Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: un60Uy5nCthR7iCIrPtTArNmYzTSTAIjepNnKUE9vJ4=
Subject key identifier: CE:64:7D:0F:F4:8A:0B:D8:A3:36:8C:9C:07:2F:19:24:ED:8C:44:A6
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 019A52D11B46FF1A0379441BF2448D9E7A27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 0431
Signing time: Wed 05 Nov 2025 07:00:26 +0000
Manifest this update: Wed 05 Nov 2025 07:00:26 +0000
Manifest next update: Thu 06 Nov 2025 07:00:26 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: 7xx5Nd9v9Jm1rfSUIZd2n5EAREu+Yk0dhdtRBDK3LK4=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 07:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:d1:1b:46:ff:1a:03:79:44:1b:f2:44:8d:9e:7a:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Nov 5 07:00:26 2025 GMT
Not After : Nov 6 07:00:26 2025 GMT
Subject: CN=ce647d0ff48a0bd8a3368c9c072f1924ed8c44a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f4:dd:b3:c7:da:ba:fa:24:59:3f:36:1a:69:
a3:c2:28:77:51:6b:f9:43:5e:e9:f5:bf:38:08:65:
df:1d:6e:fe:40:30:7b:9a:b9:9d:1d:57:65:3a:0c:
d6:c8:ed:06:8b:df:2d:02:28:94:cd:cd:66:a1:3f:
7b:eb:d7:59:7b:23:28:02:47:67:ad:ef:05:87:66:
e1:21:29:92:96:a4:0c:aa:5e:aa:f2:2e:95:ac:2d:
ed:4b:ec:0b:25:50:f3:5f:f7:91:76:76:b2:48:f1:
75:a4:c8:6e:0c:56:10:5c:17:e6:ee:5b:45:d4:41:
e1:2f:d3:2b:b7:66:d1:a1:19:13:6a:72:b4:6e:a9:
57:66:9c:f1:64:c0:e9:67:ad:ee:18:c1:f7:32:81:
6e:6e:95:42:ec:61:24:ee:85:7d:34:1c:b3:84:9b:
c9:2c:71:3c:99:28:ef:d7:68:10:2b:ce:99:a8:65:
40:3c:9b:59:c7:b3:4e:04:a1:6d:05:ed:09:c9:cd:
e2:73:d9:f0:70:b9:24:c5:d6:00:04:8e:11:e9:55:
30:f2:8e:b1:c7:a5:cb:18:7c:1b:b0:e9:09:ce:03:
11:35:d7:82:a9:33:c8:3f:fe:49:4f:66:af:e5:88:
47:71:f2:36:e2:2f:84:5a:2f:1f:04:c0:1e:e0:5a:
75:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:64:7D:0F:F4:8A:0B:D8:A3:36:8C:9C:07:2F:19:24:ED:8C:44:A6
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
df:8e:de:f5:4e:93:58:85:fc:fa:57:d9:5c:29:5b:f6:2d:e1:
1c:77:fb:7f:51:78:32:09:6e:3f:86:e7:43:16:95:26:83:b4:
8c:d4:80:c1:fb:97:f3:0b:cb:fb:47:00:4e:a5:33:62:88:b8:
06:41:95:6d:3a:d5:91:87:c3:00:b3:d4:12:e3:0c:73:9f:9e:
2d:f2:de:ca:94:8e:2b:7d:06:46:f6:f2:a0:ec:57:39:c6:fa:
7d:09:65:75:5c:47:07:bd:29:e8:13:bc:f8:f2:9b:0c:e9:89:
a6:f5:35:1c:3a:98:6d:e4:4e:dd:f5:65:8c:97:55:78:08:9d:
b0:e9:b5:1d:71:fa:01:0b:e0:29:20:4e:30:b7:8b:d7:0f:f6:
c1:a6:48:a4:ef:78:1b:a6:33:8e:e6:b2:ff:cb:c6:6e:ef:4b:
45:67:29:a5:02:ad:1e:39:13:5f:a0:cb:62:38:a1:d7:a4:f8:
32:b6:b3:ff:c0:80:5f:db:ba:4d:7e:63:c9:e2:22:8a:3e:2f:
5c:bf:c5:23:c9:e5:c0:7f:73:db:e8:54:ab:29:f3:ed:9d:a8:
c5:59:69:63:ad:16:b8:2d:d2:cc:67:89:74:fe:77:37:11:e8:
5a:a2:c1:6c:78:be:75:c6:05:60:e9:07:5e:46:36:89:b2:e1:
63:86:8a:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpS0RtG/xoDeUQb8kSNnnonMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUxMTA1MDcwMDI2WhcNMjUxMTA2MDcwMDI2WjAzMTEwLwYDVQQD
EyhjZTY0N2QwZmY0OGEwYmQ4YTMzNjhjOWMwNzJmMTkyNGVkOGM0NGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fTds8fauvokWT82Gmmjwih3UWv5
Q17p9b84CGXfHW7+QDB7mrmdHVdlOgzWyO0Gi98tAiiUzc1moT9769dZeyMoAkdn
re8Fh2bhISmSlqQMql6q8i6VrC3tS+wLJVDzX/eRdnaySPF1pMhuDFYQXBfm7ltF
1EHhL9Mrt2bRoRkTanK0bqlXZpzxZMDpZ63uGMH3MoFubpVC7GEk7oV9NByzhJvJ
LHE8mSjv12gQK86ZqGVAPJtZx7NOBKFtBe0Jyc3ic9nwcLkkxdYABI4R6VUw8o6x
x6XLGHwbsOkJzgMRNdeCqTPIP/5JT2av5YhHcfI24i+EWi8fBMAe4Fp1NQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM5kfQ/0igvYozaMnAcvGSTtjESmMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA347e9U6T
WIX8+lfZXClb9i3hHHf7f1F4MgluP4bnQxaVJoO0jNSAwfuX8wvL+0cATqUzYoi4
BkGVbTrVkYfDALPUEuMMc5+eLfLeypSOK30GRvbyoOxXOcb6fQlldVxHB70p6BO8
+PKbDOmJpvU1HDqYbeRO3fVljJdVeAidsOm1HXH6AQvgKSBOMLeL1w/2waZIpO94
G6Yzjuay/8vGbu9LRWcppQKtHjkTX6DLYjih16T4Mraz/8CAX9u6TX5jyeIiij4v
XL/FI8nlwH9z2+hUqynz7Z2oxVlpY60WuC3SzGeJdP53NxHoWqLBbHi+dcYFYOkH
XkY2ibLhY4aK9w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:46:47 2025 by rpki-client