Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
File: 2PWmbP0hpcrXopuOtc2SqkYDIMM.mft (raw, json)
Hash identifier: O6khEBCxK0Zkmtw3O4LWIJmmawU7Q9+Dnk94VtK7Vho=
Subject key identifier: C8:51:BA:F3:E2:2A:00:B4:31:D7:A3:41:32:E2:4E:63:06:8C:37:9D
Authority key identifier: D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
Certificate issuer: /CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Certificate serial: 019A729390B7F4D43270E3A9079BE3D85274
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
Manifest number: 1720
Signing time: Tue 11 Nov 2025 11:01:04 +0000
Manifest this update: Tue 11 Nov 2025 11:01:04 +0000
Manifest next update: Wed 12 Nov 2025 11:01:04 +0000
Files and hashes: 1: 2PWmbP0hpcrXopuOtc2SqkYDIMM.crl (hash: Eqlfzh54rDov/vPMvrcs7L4HHy52vYjsLy4kDe0r+Mc=)
2: 4yhoCs9M-fjQaMlDWlUpC1ERe-g.roa (hash: t+8njXgDpdo9kegDaGKO6tPmuatvzfS0I/p9sqY0v4Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:90:b7:f4:d4:32:70:e3:a9:07:9b:e3:d8:52:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8f5a66cfd21a5cad7a29b8eb5cd92aa460320c3
Validity
Not Before: Nov 11 11:01:04 2025 GMT
Not After : Nov 12 11:01:04 2025 GMT
Subject: CN=c851baf3e22a00b431d7a34132e24e63068c379d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:7e:f5:6a:c1:4f:a5:03:5b:56:7b:78:39:
aa:1e:d9:ae:5b:fe:9e:fd:6e:e4:82:55:1c:6b:95:
76:ba:b5:16:08:00:70:b6:d9:20:f4:61:1c:83:bd:
41:c3:d7:8c:2d:48:65:db:7c:47:8c:1a:12:ba:5a:
e9:4b:61:34:59:2a:dd:7f:38:42:c3:1b:d2:5d:04:
48:37:b4:e4:8d:99:4e:0c:55:99:d1:f0:77:30:3e:
56:3c:9e:d9:36:75:49:9f:81:74:0f:a5:df:04:2e:
47:76:ca:33:05:f8:11:97:fa:87:15:d8:54:86:43:
66:3c:fb:fc:83:c8:2e:c3:b8:a9:d7:30:0b:d2:37:
c8:5b:f2:17:fa:73:4e:f1:a1:71:dd:a3:98:5d:6a:
78:4a:c7:b4:6e:2d:33:ff:d2:0f:e4:2a:81:25:fb:
32:41:4f:f8:dc:f0:ed:1c:16:3b:1c:c3:8d:b0:26:
36:98:ef:24:32:ec:36:8c:76:8b:74:c5:eb:e3:8d:
c8:e1:a7:be:b1:28:be:de:fb:67:06:8b:c8:cf:04:
27:64:b4:a5:e1:6a:fa:c5:d8:d7:54:c6:8a:0a:4e:
9b:db:d5:d4:c9:db:2f:04:67:ed:57:71:1f:f4:e5:
da:47:c0:54:8f:64:4e:1d:64:c6:e4:c3:c7:be:0f:
30:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:51:BA:F3:E2:2A:00:B4:31:D7:A3:41:32:E2:4E:63:06:8C:37:9D
X509v3 Authority Key Identifier:
keyid:D8:F5:A6:6C:FD:21:A5:CA:D7:A2:9B:8E:B5:CD:92:AA:46:03:20:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2PWmbP0hpcrXopuOtc2SqkYDIMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/fe20ff-6590-4fb0-b657-8210db7049b1/1/2PWmbP0hpcrXopuOtc2SqkYDIMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
97:f2:a8:90:79:7a:fa:ff:2e:39:2d:b3:32:21:7a:10:f4:4e:
ff:54:26:83:6e:d4:1e:7b:cc:ef:fb:86:f7:4f:ae:b7:6c:58:
19:f4:88:5b:73:8c:52:bf:8d:f5:e5:46:c4:db:15:11:29:91:
07:ed:f6:25:46:53:14:ce:40:b0:4a:c2:7d:25:20:6e:47:c6:
bd:ce:c3:e7:08:89:72:26:88:ef:52:53:b2:42:bc:5d:1b:f4:
22:23:2a:8e:0b:42:ae:d1:a6:17:57:a1:7f:90:d9:e5:2b:6c:
88:d1:ec:db:a8:bb:b7:66:11:29:58:6f:07:5b:db:68:ec:5c:
c0:5c:c4:6a:70:f2:ef:50:a4:29:2f:9c:64:d0:e8:50:d6:ff:
ee:4f:7b:dd:6f:4f:8b:dc:bc:a5:85:c8:0d:75:de:f9:3a:cc:
ef:3a:27:e2:85:c1:74:78:75:61:72:ea:3d:14:80:cb:fe:a1:
b0:93:fa:3a:38:d2:65:0d:76:88:17:fc:a2:fb:00:d2:b8:af:
83:40:b2:f4:03:e5:de:90:fc:bb:dc:f6:a3:1b:1d:43:d9:92:
39:91:ec:f1:f2:ec:c1:d1:52:a5:4d:72:20:b5:eb:30:3c:94:
c3:59:f0:c0:33:38:b4:d7:b3:3c:a7:d1:48:28:0a:3f:0a:ae:
5d:1b:1c:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk5C39NQycOOpB5vj2FJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZjVhNjZjZmQyMWE1Y2FkN2EyOWI4ZWI1Y2Q5MmFhNDYw
MzIwYzMwHhcNMjUxMTExMTEwMTA0WhcNMjUxMTEyMTEwMTA0WjAzMTEwLwYDVQQD
EyhjODUxYmFmM2UyMmEwMGI0MzFkN2EzNDEzMmUyNGU2MzA2OGMzNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQB+9WrBT6UDW1Z7eDmqHtmuW/6e
/W7kglUca5V2urUWCABwttkg9GEcg71Bw9eMLUhl23xHjBoSulrpS2E0WSrdfzhC
wxvSXQRIN7TkjZlODFWZ0fB3MD5WPJ7ZNnVJn4F0D6XfBC5HdsozBfgRl/qHFdhU
hkNmPPv8g8guw7ip1zAL0jfIW/IX+nNO8aFx3aOYXWp4Sse0bi0z/9IP5CqBJfsy
QU/43PDtHBY7HMONsCY2mO8kMuw2jHaLdMXr443I4ae+sSi+3vtnBovIzwQnZLSl
4Wr6xdjXVMaKCk6b29XUydsvBGftV3Ef9OXaR8BUj2ROHWTG5MPHvg8w+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMhRuvPiKgC0MdejQTLiTmMGjDedMB8GA1UdIwQY
MBaAFNj1pmz9IaXK16KbjrXNkqpGAyDDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTct
ODIxMGRiNzA0OWIxLzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9mZTIwZmYtNjU5MC00ZmIwLWI2NTctODIxMGRiNzA0OWIx
LzEvMlBXbWJQMGhwY3JYb3B1T3RjMlNxa1lESU1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl/KokHl6
+v8uOS2zMiF6EPRO/1Qmg27UHnvM7/uG90+ut2xYGfSIW3OMUr+N9eVGxNsVESmR
B+32JUZTFM5AsErCfSUgbkfGvc7D5wiJciaI71JTskK8XRv0IiMqjgtCrtGmF1eh
f5DZ5StsiNHs26i7t2YRKVhvB1vbaOxcwFzEanDy71CkKS+cZNDoUNb/7k973W9P
i9y8pYXIDXXe+TrM7zon4oXBdHh1YXLqPRSAy/6hsJP6OjjSZQ12iBf8ovsA0riv
g0Cy9APl3pD8u9z2oxsdQ9mSOZHs8fLswdFSpU1yILXrMDyUw1nwwDM4tNezPKfR
SCgKPwquXRscSQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:47:55 2025 by rpki-client