Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
File: 25ebiYwPWDTLyDimmgXjq-jAKQM.mft (raw, json)
Hash identifier: Yesp0iv7PiERWqwa6Y2AWmBPz0P/zxGTMqE/38kvBmc=
Subject key identifier: 3B:E7:65:8A:D2:3B:B4:DD:A9:70:4C:4A:41:D9:FC:9C:2B:14:75:AF
Authority key identifier: DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
Certificate issuer: /CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Certificate serial: 019E303B9D42D3EC921A12109ED932B024BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
Manifest number: 0CA2
Signing time: Sat 16 May 2026 10:01:13 +0000
Manifest this update: Sat 16 May 2026 10:01:13 +0000
Manifest next update: Sun 17 May 2026 10:01:13 +0000
Files and hashes: 1: 25ebiYwPWDTLyDimmgXjq-jAKQM.crl (hash: uFBDtWBTn4czWraPhrZ9NN4pJFKtBKXxIS6c780ngEM=)
2: FjKOaSffmodjULE60Uqyds_9UrY.roa (hash: Cvv1kQqsgheFH6HLElDwGFzdf6a+v+I+lfZ3+Gpg/Ko=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 17 May 2026 10:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:30:3b:9d:42:d3:ec:92:1a:12:10:9e:d9:32:b0:24:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db979b898c0f5834cbc838a69a05e3abe8c02903
Validity
Not Before: May 16 10:01:13 2026 GMT
Not After : May 17 10:01:13 2026 GMT
Subject: CN=3be7658ad23bb4dda9704c4a41d9fc9c2b1475af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f4:f0:2a:4d:82:bc:03:79:0c:dd:8a:33:a8:
20:ef:4f:c5:d7:c8:78:a6:60:ea:63:b8:ef:16:eb:
c9:8e:d6:11:81:43:de:86:69:5c:3b:f2:9e:af:32:
e6:a9:fa:56:75:bd:e3:03:cc:66:9e:ee:07:6d:41:
2c:6d:d3:28:34:47:d0:52:53:2e:8c:7a:b1:62:c8:
48:3b:10:99:08:58:24:dc:93:1f:d6:49:da:b4:f3:
e7:20:78:ca:ae:fc:2d:97:5a:d7:11:0a:5a:ab:00:
75:47:3d:e4:c2:63:0b:1f:86:80:1e:7d:9c:91:31:
c4:90:5c:46:3c:4f:81:58:62:21:7e:fb:f4:d8:5f:
45:a7:e7:a8:d2:42:b4:eb:00:c4:38:67:40:dc:a7:
8c:96:9b:ae:69:71:14:22:f4:ff:d9:ff:09:61:c5:
57:30:96:00:9b:50:81:ce:5d:8e:a6:bb:3c:7b:7a:
19:7e:6b:58:7d:22:98:ca:6d:b3:52:cc:cc:d3:56:
86:f1:d9:45:32:a2:ad:b8:c4:c3:d6:84:59:f8:d2:
74:71:37:39:c3:d5:b6:6b:71:b3:33:d7:90:eb:6a:
1b:2e:4a:f8:71:b1:26:5d:1f:cf:68:4a:7a:7a:3f:
29:ba:77:8d:5c:3b:71:4a:9b:71:e4:0a:04:29:dd:
94:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E7:65:8A:D2:3B:B4:DD:A9:70:4C:4A:41:D9:FC:9C:2B:14:75:AF
X509v3 Authority Key Identifier:
keyid:DB:97:9B:89:8C:0F:58:34:CB:C8:38:A6:9A:05:E3:AB:E8:C0:29:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/25ebiYwPWDTLyDimmgXjq-jAKQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/d5fde6-1951-47b8-a325-4cb257ee192c/1/25ebiYwPWDTLyDimmgXjq-jAKQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
25:30:8e:cb:59:80:84:75:cf:a3:66:65:45:0a:f2:b0:58:f4:
e0:68:ba:03:8d:0a:fd:25:53:bc:c8:d2:85:96:43:41:f7:bd:
32:e4:46:e3:80:f4:54:52:a7:5a:bf:56:93:69:8b:a7:c6:b3:
98:a2:84:da:bb:d9:af:0d:69:89:b1:1b:bc:79:ab:07:e3:8c:
49:e7:35:03:9d:13:dd:57:bf:fa:f6:16:ff:10:ed:e9:4f:62:
fc:f6:0e:79:7e:aa:1f:e3:56:d6:22:10:44:b2:0e:ae:2e:39:
ab:76:39:53:c6:63:9a:62:41:50:e8:5d:1f:91:99:e2:21:55:
9b:54:dd:5a:f1:de:d8:20:75:61:03:5c:59:1a:d3:a1:84:69:
22:b3:79:d1:58:e1:c1:44:f8:85:5e:01:7d:0d:9c:64:dc:14:
d3:70:92:a3:ca:81:81:07:ec:15:42:02:53:20:0b:c0:20:85:
70:fe:5c:2a:53:dd:15:d1:30:17:b2:23:c6:c0:da:13:c4:e9:
61:b7:03:25:90:24:ba:5c:4a:94:c4:2f:33:2f:eb:a0:c7:c7:
19:b3:87:3a:d2:c4:12:c6:94:3e:f6:3c:e5:d5:d4:60:bd:ee:
f8:82:5c:4d:ac:88:e0:d1:a2:57:40:38:5e:e4:bd:fb:65:ee:
b1:ec:fb:05
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ4wO51C0+ySGhIQntkysCS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOTc5Yjg5OGMwZjU4MzRjYmM4MzhhNjlhMDVlM2FiZThj
MDI5MDMwHhcNMjYwNTE2MTAwMTEzWhcNMjYwNTE3MTAwMTEzWjAzMTEwLwYDVQQD
EygzYmU3NjU4YWQyM2JiNGRkYTk3MDRjNGE0MWQ5ZmM5YzJiMTQ3NWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fTwKk2CvAN5DN2KM6gg70/F18h4
pmDqY7jvFuvJjtYRgUPehmlcO/KerzLmqfpWdb3jA8xmnu4HbUEsbdMoNEfQUlMu
jHqxYshIOxCZCFgk3JMf1knatPPnIHjKrvwtl1rXEQpaqwB1Rz3kwmMLH4aAHn2c
kTHEkFxGPE+BWGIhfvv02F9Fp+eo0kK06wDEOGdA3KeMlpuuaXEUIvT/2f8JYcVX
MJYAm1CBzl2Oprs8e3oZfmtYfSKYym2zUszM01aG8dlFMqKtuMTD1oRZ+NJ0cTc5
w9W2a3GzM9eQ62obLkr4cbEmXR/PaEp6ej8puneNXDtxSptx5AoEKd2U1wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDvnZYrSO7TdqXBMSkHZ/JwrFHWvMB8GA1UdIwQY
MBaAFNuXm4mMD1g0y8g4ppoF46vowCkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUt
NGNiMjU3ZWUxOTJjLzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9kNWZkZTYtMTk1MS00N2I4LWEzMjUtNGNiMjU3ZWUxOTJj
LzEvMjVlYmlZd1BXRFRMeURpbW1nWGpxLWpBS1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJTCOy1mA
hHXPo2ZlRQrysFj04Gi6A40K/SVTvMjShZZDQfe9MuRG44D0VFKnWr9Wk2mLp8az
mKKE2rvZrw1pibEbvHmrB+OMSec1A50T3Ve/+vYW/xDt6U9i/PYOeX6qH+NW1iIQ
RLIOri45q3Y5U8ZjmmJBUOhdH5GZ4iFVm1TdWvHe2CB1YQNcWRrToYRpIrN50Vjh
wUT4hV4BfQ2cZNwU03CSo8qBgQfsFUICUyALwCCFcP5cKlPdFdEwF7IjxsDaE8Tp
YbcDJZAkulxKlMQvMy/roMfHGbOHOtLEEsaUPvY85dXUYL3u+IJcTayI4NGiV0A4
XuS9+2Xusez7BQ==
-----END CERTIFICATE-----
Generated at Sat May 16 16:27:13 2026 by rpki-client