Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
File: s7a21-XdDDKPbOr36enA0cuMHSI.mft (raw, json)
Hash identifier: exjHSv3h3p+0ruCFh5QFcR9+vpnl40CTAjIt6pQT8AI=
Subject key identifier: 20:A8:2A:AB:61:E7:FA:D2:C0:0B:4D:E2:2A:72:65:72:21:BE:8C:11
Authority key identifier: B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
Certificate issuer: /CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Certificate serial: 019A2478189B9DEDFE8F4B77021A71E2608A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
Manifest number: 14BA
Signing time: Mon 27 Oct 2025 07:00:41 +0000
Manifest this update: Mon 27 Oct 2025 07:00:41 +0000
Manifest next update: Tue 28 Oct 2025 07:00:41 +0000
Files and hashes: 1: hzoYOWaigOBhVgvLojtyU6Dx7N4.roa (hash: T/q+Lugm+i1exm5XgQ+QByz6sPtwXurIWQU3uySV9uU=)
2: s7a21-XdDDKPbOr36enA0cuMHSI.crl (hash: i7sqMQ4N+bAOp2Lv39RrbIEnpe1B14DS/m72qry6QFs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 07:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:78:18:9b:9d:ed:fe:8f:4b:77:02:1a:71:e2:60:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6b6d7e5dd0c328f6ceaf7e9e9c0d1cb8c1d22
Validity
Not Before: Oct 27 07:00:41 2025 GMT
Not After : Oct 28 07:00:41 2025 GMT
Subject: CN=20a82aab61e7fad2c00b4de22a72657221be8c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c0:81:3c:61:13:07:0f:2a:49:db:68:c9:29:
10:40:12:1b:2d:b5:70:af:89:d9:fd:58:ac:e9:a7:
26:1c:eb:bb:ba:a0:c1:ab:1e:10:f7:3a:4b:9a:69:
c3:ed:8c:0c:89:95:e2:3e:71:c0:26:2d:c6:e2:d2:
0c:06:68:ef:3e:da:91:6f:00:13:ca:b8:8f:6c:b2:
cb:c6:e2:9b:a4:7a:35:02:29:60:7e:1e:99:e6:4f:
cd:47:23:9a:a1:af:df:b9:42:39:d7:b3:02:05:7d:
bc:a3:99:f7:21:c6:92:10:35:bc:67:44:6b:c6:2b:
e5:3b:8b:33:38:aa:8a:53:c5:bb:86:4c:51:38:c9:
a0:55:3c:8d:c7:28:83:d9:77:8c:25:c5:7f:1e:7f:
7d:9a:7b:d8:4b:81:b4:9f:41:42:d9:9f:a8:3a:c6:
ea:83:44:d2:b4:82:83:81:ca:6e:af:cd:3d:00:54:
74:46:65:2e:de:20:44:9c:f4:93:4b:18:57:61:3f:
fd:e5:ef:88:50:57:c9:b9:73:66:01:19:39:84:89:
52:2b:13:b5:34:f7:d1:ee:96:a8:14:51:02:9a:e6:
35:ae:3a:41:bc:0f:fa:9f:7a:ea:85:09:d3:ad:f1:
9e:8c:c2:a9:a2:02:70:3d:eb:11:37:c1:b8:6d:26:
2e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A8:2A:AB:61:E7:FA:D2:C0:0B:4D:E2:2A:72:65:72:21:BE:8C:11
X509v3 Authority Key Identifier:
keyid:B3:B6:B6:D7:E5:DD:0C:32:8F:6C:EA:F7:E9:E9:C0:D1:CB:8C:1D:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7a21-XdDDKPbOr36enA0cuMHSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/2d7946-db8b-4a57-a70b-2071546b70f9/1/s7a21-XdDDKPbOr36enA0cuMHSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
35:f1:fd:a4:1d:87:06:b4:cb:58:f0:ad:31:5b:cd:c3:07:f2:
59:13:27:bd:9b:ff:d6:a5:c3:dc:5e:b2:bc:cd:ab:69:92:15:
dd:e6:62:7c:c6:fd:8f:b9:a2:fc:1f:26:b9:fe:d2:d4:88:e8:
26:e4:f9:15:6e:0a:7f:b5:6c:54:af:51:b8:3d:fb:7b:44:15:
a9:d0:1a:ca:83:e4:ef:91:be:c4:23:82:61:62:26:02:83:b0:
03:52:af:ec:61:b6:20:e8:07:50:78:2a:49:a9:d4:da:09:6b:
72:ae:9d:79:26:c3:27:94:89:02:f2:21:95:52:62:b5:e9:8c:
b9:0e:aa:4b:2a:66:f2:c2:6c:7c:cf:a2:ed:b3:44:24:33:80:
e8:2d:e8:56:bc:d5:7c:ce:2a:83:31:23:01:2c:08:b4:d6:bb:
82:3f:49:54:25:45:eb:1e:7d:f0:6b:59:ea:40:17:61:cf:47:
bf:81:08:db:bd:0c:c3:03:5a:48:af:d5:28:32:e4:2e:e4:7a:
ec:9d:45:95:ca:72:c8:4b:76:2d:1c:3d:b1:4f:ee:10:e9:65:
ba:49:9e:c6:64:73:cd:8f:f2:2f:f9:d2:07:c2:49:78:f3:fa:
ee:51:22:3f:9c:2c:03:6c:d8:9e:83:5a:75:f9:83:78:02:d8:
a9:21:2f:2c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZokeBibne3+j0t3Ahpx4mCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYjZiNmQ3ZTVkZDBjMzI4ZjZjZWFmN2U5ZTljMGQxY2I4
YzFkMjIwHhcNMjUxMDI3MDcwMDQxWhcNMjUxMDI4MDcwMDQxWjAzMTEwLwYDVQQD
EygyMGE4MmFhYjYxZTdmYWQyYzAwYjRkZTIyYTcyNjU3MjIxYmU4YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcCBPGETBw8qSdtoySkQQBIbLbVw
r4nZ/Vis6acmHOu7uqDBqx4Q9zpLmmnD7YwMiZXiPnHAJi3G4tIMBmjvPtqRbwAT
yriPbLLLxuKbpHo1Ailgfh6Z5k/NRyOaoa/fuUI517MCBX28o5n3IcaSEDW8Z0Rr
xivlO4szOKqKU8W7hkxROMmgVTyNxyiD2XeMJcV/Hn99mnvYS4G0n0FC2Z+oOsbq
g0TStIKDgcpur809AFR0RmUu3iBEnPSTSxhXYT/95e+IUFfJuXNmARk5hIlSKxO1
NPfR7paoFFECmuY1rjpBvA/6n3rqhQnTrfGejMKpogJwPesRN8G4bSYubQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCCoKqth5/rSwAtN4ipyZXIhvowRMB8GA1UdIwQY
MBaAFLO2ttfl3Qwyj2zq9+npwNHLjB0iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGIt
MjA3MTU0NmI3MGY5LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8yZDc5NDYtZGI4Yi00YTU3LWE3MGItMjA3MTU0NmI3MGY5
LzEvczdhMjEtWGREREtQYk9yMzZlbkEwY3VNSFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANfH9pB2H
BrTLWPCtMVvNwwfyWRMnvZv/1qXD3F6yvM2raZIV3eZifMb9j7mi/B8muf7S1Ijo
JuT5FW4Kf7VsVK9RuD37e0QVqdAayoPk75G+xCOCYWImAoOwA1Kv7GG2IOgHUHgq
SanU2glrcq6deSbDJ5SJAvIhlVJitemMuQ6qSypm8sJsfM+i7bNEJDOA6C3oVrzV
fM4qgzEjASwItNa7gj9JVCVF6x598GtZ6kAXYc9Hv4EI270MwwNaSK/VKDLkLuR6
7J1FlcpyyEt2LRw9sU/uEOllukmexmRzzY/yL/nSB8JJePP67lEiP5wsA2zYnoNa
dfmDeALYqSEvLA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 16:27:55 2025 by rpki-client