Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
File: 2KzzS-KwTHzO8iIejR_LbKu0FZE.mft (raw, json)
Hash identifier: HS9+pP1DROcTBEop77TdbSLCt+6u50jd2golpYr4RaQ=
Subject key identifier: FB:B1:F8:09:A0:B9:E9:88:4D:9C:7F:71:73:04:0C:EE:CD:5D:61:72
Authority key identifier: D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
Certificate issuer: /CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Certificate serial: 019A4E4F6FE459A78927CE04A20A2D7CFBE0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
Manifest number: 170D
Signing time: Tue 04 Nov 2025 10:00:20 +0000
Manifest this update: Tue 04 Nov 2025 10:00:20 +0000
Manifest next update: Wed 05 Nov 2025 10:00:20 +0000
Files and hashes: 1: 2KzzS-KwTHzO8iIejR_LbKu0FZE.crl (hash: n/IIUo8dJ5zSApSclXtOsOW14QtiDXJ0JMDt/C+TEAc=)
2: tFYWfziNY6T1pgWT96la8X957p4.roa (hash: 08hpQSe8BwmYvsZjvFViF9kdWzrXeHJU+sA3OilF/oE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:4f:6f:e4:59:a7:89:27:ce:04:a2:0a:2d:7c:fb:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8acf34be2b04c7ccef2221e8d1fcb6cabb41591
Validity
Not Before: Nov 4 10:00:20 2025 GMT
Not After : Nov 5 10:00:20 2025 GMT
Subject: CN=fbb1f809a0b9e9884d9c7f7173040ceecd5d6172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:92:df:63:33:ae:74:bf:f5:76:41:56:2f:
d3:31:d9:58:eb:f4:12:81:39:c7:7c:4b:60:d9:82:
f6:9e:07:ca:2c:41:cf:66:8a:75:d8:fc:d4:68:8d:
f4:8f:e6:82:76:39:1f:eb:39:b2:e9:7f:86:10:bc:
c9:64:db:ef:76:18:1c:11:b3:4d:ea:74:57:71:9b:
7e:5c:a4:3e:bf:52:9b:65:64:b0:e6:0f:16:da:c5:
ce:9a:68:7d:d6:a0:f7:2c:43:75:17:21:b6:d1:39:
a0:c6:48:8e:63:f1:cc:0b:81:01:21:69:cf:07:14:
04:90:16:47:d1:a7:13:11:dc:e5:6d:f7:2b:cc:88:
66:b3:e4:a2:de:d0:b7:fa:1e:85:59:f6:42:bd:f4:
71:1f:21:47:b8:dd:82:4e:86:16:ed:e0:6e:66:71:
f8:a1:23:0e:20:9d:28:47:c0:5b:93:90:88:44:59:
43:29:21:75:8d:6e:c0:35:e6:c1:b5:3a:f3:da:a4:
40:7c:7a:9c:a9:cf:8c:7e:31:35:93:bd:12:f3:f9:
62:71:fc:ca:ad:ab:f9:d6:fb:ff:ff:3a:f7:4f:21:
58:05:6f:95:41:29:6c:6a:c2:b4:b5:59:bb:89:f9:
d9:dd:c9:3c:6a:a3:94:c4:a4:91:ad:e1:91:fc:c5:
43:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B1:F8:09:A0:B9:E9:88:4D:9C:7F:71:73:04:0C:EE:CD:5D:61:72
X509v3 Authority Key Identifier:
keyid:D8:AC:F3:4B:E2:B0:4C:7C:CE:F2:22:1E:8D:1F:CB:6C:AB:B4:15:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KzzS-KwTHzO8iIejR_LbKu0FZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3df341-017c-4660-8cf7-44d64b9da459/1/2KzzS-KwTHzO8iIejR_LbKu0FZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a6:21:83:88:c9:bd:06:80:d8:ca:ed:a7:5d:e8:5f:b4:f4:01:
23:07:7c:a7:11:c1:01:7b:1b:d4:21:75:73:f7:e6:3e:40:3a:
28:d4:f8:49:c8:3f:d2:62:36:ed:82:d4:49:9e:ca:03:59:f5:
5e:f8:ca:00:71:f6:cd:1f:3a:13:4c:24:1c:ea:d9:6c:29:85:
13:35:9a:31:65:fa:b3:9b:49:6b:03:ad:a2:17:32:ea:03:76:
dd:18:39:bb:89:92:ff:a9:97:98:5d:a6:95:3c:cd:16:63:82:
be:71:7a:dc:ac:c3:fb:f4:ad:e0:14:a7:17:ff:dd:69:1c:6d:
87:f6:20:c4:75:83:31:43:a2:88:98:ee:16:a7:22:d4:b4:11:
7d:14:cc:2a:00:72:88:37:4d:c3:22:ae:68:27:d1:43:0e:81:
be:1b:ff:a7:88:0f:16:b6:31:21:20:b4:41:32:7a:08:7b:3d:
83:43:ce:8e:a4:97:ba:7c:90:7d:5e:2b:12:42:86:34:bf:17:
67:10:4b:7f:89:ba:f2:f0:ec:ea:3f:f2:9d:bf:7c:53:de:25:
43:a0:0d:2f:b4:9f:2f:bf:78:ea:62:c5:4b:58:10:6e:57:20:
c3:d3:18:6c:7a:95:e7:73:c3:fd:86:ce:fa:12:d0:cd:50:66:
dd:19:aa:d6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOT2/kWaeJJ84EogotfPvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4YWNmMzRiZTJiMDRjN2NjZWYyMjIxZThkMWZjYjZjYWJi
NDE1OTEwHhcNMjUxMTA0MTAwMDIwWhcNMjUxMTA1MTAwMDIwWjAzMTEwLwYDVQQD
EyhmYmIxZjgwOWEwYjllOTg4NGQ5YzdmNzE3MzA0MGNlZWNkNWQ2MTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvo+S32MzrnS/9XZBVi/TMdlY6/QS
gTnHfEtg2YL2ngfKLEHPZop12PzUaI30j+aCdjkf6zmy6X+GELzJZNvvdhgcEbNN
6nRXcZt+XKQ+v1KbZWSw5g8W2sXOmmh91qD3LEN1FyG20TmgxkiOY/HMC4EBIWnP
BxQEkBZH0acTEdzlbfcrzIhms+Si3tC3+h6FWfZCvfRxHyFHuN2CToYW7eBuZnH4
oSMOIJ0oR8Bbk5CIRFlDKSF1jW7ANebBtTrz2qRAfHqcqc+MfjE1k70S8/licfzK
rav51vv//zr3TyFYBW+VQSlsasK0tVm7ifnZ3ck8aqOUxKSRreGR/MVDFwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPux+AmguemITZx/cXMEDO7NXWFyMB8GA1UdIwQY
MBaAFNis80visEx8zvIiHo0fy2yrtBWRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjct
NDRkNjRiOWRhNDU5LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8zZGYzNDEtMDE3Yy00NjYwLThjZjctNDRkNjRiOWRhNDU5
LzEvMkt6elMtS3dUSHpPOGlJZWpSX0xiS3UwRlpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApiGDiMm9
BoDYyu2nXehftPQBIwd8pxHBAXsb1CF1c/fmPkA6KNT4Scg/0mI27YLUSZ7KA1n1
XvjKAHH2zR86E0wkHOrZbCmFEzWaMWX6s5tJawOtohcy6gN23Rg5u4mS/6mXmF2m
lTzNFmOCvnF63KzD+/St4BSnF//daRxth/YgxHWDMUOiiJjuFqci1LQRfRTMKgBy
iDdNwyKuaCfRQw6Bvhv/p4gPFrYxISC0QTJ6CHs9g0POjqSXunyQfV4rEkKGNL8X
ZxBLf4m68vDs6j/ynb98U94lQ6ANL7SfL7946mLFS1gQblcgw9MYbHqV53PD/YbO
+hLQzVBm3Rmq1g==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:09:23 2025 by rpki-client