Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
File: sgTq-NsT70M8-YIp0jLTMKX14lY.mft (raw, json)
Hash identifier: lNkC/0ou4iz2826Y5eFl0ckDcDPCTbQVGvbkgPcTxWQ=
Subject key identifier: 77:E9:7F:F4:D3:5B:8B:79:1B:26:A2:53:E3:C5:3F:8B:17:EA:C0:3B
Authority key identifier: B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
Certificate issuer: /CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Certificate serial: 019A1B0721974925AD6CFE94EAAD1CB5971B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
Manifest number: 16F2
Signing time: Sat 25 Oct 2025 11:00:43 +0000
Manifest this update: Sat 25 Oct 2025 11:00:43 +0000
Manifest next update: Sun 26 Oct 2025 11:00:43 +0000
Files and hashes: 1: sgTq-NsT70M8-YIp0jLTMKX14lY.crl (hash: akuBRNA+j0mxKRv2+pZgV1ATmxjY6GwvvTC8Eb4eJxM=)
2: xgKcu0KPsxc8M315Trs0GW1UUwk.roa (hash: ICZ6+2Jz2veLFc1cLdSpid822PA3P/5mVBK8JthGSW0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1b:07:21:97:49:25:ad:6c:fe:94:ea:ad:1c:b5:97:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b204eaf8db13ef433cf98229d232d330a5f5e256
Validity
Not Before: Oct 25 11:00:43 2025 GMT
Not After : Oct 26 11:00:43 2025 GMT
Subject: CN=77e97ff4d35b8b791b26a253e3c53f8b17eac03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:3b:91:b4:d2:1c:12:fd:93:e5:59:af:1f:cf:
07:e0:76:81:05:cd:18:93:9b:b1:16:c1:4a:41:9d:
81:f7:65:e0:a9:2c:17:7a:46:a3:ab:56:75:95:b5:
45:d9:ca:5f:8d:e0:03:bc:3f:73:c1:30:f7:f6:3f:
68:0a:4a:f6:f2:9c:0c:6e:6d:04:16:c1:8e:e9:5e:
4e:a4:6d:fe:ac:c9:ae:1c:f4:b2:9d:5a:0d:b8:0d:
9a:8c:fa:a2:ef:eb:8e:4b:f0:40:e9:9a:df:6d:77:
9a:e0:ca:95:77:ce:1d:e1:d1:86:48:2f:58:bf:b5:
73:0f:9e:14:a0:8e:f2:dd:3b:10:ce:1c:ef:73:ef:
88:a1:ea:61:1f:68:a2:a6:02:07:aa:89:c7:14:dd:
5f:a9:53:b6:d1:4f:70:8b:c9:2f:54:f2:a5:b8:48:
fc:32:25:e8:00:00:de:cf:a7:45:d0:da:c0:09:c5:
32:cf:28:3f:55:05:b7:d3:5b:d3:15:ba:6b:76:dc:
7f:86:65:e7:a3:8f:84:f1:b2:8a:3c:d7:b9:71:33:
0a:04:1e:42:06:bd:0a:d6:8c:c7:39:4f:d3:89:ce:
82:32:cb:68:5a:4b:f4:ba:22:33:af:e7:40:e9:28:
12:ec:10:d2:79:58:56:1c:3d:a7:93:b1:f0:9b:da:
d7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:E9:7F:F4:D3:5B:8B:79:1B:26:A2:53:E3:C5:3F:8B:17:EA:C0:3B
X509v3 Authority Key Identifier:
keyid:B2:04:EA:F8:DB:13:EF:43:3C:F9:82:29:D2:32:D3:30:A5:F5:E2:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgTq-NsT70M8-YIp0jLTMKX14lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/597638-713c-44b7-9b70-25017ec94095/1/sgTq-NsT70M8-YIp0jLTMKX14lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:06:bc:38:e6:17:e9:45:6c:39:51:aa:9f:43:cb:2f:1f:1e:
12:0d:9d:dc:69:c5:4b:0c:ec:0e:8e:da:9b:44:72:95:de:e2:
51:1e:32:1f:69:6a:9f:43:fd:d1:84:80:32:0a:d9:06:da:09:
c6:89:59:c8:64:bb:20:be:e2:08:20:6f:51:8c:58:88:8a:51:
e1:3e:5f:35:54:0c:83:33:9f:bc:41:62:2e:b9:0a:a1:04:ab:
b2:ca:66:46:e1:e6:d9:cd:de:fb:10:8a:b5:ee:ce:48:20:14:
64:15:f0:1a:60:e6:c7:0d:f0:75:c9:bd:a5:22:76:31:07:db:
ca:00:b4:e7:35:87:a6:e2:ea:fa:80:26:de:1f:e6:ef:f9:f5:
48:12:9f:ae:42:d9:51:cb:d2:f4:08:d8:7e:7c:2d:89:7f:b5:
34:17:64:9a:ab:27:20:88:a9:6e:75:2a:d3:6d:79:9b:43:4a:
4f:aa:73:43:63:d7:4c:b9:ec:f8:df:b9:25:ae:78:02:cc:7d:
e0:c8:b1:13:a8:0d:0e:d8:e4:6b:cd:ad:bc:73:04:73:ce:be:
7d:fb:3c:c4:8e:38:19:c6:9d:88:a3:68:f0:33:a4:9f:e8:25:
16:24:27:72:af:31:76:e0:d3:66:87:20:ce:3e:ea:a4:4f:dd:
18:ad:78:5c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZobByGXSSWtbP6U6q0ctZcbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDRlYWY4ZGIxM2VmNDMzY2Y5ODIyOWQyMzJkMzMwYTVm
NWUyNTYwHhcNMjUxMDI1MTEwMDQzWhcNMjUxMDI2MTEwMDQzWjAzMTEwLwYDVQQD
Eyg3N2U5N2ZmNGQzNWI4Yjc5MWIyNmEyNTNlM2M1M2Y4YjE3ZWFjMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwDuRtNIcEv2T5VmvH88H4HaBBc0Y
k5uxFsFKQZ2B92XgqSwXekajq1Z1lbVF2cpfjeADvD9zwTD39j9oCkr28pwMbm0E
FsGO6V5OpG3+rMmuHPSynVoNuA2ajPqi7+uOS/BA6ZrfbXea4MqVd84d4dGGSC9Y
v7VzD54UoI7y3TsQzhzvc++IoephH2iipgIHqonHFN1fqVO20U9wi8kvVPKluEj8
MiXoAADez6dF0NrACcUyzyg/VQW301vTFbprdtx/hmXno4+E8bKKPNe5cTMKBB5C
Br0K1ozHOU/Tic6CMstoWkv0uiIzr+dA6SgS7BDSeVhWHD2nk7Hwm9rXrQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHfpf/TTW4t5GyaiU+PFP4sX6sA7MB8GA1UdIwQY
MBaAFLIE6vjbE+9DPPmCKdIy0zCl9eJWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAt
MjUwMTdlYzk0MDk1LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC81OTc2MzgtNzEzYy00NGI3LTliNzAtMjUwMTdlYzk0MDk1
LzEvc2dUcS1Oc1Q3ME04LVlJcDBqTFRNS1gxNGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQAa8OOYX
6UVsOVGqn0PLLx8eEg2d3GnFSwzsDo7am0Ryld7iUR4yH2lqn0P90YSAMgrZBtoJ
xolZyGS7IL7iCCBvUYxYiIpR4T5fNVQMgzOfvEFiLrkKoQSrsspmRuHm2c3e+xCK
te7OSCAUZBXwGmDmxw3wdcm9pSJ2MQfbygC05zWHpuLq+oAm3h/m7/n1SBKfrkLZ
UcvS9AjYfnwtiX+1NBdkmqsnIIipbnUq0215m0NKT6pzQ2PXTLns+N+5Ja54Asx9
4MixE6gNDtjka82tvHMEc86+ffs8xI44GcadiKNo8DOkn+glFiQncq8xduDTZocg
zj7qpE/dGK14XA==
-----END CERTIFICATE-----
Generated at Sat Oct 25 13:39:18 2025 by rpki-client