Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
File: 2bN6OM6IfTdjYEau84ehwjMVLkE.mft (raw, json)
Hash identifier: R5xSMu2sv6moSB2SF50jxlYBEAl0T9shSpOSpisGt94=
Subject key identifier: 8F:4D:77:FB:F3:0A:E9:CC:5E:4B:8E:D6:C7:57:F1:1B:4E:C4:6B:C1
Authority key identifier: D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
Certificate issuer: /CN=d9b37a38ce887d37636046aef387a1c233152e41
Certificate serial: 019A71B7DAA603502EBB55132940B2081C63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
Manifest number: 07B0
Signing time: Tue 11 Nov 2025 07:01:05 +0000
Manifest this update: Tue 11 Nov 2025 07:01:05 +0000
Manifest next update: Wed 12 Nov 2025 07:01:05 +0000
Files and hashes: 1: 2bN6OM6IfTdjYEau84ehwjMVLkE.crl (hash: 11PCIpWvzY9Tc65Bk10xUdcrvQp9n/FFf3jrMcRXqbI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:da:a6:03:50:2e:bb:55:13:29:40:b2:08:1c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9b37a38ce887d37636046aef387a1c233152e41
Validity
Not Before: Nov 11 07:01:05 2025 GMT
Not After : Nov 12 07:01:05 2025 GMT
Subject: CN=8f4d77fbf30ae9cc5e4b8ed6c757f11b4ec46bc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:05:9c:38:5a:e6:5f:f0:da:c5:cf:94:a8:f3:
f0:97:f6:05:98:4a:d8:95:f0:ea:26:b5:54:1c:13:
76:28:88:80:2d:e0:e6:ea:70:44:ef:16:5f:8e:75:
10:1a:d2:2d:9a:7f:1c:e9:a2:77:d2:6d:00:64:20:
f9:8e:0f:cf:1c:0f:12:2d:f0:04:ca:31:ca:9d:23:
a5:79:32:3d:1d:92:e7:4d:b4:ed:d3:c8:ea:c3:ea:
ec:1e:66:19:72:87:61:b8:61:71:a8:af:08:4f:a2:
db:fb:54:28:57:e2:84:92:78:31:cb:10:b6:b0:fa:
0b:de:0d:dd:8c:58:26:74:78:45:3b:8a:6f:18:03:
e0:be:05:60:4d:43:8d:5e:6f:65:dd:f3:bc:21:e2:
6a:3d:77:e8:d8:47:2e:64:66:22:2f:82:07:f0:0c:
0d:7c:cd:f4:fb:27:e7:d7:87:b0:8e:af:a3:75:0e:
9c:8c:b9:06:ad:58:6e:39:88:cc:8c:ac:f2:b2:91:
c6:09:82:fd:7b:61:35:ac:9d:9d:17:31:42:26:bb:
60:5c:61:89:14:f4:0b:c3:2f:d8:24:a6:6f:16:c4:
4c:87:c8:8d:9b:a1:2a:34:61:86:c4:0e:1e:3a:98:
6c:67:dc:c0:a7:35:7b:7a:1f:8f:22:9c:e4:e0:a1:
d8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:4D:77:FB:F3:0A:E9:CC:5E:4B:8E:D6:C7:57:F1:1B:4E:C4:6B:C1
X509v3 Authority Key Identifier:
keyid:D9:B3:7A:38:CE:88:7D:37:63:60:46:AE:F3:87:A1:C2:33:15:2E:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2bN6OM6IfTdjYEau84ehwjMVLkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/9545f2-fb60-4878-ae58-d6aac613830b/1/2bN6OM6IfTdjYEau84ehwjMVLkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
41:d0:c0:3a:c3:33:74:f4:f5:b3:86:0e:bd:75:c7:4d:89:6f:
2d:f0:26:6f:1d:55:15:d4:22:0e:44:58:c9:3a:b1:0b:5e:6a:
81:8e:9d:5c:33:96:a6:a5:c5:b3:ea:d5:79:9b:3d:7e:b1:65:
81:80:84:1f:2a:92:b7:39:0d:40:14:f1:ca:57:bd:54:16:85:
94:dd:63:5e:d9:23:89:35:65:bd:3e:74:a6:00:81:57:4a:20:
20:fb:4b:8d:7a:0a:12:43:52:fb:f6:c6:80:93:ae:6f:55:b5:
e2:ae:0e:4a:3e:4d:f1:32:f9:c2:26:5e:d8:04:ed:d3:be:ee:
bc:14:5e:70:8d:5c:a2:03:32:b7:56:7a:ac:29:fe:1b:62:7f:
64:f9:4f:4f:78:56:01:b9:88:0f:7a:f4:59:3e:36:f3:09:ac:
ad:5d:0c:b6:90:cd:bc:30:3a:b2:bd:77:8f:d5:b5:23:1c:23:
97:bf:cf:66:21:82:61:34:18:ee:d1:c0:f7:05:d5:3f:36:0c:
a8:f6:91:21:df:da:62:4f:31:06:0d:32:3d:71:e7:4f:ca:0c:
58:62:1b:a0:83:f9:d1:c9:b9:e9:a1:2e:27:b7:74:67:d3:a4:
48:90:03:9c:c5:49:2e:05:01:eb:e3:90:3e:c5:9b:fc:bb:12:
9e:14:ea:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9qmA1Auu1UTKUCyCBxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YjM3YTM4Y2U4ODdkMzc2MzYwNDZhZWYzODdhMWMyMzMx
NTJlNDEwHhcNMjUxMTExMDcwMTA1WhcNMjUxMTEyMDcwMTA1WjAzMTEwLwYDVQQD
Eyg4ZjRkNzdmYmYzMGFlOWNjNWU0YjhlZDZjNzU3ZjExYjRlYzQ2YmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAWcOFrmX/Daxc+UqPPwl/YFmErY
lfDqJrVUHBN2KIiALeDm6nBE7xZfjnUQGtItmn8c6aJ30m0AZCD5jg/PHA8SLfAE
yjHKnSOleTI9HZLnTbTt08jqw+rsHmYZcodhuGFxqK8IT6Lb+1QoV+KEkngxyxC2
sPoL3g3djFgmdHhFO4pvGAPgvgVgTUONXm9l3fO8IeJqPXfo2EcuZGYiL4IH8AwN
fM30+yfn14ewjq+jdQ6cjLkGrVhuOYjMjKzyspHGCYL9e2E1rJ2dFzFCJrtgXGGJ
FPQLwy/YJKZvFsRMh8iNm6EqNGGGxA4eOphsZ9zApzV7eh+PIpzk4KHYUwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI9Nd/vzCunMXkuO1sdX8RtOxGvBMB8GA1UdIwQY
MBaAFNmzejjOiH03Y2BGrvOHocIzFS5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgt
ZDZhYWM2MTM4MzBiLzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS85NTQ1ZjItZmI2MC00ODc4LWFlNTgtZDZhYWM2MTM4MzBi
LzEvMmJONk9NNklmVGRqWUVhdTg0ZWh3ak1WTGtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQdDAOsMz
dPT1s4YOvXXHTYlvLfAmbx1VFdQiDkRYyTqxC15qgY6dXDOWpqXFs+rVeZs9frFl
gYCEHyqStzkNQBTxyle9VBaFlN1jXtkjiTVlvT50pgCBV0ogIPtLjXoKEkNS+/bG
gJOub1W14q4OSj5N8TL5wiZe2ATt077uvBRecI1cogMyt1Z6rCn+G2J/ZPlPT3hW
AbmID3r0WT428wmsrV0MtpDNvDA6sr13j9W1Ixwjl7/PZiGCYTQY7tHA9wXVPzYM
qPaRId/aYk8xBg0yPXHnT8oMWGIboIP50cm56aEuJ7d0Z9OkSJADnMVJLgUB6+OQ
PsWb/LsSnhTqBw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:43:46 2025 by rpki-client