Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
File: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft (raw, json)
Hash identifier: yrBT2LVOIFXQGm2MJ7h01847bmModhGhU1DD5WMRvaU=
Subject key identifier: BF:72:5C:AE:26:E7:B3:69:21:9C:6F:46:98:C6:D7:CB:43:FB:86:24
Authority key identifier: 63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
Certificate issuer: /CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Certificate serial: 019A247913DE1A9C958B594A5CD6B3C8F41D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
Manifest number: 0A2C
Signing time: Mon 27 Oct 2025 07:01:45 +0000
Manifest this update: Mon 27 Oct 2025 07:01:45 +0000
Manifest next update: Tue 28 Oct 2025 07:01:45 +0000
Files and hashes: 1: RiW5W8SWQ6-vverb8NRdVDj6CjU.roa (hash: 4IAwVod5pwysrRco/iSy8Lzx8KDdHZ/Q8/hyLLW5E4w=)
2: Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl (hash: XxB/4Q3eqPQ0ezr9Jfdx24j3zbVnZ4dLQSNfTVgNj1w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:79:13:de:1a:9c:95:8b:59:4a:5c:d6:b3:c8:f4:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63fa715c2f4b9008c8f4b60654f7f3c76353ae67
Validity
Not Before: Oct 27 07:01:45 2025 GMT
Not After : Oct 28 07:01:45 2025 GMT
Subject: CN=bf725cae26e7b369219c6f4698c6d7cb43fb8624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:42:2d:23:4f:ef:e3:0a:4b:80:c4:51:eb:ce:
7e:ec:7e:7d:4c:e6:ba:5c:58:14:17:e4:31:ef:12:
0a:3c:87:25:79:e8:07:86:6a:0b:7f:85:90:c7:a5:
00:62:d6:06:dc:9b:0f:93:c2:a0:af:26:c0:04:1d:
30:10:e9:32:50:f7:ea:56:f4:aa:27:78:9c:b7:93:
61:30:b9:3d:78:b6:f4:0f:df:51:7f:1b:cd:7c:ab:
a2:d4:d0:29:ca:59:3e:9c:38:8a:f1:5d:bc:a5:93:
e2:81:1d:5e:9c:0a:ca:c1:33:3d:e6:bd:51:83:24:
4c:6a:a2:2a:97:49:09:ec:3f:b9:9b:22:5c:22:3d:
9c:73:dd:d6:0f:18:17:d6:59:fd:8c:fb:09:ec:4e:
bb:76:fa:12:71:4b:fa:ed:43:68:03:65:b5:9f:58:
9c:ec:be:bc:28:4a:fc:9f:44:9b:63:67:55:ab:a6:
2a:88:7d:fe:c1:d5:51:0d:8e:07:30:d3:b0:ad:ac:
4b:22:af:07:3d:8d:fc:16:13:5b:b3:6a:7a:ed:5b:
b6:cd:f2:18:51:21:59:76:fd:89:24:73:e6:a2:65:
67:b2:ed:90:57:b8:0c:12:7f:4c:d1:8d:ad:29:c8:
16:32:ee:eb:9e:19:e1:b9:99:17:56:7c:03:44:7a:
53:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:72:5C:AE:26:E7:B3:69:21:9C:6F:46:98:C6:D7:CB:43:FB:86:24
X509v3 Authority Key Identifier:
keyid:63:FA:71:5C:2F:4B:90:08:C8:F4:B6:06:54:F7:F3:C7:63:53:AE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/bf9cdb-6e87-479f-93a1-65a5ef0af0b4/1/Y_pxXC9LkAjI9LYGVPfzx2NTrmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
60:5d:cc:e4:65:83:91:c8:3d:31:a7:34:d4:c5:5e:db:bc:6b:
74:a1:a0:c9:76:01:2b:b2:47:19:4b:b3:72:71:a9:48:a4:91:
7a:7d:76:ba:91:68:aa:f0:4e:6b:66:d2:7e:ce:62:ff:e8:37:
8b:e6:a1:7a:10:b1:87:0e:9a:71:fe:b1:3c:1c:97:33:4a:09:
d1:97:97:37:f7:66:04:05:0a:7c:fa:d7:f0:fc:39:33:28:86:
c3:98:7f:00:cc:5d:da:e6:10:b0:aa:ed:af:2c:26:01:2f:e3:
e6:70:93:b5:1c:06:af:0a:4c:65:86:39:03:57:35:0d:9a:99:
73:4b:08:10:6a:00:ca:59:ae:4a:1f:e2:51:51:b1:38:2c:45:
c5:3c:a7:06:da:64:32:38:95:41:4d:da:f0:89:f0:67:58:ff:
ba:27:71:8c:13:d8:88:50:c9:12:05:63:a9:c4:6c:74:63:15:
d7:1a:b6:0f:10:61:41:a5:dc:f0:1f:78:a9:72:a1:4d:2a:9f:
65:f4:9b:95:93:6d:31:27:33:3b:3e:35:f1:a5:c3:d7:75:8a:
a1:d3:b6:13:8c:99:dc:49:a3:9e:a5:c5:fe:d9:bd:1f:14:d6:
d1:51:70:8d:da:2a:db:1b:9b:46:65:fb:8b:38:1b:53:93:98:
8b:53:d5:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokeRPeGpyVi1lKXNazyPQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZmE3MTVjMmY0YjkwMDhjOGY0YjYwNjU0ZjdmM2M3NjM1
M2FlNjcwHhcNMjUxMDI3MDcwMTQ1WhcNMjUxMDI4MDcwMTQ1WjAzMTEwLwYDVQQD
EyhiZjcyNWNhZTI2ZTdiMzY5MjE5YzZmNDY5OGM2ZDdjYjQzZmI4NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0ItI0/v4wpLgMRR685+7H59TOa6
XFgUF+Qx7xIKPIcleegHhmoLf4WQx6UAYtYG3JsPk8KgrybABB0wEOkyUPfqVvSq
J3ict5NhMLk9eLb0D99RfxvNfKui1NApylk+nDiK8V28pZPigR1enArKwTM95r1R
gyRMaqIql0kJ7D+5myJcIj2cc93WDxgX1ln9jPsJ7E67dvoScUv67UNoA2W1n1ic
7L68KEr8n0SbY2dVq6YqiH3+wdVRDY4HMNOwraxLIq8HPY38FhNbs2p67Vu2zfIY
USFZdv2JJHPmomVnsu2QV7gMEn9M0Y2tKcgWMu7rnhnhuZkXVnwDRHpTAQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFL9yXK4m57NpIZxvRpjG18tD+4YkMB8GA1UdIwQY
MBaAFGP6cVwvS5AIyPS2BlT388djU65nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEt
NjVhNWVmMGFmMGI0LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9iZjljZGItNmU4Ny00NzlmLTkzYTEtNjVhNWVmMGFmMGI0
LzEvWV9weFhDOUxrQWpJOUxZR1ZQZnp4Mk5Ucm1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYF3M5GWD
kcg9Mac01MVe27xrdKGgyXYBK7JHGUuzcnGpSKSRen12upFoqvBOa2bSfs5i/+g3
i+ahehCxhw6acf6xPByXM0oJ0ZeXN/dmBAUKfPrX8Pw5MyiGw5h/AMxd2uYQsKrt
rywmAS/j5nCTtRwGrwpMZYY5A1c1DZqZc0sIEGoAylmuSh/iUVGxOCxFxTynBtpk
MjiVQU3a8InwZ1j/uidxjBPYiFDJEgVjqcRsdGMV1xq2DxBhQaXc8B94qXKhTSqf
ZfSblZNtMSczOz418aXD13WKodO2E4yZ3EmjnqXF/tm9HxTW0VFwjdoq2xubRmX7
izgbU5OYi1PVBw==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:53:40 2025 by rpki-client