Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
File: 2okNBdXIi33m9bqkwdCF_nMB9dU.mft (raw, json)
Hash identifier: 4WJ0VGyC7BgLzvQIwYPgBO//jjp2clCte1SxSN97S+Y=
Subject key identifier: 4A:96:11:F4:01:D7:AE:A8:D4:0D:4E:17:BD:10:C9:2E:E7:54:B2:C0
Authority key identifier: DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5
Certificate issuer: /CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5
Certificate serial: 019A71B86B6F1B4DBFDF2565E4A1B70B66E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
Manifest number: 0B76
Signing time: Tue 11 Nov 2025 07:01:42 +0000
Manifest this update: Tue 11 Nov 2025 07:01:42 +0000
Manifest next update: Wed 12 Nov 2025 07:01:42 +0000
Files and hashes: 1: 2okNBdXIi33m9bqkwdCF_nMB9dU.crl (hash: NU5PltOlUuE4WEV16YNfW5q6mJoF/CZnuZuJayULBxU=)
2: empYwKrx4ABahFY0k2CZXZft5Pg.roa (hash: lQyRrUFjZRPH9Yib0Mwz+z/3ALSf5u0tcJRbBn2hjqI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:6b:6f:1b:4d:bf:df:25:65:e4:a1:b7:0b:66:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da890d05d5c88b7de6f5baa4c1d085fe7301f5d5
Validity
Not Before: Nov 11 07:01:42 2025 GMT
Not After : Nov 12 07:01:42 2025 GMT
Subject: CN=4a9611f401d7aea8d40d4e17bd10c92ee754b2c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4b:95:8e:52:bc:f1:a9:cc:3f:7d:ff:e6:bd:
e3:45:89:54:34:18:d2:76:68:c2:21:18:0b:99:88:
af:38:0e:bc:a7:79:ee:9e:0e:1d:f0:e9:1b:d9:02:
12:d8:e5:9f:cb:3b:b6:d6:3c:e7:e0:76:d9:dd:b2:
d2:3c:f8:64:33:96:cb:f2:27:60:67:03:88:d9:28:
c4:9c:88:d7:34:fa:4b:a7:17:cb:45:46:31:04:f5:
80:2f:6d:f1:54:6f:70:53:63:bb:31:86:3c:d5:9d:
20:c3:75:52:39:3d:ba:00:6c:e6:db:40:8e:5f:c7:
05:a9:f5:11:b3:cc:b5:50:21:b5:f1:9d:64:30:2c:
79:06:24:08:77:73:0e:a2:9a:43:16:8a:7f:53:3d:
df:58:ec:4c:ba:3d:dd:3d:1d:9a:d8:f3:cb:4e:20:
fc:1f:85:45:ae:7f:79:79:c2:99:76:55:6d:88:c9:
2c:eb:05:9a:41:65:a7:96:82:a7:e7:f5:09:e6:27:
53:9b:37:0e:8d:1c:9c:66:a5:0d:fe:d1:22:98:bd:
16:19:96:97:fa:de:b3:33:ed:a4:ce:89:94:cf:6e:
87:d7:74:c3:79:fa:eb:ad:39:c7:2e:d5:e4:57:64:
4f:8a:20:43:84:8c:0e:74:93:19:3f:b7:a6:27:95:
e0:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:96:11:F4:01:D7:AE:A8:D4:0D:4E:17:BD:10:C9:2E:E7:54:B2:C0
X509v3 Authority Key Identifier:
keyid:DA:89:0D:05:D5:C8:8B:7D:E6:F5:BA:A4:C1:D0:85:FE:73:01:F5:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2okNBdXIi33m9bqkwdCF_nMB9dU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a67420-b1b5-4495-9176-b4836bc164a1/1/2okNBdXIi33m9bqkwdCF_nMB9dU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
62:c0:9d:9f:dd:39:b2:c2:93:76:cc:35:85:91:0f:4d:55:28:
bf:6c:88:7e:fb:a1:9a:1f:92:d8:9f:b4:b8:9d:90:2c:1e:6c:
ac:50:28:8a:44:26:97:12:b6:1f:ba:b0:67:71:28:c9:c3:21:
1e:3f:39:19:85:a2:47:8e:3e:1c:05:a4:ae:e1:13:c7:33:aa:
27:05:6e:f0:3d:b3:67:e4:c1:07:09:3a:a3:91:a1:4e:4d:ee:
59:49:04:93:88:98:03:2e:8a:41:f1:ee:42:d2:00:cb:f2:0b:
ac:0a:3c:f8:13:4c:97:ae:63:13:c6:83:4e:4e:63:82:99:61:
a2:f0:34:60:cf:01:a5:9a:9d:87:64:0e:ba:58:1d:4e:65:a3:
c9:cc:1f:a4:f5:eb:67:bf:a7:d0:34:14:5d:0d:c9:fe:f5:9a:
48:6d:4d:35:07:65:9e:35:ac:c7:81:a9:16:06:43:f4:03:54:
b5:df:4e:8e:02:04:32:d2:40:6c:03:e0:e9:cc:30:41:85:90:
ef:03:c0:84:1e:31:02:9f:3d:60:0c:39:7f:a2:a1:c0:2a:cc:
b1:da:0a:e7:56:69:00:8d:cf:53:de:b8:f1:ef:c7:18:30:ce:
26:31:8d:a1:0d:4f:4c:3c:5a:97:e8:04:70:6c:e8:ad:cf:62:
7d:ea:30:a5
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGtvG02/3yVl5KG3C2bjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhODkwZDA1ZDVjODhiN2RlNmY1YmFhNGMxZDA4NWZlNzMw
MWY1ZDUwHhcNMjUxMTExMDcwMTQyWhcNMjUxMTEyMDcwMTQyWjAzMTEwLwYDVQQD
Eyg0YTk2MTFmNDAxZDdhZWE4ZDQwZDRlMTdiZDEwYzkyZWU3NTRiMmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUuVjlK88anMP33/5r3jRYlUNBjS
dmjCIRgLmYivOA68p3nung4d8Okb2QIS2OWfyzu21jzn4HbZ3bLSPPhkM5bL8idg
ZwOI2SjEnIjXNPpLpxfLRUYxBPWAL23xVG9wU2O7MYY81Z0gw3VSOT26AGzm20CO
X8cFqfURs8y1UCG18Z1kMCx5BiQId3MOoppDFop/Uz3fWOxMuj3dPR2a2PPLTiD8
H4VFrn95ecKZdlVtiMks6wWaQWWnloKn5/UJ5idTmzcOjRycZqUN/tEimL0WGZaX
+t6zM+2kzomUz26H13TDefrrrTnHLtXkV2RPiiBDhIwOdJMZP7emJ5XgswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEqWEfQB166o1A1OF70QyS7nVLLAMB8GA1UdIwQY
MBaAFNqJDQXVyIt95vW6pMHQhf5zAfXVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYt
YjQ4MzZiYzE2NGExLzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9hNjc0MjAtYjFiNS00NDk1LTkxNzYtYjQ4MzZiYzE2NGEx
LzEvMm9rTkJkWElpMzNtOWJxa3dkQ0Zfbk1COWRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYsCdn905
ssKTdsw1hZEPTVUov2yIfvuhmh+S2J+0uJ2QLB5srFAoikQmlxK2H7qwZ3EoycMh
Hj85GYWiR44+HAWkruETxzOqJwVu8D2zZ+TBBwk6o5GhTk3uWUkEk4iYAy6KQfHu
QtIAy/ILrAo8+BNMl65jE8aDTk5jgplhovA0YM8BpZqdh2QOulgdTmWjycwfpPXr
Z7+n0DQUXQ3J/vWaSG1NNQdlnjWsx4GpFgZD9ANUtd9OjgIEMtJAbAPg6cwwQYWQ
7wPAhB4xAp89YAw5f6KhwCrMsdoK51ZpAI3PU9648e/HGDDOJjGNoQ1PTDxal+gE
cGzorc9ifeowpQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:59:06 2025 by rpki-client