Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
File: 2EPxqgSY2E95UyPB_2uuOvQCBtE.mft (raw, json)
Hash identifier: EWNkf/B3fvwra7QpjXA0lGm2jikK+FJUG4c4WVtrpqc=
Subject key identifier: EE:D6:74:42:51:7C:F4:70:AC:5F:89:0A:6B:01:48:54:E1:0D:4B:3D
Authority key identifier: D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1
Certificate issuer: /CN=d843f1aa0498d84f795323c1ff6bae3af40206d1
Certificate serial: 019A668FAAC64A44A5436AAD7119E1868A6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
Manifest number: 171A
Signing time: Sun 09 Nov 2025 03:01:22 +0000
Manifest this update: Sun 09 Nov 2025 03:01:22 +0000
Manifest next update: Mon 10 Nov 2025 03:01:22 +0000
Files and hashes: 1: 2EPxqgSY2E95UyPB_2uuOvQCBtE.crl (hash: P9yUy5UGaAZvIUHivrJr9aZHraYIzNIzoPDOlYTEVHA=)
2: Lr1Je63vs8PyvkKI1_N9un3D4qE.roa (hash: hbRmpQBdQ4b6GdZPWppZ6a4wJHdosMiH1PY+13rdPiE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Nov 2025 03:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:66:8f:aa:c6:4a:44:a5:43:6a:ad:71:19:e1:86:8a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d843f1aa0498d84f795323c1ff6bae3af40206d1
Validity
Not Before: Nov 9 03:01:22 2025 GMT
Not After : Nov 10 03:01:22 2025 GMT
Subject: CN=eed67442517cf470ac5f890a6b014854e10d4b3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fa:75:87:01:77:7a:9a:11:39:1a:ab:a1:46:
26:ff:77:f6:3e:0d:d3:d6:88:9a:94:b4:75:c1:1f:
ef:5a:70:46:43:cc:00:56:5f:5e:f0:f1:b8:92:19:
f6:82:8d:29:ac:be:63:81:8f:54:ba:8a:e4:1c:db:
c3:9a:32:70:2f:8a:96:74:d0:d5:7a:ff:46:78:74:
4c:d7:72:49:fd:8d:ce:03:e1:27:00:60:db:2d:9c:
b9:16:d8:e3:53:fe:9b:fb:a2:77:4a:4f:5f:e6:7d:
6f:f0:c3:b3:65:37:4d:fb:4f:57:c1:77:bc:c2:a8:
a1:eb:81:e7:5a:d9:13:c7:04:ae:68:da:ad:ea:2d:
e7:ca:d9:f8:d4:e5:fe:84:de:6c:34:d2:21:8b:39:
0b:c0:3f:75:69:8b:ea:76:85:4d:73:17:62:c7:38:
87:91:8b:19:96:66:67:95:93:43:98:67:0c:a3:83:
27:3e:b1:61:24:1c:4a:f8:7b:fd:0f:ad:c6:63:2b:
47:68:62:30:7f:68:1e:f1:ce:b6:52:0c:34:86:ac:
52:12:cf:d0:28:29:21:e2:02:26:7c:07:49:5e:d0:
df:6b:2d:42:41:56:62:65:58:c1:d2:b6:39:30:5e:
3e:38:9b:93:90:2f:d0:95:38:e4:53:30:3f:38:14:
fa:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D6:74:42:51:7C:F4:70:AC:5F:89:0A:6B:01:48:54:E1:0D:4B:3D
X509v3 Authority Key Identifier:
keyid:D8:43:F1:AA:04:98:D8:4F:79:53:23:C1:FF:6B:AE:3A:F4:02:06:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2EPxqgSY2E95UyPB_2uuOvQCBtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/da4dd9-594d-456c-9f71-76a194554b05/1/2EPxqgSY2E95UyPB_2uuOvQCBtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5d:a9:1a:a4:d3:8e:9b:e0:21:10:58:9f:01:d9:4e:0f:6d:98:
d9:48:f1:c7:b0:33:f8:8b:bc:12:1b:b4:66:71:63:57:8e:46:
85:54:bf:49:97:fd:1f:9b:27:ed:a8:0c:4d:66:29:e1:21:b6:
2b:a5:de:82:79:05:e6:9f:13:56:cc:9e:16:ab:a9:50:28:8d:
20:91:67:22:cb:84:e4:ab:9a:67:a2:a4:04:16:71:34:cd:3c:
d0:80:18:65:e3:50:0c:0c:7e:d0:6d:e3:d0:25:a7:4d:a4:19:
2b:c1:fb:e6:e2:c9:c6:ba:b7:0a:f2:72:c0:58:1d:14:6f:ec:
12:ca:51:4b:b3:8b:8f:86:78:e9:e5:7e:d3:ae:41:2b:d0:87:
38:a7:4f:38:e6:83:4f:eb:19:2b:4b:86:8d:ee:df:3f:71:7f:
12:6d:28:24:6e:fe:e4:fd:2c:0e:e2:03:25:6f:51:ce:b3:eb:
38:6f:95:14:68:28:32:31:e4:a0:35:f0:d5:97:ce:ea:76:db:
2d:44:9b:ff:22:ef:38:7d:9f:1b:df:df:b9:77:73:8c:6f:c9:
86:e8:07:c1:4b:dc:85:53:40:c6:37:1f:c9:77:1f:b1:6c:d3:
02:4b:24:f1:76:9f:67:b3:2b:80:05:a5:a0:49:38:b1:f2:2b:
67:08:23:b7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpmj6rGSkSlQ2qtcRnhhoprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NDNmMWFhMDQ5OGQ4NGY3OTUzMjNjMWZmNmJhZTNhZjQw
MjA2ZDEwHhcNMjUxMTA5MDMwMTIyWhcNMjUxMTEwMDMwMTIyWjAzMTEwLwYDVQQD
EyhlZWQ2NzQ0MjUxN2NmNDcwYWM1Zjg5MGE2YjAxNDg1NGUxMGQ0YjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfp1hwF3epoRORqroUYm/3f2Pg3T
1oialLR1wR/vWnBGQ8wAVl9e8PG4khn2go0prL5jgY9UuorkHNvDmjJwL4qWdNDV
ev9GeHRM13JJ/Y3OA+EnAGDbLZy5FtjjU/6b+6J3Sk9f5n1v8MOzZTdN+09XwXe8
wqih64HnWtkTxwSuaNqt6i3nytn41OX+hN5sNNIhizkLwD91aYvqdoVNcxdixziH
kYsZlmZnlZNDmGcMo4MnPrFhJBxK+Hv9D63GYytHaGIwf2ge8c62Ugw0hqxSEs/Q
KCkh4gImfAdJXtDfay1CQVZiZVjB0rY5MF4+OJuTkC/QlTjkUzA/OBT6MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO7WdEJRfPRwrF+JCmsBSFThDUs9MB8GA1UdIwQY
MBaAFNhD8aoEmNhPeVMjwf9rrjr0AgbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEt
NzZhMTk0NTU0YjA1LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9kYTRkZDktNTk0ZC00NTZjLTlmNzEtNzZhMTk0NTU0YjA1
LzEvMkVQeHFnU1kyRTk1VXlQQl8ydXVPdlFDQnRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXakapNOO
m+AhEFifAdlOD22Y2Ujxx7Az+Iu8Ehu0ZnFjV45GhVS/SZf9H5sn7agMTWYp4SG2
K6XegnkF5p8TVsyeFqupUCiNIJFnIsuE5KuaZ6KkBBZxNM080IAYZeNQDAx+0G3j
0CWnTaQZK8H75uLJxrq3CvJywFgdFG/sEspRS7OLj4Z46eV+065BK9CHOKdPOOaD
T+sZK0uGje7fP3F/Em0oJG7+5P0sDuIDJW9RzrPrOG+VFGgoMjHkoDXw1ZfO6nbb
LUSb/yLvOH2fG9/fuXdzjG/JhugHwUvchVNAxjcfyXcfsWzTAksk8XafZ7MrgAWl
oEk4sfIrZwgjtw==
-----END CERTIFICATE-----
Generated at Sun Nov 9 09:55:50 2025 by rpki-client