Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
File: 2fGfBczyIhOYRpwL6N3ATOFOE1o.mft (raw, json)
Hash identifier: d+OV4yio104tkobIo5SbR2Tdc33N0n43x2w2a0W2JvI=
Subject key identifier: B3:99:9A:92:D1:C1:9B:23:FB:DF:73:01:D3:2E:23:0F:BC:EE:A8:D6
Authority key identifier: D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
Certificate issuer: /CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Certificate serial: 019A7149FFB0CB839A139F38E7518F987BBE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
Manifest number: 12EC
Signing time: Tue 11 Nov 2025 05:01:06 +0000
Manifest this update: Tue 11 Nov 2025 05:01:06 +0000
Manifest next update: Wed 12 Nov 2025 05:01:06 +0000
Files and hashes: 1: 2fGfBczyIhOYRpwL6N3ATOFOE1o.crl (hash: ceL1I8Bfh5Fms/XdZzjr1qQazKakMZpiD435+KWAUmc=)
2: B9-JyKOh9vcA8Yt248kp1OHsLjE.roa (hash: IbF0FRhBYEIf5hZ2KcvfEljtf1YgGGazPG/5I71dHJ4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:ff:b0:cb:83:9a:13:9f:38:e7:51:8f:98:7b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f19f05ccf2221398469c0be8ddc04ce14e135a
Validity
Not Before: Nov 11 05:01:06 2025 GMT
Not After : Nov 12 05:01:06 2025 GMT
Subject: CN=b3999a92d1c19b23fbdf7301d32e230fbceea8d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5a:fd:bf:ac:2a:a7:65:af:a4:80:71:59:e9:
a4:92:5e:92:a3:34:d5:45:2a:6f:cb:ad:b6:70:d3:
0c:52:9b:d2:27:f4:32:97:de:69:30:2b:64:00:f9:
f1:bd:db:8e:7d:8a:65:45:9f:a1:18:5f:90:1a:73:
c4:f0:ba:ad:f9:52:c5:31:fc:a8:08:ac:13:ab:af:
8f:14:c3:46:f7:88:f3:19:b2:9d:86:84:57:49:72:
4f:52:f2:6a:32:97:81:61:c4:d2:c0:b4:61:84:89:
f2:f5:73:a1:a1:fc:57:fa:66:ed:83:36:4b:0b:c4:
5b:06:40:e9:0a:5b:a1:22:68:00:52:00:24:65:56:
c0:bd:10:ad:8a:ee:0f:ba:a4:12:b9:7c:49:33:f9:
7c:99:3e:ee:f8:99:ab:df:cc:79:8c:ed:f6:b1:33:
73:b0:c6:62:ce:36:e7:df:a4:1e:89:03:fc:26:19:
a4:e7:c8:30:fd:8e:a5:56:1f:64:4f:39:c3:92:79:
eb:81:58:6f:8b:49:d9:33:6f:a8:19:9a:9f:3c:0e:
bf:93:82:81:66:5b:fe:b7:70:7b:99:28:d2:91:d5:
bb:f2:03:0b:6d:a7:0e:a6:5f:68:cb:e0:ff:24:fb:
b1:ba:df:10:e9:74:75:f0:1c:f8:b1:b5:1d:fc:66:
9e:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:99:9A:92:D1:C1:9B:23:FB:DF:73:01:D3:2E:23:0F:BC:EE:A8:D6
X509v3 Authority Key Identifier:
keyid:D9:F1:9F:05:CC:F2:22:13:98:46:9C:0B:E8:DD:C0:4C:E1:4E:13:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fGfBczyIhOYRpwL6N3ATOFOE1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/6e3246-fba6-4e1d-8089-4ff33338361e/1/2fGfBczyIhOYRpwL6N3ATOFOE1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
92:8b:12:d7:0d:f7:45:63:c6:06:ba:2e:41:64:5d:f8:e5:06:
86:bc:9f:28:78:7d:76:1b:ba:99:2d:d8:b2:2f:ce:c6:8a:84:
db:02:52:fa:6f:3a:03:28:31:60:08:8f:30:1e:1c:97:30:05:
36:ed:bc:19:c1:4a:45:9f:9f:a8:0b:82:3c:6f:88:70:8c:8d:
c1:ce:31:a7:31:0e:91:e9:28:57:a6:2e:8f:0e:fd:94:62:dc:
81:9a:52:59:a6:53:6d:a2:a6:29:7e:eb:9f:4e:3f:45:eb:ee:
90:86:1c:90:d6:1e:bc:67:be:cd:8c:dd:c8:06:ec:01:3a:41:
74:18:f5:f4:ed:f1:e1:07:5a:d5:2c:5e:b8:53:c6:8d:ea:d1:
52:1e:de:d0:98:86:f3:f2:e3:9f:41:7c:a7:88:92:3b:4e:6a:
7d:db:78:47:59:ba:0c:fc:36:69:45:c1:16:39:17:80:d5:d9:
26:c3:4d:97:aa:d3:ad:b8:8e:9f:a8:2e:64:cb:3c:17:4f:5b:
c2:59:ed:2a:72:bd:24:3d:30:f5:5a:23:8a:2a:77:30:51:38:
d2:74:32:b3:86:2f:cc:3a:07:9e:91:80:90:29:98:d4:37:c9:
d9:c1:64:89:94:ac:7d:c9:42:18:03:3d:f5:1b:3c:44:03:85:
a8:da:9a:15
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSf+wy4OaE58451GPmHu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjE5ZjA1Y2NmMjIyMTM5ODQ2OWMwYmU4ZGRjMDRjZTE0
ZTEzNWEwHhcNMjUxMTExMDUwMTA2WhcNMjUxMTEyMDUwMTA2WjAzMTEwLwYDVQQD
EyhiMzk5OWE5MmQxYzE5YjIzZmJkZjczMDFkMzJlMjMwZmJjZWVhOGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1r9v6wqp2WvpIBxWemkkl6SozTV
RSpvy622cNMMUpvSJ/Qyl95pMCtkAPnxvduOfYplRZ+hGF+QGnPE8Lqt+VLFMfyo
CKwTq6+PFMNG94jzGbKdhoRXSXJPUvJqMpeBYcTSwLRhhIny9XOhofxX+mbtgzZL
C8RbBkDpCluhImgAUgAkZVbAvRCtiu4PuqQSuXxJM/l8mT7u+Jmr38x5jO32sTNz
sMZizjbn36QeiQP8Jhmk58gw/Y6lVh9kTznDknnrgVhvi0nZM2+oGZqfPA6/k4KB
Zlv+t3B7mSjSkdW78gMLbacOpl9oy+D/JPuxut8Q6XR18Bz4sbUd/GaeDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLOZmpLRwZsj+99zAdMuIw+87qjWMB8GA1UdIwQY
MBaAFNnxnwXM8iITmEacC+jdwEzhThNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODkt
NGZmMzMzMzgzNjFlLzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS82ZTMyNDYtZmJhNi00ZTFkLTgwODktNGZmMzMzMzgzNjFl
LzEvMmZHZkJjenlJaE9ZUnB3TDZOM0FUT0ZPRTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkosS1w33
RWPGBrouQWRd+OUGhryfKHh9dhu6mS3Ysi/OxoqE2wJS+m86AygxYAiPMB4clzAF
Nu28GcFKRZ+fqAuCPG+IcIyNwc4xpzEOkekoV6Yujw79lGLcgZpSWaZTbaKmKX7r
n04/RevukIYckNYevGe+zYzdyAbsATpBdBj19O3x4Qda1SxeuFPGjerRUh7e0JiG
8/Ljn0F8p4iSO05qfdt4R1m6DPw2aUXBFjkXgNXZJsNNl6rTrbiOn6guZMs8F09b
wlntKnK9JD0w9Vojiip3MFE40nQys4YvzDoHnpGAkCmY1DfJ2cFkiZSsfclCGAM9
9Rs8RAOFqNqaFQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:54 2025 by rpki-client