Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
File: 2xTnpr6Xzsb1vBpninbqbRYZwwY.mft (raw, json)
Hash identifier: OZQF4To5pSg4yrypb9oqsGagW2p5pRP6Fc/dHwpb9as=
Subject key identifier: 6F:74:93:F6:E1:9F:4C:56:93:42:E5:9D:28:F6:23:9A:FE:2F:3E:C3
Authority key identifier: DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
Certificate issuer: /CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Certificate serial: 019A72CA998924B8A3C8FE475E6F8B9F9239
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
Manifest number: 14E3
Signing time: Tue 11 Nov 2025 12:01:11 +0000
Manifest this update: Tue 11 Nov 2025 12:01:11 +0000
Manifest next update: Wed 12 Nov 2025 12:01:11 +0000
Files and hashes: 1: 2xTnpr6Xzsb1vBpninbqbRYZwwY.crl (hash: 2Ld2cQQchwHCmdLYAt8OO8aCPY7MBpl22sK3GLTL1eA=)
2: FjL5MqcK0dv0phSETNIP5t1SBWg.roa (hash: HghvVzu9hsO9wX3NaFq2EgUKtQhDl/MHwAlkrJlofBE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:99:89:24:b8:a3:c8:fe:47:5e:6f:8b:9f:92:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db14e7a6be97cec6f5bc1a678a76ea6d1619c306
Validity
Not Before: Nov 11 12:01:11 2025 GMT
Not After : Nov 12 12:01:11 2025 GMT
Subject: CN=6f7493f6e19f4c569342e59d28f6239afe2f3ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c6:48:c8:ae:43:aa:cb:b9:61:a0:6d:33:85:
90:e6:7a:a6:cd:b4:dc:19:53:c3:6a:36:2a:d3:29:
9f:5d:29:a6:43:ae:06:11:33:ae:d7:f2:07:f6:cd:
88:91:d5:0e:d6:e8:6a:db:d3:71:b7:ec:1d:65:74:
5d:03:81:3d:31:b9:e2:f5:c3:69:78:17:ca:d3:bc:
d6:05:99:2e:38:37:b4:dc:87:3b:74:e3:aa:b1:f4:
d0:95:43:83:ff:28:58:41:db:1e:75:e1:ba:44:6a:
d0:94:63:62:3b:c4:8b:6d:f0:d3:88:36:43:9c:f4:
1a:bc:f2:ee:95:0a:11:db:c3:77:1d:c8:a2:49:cb:
80:ff:d0:d0:3b:ea:aa:50:dd:d9:e6:87:59:89:b0:
db:9c:06:7b:7c:04:ac:75:99:69:4f:df:c0:b1:f7:
cc:5c:d2:3d:b7:bc:1e:a5:e4:31:a0:68:1b:38:ba:
9e:cb:ac:7f:1c:08:35:49:8d:43:74:d6:ee:b0:c3:
51:5a:6a:f9:00:b1:10:1b:fe:31:db:75:5f:7a:36:
a4:aa:5b:51:d6:c6:70:a5:bc:a8:6f:19:15:f3:00:
1a:d4:de:a6:30:11:6b:10:3e:3a:86:4c:a0:94:f9:
8a:ba:3d:f2:bf:b2:44:f2:9a:c9:f2:e1:94:52:a1:
c3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:74:93:F6:E1:9F:4C:56:93:42:E5:9D:28:F6:23:9A:FE:2F:3E:C3
X509v3 Authority Key Identifier:
keyid:DB:14:E7:A6:BE:97:CE:C6:F5:BC:1A:67:8A:76:EA:6D:16:19:C3:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2xTnpr6Xzsb1vBpninbqbRYZwwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/10645d-3542-4e5d-8e70-11f91d0739c9/1/2xTnpr6Xzsb1vBpninbqbRYZwwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:6a:86:31:39:48:47:a4:14:05:67:43:b4:98:53:37:90:73:
a5:c4:a5:99:73:2b:1a:b2:fa:5b:0a:53:bf:a5:f0:5f:eb:db:
d3:2f:7f:9d:43:86:5e:ed:82:de:e0:33:73:1d:e4:9e:38:f5:
6d:ae:1f:1e:91:45:8d:87:25:17:0d:d1:c0:0d:39:38:ba:cf:
06:b4:4c:c2:f2:fb:bb:a5:de:72:64:fc:e7:ee:9a:c7:a2:e4:
72:9e:ea:f9:04:17:a5:8f:f6:fd:bf:f4:c1:f5:21:ca:58:47:
92:5e:fb:b3:23:2f:c2:c6:63:14:da:20:4a:a8:b1:c6:cc:ff:
b3:8a:99:16:bb:e1:43:b8:2e:0d:67:d2:4f:70:d5:eb:40:94:
f2:31:85:42:0f:d3:db:39:32:76:c7:a1:33:9c:64:c9:7a:85:
9f:96:26:b7:5f:f5:69:77:da:6f:94:7f:59:14:ff:d2:e3:21:
56:91:33:0c:1f:3f:0a:80:bd:1e:4c:f5:bc:26:c6:f9:09:be:
3c:b6:88:39:0a:61:3d:50:b9:ea:cc:35:15:bc:f7:59:70:df:
6c:20:9f:97:d6:18:05:c4:db:05:f4:fa:07:96:ad:62:5c:c2:
ac:77:d4:65:56:87:f1:29:f6:e4:35:32:59:52:a2:e7:c1:6c:
17:e3:1a:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyypmJJLijyP5HXm+Ln5I5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMTRlN2E2YmU5N2NlYzZmNWJjMWE2NzhhNzZlYTZkMTYx
OWMzMDYwHhcNMjUxMTExMTIwMTExWhcNMjUxMTEyMTIwMTExWjAzMTEwLwYDVQQD
Eyg2Zjc0OTNmNmUxOWY0YzU2OTM0MmU1OWQyOGY2MjM5YWZlMmYzZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsZIyK5Dqsu5YaBtM4WQ5nqmzbTc
GVPDajYq0ymfXSmmQ64GETOu1/IH9s2IkdUO1uhq29Nxt+wdZXRdA4E9Mbni9cNp
eBfK07zWBZkuODe03Ic7dOOqsfTQlUOD/yhYQdsedeG6RGrQlGNiO8SLbfDTiDZD
nPQavPLulQoR28N3HciiScuA/9DQO+qqUN3Z5odZibDbnAZ7fASsdZlpT9/AsffM
XNI9t7wepeQxoGgbOLqey6x/HAg1SY1DdNbusMNRWmr5ALEQG/4x23VfejakqltR
1sZwpbyobxkV8wAa1N6mMBFrED46hkyglPmKuj3yv7JE8prJ8uGUUqHDRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG90k/bhn0xWk0LlnSj2I5r+Lz7DMB8GA1UdIwQY
MBaAFNsU56a+l87G9bwaZ4p26m0WGcMGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAt
MTFmOTFkMDczOWM5LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8xMDY0NWQtMzU0Mi00ZTVkLThlNzAtMTFmOTFkMDczOWM5
LzEvMnhUbnByNlh6c2IxdkJwbmluYnFiUllad3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANmqGMTlI
R6QUBWdDtJhTN5BzpcSlmXMrGrL6WwpTv6XwX+vb0y9/nUOGXu2C3uAzcx3knjj1
ba4fHpFFjYclFw3RwA05OLrPBrRMwvL7u6XecmT85+6ax6Lkcp7q+QQXpY/2/b/0
wfUhylhHkl77syMvwsZjFNogSqixxsz/s4qZFrvhQ7guDWfST3DV60CU8jGFQg/T
2zkydsehM5xkyXqFn5Ymt1/1aXfab5R/WRT/0uMhVpEzDB8/CoC9Hkz1vCbG+Qm+
PLaIOQphPVC56sw1Fbz3WXDfbCCfl9YYBcTbBfT6B5atYlzCrHfUZVaH8Sn25DUy
WVKi58FsF+MapQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 18:38:24 2025 by rpki-client