzLa_oR87RT3pfrUXmk.crl (hash: TLNpAYBe+e+9CqOd1vmcb2Z/z/GDn63zRvV8xH+mMr0=)
2: 99kZ91L5k4nve2PYsWtipJThPHU.roa (hash: bVtLb94sDBWJmE1C3lJHiBUqgO9xT7zdCZpTZaX8mXc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:42:83:e2:14:04:dd:2c:0a:f0:9f:e0:ed:60:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Validity
Not Before: Nov 5 07:00:36 2025 GMT
Not After : Nov 6 07:00:36 2025 GMT
Subject: CN=cd65157f18f88c41d659255c25283be90a4966c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:32:ea:5e:b3:df:7d:69:0e:72:ee:0f:7a:18:
2f:0f:e4:67:f9:87:fe:d6:4c:28:dc:9f:6b:fc:eb:
a9:38:c7:e0:ec:29:4b:ed:75:54:86:91:43:e8:2c:
01:c0:6a:5a:c2:92:5d:89:b2:91:af:a8:2d:d1:45:
b0:05:3d:bd:d1:cc:5d:bf:47:5d:24:ea:f3:38:69:
99:45:59:e3:89:8b:9c:c2:e1:46:55:4f:36:ed:70:
17:b9:57:67:d6:4f:57:cc:af:7d:72:e2:2b:20:54:
31:00:53:36:16:69:c4:6e:41:20:c0:79:91:4b:10:
e0:1b:49:14:f5:50:1a:1f:2a:0e:66:20:7d:09:da:
b3:4c:54:db:1c:b6:38:9e:14:89:38:e5:a7:fb:0c:
a1:92:d4:e1:5a:ed:a1:b8:83:29:b6:ae:29:0e:b2:
d1:bc:8a:b2:0b:e5:1e:b0:9d:6a:0d:53:cd:6d:74:
3f:a6:61:e3:1d:60:67:e8:6b:b9:e8:92:b7:c5:b3:
aa:94:6c:f3:e9:20:50:88:25:40:11:76:10:7d:e5:
6d:34:31:e7:48:b1:ec:40:32:56:59:b3:8f:81:eb:
2d:b7:23:83:e7:26:6f:eb:0f:da:0a:3d:7a:af:a2:
4d:5e:37:82:50:07:91:d4:ce:b4:f1:fc:73:4e:66:
6b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:65:15:7F:18:F8:8C:41:D6:59:25:5C:25:28:3B:E9:0A:49:66:C4
X509v3 Authority Key Identifier:
keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:da:77:a5:22:98:c3:b0:59:1f:42:0c:89:15:08:16:8f:13:
c6:16:75:98:a7:2e:c5:84:85:3b:2f:32:ee:cf:ac:70:01:61:
8c:28:37:52:35:ac:12:e9:cd:43:43:91:2d:d4:7b:c2:d0:9e:
65:a6:b9:b1:9a:47:30:c3:40:e8:71:1c:a2:f8:66:14:f3:66:
44:fd:76:59:59:70:dc:be:d8:20:ee:0d:53:60:e7:a6:15:01:
75:96:71:f2:88:fc:fb:c6:35:db:f5:59:bb:f4:d7:08:83:05:
28:05:a3:4a:8b:16:6d:03:32:9f:0f:59:3f:5f:69:81:a1:2c:
e6:27:a2:b0:a0:fa:6d:b9:37:a7:af:22:af:7d:90:17:3f:a8:
c2:73:fc:81:22:26:82:a2:95:49:0d:31:c5:17:16:cb:72:ee:
b7:96:45:03:42:0b:e2:aa:37:f3:d7:4e:bc:7b:3a:31:07:09:
80:57:e1:f0:e0:55:a0:4e:b8:5c:51:2a:a6:99:c0:b5:bc:4e:
ee:8b:0b:b3:67:4b:68:bf:90:67:df:f1:3c:73:92:c9:ff:d8:
40:85:20:b8:ec:87:9d:18:9d:9a:02:25:53:1b:c5:0f:d5:17:
75:81:d7:2f:73:53:d1:5e:da:55:47:6a:0a:c7:62:ef:2c:c5:
1a:ac:eb:ad
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0UKD4hQE3SwK8J/g7WCyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk
NDVlNjkwHhcNMjUxMTA1MDcwMDM2WhcNMjUxMTA2MDcwMDM2WjAzMTEwLwYDVQQD
EyhjZDY1MTU3ZjE4Zjg4YzQxZDY1OTI1NWMyNTI4M2JlOTBhNDk2NmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjLqXrPffWkOcu4PehgvD+Rn+Yf+
1kwo3J9r/OupOMfg7ClL7XVUhpFD6CwBwGpawpJdibKRr6gt0UWwBT290cxdv0dd
JOrzOGmZRVnjiYucwuFGVU827XAXuVdn1k9XzK99cuIrIFQxAFM2FmnEbkEgwHmR
SxDgG0kU9VAaHyoOZiB9CdqzTFTbHLY4nhSJOOWn+wyhktThWu2huIMptq4pDrLR
vIqyC+UesJ1qDVPNbXQ/pmHjHWBn6Gu56JK3xbOqlGzz6SBQiCVAEXYQfeVtNDHn
SLHsQDJWWbOPgesttyOD5yZv6w/aCj16r6JNXjeCUAeR1M608fxzTmZrUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM1lFX8Y+IxB1lklXCUoO+kKSWbEMB8GA1UdIwQY
MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It
NDI1Mzk1MGYxMTU1LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1
LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZtp3pSKY
w7BZH0IMiRUIFo8TxhZ1mKcuxYSFOy8y7s+scAFhjCg3UjWsEunNQ0ORLdR7wtCe
Zaa5sZpHMMNA6HEcovhmFPNmRP12WVlw3L7YIO4NU2DnphUBdZZx8oj8+8Y12/VZ
u/TXCIMFKAWjSosWbQMynw9ZP19pgaEs5ieisKD6bbk3p68ir32QFz+ownP8gSIm
gqKVSQ0xxRcWy3Lut5ZFA0IL4qo389dOvHs6MQcJgFfh8OBVoE64XFEqppnAtbxO
7osLs2dLaL+QZ9/xPHOSyf/YQIUguOyHnRidmgIlUxvFD9UXdYHXL3NT0V7aVUdq
Csdi7yzFGqzrrQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:51:57 2025 by rpki-client