Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.mft
File: vB0gk2YmtVdDxllFEt5C75-OkF8.mft (raw, json)
Hash identifier: BR5XPWswl9EGLw6gU9+oMevVB7/MpGuoVG1N+vwLRg4=
Subject key identifier: 32:22:06:71:28:04:94:A5:7A:08:A6:2D:9E:AB:63:31:85:54:21:AA
Authority key identifier: BC:1D:20:93:66:26:B5:57:43:C6:59:45:12:DE:42:EF:9F:8E:90:5F
Certificate issuer: /CN=bc1d20936626b55743c6594512de42ef9f8e905f
Certificate serial: 019A7338306797AFC26C2C2ABF84DC116929
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 14:00:53 +0000
Manifest this update: Tue 11 Nov 2025 14:00:53 +0000
Manifest next update: Wed 12 Nov 2025 14:00:53 +0000
Files and hashes: 1: 5sX-DGEXiD0BFlvf-Fmo0E_zIWA.roa (hash: 9QROXrOe8DbEbrWzP6N+sqZkzzd6XWEYKMJ32P4x344=)
2: vB0gk2YmtVdDxllFEt5C75-OkF8.crl (hash: SKzklEVorMIwdk5JYhCBdOywubf04LuiOswEZtB+46I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:38:30:67:97:af:c2:6c:2c:2a:bf:84:dc:11:69:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc1d20936626b55743c6594512de42ef9f8e905f
Validity
Not Before: Nov 11 14:00:53 2025 GMT
Not After : Nov 12 14:00:53 2025 GMT
Subject: CN=32220671280494a57a08a62d9eab6331855421aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:90:13:66:76:a1:c0:f3:d6:5f:57:fd:81:70:
fd:10:bb:6c:f5:12:c1:b4:73:21:eb:0a:c3:0a:84:
70:e7:6b:4a:c9:1f:b8:bf:8c:6d:e7:a5:da:9e:56:
be:39:6e:d1:64:e8:cc:fa:76:4f:ca:13:9f:46:31:
88:e3:b1:72:76:5d:9a:fa:d1:e6:2c:c8:99:18:94:
10:9f:91:62:3e:79:b3:e8:a5:5b:c5:ce:98:db:b7:
59:33:1d:4b:9e:2a:40:e9:0d:fe:5a:86:d3:ce:f5:
e3:ba:c9:b8:31:e3:66:5c:6c:6a:7f:2e:fe:b3:e3:
63:8d:2b:eb:a3:d7:f7:3a:e6:66:72:6a:4f:ea:bf:
4f:db:08:ea:b3:fd:d3:6d:ff:37:4e:06:13:ed:0f:
ee:2e:5a:c5:dc:d2:b9:16:b0:25:15:3d:9b:48:32:
90:30:71:34:63:6a:39:f9:e1:0e:36:26:34:d1:a8:
81:47:85:38:30:1b:1a:18:37:c2:32:b2:0a:7f:03:
a7:67:08:2a:55:3d:64:04:93:e7:23:4c:12:24:aa:
5d:e1:00:f5:5e:e4:16:13:9f:ff:c2:8d:74:97:53:
24:ea:4b:5a:16:86:8b:0a:37:d7:7a:29:27:0b:21:
13:64:b1:ef:53:78:6a:21:57:3d:6a:38:69:38:88:
67:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:22:06:71:28:04:94:A5:7A:08:A6:2D:9E:AB:63:31:85:54:21:AA
X509v3 Authority Key Identifier:
keyid:BC:1D:20:93:66:26:B5:57:43:C6:59:45:12:DE:42:EF:9F:8E:90:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vB0gk2YmtVdDxllFEt5C75-OkF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/bfda12-76b3-43b2-88e8-1f1dc52bbb98/1/vB0gk2YmtVdDxllFEt5C75-OkF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6d:c1:0d:2c:8c:bf:5d:3f:ea:60:99:a2:ae:54:0f:b8:61:bd:
24:bb:d6:35:54:c7:9c:e9:93:40:60:92:b7:65:b0:be:c7:f3:
91:3e:10:dc:88:ee:5d:f2:3d:67:4d:58:10:62:48:51:b3:6c:
14:44:05:4e:46:fa:fb:cf:8e:c8:95:ab:b7:56:54:08:c1:1e:
5b:98:3f:3e:d6:67:e5:27:a8:f8:a7:b1:06:d9:bf:f5:6f:95:
0c:aa:49:f1:1d:b8:af:e3:ec:ac:80:05:72:f3:63:32:f9:7d:
0c:76:60:b1:33:e5:f3:63:44:c5:22:54:6b:5b:55:19:38:d4:
7f:9e:ac:8e:90:7f:8c:ec:23:c6:db:2b:22:89:72:10:02:7e:
5c:4f:94:9f:98:31:84:c2:f9:af:ff:ba:02:b0:95:5b:4e:0c:
00:4e:09:e5:ea:dd:24:c3:4a:c0:17:83:f5:cb:b3:32:42:78:
08:34:ea:bc:90:2a:6f:8f:c7:4a:b9:00:02:65:5a:2e:30:cb:
4b:5c:5b:af:54:88:1f:92:f6:9d:f4:cb:17:3d:78:66:a5:a5:
72:2d:c3:8e:9d:f6:19:7f:8c:a1:e8:cb:0f:80:dc:00:8d:03:
47:0f:6b:11:3a:57:8c:fa:9f:58:d9:1b:60:f4:77:d3:21:bf:
fa:f9:16:1b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzODBnl6/CbCwqv4TcEWkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjMWQyMDkzNjYyNmI1NTc0M2M2NTk0NTEyZGU0MmVmOWY4
ZTkwNWYwHhcNMjUxMTExMTQwMDUzWhcNMjUxMTEyMTQwMDUzWjAzMTEwLwYDVQQD
EygzMjIyMDY3MTI4MDQ5NGE1N2EwOGE2MmQ5ZWFiNjMzMTg1NTQyMWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpATZnahwPPWX1f9gXD9ELts9RLB
tHMh6wrDCoRw52tKyR+4v4xt56Xanla+OW7RZOjM+nZPyhOfRjGI47Fydl2a+tHm
LMiZGJQQn5FiPnmz6KVbxc6Y27dZMx1LnipA6Q3+WobTzvXjusm4MeNmXGxqfy7+
s+NjjSvro9f3OuZmcmpP6r9P2wjqs/3Tbf83TgYT7Q/uLlrF3NK5FrAlFT2bSDKQ
MHE0Y2o5+eEONiY00aiBR4U4MBsaGDfCMrIKfwOnZwgqVT1kBJPnI0wSJKpd4QD1
XuQWE5//wo10l1Mk6ktaFoaLCjfXeiknCyETZLHvU3hqIVc9ajhpOIhn1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDIiBnEoBJSlegimLZ6rYzGFVCGqMB8GA1UdIwQY
MBaAFLwdIJNmJrVXQ8ZZRRLeQu+fjpBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iZmRhMTItNzZiMy00M2IyLTg4ZTgt
MWYxZGM1MmJiYjk4LzEvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iZmRhMTItNzZiMy00M2IyLTg4ZTgtMWYxZGM1MmJiYjk4
LzEvdkIwZ2syWW10VmREeGxsRkV0NUM3NS1Pa0Y4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbcENLIy/
XT/qYJmirlQPuGG9JLvWNVTHnOmTQGCSt2WwvsfzkT4Q3IjuXfI9Z01YEGJIUbNs
FEQFTkb6+8+OyJWrt1ZUCMEeW5g/PtZn5Seo+KexBtm/9W+VDKpJ8R24r+PsrIAF
cvNjMvl9DHZgsTPl82NExSJUa1tVGTjUf56sjpB/jOwjxtsrIolyEAJ+XE+Un5gx
hML5r/+6ArCVW04MAE4J5erdJMNKwBeD9cuzMkJ4CDTqvJAqb4/HSrkAAmVaLjDL
S1xbr1SIH5L2nfTLFz14ZqWlci3Djp32GX+MoejLD4DcAI0DRw9rETpXjPqfWNkb
YPR30yG/+vkWGw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:46:11 2025 by rpki-client