Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft
File: SiHJG2O7vaiASnSfPWEOiyF_m3M.mft (raw, json)
Hash identifier: vm2yEn3gFs9IHdSmQMJi36MsLl2tseJ8LsdSs55SV9E=
Subject key identifier: F8:81:DE:00:D2:B1:E4:D6:6A:87:90:EF:C8:7B:DC:2B:64:54:5D:7A
Authority key identifier: 4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
Certificate issuer: /CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Certificate serial: 019A725C9FBC40B29A47EF598A01335B07C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft
Manifest number: 131D
Signing time: Tue 11 Nov 2025 10:01:04 +0000
Manifest this update: Tue 11 Nov 2025 10:01:04 +0000
Manifest next update: Wed 12 Nov 2025 10:01:04 +0000
Files and hashes: 1: 1Z1yWNgRSnqR3pt5WlApDelQe4o.roa (hash: 7G52qXZFDFq0XDjJ+/lW8m4SCa70rkFS2r1Ec1zORA4=)
2: SiHJG2O7vaiASnSfPWEOiyF_m3M.crl (hash: EPi9goOm2DuCk2v0EHMXReAuvfJgovhqK4NHEjUnwgI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:9f:bc:40:b2:9a:47:ef:59:8a:01:33:5b:07:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a21c91b63bbbda8804a749f3d610e8b217f9b73
Validity
Not Before: Nov 11 10:01:04 2025 GMT
Not After : Nov 12 10:01:04 2025 GMT
Subject: CN=f881de00d2b1e4d66a8790efc87bdc2b64545d7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:90:21:8e:0c:fd:9a:c8:3e:ef:18:94:47:c7:
07:a1:37:69:cb:88:e3:61:0e:39:07:54:24:02:3a:
b5:15:56:b6:b7:c0:5a:07:7b:ad:3f:f6:b2:90:c9:
41:83:d8:f2:7a:36:a2:cd:d1:64:c1:04:30:9a:7c:
bf:2e:9d:da:ea:ce:b6:0c:5b:25:1b:b3:89:69:2c:
79:2e:99:95:7d:b4:0d:11:fe:a8:cc:1e:ab:8e:eb:
78:09:35:b2:8d:7f:10:58:de:ff:a1:fe:86:83:0d:
53:03:34:6c:cc:06:99:c3:4b:17:d5:9d:b6:9a:b0:
c4:11:02:cc:ca:45:44:53:2e:69:1e:ce:93:8e:36:
42:6f:be:b1:41:e7:99:c0:10:0c:4d:9b:22:39:b1:
74:c6:a5:72:d9:8a:11:6a:45:02:b4:5c:35:ca:98:
4f:90:44:de:16:f2:14:41:1b:cb:9d:b3:9f:1e:d6:
16:e9:0a:00:ec:a9:53:9f:ec:d7:4d:bc:dc:4c:1f:
e9:99:c1:ae:c7:92:a0:6e:6d:2c:2e:df:72:fc:8a:
cc:c3:58:72:ec:69:51:db:ef:3b:e1:89:9e:75:51:
79:5e:9c:6a:08:46:58:16:6b:14:c7:03:b0:9a:ae:
3c:0f:2c:6e:c9:b1:b6:21:8d:e2:45:b1:88:03:a5:
56:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:81:DE:00:D2:B1:E4:D6:6A:87:90:EF:C8:7B:DC:2B:64:54:5D:7A
X509v3 Authority Key Identifier:
keyid:4A:21:C9:1B:63:BB:BD:A8:80:4A:74:9F:3D:61:0E:8B:21:7F:9B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SiHJG2O7vaiASnSfPWEOiyF_m3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/6e8ca0-cd40-46fd-8ee4-47fbe4c4a4fd/1/SiHJG2O7vaiASnSfPWEOiyF_m3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d1:5a:6f:a0:12:55:79:b1:9c:a2:bb:24:52:56:97:52:59:50:
2e:69:76:78:e4:8e:45:ca:04:f5:03:7c:36:86:43:10:be:9f:
52:d2:e4:f8:df:22:12:a5:0a:61:a6:b9:11:0f:91:3e:80:9c:
85:da:b3:ac:21:5c:6a:44:5f:1b:15:67:05:93:6b:98:02:40:
dc:0d:d8:5c:3d:c5:12:07:f7:05:bb:dd:cb:f2:72:5a:90:b6:
5a:6e:23:9c:fc:e0:2e:27:46:6b:67:81:77:18:d6:7c:c6:26:
b6:8a:e3:5f:d8:23:5b:35:ac:5d:6c:33:63:a7:a4:99:5e:42:
49:96:68:fe:14:a6:28:17:a2:e2:04:4e:06:23:80:cd:b8:ce:
fc:0e:54:01:20:c8:de:28:38:af:d0:00:84:07:d1:60:c0:32:
6c:46:9d:8f:ae:a1:62:0b:af:4e:d2:70:3c:17:f2:67:dc:ba:
a9:1a:a1:9d:cb:7d:7c:03:6a:c3:96:dd:d8:6a:19:a6:f5:78:
70:87:94:9f:54:fc:fc:49:97:54:7e:76:52:16:1d:48:75:18:
b3:09:3d:f3:29:65:2e:04:5f:e6:1a:46:c7:ca:dd:ae:72:aa:
34:03:13:3a:4c:27:3e:8d:d4:0c:aa:cc:1d:34:e5:94:f1:c0:
a2:67:34:89
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJ+8QLKaR+9ZigEzWwfEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMjFjOTFiNjNiYmJkYTg4MDRhNzQ5ZjNkNjEwZThiMjE3
ZjliNzMwHhcNMjUxMTExMTAwMTA0WhcNMjUxMTEyMTAwMTA0WjAzMTEwLwYDVQQD
EyhmODgxZGUwMGQyYjFlNGQ2NmE4NzkwZWZjODdiZGMyYjY0NTQ1ZDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ZAhjgz9msg+7xiUR8cHoTdpy4jj
YQ45B1QkAjq1FVa2t8BaB3utP/aykMlBg9jyejaizdFkwQQwmny/Lp3a6s62DFsl
G7OJaSx5LpmVfbQNEf6ozB6rjut4CTWyjX8QWN7/of6Ggw1TAzRszAaZw0sX1Z22
mrDEEQLMykVEUy5pHs6TjjZCb76xQeeZwBAMTZsiObF0xqVy2YoRakUCtFw1yphP
kETeFvIUQRvLnbOfHtYW6QoA7KlTn+zXTbzcTB/pmcGux5Kgbm0sLt9y/IrMw1hy
7GlR2+874YmedVF5XpxqCEZYFmsUxwOwmq48DyxuybG2IY3iRbGIA6VWCwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPiB3gDSseTWaoeQ78h73CtkVF16MB8GA1UdIwQY
MBaAFEohyRtju72ogEp0nz1hDoshf5tzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQt
NDdmYmU0YzRhNGZkLzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS82ZThjYTAtY2Q0MC00NmZkLThlZTQtNDdmYmU0YzRhNGZk
LzEvU2lISkcyTzd2YWlBU25TZlBXRU9peUZfbTNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA0VpvoBJV
ebGcorskUlaXUllQLml2eOSORcoE9QN8NoZDEL6fUtLk+N8iEqUKYaa5EQ+RPoCc
hdqzrCFcakRfGxVnBZNrmAJA3A3YXD3FEgf3Bbvdy/JyWpC2Wm4jnPzgLidGa2eB
dxjWfMYmtorjX9gjWzWsXWwzY6ekmV5CSZZo/hSmKBei4gROBiOAzbjO/A5UASDI
3ig4r9AAhAfRYMAybEadj66hYguvTtJwPBfyZ9y6qRqhnct9fANqw5bd2GoZpvV4
cIeUn1T8/EmXVH52UhYdSHUYswk98yllLgRf5hpGx8rdrnKqNAMTOkwnPo3UDKrM
HTTllPHAomc0iQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:50 2025 by rpki-client