Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
File: p2i77FqeEb-9rthKqNOqzaKYifk.mft (raw, json)
Hash identifier: Db+o0222274KLXiE2Do+9FkxXg/ndVqadfXPnx9EYHs=
Subject key identifier: 0C:63:45:39:1B:8F:C6:A8:1E:60:7C:A1:4A:6B:6A:E0:E6:D0:C0:18
Authority key identifier: A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
Certificate issuer: /CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Certificate serial: 019A53761E819FA2B809E8B4A9772B1F0E44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
Manifest number: 170F
Signing time: Wed 05 Nov 2025 10:00:41 +0000
Manifest this update: Wed 05 Nov 2025 10:00:41 +0000
Manifest next update: Thu 06 Nov 2025 10:00:41 +0000
Files and hashes: 1: OgYJc9A280CynujJhuzMa0BI-4Q.roa (hash: MiNQpI1WP7M4DChXTEl99hg+v/DrVYZq8o6Yc8vjTOw=)
2: p2i77FqeEb-9rthKqNOqzaKYifk.crl (hash: mh8EsFPOjUixnjbmZs/0gyOPMuPl9ayiaYgnU2n2Dlo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:76:1e:81:9f:a2:b8:09:e8:b4:a9:77:2b:1f:0e:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a768bbec5a9e11bfbdaed84aa8d3aacda29889f9
Validity
Not Before: Nov 5 10:00:41 2025 GMT
Not After : Nov 6 10:00:41 2025 GMT
Subject: CN=0c6345391b8fc6a81e607ca14a6b6ae0e6d0c018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:3a:ba:6b:eb:41:9b:90:b4:b2:b0:db:8b:
1b:49:9b:b9:39:72:b3:90:27:0b:e0:2f:85:b7:21:
98:a2:b0:d9:5c:12:f6:75:0b:13:81:92:d1:e3:10:
0f:2d:f0:bc:47:b9:76:85:3e:f4:3e:4f:1e:06:d4:
7f:4d:d3:47:28:de:fd:90:f9:7d:7a:7a:74:c8:1b:
1e:a3:a8:a7:a1:26:d7:d4:90:c0:58:ea:eb:7c:87:
fb:8e:41:26:5a:ac:60:2c:12:0e:2d:df:5a:2b:18:
8a:7b:c2:86:68:6c:7d:42:0e:f8:d0:52:90:ae:e5:
79:09:64:f3:8c:01:0f:72:10:be:24:6e:1d:49:f0:
15:da:b3:10:82:c9:24:f7:c3:ab:e2:e9:2c:03:49:
9f:91:6c:e2:c0:97:b8:89:99:77:b5:0f:df:19:96:
45:82:2e:86:38:a1:2c:6d:f6:7e:01:12:7d:c5:2a:
0c:81:f9:eb:c7:e7:12:db:61:22:83:bd:84:ba:1c:
f8:f7:e8:1b:a9:24:a5:cf:b6:ce:ab:f5:ef:cb:e0:
df:73:59:0f:fc:1d:6a:05:5a:8f:81:01:9c:e2:d9:
db:b1:9d:75:08:3a:06:8f:a0:0d:79:d6:5c:4c:0d:
cb:24:d0:e7:c7:12:a8:42:e8:08:46:04:5f:48:20:
f1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:63:45:39:1B:8F:C6:A8:1E:60:7C:A1:4A:6B:6A:E0:E6:D0:C0:18
X509v3 Authority Key Identifier:
keyid:A7:68:BB:EC:5A:9E:11:BF:BD:AE:D8:4A:A8:D3:AA:CD:A2:98:89:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p2i77FqeEb-9rthKqNOqzaKYifk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/eac1f4-ace1-4ce1-a181-cfcabb19f989/1/p2i77FqeEb-9rthKqNOqzaKYifk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c4:c2:d8:ba:0d:f6:d6:cc:5f:5c:1f:2f:96:0e:0b:2c:9f:87:
c7:0f:80:ce:93:25:c7:1c:94:75:61:ff:2b:fa:3b:44:27:f8:
a1:54:3d:aa:97:2d:f4:46:ee:cb:da:29:ab:3d:58:3f:02:1c:
3d:da:6a:79:9e:1e:d1:4f:e3:3d:d8:09:3d:c0:65:0a:23:3c:
73:df:f9:e0:d1:b0:16:2b:c1:bb:25:93:49:d5:d5:a8:92:68:
00:b3:ba:34:7d:43:64:0b:0a:93:7c:8e:71:71:49:21:64:41:
06:b0:b6:3d:9b:5a:05:f5:6a:61:8b:1d:69:fe:4f:c2:7a:31:
71:d2:5f:2d:97:c8:99:97:fb:0f:35:38:2d:60:8e:95:54:e7:
f2:e1:9a:04:c2:de:50:b8:dd:5e:75:1f:2e:79:e4:19:ad:8f:
c6:b7:43:71:87:67:81:db:9f:f3:72:ec:8c:de:5e:3f:3e:f2:
86:24:63:77:6c:75:40:28:01:26:61:97:eb:a2:47:4a:f6:e9:
03:b5:8c:09:fc:53:dc:1c:d3:b7:c0:af:56:a8:68:08:ed:c7:
6b:01:5b:55:85:29:a1:ce:cf:85:83:1c:67:41:14:01:9d:6d:
25:37:5f:bb:9c:c6:fe:58:be:52:97:7c:f9:3f:2e:52:c2:6c:
39:e2:f7:a1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpTdh6Bn6K4Cei0qXcrHw5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NjhiYmVjNWE5ZTExYmZiZGFlZDg0YWE4ZDNhYWNkYTI5
ODg5ZjkwHhcNMjUxMTA1MTAwMDQxWhcNMjUxMTA2MTAwMDQxWjAzMTEwLwYDVQQD
EygwYzYzNDUzOTFiOGZjNmE4MWU2MDdjYTE0YTZiNmFlMGU2ZDBjMDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OY6umvrQZuQtLKw24sbSZu5OXKz
kCcL4C+FtyGYorDZXBL2dQsTgZLR4xAPLfC8R7l2hT70Pk8eBtR/TdNHKN79kPl9
enp0yBseo6inoSbX1JDAWOrrfIf7jkEmWqxgLBIOLd9aKxiKe8KGaGx9Qg740FKQ
ruV5CWTzjAEPchC+JG4dSfAV2rMQgskk98Or4uksA0mfkWziwJe4iZl3tQ/fGZZF
gi6GOKEsbfZ+ARJ9xSoMgfnrx+cS22Eig72Euhz49+gbqSSlz7bOq/Xvy+Dfc1kP
/B1qBVqPgQGc4tnbsZ11CDoGj6ANedZcTA3LJNDnxxKoQugIRgRfSCDxdwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAxjRTkbj8aoHmB8oUprauDm0MAYMB8GA1UdIwQY
MBaAFKdou+xanhG/va7YSqjTqs2imIn5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9lYWMxZjQtYWNlMS00Y2UxLWExODEt
Y2ZjYWJiMTlmOTg5LzEvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9lYWMxZjQtYWNlMS00Y2UxLWExODEtY2ZjYWJiMTlmOTg5
LzEvcDJpNzdGcWVFYi05cnRoS3FOT3F6YUtZaWZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxMLYug32
1sxfXB8vlg4LLJ+Hxw+AzpMlxxyUdWH/K/o7RCf4oVQ9qpct9Ebuy9opqz1YPwIc
PdpqeZ4e0U/jPdgJPcBlCiM8c9/54NGwFivBuyWTSdXVqJJoALO6NH1DZAsKk3yO
cXFJIWRBBrC2PZtaBfVqYYsdaf5PwnoxcdJfLZfImZf7DzU4LWCOlVTn8uGaBMLe
ULjdXnUfLnnkGa2PxrdDcYdngduf83LsjN5ePz7yhiRjd2x1QCgBJmGX66JHSvbp
A7WMCfxT3BzTt8CvVqhoCO3HawFbVYUpoc7PhYMcZ0EUAZ1tJTdfu5zG/li+Upd8
+T8uUsJsOeL3oQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:59:45 2025 by rpki-client