Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
File: 2VSrlORZUZTSw5sdP-aokfHrkrw.mft (raw, json)
Hash identifier: coWMNRusmXJVwmhMmXBKLLN4+iq4pMTMbiGyEjiSVuE=
Subject key identifier: B2:74:D2:12:2E:3B:31:23:42:F2:1F:CA:33:E3:C6:A7:34:1B:57:62
Authority key identifier: D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
Certificate issuer: /CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Certificate serial: 019A4D73CF8885E291D828FE2749B47C2639
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
Manifest number: 086B
Signing time: Tue 04 Nov 2025 06:00:26 +0000
Manifest this update: Tue 04 Nov 2025 06:00:26 +0000
Manifest next update: Wed 05 Nov 2025 06:00:26 +0000
Files and hashes: 1: 2VSrlORZUZTSw5sdP-aokfHrkrw.crl (hash: axMPuFJkmLP+ydeuhcsCwPRQo+I1vCYTz9aetkWr2O8=)
2: ExuO0wU2-ClJDZRwWSRuAs7W0gk.roa (hash: 2j3+sZIfGB/S0w3o+OLoSghT+pM132gfjkW2EjpJ9JQ=)
3: aedVSgDzPN8NSNc0AWT5LWxB0ME.roa (hash: dpDe6aIbJvexkIC5o0dZBz+eF8xcPh7l66sRiS3ImZY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:73:cf:88:85:e2:91:d8:28:fe:27:49:b4:7c:26:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d954ab94e4595194d2c39b1d3fe6a891f1eb92bc
Validity
Not Before: Nov 4 06:00:26 2025 GMT
Not After : Nov 5 06:00:26 2025 GMT
Subject: CN=b274d2122e3b312342f21fca33e3c6a7341b5762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:40:e9:63:d7:bb:bf:17:82:3e:42:fd:f3:11:
2d:c1:f1:77:6c:33:26:ce:5a:2a:e6:53:bd:f7:05:
c5:07:f4:91:40:22:7d:f9:05:f3:ae:b2:8d:c4:ea:
43:96:59:70:2b:83:95:df:3b:e9:32:37:e6:40:24:
0e:43:b7:8d:a4:50:01:cd:fa:49:77:2c:32:1a:a0:
91:a9:44:8e:d6:b2:83:95:12:c6:c6:2c:0a:4e:d3:
88:0b:df:32:df:a6:0a:dd:ac:60:88:f6:2f:16:71:
d4:92:b8:4e:c7:33:b2:16:d4:cc:24:e5:ca:f2:a0:
c7:c0:ef:9a:5b:72:47:8c:de:36:95:c5:cb:ab:89:
fe:39:00:ca:1d:35:bc:a3:aa:39:4c:f6:f0:cc:c0:
74:6c:46:80:39:f9:0a:39:4a:08:55:df:95:df:04:
ff:f7:3a:f7:36:67:44:e6:fc:70:b7:4d:2d:54:7b:
13:7f:aa:96:b2:28:cd:74:af:9a:60:6f:7e:46:4f:
d0:e3:04:10:32:a4:c1:10:34:7b:64:22:93:4e:38:
0d:2b:ba:0c:cf:40:64:de:e3:19:de:68:ea:10:24:
84:50:06:9e:d0:8b:f8:a9:79:56:fc:42:da:4a:16:
69:ae:3d:8e:44:76:32:25:02:78:a5:99:5b:e8:05:
8b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:74:D2:12:2E:3B:31:23:42:F2:1F:CA:33:E3:C6:A7:34:1B:57:62
X509v3 Authority Key Identifier:
keyid:D9:54:AB:94:E4:59:51:94:D2:C3:9B:1D:3F:E6:A8:91:F1:EB:92:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2VSrlORZUZTSw5sdP-aokfHrkrw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/647485-635e-4ac6-b0b9-3351c577b432/1/2VSrlORZUZTSw5sdP-aokfHrkrw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
64:fc:d9:2b:c1:45:f8:17:35:22:dc:db:d0:c0:5a:25:f1:6e:
a8:54:af:12:3a:3e:1e:95:6f:ee:db:05:82:40:83:ee:36:33:
cc:91:5d:ed:cc:c7:5c:dc:67:10:33:6d:2c:b8:75:04:1d:25:
89:b8:09:08:79:bc:55:72:88:fb:6f:d6:c4:bb:e6:f3:45:bd:
54:70:f8:5b:ec:4c:a5:f6:62:62:4c:1f:b9:52:95:3c:a7:0f:
c9:11:eb:e7:83:c5:aa:e1:db:01:49:2a:91:91:da:52:e3:52:
8c:62:55:69:53:e7:51:25:7a:d4:bb:a3:2a:f3:8d:6c:63:78:
4e:d5:ed:00:4c:1c:49:41:80:42:62:03:b6:b8:b1:f2:14:15:
8a:6b:e7:bc:74:6f:41:68:0f:b5:c9:07:cf:e5:08:5d:26:9b:
73:f0:68:e4:05:c8:75:ab:33:5a:63:8e:76:d8:d1:9d:94:9f:
36:0d:79:39:b2:bd:5b:0d:6c:de:94:6d:27:b0:5b:fe:24:ef:
49:d1:82:13:16:18:d6:81:67:ff:d2:5b:40:1d:50:7f:87:0b:
6a:be:4b:c3:ef:81:0e:47:42:5d:22:49:c3:d4:d9:7e:7f:55:
91:eb:bd:3c:6a:ee:39:42:ef:41:a1:aa:4c:ec:ab:a5:f4:6f:
b1:22:7b:5e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpNc8+IheKR2Cj+J0m0fCY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NTRhYjk0ZTQ1OTUxOTRkMmMzOWIxZDNmZTZhODkxZjFl
YjkyYmMwHhcNMjUxMTA0MDYwMDI2WhcNMjUxMTA1MDYwMDI2WjAzMTEwLwYDVQQD
EyhiMjc0ZDIxMjJlM2IzMTIzNDJmMjFmY2EzM2UzYzZhNzM0MWI1NzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0DpY9e7vxeCPkL98xEtwfF3bDMm
zloq5lO99wXFB/SRQCJ9+QXzrrKNxOpDlllwK4OV3zvpMjfmQCQOQ7eNpFABzfpJ
dywyGqCRqUSO1rKDlRLGxiwKTtOIC98y36YK3axgiPYvFnHUkrhOxzOyFtTMJOXK
8qDHwO+aW3JHjN42lcXLq4n+OQDKHTW8o6o5TPbwzMB0bEaAOfkKOUoIVd+V3wT/
9zr3NmdE5vxwt00tVHsTf6qWsijNdK+aYG9+Rk/Q4wQQMqTBEDR7ZCKTTjgNK7oM
z0Bk3uMZ3mjqECSEUAae0Iv4qXlW/ELaShZprj2ORHYyJQJ4pZlb6AWLeQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLJ00hIuOzEjQvIfyjPjxqc0G1diMB8GA1UdIwQY
MBaAFNlUq5TkWVGU0sObHT/mqJHx65K8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjkt
MzM1MWM1NzdiNDMyLzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82NDc0ODUtNjM1ZS00YWM2LWIwYjktMzM1MWM1NzdiNDMy
LzEvMlZTcmxPUlpVWlRTdzVzZFAtYW9rZkhya3J3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZPzZK8FF
+Bc1Itzb0MBaJfFuqFSvEjo+HpVv7tsFgkCD7jYzzJFd7czHXNxnEDNtLLh1BB0l
ibgJCHm8VXKI+2/WxLvm80W9VHD4W+xMpfZiYkwfuVKVPKcPyRHr54PFquHbAUkq
kZHaUuNSjGJVaVPnUSV61LujKvONbGN4TtXtAEwcSUGAQmIDtrix8hQVimvnvHRv
QWgPtckHz+UIXSabc/Bo5AXIdaszWmOOdtjRnZSfNg15ObK9Ww1s3pRtJ7Bb/iTv
SdGCExYY1oFn/9JbQB1Qf4cLar5Lw++BDkdCXSJJw9TZfn9Vkeu9PGruOULvQaGq
TOyrpfRvsSJ7Xg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:54:23 2025 by rpki-client