Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
File: 2J8W9XSSQzePgUyUskA010s5J98.mft (raw, json)
Hash identifier: BWTV2K1ZhlaIo9k6Goj/yonPxj+fe70w0n4onUaES1U=
Subject key identifier: 04:FF:3E:0C:3D:95:4D:3D:92:90:42:01:6B:5E:B4:FF:44:E8:D2:F2
Authority key identifier: D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF
Certificate issuer: /CN=d89f16f5749243378f814c94b24034d74b3927df
Certificate serial: 019A326AE0AC16FEE87F3F293185A0944E49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
Manifest number: 03AC
Signing time: Thu 30 Oct 2025 00:00:56 +0000
Manifest this update: Thu 30 Oct 2025 00:00:56 +0000
Manifest next update: Fri 31 Oct 2025 00:00:56 +0000
Files and hashes: 1: 2J8W9XSSQzePgUyUskA010s5J98.crl (hash: lzMNmJhGXUMAJLYFSvSPA8pyzT3T26+SXpAiG28Ycbs=)
2: S9_pIBHq75Wq7oGW-jAli5gxMaE.roa (hash: cpq5fUvjVAhKKLO06wh9HRGgk0x/xpun3Cli9g36l8w=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:32:6a:e0:ac:16:fe:e8:7f:3f:29:31:85:a0:94:4e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89f16f5749243378f814c94b24034d74b3927df
Validity
Not Before: Oct 30 00:00:56 2025 GMT
Not After : Oct 31 00:00:56 2025 GMT
Subject: CN=04ff3e0c3d954d3d929042016b5eb4ff44e8d2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ce:de:b8:29:45:47:24:ed:63:db:0a:97:e6:
a9:06:64:46:dc:6c:59:99:e5:3f:a8:74:77:9e:7c:
62:63:4f:20:34:aa:5b:d1:3c:71:04:f8:c7:4e:62:
83:a6:c8:ad:af:68:58:06:fb:d7:b6:2f:a5:93:19:
b1:1c:13:76:6c:7c:04:4f:d6:1d:eb:f0:49:ee:b4:
b3:21:c4:89:c4:b6:4b:cf:3c:a7:ef:83:31:4c:8a:
c2:a4:76:eb:ab:fd:09:f7:25:3c:16:f1:f9:a6:28:
cc:5c:f1:5d:ee:71:0e:b1:dc:ad:40:4d:43:ee:6a:
de:b5:f1:44:5c:3f:c5:f2:04:d1:d0:a4:fd:1e:70:
a1:db:68:8a:c9:91:94:b4:28:f6:a2:42:0e:9f:bc:
18:83:4d:c7:7f:49:f5:6e:5c:f0:1a:1e:6d:e9:0b:
05:fc:78:bd:61:3f:7f:73:86:0e:c5:9d:46:93:cf:
18:aa:ff:4c:1e:f0:d9:ac:57:7a:b2:06:08:59:11:
fc:72:f9:4a:d0:84:dc:7b:a0:8d:eb:a4:79:99:fb:
f7:07:1d:03:f3:b0:ab:81:b9:d2:b8:fe:d2:74:66:
14:97:b1:2e:dd:d9:ed:3f:5a:25:d0:25:3f:8b:75:
90:11:85:17:84:4c:b9:eb:79:c3:5a:a6:fa:fb:3a:
a9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FF:3E:0C:3D:95:4D:3D:92:90:42:01:6B:5E:B4:FF:44:E8:D2:F2
X509v3 Authority Key Identifier:
keyid:D8:9F:16:F5:74:92:43:37:8F:81:4C:94:B2:40:34:D7:4B:39:27:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2J8W9XSSQzePgUyUskA010s5J98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/797e65-3da0-4d6e-b695-346bd973c843/1/2J8W9XSSQzePgUyUskA010s5J98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
74:c8:f7:6c:aa:5b:6b:85:ba:3c:c7:67:f5:f2:aa:10:bb:00:
86:77:7e:97:53:da:54:1c:ed:01:c7:fa:aa:14:55:b3:c6:6a:
ea:ab:2a:dc:d1:9f:a3:0a:09:54:3b:32:9c:30:45:d3:c2:fb:
81:39:35:15:09:54:c1:7b:3c:3a:3a:d3:1f:84:37:c9:d1:fa:
cc:24:69:d5:98:5d:26:87:94:14:f1:67:cd:ba:93:1b:f0:b9:
83:3b:3d:81:f9:a2:44:58:db:e6:5e:24:8c:74:71:61:08:1f:
b8:bd:5d:de:a6:7a:2d:46:31:2c:6f:f9:b0:6a:6b:e7:f8:d8:
d4:f0:c4:eb:c4:49:a6:a2:64:a7:03:c5:f5:e4:c0:ed:53:c2:
f1:27:7f:c6:85:14:a4:2e:2e:6e:88:a5:ea:c7:3b:9d:ed:30:
5c:7c:89:48:6e:71:25:49:9e:35:d1:03:6e:dc:d6:0a:5e:ac:
28:6b:40:d4:b2:1c:a4:ef:fd:6a:c9:24:e8:cb:98:0b:a3:8c:
59:0e:92:d5:07:0a:46:7b:20:44:02:25:40:32:c0:0e:42:8a:
d4:a7:54:6b:39:f2:a0:07:bb:0f:06:c9:47:ee:a8:59:68:eb:
ea:6d:e0:cf:06:be:c8:36:7d:63:4f:7f:95:2a:2b:17:4b:d6:
7d:c4:67:17
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoyauCsFv7ofz8pMYWglE5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWYxNmY1NzQ5MjQzMzc4ZjgxNGM5NGIyNDAzNGQ3NGIz
OTI3ZGYwHhcNMjUxMDMwMDAwMDU2WhcNMjUxMDMxMDAwMDU2WjAzMTEwLwYDVQQD
EygwNGZmM2UwYzNkOTU0ZDNkOTI5MDQyMDE2YjVlYjRmZjQ0ZThkMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvc7euClFRyTtY9sKl+apBmRG3GxZ
meU/qHR3nnxiY08gNKpb0TxxBPjHTmKDpsitr2hYBvvXti+lkxmxHBN2bHwET9Yd
6/BJ7rSzIcSJxLZLzzyn74MxTIrCpHbrq/0J9yU8FvH5pijMXPFd7nEOsdytQE1D
7mretfFEXD/F8gTR0KT9HnCh22iKyZGUtCj2okIOn7wYg03Hf0n1blzwGh5t6QsF
/Hi9YT9/c4YOxZ1Gk88Yqv9MHvDZrFd6sgYIWRH8cvlK0ITce6CN66R5mfv3Bx0D
87CrgbnSuP7SdGYUl7Eu3dntP1ol0CU/i3WQEYUXhEy563nDWqb6+zqpowIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAT/Pgw9lU09kpBCAWtetP9E6NLyMB8GA1UdIwQY
MBaAFNifFvV0kkM3j4FMlLJANNdLOSffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUt
MzQ2YmQ5NzNjODQzLzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi83OTdlNjUtM2RhMC00ZDZlLWI2OTUtMzQ2YmQ5NzNjODQz
LzEvMko4VzlYU1NRemVQZ1V5VXNrQTAxMHM1Sjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdMj3bKpb
a4W6PMdn9fKqELsAhnd+l1PaVBztAcf6qhRVs8Zq6qsq3NGfowoJVDsynDBF08L7
gTk1FQlUwXs8OjrTH4Q3ydH6zCRp1ZhdJoeUFPFnzbqTG/C5gzs9gfmiRFjb5l4k
jHRxYQgfuL1d3qZ6LUYxLG/5sGpr5/jY1PDE68RJpqJkpwPF9eTA7VPC8Sd/xoUU
pC4uboil6sc7ne0wXHyJSG5xJUmeNdEDbtzWCl6sKGtA1LIcpO/9askk6MuYC6OM
WQ6S1QcKRnsgRAIlQDLADkKK1KdUaznyoAe7DwbJR+6oWWjr6m3gzwa+yDZ9Y09/
lSorF0vWfcRnFw==
-----END CERTIFICATE-----
Generated at Thu Oct 30 08:27:44 2025 by rpki-client