Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.mft
File: sPiohfd3bSq5m7TyDoTTBuA5SqM.mft (raw, json)
Hash identifier: kyD7/TcxCWa/FQY4QdTHWGc3A1XQearJ9QAPDfq9elk=
Subject key identifier: DB:3D:88:F8:D6:42:D8:CE:49:6B:58:FF:00:E9:4A:02:4C:EF:3C:80
Authority key identifier: B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
Certificate issuer: /CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Certificate serial: 019A7149D5107FBCBAC4C44D4F96FA0B6926
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.mft
Manifest number: 14B2
Signing time: Tue 11 Nov 2025 05:00:55 +0000
Manifest this update: Tue 11 Nov 2025 05:00:55 +0000
Manifest next update: Wed 12 Nov 2025 05:00:55 +0000
Files and hashes: 1: SvV3htVhXEPI7wFXdPP_R5R2jOo.roa (hash: ADbpdowWW8HzIQ0XmIe2lqnPixhQxjU2ME36RexdQ8I=)
2: sPiohfd3bSq5m7TyDoTTBuA5SqM.crl (hash: cnQOOnJ1m67GTu3f912bMR9pyO7JH0J/UkukKp9nPs0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d5:10:7f:bc:ba:c4:c4:4d:4f:96:fa:0b:69:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0f8a885f7776d2ab99bb4f20e84d306e0394aa3
Validity
Not Before: Nov 11 05:00:55 2025 GMT
Not After : Nov 12 05:00:55 2025 GMT
Subject: CN=db3d88f8d642d8ce496b58ff00e94a024cef3c80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:63:a9:7b:20:7a:85:0c:01:ab:28:a8:37:50:
6b:b5:74:4d:53:47:b1:d5:4e:7e:53:fa:2d:3e:b0:
bf:63:a4:a2:2b:e9:b8:7f:8b:e0:92:84:fc:52:fa:
b2:ee:46:74:dd:c3:11:37:de:7d:86:d3:ef:59:d9:
9d:37:57:7f:14:28:4b:25:47:3a:83:a0:63:d8:46:
72:d6:b6:aa:08:3c:db:4b:40:d1:c3:b8:6a:1d:13:
d9:f3:17:f6:52:e3:d5:bd:97:57:33:61:38:14:21:
39:12:66:d7:12:82:cc:05:9b:a8:d9:92:b4:93:66:
64:c7:2d:66:25:33:8b:53:88:81:f5:14:c8:3f:9a:
20:a4:c7:e7:ef:05:98:2f:ab:2f:56:67:e9:6c:25:
2a:aa:a2:d8:5a:14:57:f8:48:d8:cc:dd:dc:0b:01:
59:22:e6:d4:a4:73:69:fb:c7:93:03:4c:8b:df:99:
6f:89:52:de:e6:16:81:70:47:c4:7b:7d:21:41:81:
a0:80:01:71:50:8c:64:92:b5:6b:91:96:85:da:df:
d3:ed:10:eb:df:50:a9:68:06:3d:5b:da:c8:82:17:
ee:66:8e:b1:5b:49:f6:ad:12:7c:a9:9d:a9:53:50:
9a:37:a6:7f:63:93:9c:20:3b:3d:4a:fa:2f:cd:16:
25:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3D:88:F8:D6:42:D8:CE:49:6B:58:FF:00:E9:4A:02:4C:EF:3C:80
X509v3 Authority Key Identifier:
keyid:B0:F8:A8:85:F7:77:6D:2A:B9:9B:B4:F2:0E:84:D3:06:E0:39:4A:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sPiohfd3bSq5m7TyDoTTBuA5SqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b1282f-71c5-47e7-aea1-4d05498aa97d/1/sPiohfd3bSq5m7TyDoTTBuA5SqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
39:de:45:42:71:88:ed:05:85:bc:19:f1:a3:eb:66:5c:27:d5:
1e:eb:c6:50:6d:4c:1c:48:79:49:aa:b3:8c:a8:95:2a:af:f8:
b5:35:fe:7b:28:0a:00:09:4b:27:de:9f:06:e2:1a:44:fa:64:
8f:29:ad:19:db:53:9e:7b:5e:63:ab:f0:97:4e:8a:fe:77:c5:
d2:f9:95:ea:ed:f3:9e:6c:78:10:c6:31:9e:ec:13:c2:32:8c:
d1:bd:ea:29:68:22:f7:59:b7:e2:e4:06:68:c2:e3:98:0d:2f:
d9:81:dd:38:e8:b7:25:18:5d:d2:e9:73:86:5e:21:b3:6e:24:
ca:b5:d5:11:f3:54:6a:bb:df:2c:f0:87:84:1a:29:02:c4:65:
fa:04:76:af:3a:f1:32:6d:37:69:25:28:a8:99:eb:b1:00:85:
f7:e1:b3:ac:05:d1:67:6b:07:7d:ba:0e:4b:c1:64:24:60:f9:
b4:02:02:27:86:a3:9d:f8:28:0c:1a:5d:e2:48:64:b8:6f:66:
e0:e6:c7:67:dd:cf:59:02:a9:20:6f:29:f0:dc:13:3f:6d:de:
67:a5:45:93:d6:aa:a1:31:d3:12:06:e4:6e:4c:3f:53:ae:f1:
1f:d8:26:13:24:a7:b1:eb:69:46:3b:04:75:f2:fe:c4:20:7d:
31:7b:17:76
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdUQf7y6xMRNT5b6C2kmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZjhhODg1Zjc3NzZkMmFiOTliYjRmMjBlODRkMzA2ZTAz
OTRhYTMwHhcNMjUxMTExMDUwMDU1WhcNMjUxMTEyMDUwMDU1WjAzMTEwLwYDVQQD
EyhkYjNkODhmOGQ2NDJkOGNlNDk2YjU4ZmYwMGU5NGEwMjRjZWYzYzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGOpeyB6hQwBqyioN1BrtXRNU0ex
1U5+U/otPrC/Y6SiK+m4f4vgkoT8Uvqy7kZ03cMRN959htPvWdmdN1d/FChLJUc6
g6Bj2EZy1raqCDzbS0DRw7hqHRPZ8xf2UuPVvZdXM2E4FCE5EmbXEoLMBZuo2ZK0
k2Zkxy1mJTOLU4iB9RTIP5ogpMfn7wWYL6svVmfpbCUqqqLYWhRX+EjYzN3cCwFZ
IubUpHNp+8eTA0yL35lviVLe5haBcEfEe30hQYGggAFxUIxkkrVrkZaF2t/T7RDr
31CpaAY9W9rIghfuZo6xW0n2rRJ8qZ2pU1CaN6Z/Y5OcIDs9SvovzRYljwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNs9iPjWQtjOSWtY/wDpSgJM7zyAMB8GA1UdIwQY
MBaAFLD4qIX3d20quZu08g6E0wbgOUqjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEt
NGQwNTQ5OGFhOTdkLzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iMTI4MmYtNzFjNS00N2U3LWFlYTEtNGQwNTQ5OGFhOTdk
LzEvc1Bpb2hmZDNiU3E1bTdUeURvVFRCdUE1U3FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOd5FQnGI
7QWFvBnxo+tmXCfVHuvGUG1MHEh5SaqzjKiVKq/4tTX+eygKAAlLJ96fBuIaRPpk
jymtGdtTnnteY6vwl06K/nfF0vmV6u3znmx4EMYxnuwTwjKM0b3qKWgi91m34uQG
aMLjmA0v2YHdOOi3JRhd0ulzhl4hs24kyrXVEfNUarvfLPCHhBopAsRl+gR2rzrx
Mm03aSUoqJnrsQCF9+GzrAXRZ2sHfboOS8FkJGD5tAICJ4ajnfgoDBpd4khkuG9m
4ObHZ93PWQKpIG8p8NwTP23eZ6VFk9aqoTHTEgbkbkw/U67xH9gmEySnsetpRjsE
dfL+xCB9MXsXdg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:17:43 2025 by rpki-client