Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
File: 2BFKkiBvChn3M52guJZpxKX-Urk.mft (raw, json)
Hash identifier: dKApTRK6szGK1hztA3bbCj1c+n5WDIEDI4r7D7US0FI=
Subject key identifier: C9:20:4C:32:D6:A4:EC:D0:51:93:33:09:53:E8:A7:52:C9:6D:50:A8
Authority key identifier: D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
Certificate issuer: /CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Certificate serial: 019A251C8C0B798F89721FFFCE5CE0993B47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
Manifest number: D9
Signing time: Mon 27 Oct 2025 10:00:19 +0000
Manifest this update: Mon 27 Oct 2025 10:00:19 +0000
Manifest next update: Tue 28 Oct 2025 10:00:19 +0000
Files and hashes: 1: 2BFKkiBvChn3M52guJZpxKX-Urk.crl (hash: rsuSmxKopzBmDYqo1ruGKHZrYl2CQGQlPEK63d3mxzM=)
2: G9oTd4bBpmlm3pZMn3YyyXAVIyI.roa (hash: XC2pyO3ZNZCKadVf4J0EDWPKrfSqScmOhmM8oMNNkCI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 08:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:1c:8c:0b:79:8f:89:72:1f:ff:ce:5c:e0:99:3b:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8114a92206f0a19f7339da0b89669c4a5fe52b9
Validity
Not Before: Oct 27 10:00:19 2025 GMT
Not After : Oct 28 10:00:19 2025 GMT
Subject: CN=c9204c32d6a4ecd05193330953e8a752c96d50a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d6:90:5a:63:b9:37:33:e4:fd:6a:f7:50:6b:
e0:3b:e2:cb:be:72:9a:ff:51:f7:00:27:71:e3:69:
c3:a5:f7:8a:b1:76:d9:2e:3f:22:3a:00:85:00:26:
a1:87:6e:6c:74:fa:94:b1:6c:42:df:c1:67:e9:aa:
37:f7:df:84:71:bf:ee:f6:b1:b9:c5:d6:7b:f1:c6:
ef:32:80:1e:22:44:aa:0f:cf:f5:8d:5f:49:95:59:
0f:e9:2f:4c:a2:14:9e:3c:4c:84:96:7c:b9:55:3f:
71:76:e1:71:ac:26:ab:0a:aa:59:f6:44:42:7f:13:
f2:2d:d2:24:a6:02:d2:32:83:01:fc:73:ca:ba:9e:
06:5a:1b:74:94:8b:af:b6:4c:f8:26:6b:af:53:c4:
0a:d8:1e:c0:87:4f:08:6d:71:28:45:29:98:ad:11:
30:46:f2:5c:76:34:78:14:60:ef:58:b3:e8:d5:f7:
ef:9b:ea:7f:7e:15:d0:74:80:0a:a6:cc:2f:d9:f3:
21:de:6d:69:43:74:d1:e7:01:ca:1d:f1:32:90:f3:
df:1f:2e:0b:7c:ae:29:d1:b1:df:cd:65:67:12:0a:
67:ee:da:d2:57:f5:bf:16:d3:d8:e8:13:ae:dc:dd:
c5:1f:0b:4f:46:ed:34:6b:d6:ca:f0:92:00:f9:b0:
73:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:20:4C:32:D6:A4:EC:D0:51:93:33:09:53:E8:A7:52:C9:6D:50:A8
X509v3 Authority Key Identifier:
keyid:D8:11:4A:92:20:6F:0A:19:F7:33:9D:A0:B8:96:69:C4:A5:FE:52:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BFKkiBvChn3M52guJZpxKX-Urk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fdace9-8212-4ce1-a999-5208d9854364/1/2BFKkiBvChn3M52guJZpxKX-Urk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8a:db:99:e7:3d:99:aa:7a:eb:44:5c:1f:0a:b9:b9:68:4c:07:
06:26:4b:fe:88:6f:27:44:d1:21:34:8f:10:a6:33:51:f1:cf:
d7:e8:ab:73:ea:39:2a:00:9b:da:ab:bb:30:77:5c:0f:e2:c3:
9f:a9:23:b5:da:cc:9a:0b:7c:a8:b6:7e:0f:e0:71:bf:1f:cc:
18:31:00:4b:9d:16:90:17:88:84:7c:44:9a:6c:79:2c:06:17:
65:61:6a:bf:8b:96:ae:6a:a9:21:d6:84:ac:86:7f:77:23:9f:
c8:8a:3f:43:94:64:e2:c9:04:e3:83:5f:d9:4a:75:76:ea:fa:
8d:2b:97:f0:00:0a:dd:c6:c0:4e:5b:6e:33:ce:45:86:e6:e5:
60:a0:b6:92:7a:4d:a6:ed:b6:dc:2f:64:ce:a8:7f:d3:80:d5:
93:04:96:73:ae:d2:28:db:0a:47:6a:f4:50:f4:8e:b7:9d:bb:
c0:78:cc:10:da:a2:39:db:20:48:87:2a:e2:ae:2e:6e:73:af:
f1:03:d4:ef:4c:71:24:eb:98:4d:30:50:8c:67:c5:c8:de:11:
1b:d5:52:a3:4e:2c:9c:3d:c3:ce:e9:8d:b2:e1:07:ba:ef:4c:
93:9f:a1:20:72:db:f9:af:d4:eb:1f:f7:34:5f:6d:18:f6:21:
81:d9:2b:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZolHIwLeY+Jch//zlzgmTtHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTE0YTkyMjA2ZjBhMTlmNzMzOWRhMGI4OTY2OWM0YTVm
ZTUyYjkwHhcNMjUxMDI3MTAwMDE5WhcNMjUxMDI4MTAwMDE5WjAzMTEwLwYDVQQD
EyhjOTIwNGMzMmQ2YTRlY2QwNTE5MzMzMDk1M2U4YTc1MmM5NmQ1MGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudaQWmO5NzPk/Wr3UGvgO+LLvnKa
/1H3ACdx42nDpfeKsXbZLj8iOgCFACahh25sdPqUsWxC38Fn6ao399+Ecb/u9rG5
xdZ78cbvMoAeIkSqD8/1jV9JlVkP6S9MohSePEyElny5VT9xduFxrCarCqpZ9kRC
fxPyLdIkpgLSMoMB/HPKup4GWht0lIuvtkz4JmuvU8QK2B7Ah08IbXEoRSmYrREw
RvJcdjR4FGDvWLPo1ffvm+p/fhXQdIAKpswv2fMh3m1pQ3TR5wHKHfEykPPfHy4L
fK4p0bHfzWVnEgpn7trSV/W/FtPY6BOu3N3FHwtPRu00a9bK8JIA+bBzSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMkgTDLWpOzQUZMzCVPop1LJbVCoMB8GA1UdIwQY
MBaAFNgRSpIgbwoZ9zOdoLiWacSl/lK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTkt
NTIwOGQ5ODU0MzY0LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9mZGFjZTktODIxMi00Y2UxLWE5OTktNTIwOGQ5ODU0MzY0
LzEvMkJGS2tpQnZDaG4zTTUyZ3VKWnB4S1gtVXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAituZ5z2Z
qnrrRFwfCrm5aEwHBiZL/ohvJ0TRITSPEKYzUfHP1+irc+o5KgCb2qu7MHdcD+LD
n6kjtdrMmgt8qLZ+D+Bxvx/MGDEAS50WkBeIhHxEmmx5LAYXZWFqv4uWrmqpIdaE
rIZ/dyOfyIo/Q5Rk4skE44Nf2Up1dur6jSuX8AAK3cbATltuM85FhublYKC2knpN
pu223C9kzqh/04DVkwSWc67SKNsKR2r0UPSOt527wHjMENqiOdsgSIcq4q4ubnOv
8QPU70xxJOuYTTBQjGfFyN4RG9VSo04snD3DzumNsuEHuu9Mk5+hIHLb+a/U6x/3
NF9tGPYhgdkriA==
-----END CERTIFICATE-----
Generated at Mon Oct 27 14:29:35 2025 by rpki-client