Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/e7b932-fc21-4a61-aef0-15a093e2bb8f/1/spIJTWkd9KfDjxa3VVfpwm1KxpI.mft
File: spIJTWkd9KfDjxa3VVfpwm1KxpI.mft (raw, json)
Hash identifier: TftY2pQ2EITMHCM97ohT+TEjTU9EUZdkMtjvKPDidA4=
Subject key identifier: 52:A5:C2:F1:05:35:B1:F8:51:9D:B6:FB:0E:55:1F:EF:95:F1:96:BB
Authority key identifier: B2:92:09:4D:69:1D:F4:A7:C3:8F:16:B7:55:57:E9:C2:6D:4A:C6:92
Certificate issuer: /CN=b292094d691df4a7c38f16b75557e9c26d4ac692
Certificate serial: 019A2A4342CF630C5C055529EBC4D990631B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/spIJTWkd9KfDjxa3VVfpwm1KxpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/e7b932-fc21-4a61-aef0-15a093e2bb8f/1/spIJTWkd9KfDjxa3VVfpwm1KxpI.mft
Manifest number: 15FF
Signing time: Tue 28 Oct 2025 10:00:42 +0000
Manifest this update: Tue 28 Oct 2025 10:00:42 +0000
Manifest next update: Wed 29 Oct 2025 10:00:42 +0000
Files and hashes: 1: OmeM_n0y_6-zOQ1ggpf3SAaIYGM.roa (hash: nPLGIcarXsWhg9mWE06KhP99Y61Hg7uEiGrRbDzptwU=)
2: spIJTWkd9KfDjxa3VVfpwm1KxpI.crl (hash: bz+iIHF7ldQYq23XCQXSOAlBQlIsBbLN5ctymrImAZk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/e7b932-fc21-4a61-aef0-15a093e2bb8f/1/spIJTWkd9KfDjxa3VVfpwm1KxpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/e7b932-fc21-4a61-aef0-15a093e2bb8f/1/spIJTWkd9KfDjxa3VVfpwm1KxpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/spIJTWkd9KfDjxa3VVfpwm1KxpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:43:42:cf:63:0c:5c:05:55:29:eb:c4:d9:90:63:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b292094d691df4a7c38f16b75557e9c26d4ac692
Validity
Not Before: Oct 28 10:00:42 2025 GMT
Not After : Oct 29 10:00:42 2025 GMT
Subject: CN=52a5c2f10535b1f8519db6fb0e551fef95f196bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:14:e6:ee:aa:d1:34:4f:9e:33:25:78:d5:d7:
61:ba:c6:66:00:e8:8a:33:57:7b:31:0d:88:26:0f:
b3:79:c0:98:76:d3:fc:d5:42:76:8d:53:ae:b1:0b:
7e:c2:6c:d5:e9:19:f8:39:7b:68:e9:cc:0d:26:cb:
f3:89:f5:83:bb:a9:5c:5f:16:56:f4:63:e0:aa:b2:
55:72:e1:2a:a4:8f:9e:03:77:f0:47:51:fd:8b:2c:
b7:cf:c2:dd:cd:a3:9e:22:a3:09:3e:83:5f:65:5f:
db:7d:21:87:22:6e:53:b8:b9:2b:fd:38:a4:43:ad:
f8:dd:03:a6:90:95:b4:4f:e4:76:41:2d:d5:59:99:
66:92:4e:76:f1:71:e1:d7:3b:e9:37:e9:38:77:b2:
04:17:71:b1:50:89:61:38:e0:b1:2f:86:68:d2:bd:
12:0e:8a:a2:c2:63:2b:54:d8:04:f5:a9:41:3a:87:
9e:72:1d:93:41:7b:2b:02:64:41:91:ef:83:5c:92:
01:87:dd:d6:f6:ff:88:eb:cb:88:26:83:b0:c3:a9:
1f:00:96:75:06:a1:04:96:32:e0:51:f0:51:bf:4d:
75:b2:77:5f:90:dc:73:84:fe:fa:0d:13:58:06:80:
db:8e:80:2c:4e:74:dc:20:60:cc:53:a4:53:2f:44:
ff:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:A5:C2:F1:05:35:B1:F8:51:9D:B6:FB:0E:55:1F:EF:95:F1:96:BB
X509v3 Authority Key Identifier:
keyid:B2:92:09:4D:69:1D:F4:A7:C3:8F:16:B7:55:57:E9:C2:6D:4A:C6:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/spIJTWkd9KfDjxa3VVfpwm1KxpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e7b932-fc21-4a61-aef0-15a093e2bb8f/1/spIJTWkd9KfDjxa3VVfpwm1KxpI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/e7b932-fc21-4a61-aef0-15a093e2bb8f/1/spIJTWkd9KfDjxa3VVfpwm1KxpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:bd:40:c2:c2:14:8b:5c:c2:81:38:40:54:cf:d9:48:e8:d8:
e5:b2:22:1f:aa:15:f8:00:f5:b4:2a:ae:96:da:86:ce:14:8d:
05:75:07:74:a8:cb:9f:df:1f:2e:5c:0e:df:a1:c6:2c:6f:47:
d6:31:9d:f0:56:c3:1d:b1:3f:a7:b4:db:12:2c:b7:5f:d9:e3:
04:bc:af:e2:43:3a:ac:6e:88:f0:aa:a4:35:e2:cd:db:29:32:
4f:20:fe:1e:16:01:4d:86:16:98:77:2f:c8:c8:d8:57:a2:42:
6e:b5:c9:c8:db:38:1a:b8:83:14:c2:00:6e:7d:6e:d9:34:f6:
78:ae:24:ff:6a:d3:2e:41:21:aa:3e:b0:1e:eb:83:b8:b5:aa:
f6:1c:19:bc:81:ba:ae:74:6b:8b:4b:d4:58:dc:88:48:95:5d:
cf:c2:03:e2:a1:8b:72:cb:bb:d2:39:a6:ab:ab:ee:9d:a6:74:
d3:ef:dd:7e:fb:96:fe:a5:c3:46:27:f4:a5:af:71:c8:39:8d:
2e:c1:06:20:b4:f6:ce:45:72:6a:65:99:00:0a:e5:91:d9:0f:
7d:cf:44:b5:7e:4b:66:25:97:6a:83:7a:79:09:cc:37:f3:c3:
6a:95:b7:90:3e:c6:50:50:01:36:b2:5d:96:29:29:bc:08:19:
6a:fd:83:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoqQ0LPYwxcBVUp68TZkGMbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyOTIwOTRkNjkxZGY0YTdjMzhmMTZiNzU1NTdlOWMyNmQ0
YWM2OTIwHhcNMjUxMDI4MTAwMDQyWhcNMjUxMDI5MTAwMDQyWjAzMTEwLwYDVQQD
Eyg1MmE1YzJmMTA1MzViMWY4NTE5ZGI2ZmIwZTU1MWZlZjk1ZjE5NmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRTm7qrRNE+eMyV41ddhusZmAOiK
M1d7MQ2IJg+zecCYdtP81UJ2jVOusQt+wmzV6Rn4OXto6cwNJsvzifWDu6lcXxZW
9GPgqrJVcuEqpI+eA3fwR1H9iyy3z8LdzaOeIqMJPoNfZV/bfSGHIm5TuLkr/Tik
Q6343QOmkJW0T+R2QS3VWZlmkk528XHh1zvpN+k4d7IEF3GxUIlhOOCxL4Zo0r0S
DoqiwmMrVNgE9alBOoeech2TQXsrAmRBke+DXJIBh93W9v+I68uIJoOww6kfAJZ1
BqEEljLgUfBRv011sndfkNxzhP76DRNYBoDbjoAsTnTcIGDMU6RTL0T/EQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFKlwvEFNbH4UZ22+w5VH++V8Za7MB8GA1UdIwQY
MBaAFLKSCU1pHfSnw48Wt1VX6cJtSsaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3BJSlRXa2Q5S2ZEanhhM1ZWZnB3bTFLeHBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9lN2I5MzItZmMyMS00YTYxLWFlZjAt
MTVhMDkzZTJiYjhmLzEvc3BJSlRXa2Q5S2ZEanhhM1ZWZnB3bTFLeHBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9lN2I5MzItZmMyMS00YTYxLWFlZjAtMTVhMDkzZTJiYjhm
LzEvc3BJSlRXa2Q5S2ZEanhhM1ZWZnB3bTFLeHBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQL1AwsIU
i1zCgThAVM/ZSOjY5bIiH6oV+AD1tCqultqGzhSNBXUHdKjLn98fLlwO36HGLG9H
1jGd8FbDHbE/p7TbEiy3X9njBLyv4kM6rG6I8KqkNeLN2ykyTyD+HhYBTYYWmHcv
yMjYV6JCbrXJyNs4GriDFMIAbn1u2TT2eK4k/2rTLkEhqj6wHuuDuLWq9hwZvIG6
rnRri0vUWNyISJVdz8ID4qGLcsu70jmmq6vunaZ00+/dfvuW/qXDRif0pa9xyDmN
LsEGILT2zkVyamWZAArlkdkPfc9EtX5LZiWXaoN6eQnMN/PDapW3kD7GUFABNrJd
likpvAgZav2Dpg==
-----END CERTIFICATE-----
Generated at Tue Oct 28 13:26:26 2025 by rpki-client