Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
File: vmBP81opyRFWvkvSKbO693yDl70.mft (raw, json)
Hash identifier: S44k+WZvdpfCphUeEdQ1dRXac2m19W3xntemh0YBqhE=
Subject key identifier: 7E:6F:11:DC:D3:BD:81:44:F8:3A:B8:4E:9F:37:56:44:48:EA:A0:F7
Authority key identifier: BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
Certificate issuer: /CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Certificate serial: 019A728BD48EEDA5CE1EF4FCAD9E2203627B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
Manifest number: 0949
Signing time: Tue 11 Nov 2025 10:52:37 +0000
Manifest this update: Tue 11 Nov 2025 10:52:37 +0000
Manifest next update: Wed 12 Nov 2025 10:52:37 +0000
Files and hashes: 1: vmBP81opyRFWvkvSKbO693yDl70.crl (hash: 1u3yPGS5MeeVNs0DPlf8Y8ByTL2vNNdDKq25CXzlCw8=)
2: xKhlmwkhpDMTNKSIizqisLWT3AQ.roa (hash: wyhLYIBDdO6iFhviIArhJTJRsCWrDx4vYq5+pNBPzEE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:8b:d4:8e:ed:a5:ce:1e:f4:fc:ad:9e:22:03:62:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be604ff35a29c91156be4bd229b3baf77c8397bd
Validity
Not Before: Nov 11 10:52:37 2025 GMT
Not After : Nov 12 10:52:37 2025 GMT
Subject: CN=7e6f11dcd3bd8144f83ab84e9f37564448eaa0f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c6:59:00:75:c0:24:6e:e1:e9:80:1d:19:26:
52:dc:42:bb:18:9f:1f:88:31:b1:24:ae:d9:8c:0a:
66:e1:42:0b:b4:b6:81:44:e0:bb:31:40:b7:00:25:
bf:f3:44:a4:88:e7:1a:81:5b:c9:15:a3:8e:8a:4d:
d0:47:ce:b4:fa:5b:21:bf:6d:af:d4:8a:7a:8e:3f:
82:cf:a7:9c:66:d6:c6:82:ad:e9:f8:81:3e:9f:9a:
53:8b:25:13:a2:12:12:c9:49:e4:e5:4c:d8:5b:cd:
2d:06:c5:19:00:54:b9:e7:d2:00:ce:65:05:b4:6e:
90:c0:8e:08:5b:c5:92:5f:ac:82:bb:34:f3:e0:cc:
c4:7a:48:8c:08:bf:8a:9b:da:51:76:d4:e1:60:57:
9b:b8:b8:ed:b1:4b:f6:f7:54:78:0b:42:b2:93:10:
bc:90:f9:ed:fc:2a:df:09:18:9d:11:40:f1:40:38:
cd:4d:bf:4c:83:56:1c:56:3c:41:f5:b3:b2:91:b5:
36:82:40:d2:3f:43:f8:bd:fe:c0:a0:c7:4b:cd:8d:
61:67:d9:19:28:c3:b2:0d:44:2f:71:34:bc:8b:2b:
aa:10:4f:22:76:e8:28:b0:ec:05:45:52:e0:a7:c2:
0b:79:27:6b:c1:37:f3:ac:34:9d:e1:20:20:b1:b5:
c3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:6F:11:DC:D3:BD:81:44:F8:3A:B8:4E:9F:37:56:44:48:EA:A0:F7
X509v3 Authority Key Identifier:
keyid:BE:60:4F:F3:5A:29:C9:11:56:BE:4B:D2:29:B3:BA:F7:7C:83:97:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vmBP81opyRFWvkvSKbO693yDl70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/e849bb-1304-44ea-838f-1a39c3d34f08/1/vmBP81opyRFWvkvSKbO693yDl70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:8e:ea:cf:1b:f9:2e:1c:91:af:c2:76:e0:c8:ec:d2:af:98:
93:15:4d:52:d1:93:99:77:09:dd:ef:c3:b3:bd:85:46:07:e1:
89:2f:9f:e0:5a:26:5f:8b:aa:8f:03:cd:17:5f:5d:ad:65:93:
fc:fa:a7:96:0b:f2:83:92:ee:e5:bf:55:5a:b5:07:f8:5d:a9:
4e:55:a2:11:a2:99:15:92:57:15:6a:70:9c:b0:66:dd:19:66:
79:8d:aa:0f:be:ca:62:96:4a:af:42:3e:1b:39:46:12:76:1a:
1d:c2:34:0b:73:b9:3e:d1:b4:71:42:ee:35:58:8b:31:7d:ed:
71:37:66:da:a2:0c:77:34:77:a8:16:3c:1e:3e:8a:13:38:d7:
e6:05:23:90:67:f8:64:f2:60:0d:9d:d0:ff:97:6f:f2:90:19:
8e:72:c9:c0:95:53:df:58:97:0b:e8:ba:62:81:dc:df:35:e9:
c3:75:52:13:33:b6:14:f8:9d:5b:cc:3a:3b:37:78:18:75:6a:
9c:ca:e7:f6:d4:be:89:68:67:86:fc:77:91:14:2e:23:12:6b:
7f:4a:21:2e:4d:e2:0c:5c:76:69:cc:9c:03:ba:a8:14:67:30:
ed:b3:5e:ba:e4:bd:b5:dd:70:18:70:98:53:db:ce:fc:83:d3:
94:85:10:fb
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyi9SO7aXOHvT8rZ4iA2J7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNjA0ZmYzNWEyOWM5MTE1NmJlNGJkMjI5YjNiYWY3N2M4
Mzk3YmQwHhcNMjUxMTExMTA1MjM3WhcNMjUxMTEyMTA1MjM3WjAzMTEwLwYDVQQD
Eyg3ZTZmMTFkY2QzYmQ4MTQ0ZjgzYWI4NGU5ZjM3NTY0NDQ4ZWFhMGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMZZAHXAJG7h6YAdGSZS3EK7GJ8f
iDGxJK7ZjApm4UILtLaBROC7MUC3ACW/80SkiOcagVvJFaOOik3QR860+lshv22v
1Ip6jj+Cz6ecZtbGgq3p+IE+n5pTiyUTohISyUnk5UzYW80tBsUZAFS559IAzmUF
tG6QwI4IW8WSX6yCuzTz4MzEekiMCL+Km9pRdtThYFebuLjtsUv291R4C0KykxC8
kPnt/CrfCRidEUDxQDjNTb9Mg1YcVjxB9bOykbU2gkDSP0P4vf7AoMdLzY1hZ9kZ
KMOyDUQvcTS8iyuqEE8idugosOwFRVLgp8ILeSdrwTfzrDSd4SAgsbXDxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFH5vEdzTvYFE+Dq4Tp83VkRI6qD3MB8GA1UdIwQY
MBaAFL5gT/NaKckRVr5L0imzuvd8g5e9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYt
MWEzOWMzZDM0ZjA4LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9lODQ5YmItMTMwNC00NGVhLTgzOGYtMWEzOWMzZDM0ZjA4
LzEvdm1CUDgxb3B5UkZXdmt2U0tiTzY5M3lEbDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKY7qzxv5
LhyRr8J24Mjs0q+YkxVNUtGTmXcJ3e/Ds72FRgfhiS+f4FomX4uqjwPNF19drWWT
/Pqnlgvyg5Lu5b9VWrUH+F2pTlWiEaKZFZJXFWpwnLBm3RlmeY2qD77KYpZKr0I+
GzlGEnYaHcI0C3O5PtG0cULuNViLMX3tcTdm2qIMdzR3qBY8Hj6KEzjX5gUjkGf4
ZPJgDZ3Q/5dv8pAZjnLJwJVT31iXC+i6YoHc3zXpw3VSEzO2FPidW8w6Ozd4GHVq
nMrn9tS+iWhnhvx3kRQuIxJrf0ohLk3iDFx2acycA7qoFGcw7bNeuuS9td1wGHCY
U9vO/IPTlIUQ+w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:09:40 2025 by rpki-client