Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
File: 2FAiKC40aZ_lSLdShRmiWlDZEzo.mft (raw, json)
Hash identifier: VmI+ZMLy58Sz58n155liDlE5qxd+NT0+rx4o6Y4dglM=
Subject key identifier: F0:7D:A9:EA:79:A8:B9:7D:E7:25:30:0C:FD:60:5E:F5:AA:7E:56:9A
Authority key identifier: D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
Certificate issuer: /CN=d85022282e34699fe548b7528519a25a50d9133a
Certificate serial: 019A51F58A9DD42CA0A88FE9BBA55ECF5C25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
Manifest number: 163D
Signing time: Wed 05 Nov 2025 03:00:37 +0000
Manifest this update: Wed 05 Nov 2025 03:00:37 +0000
Manifest next update: Thu 06 Nov 2025 03:00:37 +0000
Files and hashes: 1: 2FAiKC40aZ_lSLdShRmiWlDZEzo.crl (hash: TeiB7uiNYiEJ1mC0e2eYhx/tco61yVFSNXonYRS8M7o=)
2: 6R0wvkFPscZQ2uww-ZvwnaXh--0.roa (hash: wyiJ7rZP6x6kzeIfld1VjsLp4nIqzGhNhuxTGdTq1Ek=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:51:f5:8a:9d:d4:2c:a0:a8:8f:e9:bb:a5:5e:cf:5c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d85022282e34699fe548b7528519a25a50d9133a
Validity
Not Before: Nov 5 03:00:37 2025 GMT
Not After : Nov 6 03:00:37 2025 GMT
Subject: CN=f07da9ea79a8b97de725300cfd605ef5aa7e569a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:98:f1:00:72:eb:b9:f3:92:14:aa:df:08:76:
ba:c3:19:27:fc:27:b2:54:01:52:dd:3e:48:25:31:
b2:0f:d2:90:93:2b:00:6e:89:9c:3c:fc:aa:ff:4d:
54:e2:78:45:17:9b:cb:0b:07:bb:e2:c0:6a:dd:a1:
5f:b1:40:84:b9:c0:76:4a:e7:68:aa:a3:69:7e:69:
68:5b:19:74:65:ff:f1:c6:18:90:11:0c:1b:72:7b:
eb:ed:86:ec:3a:13:eb:f2:89:ef:d0:6a:a8:4c:2f:
3f:66:3c:20:ce:04:af:d6:47:9b:b7:db:8a:ad:57:
45:6d:bb:3f:6d:e7:0b:6c:60:41:ed:9b:f5:6e:e3:
75:e2:82:05:e2:89:e6:f5:bb:2e:6b:34:84:92:03:
36:60:44:9c:da:0e:20:c0:71:aa:b7:ab:75:09:25:
c2:9f:42:20:a4:87:f3:61:c8:3b:d2:02:cb:d8:9c:
d9:6f:cd:37:01:7a:00:ba:9d:e0:13:a8:3a:27:76:
09:93:f0:2b:75:95:84:c6:0d:7d:ce:ea:5e:78:de:
82:6b:a8:da:2f:8b:af:8a:a4:26:b5:3e:42:4c:a7:
20:8e:68:f2:49:fe:f9:21:d0:e1:94:c6:b5:e7:3b:
ef:6c:68:2e:1b:d3:1d:c4:8e:12:a3:c7:42:4c:5d:
bf:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:7D:A9:EA:79:A8:B9:7D:E7:25:30:0C:FD:60:5E:F5:AA:7E:56:9A
X509v3 Authority Key Identifier:
keyid:D8:50:22:28:2E:34:69:9F:E5:48:B7:52:85:19:A2:5A:50:D9:13:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2FAiKC40aZ_lSLdShRmiWlDZEzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/9758eb-4108-4087-a818-50ea67327cd1/1/2FAiKC40aZ_lSLdShRmiWlDZEzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:44:4a:3a:40:89:c6:bd:b6:15:f2:9f:cb:cd:70:d0:10:58:
9a:10:5b:e8:e0:2f:7a:bd:b2:f6:c3:87:b8:a2:8d:b4:ec:b3:
d7:46:31:20:9e:2d:4c:8c:e7:96:a1:da:13:a0:aa:3b:a4:fb:
77:63:6d:4f:64:3b:29:d4:8a:b5:21:ec:13:6f:8d:41:2b:51:
16:dd:4b:7d:a6:25:03:44:30:4a:bb:a1:3d:4e:9d:f1:b0:32:
59:78:a4:bf:06:f0:23:71:b2:11:e0:ef:27:c2:ef:cb:35:b5:
a5:a0:3d:d8:99:30:ef:d3:42:a8:ab:1e:15:50:8c:03:7f:e3:
1d:91:ef:ae:b1:ff:47:05:d0:16:04:0f:4b:44:17:10:83:88:
92:eb:5b:60:85:3a:37:b3:86:b8:90:57:b5:ea:6f:1f:41:6e:
57:0d:ef:97:8c:a5:ed:49:cc:92:e1:76:67:01:fb:3c:0b:fa:
f3:2a:71:ac:e0:7b:ec:b6:50:ad:63:73:1e:e7:b3:29:0d:4c:
20:fa:94:b3:a4:c5:99:eb:66:cf:03:b6:38:4c:c6:88:f8:fc:
71:61:54:4f:c4:ac:3a:bc:e2:1a:50:81:f7:76:f5:84:94:c3:
94:d5:95:85:d6:4f:be:54:cb:ac:82:28:9c:5a:a7:6d:96:fc:
f4:72:42:e4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpR9Yqd1CygqI/pu6Vez1wlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NTAyMjI4MmUzNDY5OWZlNTQ4Yjc1Mjg1MTlhMjVhNTBk
OTEzM2EwHhcNMjUxMTA1MDMwMDM3WhcNMjUxMTA2MDMwMDM3WjAzMTEwLwYDVQQD
EyhmMDdkYTllYTc5YThiOTdkZTcyNTMwMGNmZDYwNWVmNWFhN2U1NjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5jxAHLrufOSFKrfCHa6wxkn/Cey
VAFS3T5IJTGyD9KQkysAbomcPPyq/01U4nhFF5vLCwe74sBq3aFfsUCEucB2Sudo
qqNpfmloWxl0Zf/xxhiQEQwbcnvr7YbsOhPr8onv0GqoTC8/ZjwgzgSv1kebt9uK
rVdFbbs/becLbGBB7Zv1buN14oIF4onm9bsuazSEkgM2YESc2g4gwHGqt6t1CSXC
n0IgpIfzYcg70gLL2JzZb803AXoAup3gE6g6J3YJk/ArdZWExg19zupeeN6Ca6ja
L4uviqQmtT5CTKcgjmjySf75IdDhlMa15zvvbGguG9MdxI4So8dCTF2/BQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPB9qep5qLl95yUwDP1gXvWqflaaMB8GA1UdIwQY
MBaAFNhQIiguNGmf5Ui3UoUZolpQ2RM6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgt
NTBlYTY3MzI3Y2QxLzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy85NzU4ZWItNDEwOC00MDg3LWE4MTgtNTBlYTY3MzI3Y2Qx
LzEvMkZBaUtDNDBhWl9sU0xkU2hSbWlXbERaRXpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAkRKOkCJ
xr22FfKfy81w0BBYmhBb6OAver2y9sOHuKKNtOyz10YxIJ4tTIznlqHaE6CqO6T7
d2NtT2Q7KdSKtSHsE2+NQStRFt1LfaYlA0QwSruhPU6d8bAyWXikvwbwI3GyEeDv
J8LvyzW1paA92Jkw79NCqKseFVCMA3/jHZHvrrH/RwXQFgQPS0QXEIOIkutbYIU6
N7OGuJBXtepvH0FuVw3vl4yl7UnMkuF2ZwH7PAv68ypxrOB77LZQrWNzHuezKQ1M
IPqUs6TFmetmzwO2OEzGiPj8cWFUT8SsOrziGlCB93b1hJTDlNWVhdZPvlTLrIIo
nFqnbZb89HJC5A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:45:11 2025 by rpki-client