Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json)
Hash identifier: LLHsd7zHTp3ZYZpfXWQlpsIaOBhnBkMt25blFgTmwZk=
Subject key identifier: C4:E1:9F:D7:C5:7E:CF:FA:A3:75:E4:98:FF:76:73:01:06:17:19:9E
Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Certificate serial: 019A4E869822E62DF57DB6B7111B86CA14AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
Manifest number: 0426
Signing time: Tue 04 Nov 2025 11:00:34 +0000
Manifest this update: Tue 04 Nov 2025 11:00:34 +0000
Manifest next update: Wed 05 Nov 2025 11:00:34 +0000
Files and hashes: 1: j5QtHlhxEZZOM5CvXJMLssoxGGc.roa (hash: 8L3ZEU7bcEWssZWSFVojRb4D5wALELFNA26f5J8ZxnI=)
2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: ROwJyic6Oi+bxVK2WjqvnnKmA1jGIYm/kB8PfcckMho=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:98:22:e6:2d:f5:7d:b6:b7:11:1b:86:ca:14:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Validity
Not Before: Nov 4 11:00:34 2025 GMT
Not After : Nov 5 11:00:34 2025 GMT
Subject: CN=c4e19fd7c57ecffaa375e498ff7673010617199e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d1:8a:d0:44:53:e0:bf:ee:28:fd:62:13:9c:
b4:08:8b:ef:9e:c3:7c:a7:b1:b5:a5:6d:0e:4e:e9:
fd:44:c3:c9:b1:2b:07:ab:a8:98:0f:bd:80:38:75:
9e:40:4b:d9:60:ec:24:e7:d9:21:12:41:b3:5d:a7:
ec:b1:34:47:88:02:e9:54:a2:80:b3:51:58:8f:76:
9e:92:5a:b6:d6:3a:b4:b2:80:a3:b7:f5:67:92:24:
a5:ca:4d:08:bc:59:26:c0:79:4b:af:9d:0b:f0:73:
e3:ef:21:6f:85:3e:d3:dc:70:2e:7c:52:e6:05:94:
4c:a4:77:88:61:ff:2e:2f:8e:17:7c:02:65:f3:ef:
a2:0d:f1:76:8a:eb:a0:3b:a0:94:da:4b:46:90:35:
7b:77:bc:56:1d:4c:53:af:8e:d0:ca:8a:6f:47:d8:
c8:ef:2a:c5:89:b5:e6:99:41:ac:a3:c4:0c:0a:f5:
13:73:b0:5b:88:03:c8:a8:a5:1f:3d:6f:a5:28:3c:
81:82:9b:1b:09:d0:87:0b:1f:65:dd:7b:15:f8:3d:
33:b6:e0:1a:fc:a6:d4:31:d3:0a:bc:90:a5:4b:a4:
5a:de:86:8c:54:f9:53:43:76:2b:86:7f:3e:ae:ed:
59:60:9a:f8:f0:06:17:dc:f0:6f:cd:c1:b7:fc:ec:
d5:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:E1:9F:D7:C5:7E:CF:FA:A3:75:E4:98:FF:76:73:01:06:17:19:9E
X509v3 Authority Key Identifier:
keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
22:f7:ba:8d:fd:25:39:ab:93:52:a7:b3:09:47:a4:dd:36:fc:
15:20:a9:c8:2a:36:5c:d9:06:d8:7e:b6:ee:a3:b3:4b:49:04:
cf:1c:db:00:ae:0d:67:42:ef:b6:a6:96:e7:8d:97:ab:82:95:
48:6d:ec:a6:9b:e0:a4:9b:35:03:8b:97:39:ce:26:28:63:d9:
b5:9b:ca:22:34:4c:c4:dc:99:d0:84:2d:cc:46:61:b7:51:0f:
9b:4f:72:56:5b:75:23:49:5a:4a:a1:f3:a2:4d:27:12:b2:3b:
f1:6a:e3:82:ac:d1:53:0b:2b:e5:09:9d:ee:32:1b:bb:d5:0e:
4b:ab:07:34:70:6c:4d:fd:0b:6f:b5:ef:a1:f7:a9:8b:94:6d:
75:6f:05:a2:68:d6:07:4f:41:4d:64:9a:c6:94:da:40:26:eb:
f0:dd:53:a0:ee:03:ca:50:d1:8c:dd:a9:45:13:12:33:1d:d2:
e6:8d:e1:13:d9:9d:76:9b:65:74:36:ca:d4:18:09:2f:bd:61:
14:ec:00:ed:e9:08:51:dc:bc:48:19:9b:21:ab:19:0b:27:29:
f0:31:5f:c0:ec:69:30:27:f5:d0:8b:ca:99:40:02:d1:d1:0a:
2b:d4:0a:0c:80:7a:9e:c6:4a:2e:ed:8f:42:57:96:3f:05:08:
40:d9:44:87
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhpgi5i31fba3ERuGyhSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm
NGQ4YzkwHhcNMjUxMTA0MTEwMDM0WhcNMjUxMTA1MTEwMDM0WjAzMTEwLwYDVQQD
EyhjNGUxOWZkN2M1N2VjZmZhYTM3NWU0OThmZjc2NzMwMTA2MTcxOTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNGK0ERT4L/uKP1iE5y0CIvvnsN8
p7G1pW0OTun9RMPJsSsHq6iYD72AOHWeQEvZYOwk59khEkGzXafssTRHiALpVKKA
s1FYj3aeklq21jq0soCjt/VnkiSlyk0IvFkmwHlLr50L8HPj7yFvhT7T3HAufFLm
BZRMpHeIYf8uL44XfAJl8++iDfF2iuugO6CU2ktGkDV7d7xWHUxTr47QyopvR9jI
7yrFibXmmUGso8QMCvUTc7BbiAPIqKUfPW+lKDyBgpsbCdCHCx9l3XsV+D0ztuAa
/KbUMdMKvJClS6Ra3oaMVPlTQ3Yrhn8+ru1ZYJr48AYX3PBvzcG3/OzVrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMThn9fFfs/6o3XkmP92cwEGFxmeMB8GA1UdIwQY
MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt
MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk
LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIve6jf0l
OauTUqezCUek3Tb8FSCpyCo2XNkG2H627qOzS0kEzxzbAK4NZ0LvtqaW542Xq4KV
SG3sppvgpJs1A4uXOc4mKGPZtZvKIjRMxNyZ0IQtzEZht1EPm09yVlt1I0laSqHz
ok0nErI78WrjgqzRUwsr5Qmd7jIbu9UOS6sHNHBsTf0Lb7Xvofepi5RtdW8FomjW
B09BTWSaxpTaQCbr8N1ToO4DylDRjN2pRRMSMx3S5o3hE9mddptldDbK1BgJL71h
FOwA7ekIUdy8SBmbIasZCycp8DFfwOxpMCf10IvKmUAC0dEKK9QKDIB6nsZKLu2P
QleWPwUIQNlEhw==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:01:05 2025 by rpki-client