Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
File: 2pa1va-ygzLa_oR87RT3pfrUXmk.mft (raw, json)
Hash identifier: 9/Z4H3PMPfPELk3SeFtKwdXgE/cn3arZ5PKRy2QMipg=
Subject key identifier: B3:57:EC:97:5F:26:66:A0:13:0F:F9:3A:49:F5:5D:74:38:46:17:8D
Authority key identifier: DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
Certificate issuer: /CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Certificate serial: 019A71B85ED9526B936E88C070DDA414BB68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
Manifest number: 171E
Signing time: Tue 11 Nov 2025 07:01:39 +0000
Manifest this update: Tue 11 Nov 2025 07:01:39 +0000
Manifest next update: Wed 12 Nov 2025 07:01:39 +0000
Files and hashes: 1: 2pa1va-ygzLa_oR87RT3pfrUXmk.crl (hash: ChaZp/OlP9LMyH+LnSiqPbilfPGSDXkP0J16X9uxnO4=)
2: 99kZ91L5k4nve2PYsWtipJThPHU.roa (hash: bVtLb94sDBWJmE1C3lJHiBUqgO9xT7zdCZpTZaX8mXc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:5e:d9:52:6b:93:6e:88:c0:70:dd:a4:14:bb:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da96b5bdafb28332dafe847ced14f7a5fad45e69
Validity
Not Before: Nov 11 07:01:39 2025 GMT
Not After : Nov 12 07:01:39 2025 GMT
Subject: CN=b357ec975f2666a0130ff93a49f55d743846178d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:03:1d:de:ef:ad:8f:32:6f:83:fd:93:5d:2f:
67:b0:d3:7e:4e:92:c5:5e:e8:85:31:4c:5a:ba:ff:
06:fd:e9:16:72:b3:4d:d9:bc:2f:82:37:0a:e3:dc:
66:6f:80:3a:b7:7a:03:a6:70:66:d1:04:ca:e5:95:
fc:6c:6c:ce:b9:21:c6:e1:cb:77:3e:e3:42:a4:e4:
96:7e:11:48:d7:f1:27:20:ca:ab:8e:89:30:8c:64:
c7:2d:f8:67:a3:9a:e0:68:27:6e:f7:97:50:4b:03:
b9:a8:08:00:a3:d4:70:6d:3c:f8:60:54:4e:3c:80:
fc:b5:e3:d0:5c:f3:21:9c:28:27:2f:79:7d:13:cd:
ec:c1:fe:52:c9:9f:ac:3c:1e:02:5e:e2:b2:b1:12:
9c:cc:38:a0:3a:4f:ca:f3:c7:30:8e:14:2a:3b:dd:
19:7b:b0:11:11:03:d1:39:a6:f4:a7:34:8c:98:bf:
d0:0a:91:dd:1a:6e:73:47:d8:90:55:74:c8:1d:7a:
8e:94:4d:ba:a0:d6:c9:5a:5c:1c:c6:1e:b5:96:4a:
bd:5a:db:dc:39:ae:f4:9c:43:10:83:6e:8d:8d:37:
d4:9d:06:18:e9:6f:53:6d:40:94:c1:4c:67:b5:9f:
6c:ae:d6:7f:1b:b1:3b:98:aa:45:4c:67:cd:a5:1a:
e6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:57:EC:97:5F:26:66:A0:13:0F:F9:3A:49:F5:5D:74:38:46:17:8D
X509v3 Authority Key Identifier:
keyid:DA:96:B5:BD:AF:B2:83:32:DA:FE:84:7C:ED:14:F7:A5:FA:D4:5E:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pa1va-ygzLa_oR87RT3pfrUXmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/819089-473b-463f-b87b-4253950f1155/1/2pa1va-ygzLa_oR87RT3pfrUXmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a2:6c:b4:de:12:11:22:91:4d:f9:ca:d4:45:63:3a:41:4c:4b:
5e:9b:ab:20:47:69:7b:45:30:14:09:3b:e8:b4:f6:9d:d2:16:
a2:9b:fa:0e:b8:c5:e2:c3:f3:0e:24:c6:00:a0:3a:84:dc:5c:
d1:e3:bf:be:58:92:d8:1e:16:97:a2:48:0f:d2:a0:78:ea:03:
d3:21:dd:ef:6c:e4:7a:7c:79:1c:3c:69:1e:6d:fc:24:4b:2b:
9f:fe:59:76:ff:3a:3b:4d:4e:88:63:00:ee:9f:be:32:8a:12:
2d:45:55:1f:cc:52:18:52:96:7a:df:b8:6c:44:f2:75:31:0f:
25:23:0d:03:1a:8f:1d:36:f3:91:57:93:a9:97:d2:f4:30:0e:
10:0b:8f:a1:ec:e5:09:63:7b:8d:3e:d4:55:90:7e:7d:8f:e4:
24:7c:a9:4d:2b:54:86:04:f2:53:6a:6c:73:5e:c7:38:dd:ed:
be:9c:f8:a9:a3:37:f3:09:bc:ca:a3:b2:62:0b:2c:3d:6c:de:
8e:33:21:37:18:2a:36:13:32:4c:20:66:b8:df:28:7d:2c:15:
b3:2f:70:30:72:2c:d4:62:e6:ad:97:a6:7d:a5:53:8b:08:cc:
f7:2d:90:e3:ca:07:aa:32:bc:f8:84:f4:e3:ff:fa:58:9a:6d:
77:f0:00:32
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuF7ZUmuTbojAcN2kFLtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOTZiNWJkYWZiMjgzMzJkYWZlODQ3Y2VkMTRmN2E1ZmFk
NDVlNjkwHhcNMjUxMTExMDcwMTM5WhcNMjUxMTEyMDcwMTM5WjAzMTEwLwYDVQQD
EyhiMzU3ZWM5NzVmMjY2NmEwMTMwZmY5M2E0OWY1NWQ3NDM4NDYxNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAMd3u+tjzJvg/2TXS9nsNN+TpLF
XuiFMUxauv8G/ekWcrNN2bwvgjcK49xmb4A6t3oDpnBm0QTK5ZX8bGzOuSHG4ct3
PuNCpOSWfhFI1/EnIMqrjokwjGTHLfhno5rgaCdu95dQSwO5qAgAo9RwbTz4YFRO
PID8tePQXPMhnCgnL3l9E83swf5SyZ+sPB4CXuKysRKczDigOk/K88cwjhQqO90Z
e7AREQPROab0pzSMmL/QCpHdGm5zR9iQVXTIHXqOlE26oNbJWlwcxh61lkq9Wtvc
Oa70nEMQg26NjTfUnQYY6W9TbUCUwUxntZ9srtZ/G7E7mKpFTGfNpRrmVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLNX7JdfJmagEw/5Okn1XXQ4RheNMB8GA1UdIwQY
MBaAFNqWtb2vsoMy2v6EfO0U96X61F5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2It
NDI1Mzk1MGYxMTU1LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC84MTkwODktNDczYi00NjNmLWI4N2ItNDI1Mzk1MGYxMTU1
LzEvMnBhMXZhLXlnekxhX29SODdSVDNwZnJVWG1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAomy03hIR
IpFN+crURWM6QUxLXpurIEdpe0UwFAk76LT2ndIWopv6DrjF4sPzDiTGAKA6hNxc
0eO/vliS2B4Wl6JID9KgeOoD0yHd72zkenx5HDxpHm38JEsrn/5Zdv86O01OiGMA
7p++MooSLUVVH8xSGFKWet+4bETydTEPJSMNAxqPHTbzkVeTqZfS9DAOEAuPoezl
CWN7jT7UVZB+fY/kJHypTStUhgTyU2psc17HON3tvpz4qaM38wm8yqOyYgssPWze
jjMhNxgqNhMyTCBmuN8ofSwVsy9wMHIs1GLmrZemfaVTiwjM9y2Q48oHqjK8+IT0
4//6WJptd/AAMg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:33 2025 by rpki-client