Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
File: y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft (raw, json)
Hash identifier: qPTTlBHznABYLpWNIxGv3tl4iu8MpjsMeubMOqkhN40=
Subject key identifier: 3D:3A:7E:FC:AB:FC:6A:CF:00:AB:A0:F3:D7:18:9D:0C:7B:57:D8:0B
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 019A725D0929D06323EAAA21FD7910C36926
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
Manifest number: 12BE
Signing time: Tue 11 Nov 2025 10:01:30 +0000
Manifest this update: Tue 11 Nov 2025 10:01:30 +0000
Manifest next update: Wed 12 Nov 2025 10:01:30 +0000
Files and hashes: 1: nPtNOVhjTVbNoPzqUJGa-Eqnb0Y.roa (hash: Yuz9f1rxV7S4atM+GycUQVhSQinvjc3oT1lXV1zOVuE=)
2: y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl (hash: ehDh1dIA5LCSix3monOgT/7wB07ORu1jjpqFA3InTi4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5d:09:29:d0:63:23:ea:aa:21:fd:79:10:c3:69:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Nov 11 10:01:30 2025 GMT
Not After : Nov 12 10:01:30 2025 GMT
Subject: CN=3d3a7efcabfc6acf00aba0f3d7189d0c7b57d80b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:9a:ac:c2:14:c3:f4:45:ed:16:1a:8f:6f:59:
25:d1:f9:02:5a:c7:3b:d6:18:aa:91:bf:25:4c:b9:
c4:0f:15:7d:63:c5:bb:fb:ff:a7:50:6f:37:32:91:
4e:a0:1a:11:67:fa:4e:6e:24:04:d5:fe:a3:46:e6:
66:06:4e:53:05:83:8a:fe:d7:cc:90:41:a5:ef:b2:
a8:48:94:a3:5f:37:60:2e:c5:88:23:55:ef:6b:9e:
be:d8:72:c3:d0:02:6c:ab:21:0b:c2:62:3c:45:3f:
71:2e:b9:9b:0e:7e:85:b4:4e:b3:fb:fe:7b:01:a6:
ab:54:a0:2c:71:f6:d5:22:ce:c5:5c:41:1b:65:9c:
27:5f:b8:7a:cc:04:e1:18:97:d2:fa:df:ae:4b:e5:
b6:07:41:44:c2:05:49:4e:7f:6d:8d:6c:4d:e6:ef:
ee:77:c2:21:e5:ff:59:fb:74:14:6d:fc:0c:e3:6b:
f2:13:22:fc:d1:02:15:13:8d:f4:60:f0:1d:47:66:
38:15:b5:f2:9b:40:0d:b9:2e:ee:b6:ca:32:69:0e:
16:40:e2:30:12:b1:eb:85:ae:fb:7c:54:32:20:70:
d8:82:cd:28:56:c8:11:ba:f5:69:82:25:5c:ff:47:
ea:da:a7:c9:4b:18:cc:c1:f9:ee:5d:8e:91:ce:02:
96:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:3A:7E:FC:AB:FC:6A:CF:00:AB:A0:F3:D7:18:9D:0C:7B:57:D8:0B
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:e7:57:85:7f:db:f5:03:f5:68:de:c2:21:47:1b:ec:2d:39:
6a:46:f6:65:3c:b1:33:ae:25:d6:c4:f4:fb:ef:56:db:0e:1b:
f0:6f:9b:73:75:85:2e:e5:74:08:1b:81:f6:93:e6:46:a0:bf:
d8:ff:01:a0:ea:d6:51:03:bb:79:cf:80:d0:27:32:78:0f:74:
6e:f8:ea:ef:cb:3d:c6:5b:10:f2:bb:3a:35:cb:e4:61:a4:bf:
c2:9a:34:3f:43:e0:95:4e:96:0a:54:b5:e4:67:70:cb:17:6d:
26:be:06:27:4c:f5:78:9b:bd:46:b7:d4:ed:3a:e3:97:be:f1:
74:22:5f:c4:fa:00:cb:d7:6d:27:06:7f:78:db:64:4c:3c:89:
a2:af:53:11:4b:d7:22:2e:ae:d1:17:29:e9:28:78:f3:b2:a3:
ce:b4:a4:e3:2d:51:2f:17:1f:d1:49:b4:82:3e:b4:f1:b0:9e:
6e:ab:47:8d:3d:4c:6f:fa:eb:7d:18:58:91:4a:d8:ab:01:2c:
cc:27:fa:14:11:5d:31:9d:f0:af:ca:a7:47:77:28:83:21:b1:
77:89:c0:3d:e3:a0:4a:43:46:d7:33:45:ac:b3:2c:ae:3c:6f:
ef:b2:20:3e:de:48:e8:41:26:0e:9a:f9:4e:28:e3:95:b7:f0:
e4:24:71:77
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXQkp0GMj6qoh/XkQw2kmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjQ1YmMwZmRiODYyNmJjZTJjMDQyNWM0MDg3YjU0ZTE1
MGQzODYwHhcNMjUxMTExMTAwMTMwWhcNMjUxMTEyMTAwMTMwWjAzMTEwLwYDVQQD
EygzZDNhN2VmY2FiZmM2YWNmMDBhYmEwZjNkNzE4OWQwYzdiNTdkODBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiJqswhTD9EXtFhqPb1kl0fkCWsc7
1hiqkb8lTLnEDxV9Y8W7+/+nUG83MpFOoBoRZ/pObiQE1f6jRuZmBk5TBYOK/tfM
kEGl77KoSJSjXzdgLsWII1Xva56+2HLD0AJsqyELwmI8RT9xLrmbDn6FtE6z+/57
AaarVKAscfbVIs7FXEEbZZwnX7h6zAThGJfS+t+uS+W2B0FEwgVJTn9tjWxN5u/u
d8Ih5f9Z+3QUbfwM42vyEyL80QIVE430YPAdR2Y4FbXym0ANuS7utsoyaQ4WQOIw
ErHrha77fFQyIHDYgs0oVsgRuvVpgiVc/0fq2qfJSxjMwfnuXY6RzgKWVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD06fvyr/GrPAKug89cYnQx7V9gLMB8GA1UdIwQY
MBaAFMtkW8D9uGJrziwEJcQIe1ThUNOGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmIt
ZTg3NTRkMDA1ZWJlLzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81N2JmODktZmUzYi00YzIxLThmZmItZTg3NTRkMDA1ZWJl
LzEveTJSYndQMjRZbXZPTEFRbHhBaDdWT0ZRMDRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZudXhX/b
9QP1aN7CIUcb7C05akb2ZTyxM64l1sT0++9W2w4b8G+bc3WFLuV0CBuB9pPmRqC/
2P8BoOrWUQO7ec+A0CcyeA90bvjq78s9xlsQ8rs6NcvkYaS/wpo0P0PglU6WClS1
5GdwyxdtJr4GJ0z1eJu9RrfU7Trjl77xdCJfxPoAy9dtJwZ/eNtkTDyJoq9TEUvX
Ii6u0Rcp6Sh487KjzrSk4y1RLxcf0Um0gj608bCebqtHjT1Mb/rrfRhYkUrYqwEs
zCf6FBFdMZ3wr8qnR3cogyGxd4nAPeOgSkNG1zNFrLMsrjxv77IgPt5I6EEmDpr5
Tijjlbfw5CRxdw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:42 2025 by rpki-client