Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.mft
File: 2YhPkq_rWP-rJkh7IyBf4NXaip8.mft (raw, json)
Hash identifier: 4o+bTVfOPa7r3AjE+MAiKkrmrcwUsvn57K6oBdJNprA=
Subject key identifier: E5:AF:89:B7:8D:6C:12:C9:50:28:87:25:1C:68:56:0E:9C:42:05:75
Authority key identifier: D9:88:4F:92:AF:EB:58:FF:AB:26:48:7B:23:20:5F:E0:D5:DA:8A:9F
Certificate issuer: /CN=d9884f92afeb58ffab26487b23205fe0d5da8a9f
Certificate serial: 019A4E86492EC19FAA7914EBF851A1D730CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YhPkq_rWP-rJkh7IyBf4NXaip8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.mft
Manifest number: 0FF0
Signing time: Tue 04 Nov 2025 11:00:14 +0000
Manifest this update: Tue 04 Nov 2025 11:00:14 +0000
Manifest next update: Wed 05 Nov 2025 11:00:14 +0000
Files and hashes: 1: 2YhPkq_rWP-rJkh7IyBf4NXaip8.crl (hash: SYNXX8fxX3pCaHKgOca5YwM6RBOTEpmKbc41sowMzI0=)
2: CYLgyzMsYi7lgn_Q5Gp7OFp3YLo.roa (hash: KpU4uZLnHzH71nuh4tR8vuJUqVXwmRrydoVr8tnF92Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.mft
rsync://rpki.ripe.net/repository/DEFAULT/2YhPkq_rWP-rJkh7IyBf4NXaip8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:86:49:2e:c1:9f:aa:79:14:eb:f8:51:a1:d7:30:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9884f92afeb58ffab26487b23205fe0d5da8a9f
Validity
Not Before: Nov 4 11:00:14 2025 GMT
Not After : Nov 5 11:00:14 2025 GMT
Subject: CN=e5af89b78d6c12c9502887251c68560e9c420575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:7a:e7:48:93:cf:8c:85:35:2c:99:1f:64:fd:
d1:48:cb:00:82:7a:e7:2f:6a:69:3a:31:0b:36:eb:
ae:ed:27:52:64:fb:93:7a:c5:24:d0:f0:c8:08:18:
34:2f:1d:16:bb:99:0f:2d:f6:0a:94:75:b0:50:0f:
21:47:f5:ad:f7:fd:8f:8f:eb:4f:b7:e3:04:ec:9d:
fd:3c:a3:b1:a3:43:1e:d5:a3:85:4e:88:2c:50:86:
3b:4e:1e:c7:71:9c:85:95:d0:ff:36:77:cf:45:7f:
2d:db:d9:1a:01:a3:e5:0a:a6:b0:54:8e:3a:b7:c5:
4a:4a:9a:8b:5f:40:23:9c:58:38:bc:66:62:d9:76:
e7:c3:a2:bb:23:3c:28:11:e6:8a:4f:77:cf:a5:fb:
ed:c3:60:b4:3d:93:e6:a5:ba:7d:e2:f1:c8:8e:fa:
52:e9:d7:5d:fa:f1:8b:89:87:22:87:fc:a8:78:b2:
cd:ac:84:8f:12:d9:34:99:e4:85:03:9d:23:b8:eb:
45:0f:1b:5e:24:01:2f:d3:1e:07:e4:c8:53:d6:7f:
ea:8b:26:02:b9:78:13:5c:d4:54:01:ee:0f:8d:f0:
8c:75:0f:ae:a6:32:fb:e7:32:e5:de:bc:14:fa:b9:
3b:23:ea:d4:dc:f3:f4:0b:90:a8:14:01:a1:4a:da:
f2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:AF:89:B7:8D:6C:12:C9:50:28:87:25:1C:68:56:0E:9C:42:05:75
X509v3 Authority Key Identifier:
keyid:D9:88:4F:92:AF:EB:58:FF:AB:26:48:7B:23:20:5F:E0:D5:DA:8A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YhPkq_rWP-rJkh7IyBf4NXaip8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/7cc3f8-008b-407c-beef-76533245f2be/1/2YhPkq_rWP-rJkh7IyBf4NXaip8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:dd:80:58:43:49:fb:b4:8b:e0:9a:a2:eb:e3:c6:72:fe:03:
b2:47:13:04:19:52:ff:45:96:d2:a2:3c:8e:55:37:3a:34:3b:
bc:8e:7a:8a:7b:e7:76:f8:fc:68:0b:76:86:c8:fb:b8:46:0d:
7d:f4:95:66:f7:7b:ff:ea:53:52:9f:e6:a9:52:a3:e6:cd:82:
10:35:c1:c9:52:e1:c2:e1:c8:bb:16:60:c8:d4:1f:ea:cc:f0:
ad:36:35:25:c1:80:97:a1:69:33:36:58:38:e4:86:0d:55:66:
42:0b:42:bb:f1:1c:38:6b:bd:4f:97:33:6a:c7:eb:bb:d7:f1:
2f:a8:25:66:9a:0e:8a:04:97:2e:3f:fa:06:af:6e:74:f4:ce:
f3:21:a6:7c:0b:ff:9f:e3:20:7c:74:e5:8a:de:35:a1:a7:7c:
3b:e4:8e:98:d4:81:e7:e5:da:93:37:14:5e:3d:58:8d:2e:1a:
57:86:ea:76:aa:01:cf:2a:12:4f:c3:4e:09:94:40:fb:bd:50:
b8:ce:f6:47:f4:6c:02:3d:c3:11:25:38:0a:90:6b:87:cf:f5:
6f:c1:22:a3:a2:1e:50:b3:83:5d:ff:d3:ca:57:ef:2d:2a:68:
54:a7:47:f4:c6:99:6d:bc:5f:96:ba:0c:9f:56:73:02:3f:49:
41:91:cb:86
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpOhkkuwZ+qeRTr+FGh1zDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ODg0ZjkyYWZlYjU4ZmZhYjI2NDg3YjIzMjA1ZmUwZDVk
YThhOWYwHhcNMjUxMTA0MTEwMDE0WhcNMjUxMTA1MTEwMDE0WjAzMTEwLwYDVQQD
EyhlNWFmODliNzhkNmMxMmM5NTAyODg3MjUxYzY4NTYwZTljNDIwNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXrnSJPPjIU1LJkfZP3RSMsAgnrn
L2ppOjELNuuu7SdSZPuTesUk0PDICBg0Lx0Wu5kPLfYKlHWwUA8hR/Wt9/2Pj+tP
t+ME7J39PKOxo0Me1aOFTogsUIY7Th7HcZyFldD/NnfPRX8t29kaAaPlCqawVI46
t8VKSpqLX0AjnFg4vGZi2Xbnw6K7IzwoEeaKT3fPpfvtw2C0PZPmpbp94vHIjvpS
6ddd+vGLiYcih/yoeLLNrISPEtk0meSFA50juOtFDxteJAEv0x4H5MhT1n/qiyYC
uXgTXNRUAe4PjfCMdQ+upjL75zLl3rwU+rk7I+rU3PP0C5CoFAGhStryMwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOWvibeNbBLJUCiHJRxoVg6cQgV1MB8GA1UdIwQY
MBaAFNmIT5Kv61j/qyZIeyMgX+DV2oqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlloUGtxX3JXUC1ySmtoN0l5QmY0TlhhaXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS83Y2MzZjgtMDA4Yi00MDdjLWJlZWYt
NzY1MzMyNDVmMmJlLzEvMlloUGtxX3JXUC1ySmtoN0l5QmY0TlhhaXA4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS83Y2MzZjgtMDA4Yi00MDdjLWJlZWYtNzY1MzMyNDVmMmJl
LzEvMlloUGtxX3JXUC1ySmtoN0l5QmY0TlhhaXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHd2AWENJ
+7SL4Jqi6+PGcv4DskcTBBlS/0WW0qI8jlU3OjQ7vI56invndvj8aAt2hsj7uEYN
ffSVZvd7/+pTUp/mqVKj5s2CEDXByVLhwuHIuxZgyNQf6szwrTY1JcGAl6FpMzZY
OOSGDVVmQgtCu/EcOGu9T5czasfru9fxL6glZpoOigSXLj/6Bq9udPTO8yGmfAv/
n+MgfHTlit41oad8O+SOmNSB5+XakzcUXj1YjS4aV4bqdqoBzyoST8NOCZRA+71Q
uM72R/RsAj3DESU4CpBrh8/1b8Eio6IeULODXf/TylfvLSpoVKdH9MaZbbxflroM
n1ZzAj9JQZHLhg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 14:41:50 2025 by rpki-client