Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
File: 2PuW6jr1HFMtfo_oyUN29R4epAI.mft (raw, json)
Hash identifier: KuLq+OZMNvL9QTJHm8D+zDajlv/aimiJgHfXVMWWskk=
Subject key identifier: 91:60:8D:96:29:5A:CE:92:13:67:0B:A4:B8:92:F2:83:5F:0B:4A:B9
Authority key identifier: D8:FB:96:EA:3A:F5:1C:53:2D:7E:8F:E8:C9:43:76:F5:1E:1E:A4:02
Certificate issuer: /CN=d8fb96ea3af51c532d7e8fe8c94376f51e1ea402
Certificate serial: 019A730156132F7191CCD167F319C8B35276
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
Manifest number: 1544
Signing time: Tue 11 Nov 2025 13:00:58 +0000
Manifest this update: Tue 11 Nov 2025 13:00:58 +0000
Manifest next update: Wed 12 Nov 2025 13:00:58 +0000
Files and hashes: 1: 2PuW6jr1HFMtfo_oyUN29R4epAI.crl (hash: LPlWWTGz3rcHpVBoiXYmW+Lxnvrv5HsQUBsPF4Rj40M=)
2: qvV18edZ4nG1g9Z6XFGjfB91HGk.roa (hash: xA0FHg4k3qhHIOcw440t6o/vgKfLrTtDa1pgd5bBDMs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:56:13:2f:71:91:cc:d1:67:f3:19:c8:b3:52:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8fb96ea3af51c532d7e8fe8c94376f51e1ea402
Validity
Not Before: Nov 11 13:00:58 2025 GMT
Not After : Nov 12 13:00:58 2025 GMT
Subject: CN=91608d96295ace9213670ba4b892f2835f0b4ab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c6:8c:45:bf:c8:67:5c:3d:fc:51:b5:4e:2a:
1b:b7:e0:d6:04:32:c4:11:a4:1d:8d:c5:28:43:5f:
9d:fd:ce:34:5b:94:70:e3:18:ec:6c:55:16:f3:b5:
13:4e:37:84:5c:30:ef:12:c3:e5:2e:65:fd:ed:4e:
88:d9:bb:0c:90:19:97:b8:56:82:d8:e7:95:85:2e:
ab:f0:20:90:d7:d5:94:ab:9d:85:3a:18:ba:c5:1c:
ee:1c:66:5b:c6:a2:af:dd:de:84:89:ba:0d:e7:a3:
bb:8c:5d:0e:4c:c0:2a:ee:81:0a:bf:de:54:d6:53:
48:08:b8:84:98:be:44:50:1f:80:69:ea:5c:80:9b:
1c:4f:8d:a6:41:1f:7c:67:53:c9:da:b3:78:df:a2:
f4:dc:d4:11:57:cb:b4:31:b0:98:e2:b6:09:21:c7:
fb:2d:66:eb:d8:8f:e3:63:77:5a:a0:6c:a0:02:14:
07:84:fc:5d:5c:24:3d:cd:ce:d0:14:af:a1:da:e0:
47:04:b9:3d:9d:ba:9d:64:94:a2:d1:9f:0c:bd:cb:
11:a8:8c:11:db:3d:c5:a2:fe:68:b0:fc:d1:13:08:
45:50:91:89:ec:c5:e7:52:71:3d:9b:41:33:90:94:
88:d1:07:28:cd:59:7f:2d:c9:60:01:f2:fc:87:a1:
6f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:60:8D:96:29:5A:CE:92:13:67:0B:A4:B8:92:F2:83:5F:0B:4A:B9
X509v3 Authority Key Identifier:
keyid:D8:FB:96:EA:3A:F5:1C:53:2D:7E:8F:E8:C9:43:76:F5:1E:1E:A4:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PuW6jr1HFMtfo_oyUN29R4epAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/53ffa0-9060-472c-aac2-8eb85e3283e2/1/2PuW6jr1HFMtfo_oyUN29R4epAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
37:cc:4b:fd:1b:84:2c:b5:c1:c2:b7:15:29:44:b4:f8:e9:95:
1f:49:c8:2e:f8:a9:a2:bc:b1:3b:2e:c4:f0:1f:ad:a6:cf:6b:
21:b9:8d:2d:f9:f6:82:f4:56:67:a6:61:b8:a2:64:98:c2:4c:
0c:c8:dc:fd:8c:c1:d2:2e:b4:ce:36:9e:ed:23:4c:07:eb:f9:
67:09:1b:49:5f:85:d2:1d:74:25:2a:f5:f5:8e:d9:4c:82:c3:
19:0f:c8:da:95:83:bd:78:27:8d:10:80:16:95:43:cd:cd:a9:
31:9e:cc:c2:06:f4:0f:a3:ad:32:b0:5d:a1:b0:b7:f5:0d:5e:
0c:d7:cf:d9:a3:19:71:f4:69:9c:7a:b4:71:38:3a:76:e3:96:
54:50:e3:ee:8f:2c:a5:8f:4f:d8:e3:67:18:3f:3b:3f:80:35:
32:8e:87:e0:83:56:b2:5f:b8:a3:65:ce:5e:f5:cb:00:6b:21:
c0:86:be:9e:d5:20:fc:50:89:a6:ab:38:ef:99:97:c1:3d:4a:
d1:8f:f7:ec:eb:48:22:88:ef:aa:7f:f4:14:de:98:63:cb:16:
f3:4f:25:bc:6b:a9:3f:11:56:57:e4:4d:9d:cd:a6:02:20:71:
f1:74:82:45:9e:71:d1:3b:cf:f9:b3:ca:92:4d:ca:6a:8d:72:
75:a6:00:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAVYTL3GRzNFn8xnIs1J2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmI5NmVhM2FmNTFjNTMyZDdlOGZlOGM5NDM3NmY1MWUx
ZWE0MDIwHhcNMjUxMTExMTMwMDU4WhcNMjUxMTEyMTMwMDU4WjAzMTEwLwYDVQQD
Eyg5MTYwOGQ5NjI5NWFjZTkyMTM2NzBiYTRiODkyZjI4MzVmMGI0YWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1saMRb/IZ1w9/FG1Tiobt+DWBDLE
EaQdjcUoQ1+d/c40W5Rw4xjsbFUW87UTTjeEXDDvEsPlLmX97U6I2bsMkBmXuFaC
2OeVhS6r8CCQ19WUq52FOhi6xRzuHGZbxqKv3d6EiboN56O7jF0OTMAq7oEKv95U
1lNICLiEmL5EUB+AaepcgJscT42mQR98Z1PJ2rN436L03NQRV8u0MbCY4rYJIcf7
LWbr2I/jY3daoGygAhQHhPxdXCQ9zc7QFK+h2uBHBLk9nbqdZJSi0Z8MvcsRqIwR
2z3Fov5osPzREwhFUJGJ7MXnUnE9m0EzkJSI0QcozVl/LclgAfL8h6FvDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJFgjZYpWs6SE2cLpLiS8oNfC0q5MB8GA1UdIwQY
MBaAFNj7luo69RxTLX6P6MlDdvUeHqQCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81M2ZmYTAtOTA2MC00NzJjLWFhYzIt
OGViODVlMzI4M2UyLzEvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81M2ZmYTAtOTA2MC00NzJjLWFhYzItOGViODVlMzI4M2Uy
LzEvMlB1VzZqcjFIRk10Zm9fb3lVTjI5UjRlcEFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN8xL/RuE
LLXBwrcVKUS0+OmVH0nILviporyxOy7E8B+tps9rIbmNLfn2gvRWZ6ZhuKJkmMJM
DMjc/YzB0i60zjae7SNMB+v5ZwkbSV+F0h10JSr19Y7ZTILDGQ/I2pWDvXgnjRCA
FpVDzc2pMZ7Mwgb0D6OtMrBdobC39Q1eDNfP2aMZcfRpnHq0cTg6duOWVFDj7o8s
pY9P2ONnGD87P4A1Mo6H4INWsl+4o2XOXvXLAGshwIa+ntUg/FCJpqs475mXwT1K
0Y/37OtIIojvqn/0FN6YY8sW808lvGupPxFWV+RNnc2mAiBx8XSCRZ5x0TvP+bPK
kk3Kao1ydaYAiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:46:38 2025 by rpki-client