
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
File: Us2aZRLb8lpfGbgn16LH4iou6N0.mft (raw, json)
Hash identifier: zLULCq15YHSrzDnm3Ve6FO8NJuyX7SEl+WnDi8eFNAk=
Subject key identifier: C2:6D:EC:01:44:85:C5:83:47:08:89:2E:5E:68:F8:3A:64:39:C7:3B
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019A541B1242FB1E7FBA545561F5AE8F5F75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
Manifest number: 09CF
Signing time: Wed 05 Nov 2025 13:00:51 +0000
Manifest this update: Wed 05 Nov 2025 13:00:51 +0000
Manifest next update: Thu 06 Nov 2025 13:00:51 +0000
Files and hashes: 1: 1-fNwUFlO6fD6i3f_1SheL5UVW0g.roa (hash: 32fP/D02b4404J0+5cPNK59TuFMj1f7NhGygcv25yuI=)
2: 1FJeVgZId139knZgMTYZmAnwLDs.roa (hash: VPpFwlCkzXISful3TlM5ZgodfCcJYCCPoZqn50dkuRo=)
3: BaoLehfzYM1vkBF2LqjuxCVGppw.roa (hash: wk0ycjZln2vcCwTCcN83YoDpaabATIZRlFvsl/RZ67U=)
4: Mg8DfV8_DXrPv3KqkbNYUp0l0tM.roa (hash: bc63jnsWB8rXpmaLfBdrnPsJc2KKfycExaCBRhU5vnM=)
5: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (hash: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=)
6: Us2aZRLb8lpfGbgn16LH4iou6N0.crl (hash: tFdXxdg7hMv/6/SOaMJRMTRQlKWtnpdWckN1x9SDUJA=)
7: Wbt2iaP6Wu29ETEZevGjkYyyw8Y.roa (hash: mBaJPapqwbvtmJukkLZju5JRZWG5d49D3KPZxGiRkTk=)
8: cblkW3ZYAZ5VQl8X3gHLFnE7S8g.roa (hash: +MK4cG6/hNPklJaXz5PxE5zp6rLCIwlFMKcCPx37Jxo=)
9: dxXbgNQXIcZf-wRxxpxKbsjTAhQ.roa (hash: 7Q2urw+eTsZ+V/fuq0yE3c5anzy795+Z4CJRGjeU6Hk=)
10: e9y8dXFts4c8fUXqw6xiDwRGFs8.roa (hash: BkXdL8SYbCdtWvnDfEL5onMOz7lIKfBEzCveSNdxkpQ=)
11: fYtRnjgkdcOcs2OTSoOyF7XeMYQ.roa (hash: BGM9RaFK/cZe9M2jNupJdVSdkow5uJUKCy6zw6S9pgQ=)
12: irPx7LPWmaDBY-_AbmGw3WFEhaQ.roa (hash: jDb6rbhv8bZIGpVJLz4cPKbnagFjHpigNY2MzVPUyPM=)
13: obpj78Cj4h6AqPChG513fVXXoMs.roa (hash: xhWt95TQUSf4jmhliYXpfzfmunJAIuxitDmmO5ohsLY=)
14: peFNs9o1tsBGwnwboXKeedD2GlM.roa (hash: Dmic12i1kcUbMMXMNmS8BrjxjQvM2y0e2GWo+yQ4WH0=)
15: puM6zDTCACkm8XM63GmrJCmb9w4.roa (hash: /wWLN32nFvo5E1f9qQj5og/sDQq7KYw38OVpA8GGi58=)
16: zAnPUHrCJSV18x-mMc7-hNiZjaY.roa (hash: LG3Y0utc8dwpuU3oGtbD8u6QKi2Bv7dHexHJeWNV5Hk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:54:1b:12:42:fb:1e:7f:ba:54:55:61:f5:ae:8f:5f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Nov 5 13:00:51 2025 GMT
Not After : Nov 6 13:00:51 2025 GMT
Subject: CN=c26dec014485c5834708892e5e68f83a6439c73b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:14:3c:80:ce:08:8c:13:8f:38:e8:b2:21:40:
af:c1:8e:a6:fa:35:30:94:e8:71:39:cd:47:84:7f:
e1:45:b5:45:37:94:d0:f9:d4:66:da:de:c4:02:0a:
23:76:c9:ec:bb:38:47:ca:43:58:54:05:66:0e:f5:
8a:2c:e4:65:70:1d:4e:50:2a:e0:ed:66:57:c1:f1:
95:4a:78:8c:5d:8b:29:b8:f4:91:b9:c2:62:27:49:
28:89:20:20:16:3a:72:b2:a4:40:a6:90:6d:1d:7b:
b8:eb:08:ed:94:a2:f3:8c:a9:02:60:39:3b:54:fa:
a2:5e:ed:98:be:cc:06:88:cd:58:a3:c7:35:4a:ca:
1f:c6:97:27:58:1b:c8:71:c0:a6:9d:6f:10:4a:99:
78:45:53:ed:2c:23:64:46:b0:62:ac:da:0d:83:7e:
6c:f5:cf:62:24:bc:95:85:8b:d6:2f:23:a0:6b:79:
a1:62:b7:39:f9:b4:26:4a:28:d5:a6:9e:e9:b6:af:
4f:64:dd:01:74:b4:5e:e0:c5:7c:fa:a0:c4:1b:eb:
d1:ce:4e:4b:b7:78:7f:46:50:df:d0:77:4c:20:be:
10:69:cb:72:06:fe:1e:0b:1f:d6:67:27:81:d7:c8:
db:24:cc:b0:b5:f8:e9:7f:be:a4:e6:74:06:02:28:
9b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:6D:EC:01:44:85:C5:83:47:08:89:2E:5E:68:F8:3A:64:39:C7:3B
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
15:e5:98:30:cc:10:17:09:64:ff:40:77:2c:b9:d6:e9:de:a0:
b4:27:16:16:18:8a:7d:a9:83:2b:8d:46:fb:b1:a5:0b:d7:56:
12:4a:61:c8:01:4c:3d:b3:27:86:eb:68:05:80:d8:bf:11:6f:
12:64:86:fd:f7:7f:d3:97:b2:4c:fc:cc:7f:0a:13:1b:5e:ae:
76:30:eb:8d:b3:f5:68:19:e6:73:72:57:ca:c3:fb:a8:e5:25:
e3:5f:63:d5:1a:d5:da:32:22:3d:60:94:a6:b1:9d:a0:dc:d6:
da:ea:ad:61:56:f2:2c:36:32:21:e2:5a:bf:ce:dc:b7:cd:a2:
49:3c:e2:5a:63:81:38:55:27:35:a3:3a:e4:0f:f8:b7:3f:9b:
7c:f0:fd:67:ff:83:8f:e4:82:33:ee:92:79:eb:a4:0f:4c:0d:
42:bc:bf:c7:db:46:10:58:28:80:5f:17:cc:20:f5:9d:85:e1:
c6:93:f3:71:0d:d0:99:44:f7:ae:eb:ba:ee:7f:15:28:48:8a:
e2:e3:b1:57:23:b1:8d:a6:8e:d1:52:e3:ef:4d:44:99:d4:d6:
25:06:a3:d8:d7:df:52:b8:d5:9d:c2:f3:27:e4:33:6f:d3:b9:
ae:74:ac:9e:89:8d:6f:9a:99:80:31:5a:60:d4:bc:bf:ce:e8:
16:21:11:65
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpUGxJC+x5/ulRVYfWuj191MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUxMTA1MTMwMDUxWhcNMjUxMTA2MTMwMDUxWjAzMTEwLwYDVQQD
EyhjMjZkZWMwMTQ0ODVjNTgzNDcwODg5MmU1ZTY4ZjgzYTY0MzljNzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyhQ8gM4IjBOPOOiyIUCvwY6m+jUw
lOhxOc1HhH/hRbVFN5TQ+dRm2t7EAgojdsnsuzhHykNYVAVmDvWKLORlcB1OUCrg
7WZXwfGVSniMXYspuPSRucJiJ0koiSAgFjpysqRAppBtHXu46wjtlKLzjKkCYDk7
VPqiXu2YvswGiM1Yo8c1SsofxpcnWBvIccCmnW8QSpl4RVPtLCNkRrBirNoNg35s
9c9iJLyVhYvWLyOga3mhYrc5+bQmSijVpp7ptq9PZN0BdLRe4MV8+qDEG+vRzk5L
t3h/RlDf0HdMIL4QactyBv4eCx/WZyeB18jbJMywtfjpf76k5nQGAiibDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMJt7AFEhcWDRwiJLl5o+DpkOcc7MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFeWYMMwQ
Fwlk/0B3LLnW6d6gtCcWFhiKfamDK41G+7GlC9dWEkphyAFMPbMnhutoBYDYvxFv
EmSG/fd/05eyTPzMfwoTG16udjDrjbP1aBnmc3JXysP7qOUl419j1RrV2jIiPWCU
prGdoNzW2uqtYVbyLDYyIeJav87ct82iSTziWmOBOFUnNaM65A/4tz+bfPD9Z/+D
j+SCM+6SeeukD0wNQry/x9tGEFgogF8XzCD1nYXhxpPzcQ3QmUT3ruu67n8VKEiK
4uOxVyOxjaaO0VLj701EmdTWJQaj2NffUrjVncLzJ+Qzb9O5rnSsnomNb5qZgDFa
YNS8v87oFiERZQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:29:49 2025 by rpki-client