Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
File: vaYQQ1QkhQlrDfQ1HMDal383cN0.mft (raw, json)
Hash identifier: isnXg36Qvx2pLFX/ReJSuUe26sVl12WZX0z6LLPhItM=
Subject key identifier: 8C:99:70:4C:FF:14:42:08:9C:AE:4D:97:E7:27:82:01:11:79:84:AE
Authority key identifier: BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD
Certificate issuer: /CN=bda61043542485096b0df4351cc0da977f3770dd
Certificate serial: 019A2BC3C377451882E0C7922F32C6475C7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
Manifest number: 16FD
Signing time: Tue 28 Oct 2025 17:00:41 +0000
Manifest this update: Tue 28 Oct 2025 17:00:41 +0000
Manifest next update: Wed 29 Oct 2025 17:00:41 +0000
Files and hashes: 1: RYZ_HUggvvOzHTuXBACbgajQpo0.roa (hash: Fp6s79hRrwq+bZ12gZrNnH0nQeo4puoviWIdP4EjMXQ=)
2: vaYQQ1QkhQlrDfQ1HMDal383cN0.crl (hash: FuEzPoN/b8RMryi9ugg0d4Qpu3+9p/OrdYAummq6Hc0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:c3:c3:77:45:18:82:e0:c7:92:2f:32:c6:47:5c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda61043542485096b0df4351cc0da977f3770dd
Validity
Not Before: Oct 28 17:00:41 2025 GMT
Not After : Oct 29 17:00:41 2025 GMT
Subject: CN=8c99704cff1442089cae4d97e7278201117984ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8f:72:54:a2:da:9f:f9:5f:8f:f4:64:9d:55:
87:75:bd:e0:56:d4:7f:9d:83:c0:7b:61:45:f0:83:
51:db:af:40:e8:c4:b6:9b:94:7b:32:a6:36:e4:98:
b1:7c:1b:c1:2f:c8:63:f0:7d:a4:c7:7c:09:f2:3d:
40:06:86:05:84:14:ef:73:9e:bb:fb:46:bd:59:ff:
9f:3d:99:2c:dc:02:09:65:ed:8f:32:f9:86:78:cf:
69:e8:89:0a:55:1e:01:54:51:b4:45:75:87:34:4a:
2a:94:9e:13:d3:86:a6:f0:c1:ad:39:31:79:28:bb:
8e:da:c6:06:c2:a7:1e:1f:02:22:94:71:40:0a:f3:
d4:ee:df:3d:31:8a:86:95:70:29:9d:54:f3:01:b7:
7c:ea:f3:34:ef:2d:18:78:09:43:25:a7:4b:2a:35:
37:e9:d4:96:63:84:03:83:8d:e5:6e:51:cf:70:cd:
1c:df:c5:7c:05:88:c9:9f:f8:f5:09:70:3f:b6:1f:
56:34:0e:6d:73:60:17:e8:b7:7b:83:40:d9:87:ff:
48:60:6f:a4:c8:7c:58:19:e9:ac:cf:45:9b:05:b1:
12:c3:46:43:10:66:a9:8c:76:53:82:52:df:cb:a4:
22:d6:5e:7b:f2:fe:44:99:a3:f8:88:8e:d6:94:77:
44:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:99:70:4C:FF:14:42:08:9C:AE:4D:97:E7:27:82:01:11:79:84:AE
X509v3 Authority Key Identifier:
keyid:BD:A6:10:43:54:24:85:09:6B:0D:F4:35:1C:C0:DA:97:7F:37:70:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vaYQQ1QkhQlrDfQ1HMDal383cN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/196689-2db7-4e80-b92c-3a2ad88deade/1/vaYQQ1QkhQlrDfQ1HMDal383cN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
75:01:82:df:68:46:e8:d6:f5:5e:e4:4b:f2:e2:96:d5:4a:ce:
68:66:3f:3b:f1:10:30:59:82:da:a7:ae:aa:a5:b7:eb:68:57:
4b:04:e7:9b:33:cc:22:d0:81:71:b6:2c:ac:3c:f9:1e:42:15:
82:b1:33:a8:3c:05:f5:02:17:9e:7b:31:37:a9:e4:f1:d1:15:
20:df:71:6f:1e:8d:bc:98:c5:ab:cc:51:b1:4e:db:2c:ae:11:
67:c8:57:c9:c2:7d:56:0c:88:f0:50:97:fd:bb:03:f3:1b:b1:
cd:28:8b:c3:a3:06:20:f1:ca:5b:b7:29:27:81:61:14:6e:fb:
8a:04:ae:bf:a6:67:68:d5:82:e7:2e:ee:00:be:c9:7f:52:24:
5c:8c:80:88:04:46:91:66:e3:f8:b4:db:b2:14:8c:e3:b3:ab:
85:0b:09:dc:46:77:7c:7f:43:15:d2:59:34:88:50:d3:53:e3:
f6:49:da:12:09:67:f2:fc:c0:35:30:2b:50:83:59:7c:56:da:
14:f4:d4:b1:ab:06:c7:c5:5d:72:4e:94:10:a0:ba:46:8d:96:
22:50:35:e2:fc:69:f0:7c:40:2e:27:d5:4a:dc:c8:dc:0f:64:
bf:d3:ab:56:59:33:8e:73:90:1c:a7:bc:bd:b5:7b:d6:bd:92:
b3:cc:84:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZorw8N3RRiC4MeSLzLGR1x6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTYxMDQzNTQyNDg1MDk2YjBkZjQzNTFjYzBkYTk3N2Yz
NzcwZGQwHhcNMjUxMDI4MTcwMDQxWhcNMjUxMDI5MTcwMDQxWjAzMTEwLwYDVQQD
Eyg4Yzk5NzA0Y2ZmMTQ0MjA4OWNhZTRkOTdlNzI3ODIwMTExNzk4NGFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY9yVKLan/lfj/RknVWHdb3gVtR/
nYPAe2FF8INR269A6MS2m5R7MqY25JixfBvBL8hj8H2kx3wJ8j1ABoYFhBTvc567
+0a9Wf+fPZks3AIJZe2PMvmGeM9p6IkKVR4BVFG0RXWHNEoqlJ4T04am8MGtOTF5
KLuO2sYGwqceHwIilHFACvPU7t89MYqGlXApnVTzAbd86vM07y0YeAlDJadLKjU3
6dSWY4QDg43lblHPcM0c38V8BYjJn/j1CXA/th9WNA5tc2AX6Ld7g0DZh/9IYG+k
yHxYGemsz0WbBbESw0ZDEGapjHZTglLfy6Qi1l578v5EmaP4iI7WlHdEAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIyZcEz/FEIInK5Nl+cnggEReYSuMB8GA1UdIwQY
MBaAFL2mEENUJIUJaw30NRzA2pd/N3DdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMt
M2EyYWQ4OGRlYWRlLzEvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8xOTY2ODktMmRiNy00ZTgwLWI5MmMtM2EyYWQ4OGRlYWRl
LzEvdmFZUVExUWtoUWxyRGZRMUhNRGFsMzgzY04wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdQGC32hG
6Nb1XuRL8uKW1UrOaGY/O/EQMFmC2qeuqqW362hXSwTnmzPMItCBcbYsrDz5HkIV
grEzqDwF9QIXnnsxN6nk8dEVIN9xbx6NvJjFq8xRsU7bLK4RZ8hXycJ9VgyI8FCX
/bsD8xuxzSiLw6MGIPHKW7cpJ4FhFG77igSuv6ZnaNWC5y7uAL7Jf1IkXIyAiARG
kWbj+LTbshSM47OrhQsJ3EZ3fH9DFdJZNIhQ01Pj9knaEgln8vzANTArUINZfFba
FPTUsasGx8Vdck6UEKC6Ro2WIlA14vxp8HxALifVStzI3A9kv9OrVlkzjnOQHKe8
vbV71r2Ss8yE/A==
-----END CERTIFICATE-----
Generated at Tue Oct 28 21:30:58 2025 by rpki-client