Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
File: 28lQCYQ2KBzuVCoedFRlUeHlUoM.mft (raw, json)
Hash identifier: FReIn6V5q1YHoKkIJGlV1/BSowJ4ptwPQbvFDi6Bk0I=
Subject key identifier: AE:C9:0C:33:3F:EE:92:67:12:F7:E7:91:61:D0:75:CA:C5:D5:5F:CB
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial: 019A23D356B7F07461ECBD3107DF2E17A370
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
Manifest number: 16F9
Signing time: Mon 27 Oct 2025 04:00:44 +0000
Manifest this update: Mon 27 Oct 2025 04:00:44 +0000
Manifest next update: Tue 28 Oct 2025 04:00:44 +0000
Files and hashes: 1: 28lQCYQ2KBzuVCoedFRlUeHlUoM.crl (hash: Ik2jj1aGb41WP08UL3YATwN4ifWj0Gad6zQp/LC2s+0=)
2: 5OG6iGTbUMv4yreuCzltBDVdDTU.roa (hash: B8Cg7jxvmm1JBGJPeKqbsREjncwII7bdGdlW3Ml3/PA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:d3:56:b7:f0:74:61:ec:bd:31:07:df:2e:17:a3:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
Validity
Not Before: Oct 27 04:00:44 2025 GMT
Not After : Oct 28 04:00:44 2025 GMT
Subject: CN=aec90c333fee926712f7e79161d075cac5d55fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:64:62:dc:73:6e:08:0f:dc:34:9f:d9:e7:
d2:f9:80:4f:70:c4:05:62:0f:37:82:c7:cf:0f:b9:
d7:5a:1d:20:21:dd:f9:03:52:1c:00:4d:51:b5:0a:
e4:d5:8b:73:ea:1a:24:68:3e:93:38:19:f1:f9:69:
e1:06:72:7b:0c:2b:e8:63:ea:17:fa:61:62:38:de:
14:a8:8e:b8:e2:d7:5e:4e:41:63:94:76:f2:1a:ef:
ec:54:23:fb:fe:cc:a0:17:7e:6c:fe:dc:f2:53:33:
60:23:59:b1:49:bc:b3:64:d3:97:dd:99:aa:43:9e:
1a:08:b5:b8:10:c5:69:d5:58:9d:52:dc:47:9c:04:
75:62:df:92:af:a2:0b:e5:d7:41:e6:ff:f6:f9:4b:
f6:53:9b:f9:45:be:55:fd:2d:fa:42:4f:a3:ac:38:
73:6b:97:25:32:87:7f:10:d7:21:04:6b:b6:c8:3e:
a7:fa:0d:86:3e:7a:3d:37:70:c4:75:97:b9:11:a9:
c9:a6:bb:fe:6c:bf:df:18:d3:6b:43:9f:1e:e7:0e:
07:91:ac:9c:4d:d9:d3:e3:24:3c:5c:5f:2a:ec:a9:
dc:33:73:a1:de:70:e7:35:17:23:3e:3e:95:fe:39:
28:cc:cc:06:93:8e:b4:10:18:70:78:1a:37:1c:82:
ef:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:C9:0C:33:3F:EE:92:67:12:F7:E7:91:61:D0:75:CA:C5:D5:5F:CB
X509v3 Authority Key Identifier:
keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1a:2c:3d:3e:61:71:d7:18:b2:d9:12:36:55:fa:53:3b:a0:65:
44:d3:7a:a5:ae:da:bf:8f:48:9a:76:50:2c:fc:37:86:ad:c0:
27:5b:8b:75:c1:bb:2f:f8:96:a3:8f:eb:b8:7e:f8:62:d4:aa:
c3:4e:78:6c:39:c2:08:38:bd:e6:ba:b3:51:c4:18:a2:47:3f:
40:f4:fe:9f:38:9a:ec:81:95:52:66:f9:92:f8:a7:06:b4:84:
63:f2:72:4b:d2:3a:40:49:b7:6d:29:f9:aa:fc:9e:7e:93:dd:
d7:93:7b:3d:25:e9:20:7d:0a:d5:30:c8:f6:5f:b1:bd:e2:37:
5a:f4:89:e8:d3:80:99:01:7b:d9:39:d4:14:da:08:03:f0:27:
bf:2b:f0:2c:03:cc:ca:30:d7:3f:51:d1:dc:67:3d:e0:92:b7:
26:44:55:b4:85:1e:9f:78:ba:86:a7:75:ef:75:01:02:69:b2:
f4:c1:4c:d7:3c:75:89:5d:90:33:4c:af:cc:29:4e:fc:35:8c:
bc:1c:13:44:b6:7e:55:63:97:5f:eb:3c:49:ff:47:37:d7:fb:
12:24:35:07:98:f8:14:72:2c:e5:af:bb:e7:b9:f0:4a:96:61:
dd:25:48:a5:19:ae:16:16:08:d2:28:56:33:0a:2d:66:f7:a2:
98:3b:87:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoj01a38HRh7L0xB98uF6NwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjUxMDI3MDQwMDQ0WhcNMjUxMDI4MDQwMDQ0WjAzMTEwLwYDVQQD
EyhhZWM5MGMzMzNmZWU5MjY3MTJmN2U3OTE2MWQwNzVjYWM1ZDU1ZmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4pkYtxzbggP3DSf2efS+YBPcMQF
Yg83gsfPD7nXWh0gId35A1IcAE1RtQrk1Ytz6hokaD6TOBnx+WnhBnJ7DCvoY+oX
+mFiON4UqI644tdeTkFjlHbyGu/sVCP7/sygF35s/tzyUzNgI1mxSbyzZNOX3Zmq
Q54aCLW4EMVp1VidUtxHnAR1Yt+Sr6IL5ddB5v/2+Uv2U5v5Rb5V/S36Qk+jrDhz
a5clMod/ENchBGu2yD6n+g2GPno9N3DEdZe5EanJprv+bL/fGNNrQ58e5w4Hkayc
TdnT4yQ8XF8q7KncM3Oh3nDnNRcjPj6V/jkozMwGk460EBhweBo3HILv9wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFK7JDDM/7pJnEvfnkWHQdcrF1V/LMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy
LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGiw9PmFx
1xiy2RI2VfpTO6BlRNN6pa7av49ImnZQLPw3hq3AJ1uLdcG7L/iWo4/ruH74YtSq
w054bDnCCDi95rqzUcQYokc/QPT+nzia7IGVUmb5kvinBrSEY/JyS9I6QEm3bSn5
qvyefpPd15N7PSXpIH0K1TDI9l+xveI3WvSJ6NOAmQF72TnUFNoIA/AnvyvwLAPM
yjDXP1HR3Gc94JK3JkRVtIUen3i6hqd173UBAmmy9MFM1zx1iV2QM0yvzClO/DWM
vBwTRLZ+VWOXX+s8Sf9HN9f7EiQ1B5j4FHIs5a+757nwSpZh3SVIpRmuFhYI0ihW
MwotZveimDuHmg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 09:28:57 2025 by rpki-client