Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
File: 2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft (raw, json)
Hash identifier: AFnp4FPI7o/v8yAnCKEtbybSzkWe8kuuzrVmnvAiTIE=
Subject key identifier: 2A:54:3B:2B:5E:C3:84:8D:C0:83:F8:D8:B4:A3:35:96:32:AA:FE:71
Authority key identifier: DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
Certificate issuer: /CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Certificate serial: 019A7113491B429B4166E10A2FAEE6AC173E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 04:01:20 +0000
Manifest this update: Tue 11 Nov 2025 04:01:20 +0000
Manifest next update: Wed 12 Nov 2025 04:01:20 +0000
Files and hashes: 1: 2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl (hash: wZ7eLvEY059ngmdziKTdOU3EbUEdhg3hOHq/gPza3Sw=)
2: ERHgCqLjJCv-XvaDVjYAj8P1zKs.roa (hash: 0x7RKzsX7jR4DuJ9t+glZtV4k9Tiu2posJrN6U758NM=)
3: cJTD3IKsBKeCbDG4KiZEHnYFPTM.roa (hash: ufqwqkZa7S2iEhZdfjJxNYCun4AbNJ4X2aLuA4Ji7yY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:13:49:1b:42:9b:41:66:e1:0a:2f:ae:e6:ac:17:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da024b9c63db5c1a1cf4c5581dbe5b381cb95087
Validity
Not Before: Nov 11 04:01:20 2025 GMT
Not After : Nov 12 04:01:20 2025 GMT
Subject: CN=2a543b2b5ec3848dc083f8d8b4a3359632aafe71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:3a:71:be:0e:c6:83:71:21:07:b6:c2:5f:07:
ae:48:4f:11:be:76:b9:0c:4a:6d:f6:3b:f8:61:23:
76:73:93:b5:a0:3c:af:c5:1b:47:41:4a:2a:9d:f1:
3d:3e:d0:27:4b:34:1f:8a:5a:17:7e:cb:1d:cb:33:
62:9d:50:93:1d:d6:75:26:b0:30:ec:49:5c:9b:7d:
f8:08:51:37:68:95:11:bd:6a:20:70:90:59:67:e7:
7a:f8:43:53:a1:16:c4:50:09:08:4f:bc:9b:a0:77:
24:75:88:2f:4b:10:fb:8c:22:5a:0d:c6:2c:01:b0:
5e:e6:8c:bf:12:f6:e3:0b:f7:f9:46:73:6a:70:b3:
1e:08:ed:52:a4:1e:db:79:1b:39:fc:5c:72:53:d4:
4a:41:a3:8a:a5:c9:db:63:d7:45:ba:aa:fa:46:d0:
ea:cf:be:df:01:9c:88:58:37:fe:54:c6:a8:1d:3e:
2d:7e:37:8d:04:c4:db:5c:2c:93:a3:76:40:e4:d6:
36:1b:76:73:58:e5:80:f6:7e:42:79:70:03:03:ee:
e1:c2:dd:2a:d0:c0:a1:41:ca:38:de:1b:a2:dd:b6:
69:2e:28:96:67:f9:dd:ab:50:af:45:3c:fd:31:55:
9c:fb:68:85:ad:39:8f:bf:da:56:75:71:cb:45:0b:
39:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:54:3B:2B:5E:C3:84:8D:C0:83:F8:D8:B4:A3:35:96:32:AA:FE:71
X509v3 Authority Key Identifier:
keyid:DA:02:4B:9C:63:DB:5C:1A:1C:F4:C5:58:1D:BE:5B:38:1C:B9:50:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gJLnGPbXBoc9MVYHb5bOBy5UIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/5d7cda-0a98-43ac-9136-712b1a7968e6/1/2gJLnGPbXBoc9MVYHb5bOBy5UIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:58:ac:47:60:ef:c2:ea:d4:49:5e:18:59:fe:47:03:16:39:
a0:e5:e6:c7:06:e0:9f:df:ea:e8:6c:6b:38:c8:2d:77:b5:af:
70:9e:3f:6d:59:be:ab:8c:2c:c5:c9:96:c9:44:c8:4e:77:b0:
43:2b:84:46:7d:58:b7:e6:71:7e:82:61:7c:e0:97:a8:1f:a9:
5d:d2:7d:f2:48:1a:55:a7:0c:78:44:4c:fa:5c:4d:46:d1:77:
d2:66:67:93:4f:8e:df:21:b5:ea:b4:53:28:09:65:02:03:e0:
9e:a6:7a:1f:6b:20:2a:b1:85:78:d0:d0:ac:8e:82:41:b0:6b:
1d:d7:14:2b:25:97:60:12:12:65:87:75:7e:ff:33:e5:56:d7:
cb:35:d3:59:9e:99:17:65:5b:2f:95:6d:17:8a:5d:ce:5f:5c:
aa:03:f0:13:37:8b:87:32:cc:63:e1:aa:62:80:17:d4:d6:3e:
cd:ca:80:a7:3e:9f:fc:e9:99:41:90:49:55:96:12:e9:0d:3c:
5b:f8:c5:e1:ec:91:75:05:8d:19:62:f1:48:05:d5:08:d2:bf:
d2:4e:b0:1c:84:c5:71:94:70:ec:fd:2c:27:f1:be:9a:ba:91:
4d:ec:e3:7c:b8:dd:81:36:34:c9:a6:ba:76:8f:a0:9e:bb:f7:
4d:22:06:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxE0kbQptBZuEKL67mrBc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDI0YjljNjNkYjVjMWExY2Y0YzU1ODFkYmU1YjM4MWNi
OTUwODcwHhcNMjUxMTExMDQwMTIwWhcNMjUxMTEyMDQwMTIwWjAzMTEwLwYDVQQD
EygyYTU0M2IyYjVlYzM4NDhkYzA4M2Y4ZDhiNGEzMzU5NjMyYWFmZTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzpxvg7Gg3EhB7bCXweuSE8Rvna5
DEpt9jv4YSN2c5O1oDyvxRtHQUoqnfE9PtAnSzQfiloXfssdyzNinVCTHdZ1JrAw
7Elcm334CFE3aJURvWogcJBZZ+d6+ENToRbEUAkIT7yboHckdYgvSxD7jCJaDcYs
AbBe5oy/EvbjC/f5RnNqcLMeCO1SpB7beRs5/FxyU9RKQaOKpcnbY9dFuqr6RtDq
z77fAZyIWDf+VMaoHT4tfjeNBMTbXCyTo3ZA5NY2G3ZzWOWA9n5CeXADA+7hwt0q
0MChQco43hui3bZpLiiWZ/ndq1CvRTz9MVWc+2iFrTmPv9pWdXHLRQs5bQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCpUOytew4SNwIP42LSjNZYyqv5xMB8GA1UdIwQY
MBaAFNoCS5xj21waHPTFWB2+WzgcuVCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYt
NzEyYjFhNzk2OGU2LzEvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81ZDdjZGEtMGE5OC00M2FjLTkxMzYtNzEyYjFhNzk2OGU2
LzEvMmdKTG5HUGJYQm9jOU1WWUhiNWJPQnk1VUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdlisR2Dv
wurUSV4YWf5HAxY5oOXmxwbgn9/q6GxrOMgtd7WvcJ4/bVm+q4wsxcmWyUTITnew
QyuERn1Yt+ZxfoJhfOCXqB+pXdJ98kgaVacMeERM+lxNRtF30mZnk0+O3yG16rRT
KAllAgPgnqZ6H2sgKrGFeNDQrI6CQbBrHdcUKyWXYBISZYd1fv8z5VbXyzXTWZ6Z
F2VbL5VtF4pdzl9cqgPwEzeLhzLMY+GqYoAX1NY+zcqApz6f/OmZQZBJVZYS6Q08
W/jF4eyRdQWNGWLxSAXVCNK/0k6wHITFcZRw7P0sJ/G+mrqRTezjfLjdgTY0yaa6
do+gnrv3TSIGfQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:51:55 2025 by rpki-client