Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.mft
File: vxtInm2bjH2Dyh5yelmE2-V3r7w.mft (raw, json)
Hash identifier: 6Bg0n3Lsx3dri4KQCfih6QF8QxN5BQFcT1Vy+a1SjyI=
Subject key identifier: A3:1D:EB:A1:4D:36:59:58:02:38:E1:BB:9D:1D:8B:B2:B9:DE:4D:CD
Authority key identifier: BF:1B:48:9E:6D:9B:8C:7D:83:CA:1E:72:7A:59:84:DB:E5:77:AF:BC
Certificate issuer: /CN=bf1b489e6d9b8c7d83ca1e727a5984dbe577afbc
Certificate serial: 019A725C4EDF9C36E25B58F4321F54F69E24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxtInm2bjH2Dyh5yelmE2-V3r7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.mft
Manifest number: 29
Signing time: Tue 11 Nov 2025 10:00:43 +0000
Manifest this update: Tue 11 Nov 2025 10:00:43 +0000
Manifest next update: Wed 12 Nov 2025 10:00:43 +0000
Files and hashes: 1: 1-rB8XTQYqpP7MjgG7HR4P6rMeyU.roa (hash: o9F/zfrqIdfUaOEIn5d4Y/Rf/lN8VClY0SnZ+RAIGLc=)
2: vxtInm2bjH2Dyh5yelmE2-V3r7w.crl (hash: QeF/dgDQZAl5qs1SsAiCX2aZifSltv1BP8um+5MK5rc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.mft
rsync://rpki.ripe.net/repository/DEFAULT/vxtInm2bjH2Dyh5yelmE2-V3r7w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:4e:df:9c:36:e2:5b:58:f4:32:1f:54:f6:9e:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1b489e6d9b8c7d83ca1e727a5984dbe577afbc
Validity
Not Before: Nov 11 10:00:43 2025 GMT
Not After : Nov 12 10:00:43 2025 GMT
Subject: CN=a31deba14d3659580238e1bb9d1d8bb2b9de4dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4c:cc:99:43:47:b6:48:ce:96:21:fd:25:af:
62:04:81:f9:26:68:4c:50:54:59:9e:fb:3b:f8:0a:
d1:7e:06:df:9c:19:bb:3d:c8:35:f0:8f:47:5b:a0:
c7:01:f3:ca:37:52:20:92:8f:ee:24:ab:cc:55:a1:
22:78:62:37:48:ac:87:50:5a:55:e7:4c:2a:eb:7d:
36:ca:b8:f5:5d:0a:64:9b:23:ad:6d:03:ef:d2:4a:
9a:f4:10:4c:1d:5c:ad:ee:f9:c5:67:9b:d7:f3:cd:
22:30:23:79:fc:69:32:8e:d3:c6:3d:af:91:cc:69:
df:ad:2e:b9:2f:d4:af:6c:60:38:5f:3a:e7:54:ab:
c1:97:70:76:14:35:f6:fb:6c:6b:ce:0d:ae:0a:77:
67:11:32:28:ac:ef:e5:b6:3b:af:2f:17:0e:ea:4d:
6d:03:7d:d5:19:db:50:c9:14:7d:6f:5d:ce:cf:3e:
df:26:ca:3a:67:55:fe:4d:6a:9b:16:62:78:3e:2b:
4d:b2:92:40:e6:48:3d:b1:ac:a0:db:65:29:99:5c:
84:b9:74:06:6a:f8:43:19:0f:3a:c3:b6:a2:fa:b3:
0c:4f:fa:a4:e2:1d:18:7b:26:c3:a8:c8:14:ba:e0:
2c:7e:8e:03:e0:8f:59:18:83:a1:52:a4:44:46:29:
e8:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:1D:EB:A1:4D:36:59:58:02:38:E1:BB:9D:1D:8B:B2:B9:DE:4D:CD
X509v3 Authority Key Identifier:
keyid:BF:1B:48:9E:6D:9B:8C:7D:83:CA:1E:72:7A:59:84:DB:E5:77:AF:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxtInm2bjH2Dyh5yelmE2-V3r7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b441ca-e77c-4211-8712-182cd4aac436/1/vxtInm2bjH2Dyh5yelmE2-V3r7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
71:6f:f7:5d:69:dc:f6:93:56:aa:dc:d2:6a:a7:a9:36:37:90:
b6:13:b4:fe:03:a7:98:69:9f:a4:e0:3a:4f:9d:a4:b4:65:20:
80:70:82:f0:19:cc:58:a7:92:5f:be:a7:83:8c:bb:82:fa:1c:
24:40:4f:4b:49:cd:da:d0:d7:e3:d7:eb:46:d7:82:6b:b2:f4:
de:a9:90:ec:93:e2:ff:9e:28:ee:9f:03:53:b8:21:42:92:ba:
7e:2a:70:7d:87:d9:5e:97:d1:f5:d9:20:55:05:50:7a:82:6a:
93:6a:1d:8b:95:35:f2:44:39:1e:c1:60:3c:10:d1:42:44:9c:
ec:3e:42:80:68:df:e7:1c:82:65:4e:2d:aa:89:0b:ee:74:b3:
b6:9a:ad:99:07:81:1c:e2:87:e1:e8:f8:a1:78:cd:f8:c7:44:
ae:a8:4c:79:8b:f9:8c:92:3c:a5:e1:8f:ae:0a:4a:a5:cf:a0:
d2:e2:ef:97:17:60:8f:1b:c2:28:82:1d:0e:f6:f9:cd:be:7b:
73:9c:7d:6a:7b:b9:02:b5:3b:91:06:84:32:eb:cb:16:fa:ef:
de:03:78:36:e9:84:5f:ea:2f:07:f4:dd:30:5e:fb:77:03:85:
22:ba:7d:3c:7f:6c:4e:80:e8:5f:82:73:d0:b3:d0:fc:5e:44:
62:1c:21:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXE7fnDbiW1j0Mh9U9p4kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWI0ODllNmQ5YjhjN2Q4M2NhMWU3MjdhNTk4NGRiZTU3
N2FmYmMwHhcNMjUxMTExMTAwMDQzWhcNMjUxMTEyMTAwMDQzWjAzMTEwLwYDVQQD
EyhhMzFkZWJhMTRkMzY1OTU4MDIzOGUxYmI5ZDFkOGJiMmI5ZGU0ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEzMmUNHtkjOliH9Ja9iBIH5JmhM
UFRZnvs7+ArRfgbfnBm7Pcg18I9HW6DHAfPKN1Igko/uJKvMVaEieGI3SKyHUFpV
50wq6302yrj1XQpkmyOtbQPv0kqa9BBMHVyt7vnFZ5vX880iMCN5/GkyjtPGPa+R
zGnfrS65L9SvbGA4XzrnVKvBl3B2FDX2+2xrzg2uCndnETIorO/ltjuvLxcO6k1t
A33VGdtQyRR9b13Ozz7fJso6Z1X+TWqbFmJ4PitNspJA5kg9sayg22UpmVyEuXQG
avhDGQ86w7ai+rMMT/qk4h0YeybDqMgUuuAsfo4D4I9ZGIOhUqRERinoBQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKMd66FNNllYAjjhu50di7K53k3NMB8GA1UdIwQY
MBaAFL8bSJ5tm4x9g8oecnpZhNvld6+8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnh0SW5tMmJqSDJEeWg1eWVsbUUyLVYzcjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iNDQxY2EtZTc3Yy00MjExLTg3MTIt
MTgyY2Q0YWFjNDM2LzEvdnh0SW5tMmJqSDJEeWg1eWVsbUUyLVYzcjd3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iNDQxY2EtZTc3Yy00MjExLTg3MTItMTgyY2Q0YWFjNDM2
LzEvdnh0SW5tMmJqSDJEeWg1eWVsbUUyLVYzcjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcW/3XWnc
9pNWqtzSaqepNjeQthO0/gOnmGmfpOA6T52ktGUggHCC8BnMWKeSX76ng4y7gvoc
JEBPS0nN2tDX49frRteCa7L03qmQ7JPi/54o7p8DU7ghQpK6fipwfYfZXpfR9dkg
VQVQeoJqk2odi5U18kQ5HsFgPBDRQkSc7D5CgGjf5xyCZU4tqokL7nSztpqtmQeB
HOKH4ej4oXjN+MdErqhMeYv5jJI8peGPrgpKpc+g0uLvlxdgjxvCKIIdDvb5zb57
c5x9anu5ArU7kQaEMuvLFvrv3gN4NumEX+ovB/TdMF77dwOFIrp9PH9sToDoX4Jz
0LPQ/F5EYhwhVQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:37:23 2025 by rpki-client