Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
File: vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft (raw, json)
Hash identifier: cGFZqHesXM1OXwneWpatmfKwUU2SQusRVJ6kU0NJTpA=
Subject key identifier: 5D:91:A3:8C:BA:22:98:E9:B9:96:50:00:B5:A3:AF:FA:97:AA:E4:B9
Authority key identifier: BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
Certificate issuer: /CN=be722a99732c9c3cbc20b0a47292a823782603ac
Certificate serial: 019A22F7AA2FFE928692CB238FD8BD91ACD5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
Manifest number: 1687
Signing time: Mon 27 Oct 2025 00:00:47 +0000
Manifest this update: Mon 27 Oct 2025 00:00:47 +0000
Manifest next update: Tue 28 Oct 2025 00:00:47 +0000
Files and hashes: 1: KEoMu2N6_T8O9ufaf0Y2clZ16n8.roa (hash: TtnWx5gcstoPtaU3BdfsPkG0EZi+JY/3eJmxv3P7PTM=)
2: vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl (hash: 7EgPRJ71i3cRn0fAIJ8y/Gx5kouCqFBZr8iT0ZFvOZI=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:22:f7:aa:2f:fe:92:86:92:cb:23:8f:d8:bd:91:ac:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be722a99732c9c3cbc20b0a47292a823782603ac
Validity
Not Before: Oct 27 00:00:47 2025 GMT
Not After : Oct 28 00:00:47 2025 GMT
Subject: CN=5d91a38cba2298e9b9965000b5a3affa97aae4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:04:54:85:fe:f5:85:36:3b:3d:09:05:c6:92:
10:5c:1b:70:ef:2f:41:8e:1d:57:c7:83:38:73:3c:
2f:e5:3e:da:a0:b4:4b:ac:78:6f:4e:dd:73:91:31:
9e:35:04:f4:11:8b:02:b4:78:96:87:83:48:5a:f0:
70:2d:55:96:40:a0:7a:8e:31:05:1a:1e:81:0b:a8:
ba:d4:36:4c:b6:48:02:0a:95:45:2b:64:de:a3:a3:
fc:9d:6d:77:7f:21:66:89:d7:15:78:9f:f8:33:d5:
56:0e:81:68:c2:c2:61:c6:df:5c:65:58:f9:78:90:
c0:74:e9:4f:43:5a:20:47:0e:cd:38:d8:aa:90:39:
cb:d0:b5:3b:e4:67:68:8c:4e:8a:d0:55:04:93:af:
c9:08:17:e7:91:99:ec:02:d3:5f:6f:c2:bc:68:d7:
46:4d:56:ab:54:91:c7:d9:d6:e4:2b:3c:db:a5:36:
02:1d:48:0f:77:c9:ce:69:8a:6f:44:d5:85:75:f1:
64:58:33:14:78:06:ed:04:ac:f8:ca:a7:30:2d:53:
e1:92:a3:95:90:7e:ca:da:84:a0:37:24:cd:fd:dd:
b3:41:f7:ee:67:b3:07:e3:d2:78:25:37:36:ca:d5:
45:e4:f7:c8:c9:ac:c5:d1:f1:d9:bc:3a:96:d9:c9:
90:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:91:A3:8C:BA:22:98:E9:B9:96:50:00:B5:A3:AF:FA:97:AA:E4:B9
X509v3 Authority Key Identifier:
keyid:BE:72:2A:99:73:2C:9C:3C:BC:20:B0:A4:72:92:A8:23:78:26:03:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vnIqmXMsnDy8ILCkcpKoI3gmA6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/041b9f-1a07-42e5-b487-29b97a1877fb/1/vnIqmXMsnDy8ILCkcpKoI3gmA6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0b:61:65:5d:bb:1d:29:5c:99:c3:2c:5a:ba:8d:90:31:79:ad:
e2:64:91:e0:a0:71:f1:c9:4d:04:53:6b:ec:45:a0:7c:35:bf:
b0:50:21:ec:2a:f3:f1:c0:67:0f:71:a0:cc:4b:20:32:5b:6c:
3a:11:ff:a7:60:bc:d6:86:69:e6:8b:34:7e:d0:d3:91:24:7c:
d5:66:d5:a6:d8:3a:a7:a7:b7:a6:ac:1d:34:ea:4a:75:f0:94:
ab:c5:42:54:0d:7b:c9:ad:a2:2a:8e:22:9b:29:d0:23:19:49:
7a:ca:9a:5e:51:69:a1:ea:7e:89:d9:73:5d:0f:4e:d5:9e:12:
d0:27:1b:29:ca:e5:bd:4d:7f:d1:46:97:52:7f:b3:ca:a9:c5:
53:56:ee:89:79:d7:92:c3:44:b1:b5:8c:3a:1a:0b:a8:b2:2e:
a8:e2:c7:2e:f9:9b:d4:83:73:dc:e4:b3:93:d1:65:09:ab:f7:
fc:2d:f9:51:77:c6:29:85:92:c6:be:e2:d7:a7:a1:57:8e:67:
0f:90:b1:aa:11:64:fe:12:3e:e3:51:93:27:86:c9:c5:b2:94:
72:c1:d8:90:fe:b0:03:e9:4e:52:d1:03:63:5e:f6:69:de:78:
ba:9c:18:41:47:2e:9c:0e:d3:4a:ad:99:b1:6d:b7:ef:f3:16:
e3:38:fa:a6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoi96ov/pKGkssjj9i9kazVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlNzIyYTk5NzMyYzljM2NiYzIwYjBhNDcyOTJhODIzNzgy
NjAzYWMwHhcNMjUxMDI3MDAwMDQ3WhcNMjUxMDI4MDAwMDQ3WjAzMTEwLwYDVQQD
Eyg1ZDkxYTM4Y2JhMjI5OGU5Yjk5NjUwMDBiNWEzYWZmYTk3YWFlNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwRUhf71hTY7PQkFxpIQXBtw7y9B
jh1Xx4M4czwv5T7aoLRLrHhvTt1zkTGeNQT0EYsCtHiWh4NIWvBwLVWWQKB6jjEF
Gh6BC6i61DZMtkgCCpVFK2Teo6P8nW13fyFmidcVeJ/4M9VWDoFowsJhxt9cZVj5
eJDAdOlPQ1ogRw7NONiqkDnL0LU75GdojE6K0FUEk6/JCBfnkZnsAtNfb8K8aNdG
TVarVJHH2dbkKzzbpTYCHUgPd8nOaYpvRNWFdfFkWDMUeAbtBKz4yqcwLVPhkqOV
kH7K2oSgNyTN/d2zQffuZ7MH49J4JTc2ytVF5PfIyazF0fHZvDqW2cmQvwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF2Ro4y6IpjpuZZQALWjr/qXquS5MB8GA1UdIwQY
MBaAFL5yKplzLJw8vCCwpHKSqCN4JgOsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODct
MjliOTdhMTg3N2ZiLzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wNDFiOWYtMWEwNy00MmU1LWI0ODctMjliOTdhMTg3N2Zi
LzEvdm5JcW1YTXNuRHk4SUxDa2NwS29JM2dtQTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAC2FlXbsd
KVyZwyxauo2QMXmt4mSR4KBx8clNBFNr7EWgfDW/sFAh7Crz8cBnD3GgzEsgMlts
OhH/p2C81oZp5os0ftDTkSR81WbVptg6p6e3pqwdNOpKdfCUq8VCVA17ya2iKo4i
mynQIxlJesqaXlFpoep+idlzXQ9O1Z4S0CcbKcrlvU1/0UaXUn+zyqnFU1buiXnX
ksNEsbWMOhoLqLIuqOLHLvmb1INz3OSzk9FlCav3/C35UXfGKYWSxr7i16ehV45n
D5CxqhFk/hI+41GTJ4bJxbKUcsHYkP6wA+lOUtEDY172ad54upwYQUcunA7TSq2Z
sW237/MW4zj6pg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 09:00:58 2025 by rpki-client