Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: J3DE2+e/cTDKlvxVPay8z8qOKrSW1RW4LztlMOPTIeE=
Subject key identifier: 10:9E:A1:29:00:1A:18:F2:36:90:01:21:1A:B1:52:5D:84:82:F3:53
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 019A03A3BAE60A51B022D6B1EF10B4F6307A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 0408
Signing time: Mon 20 Oct 2025 22:00:53 +0000
Manifest this update: Mon 20 Oct 2025 22:00:53 +0000
Manifest next update: Tue 21 Oct 2025 22:00:53 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: dsLFwII8S3KU4UOBAphVbCDQhIdze4yYuKwdtMfhumU=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:a3:ba:e6:0a:51:b0:22:d6:b1:ef:10:b4:f6:30:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Oct 20 22:00:53 2025 GMT
Not After : Oct 21 22:00:53 2025 GMT
Subject: CN=109ea129001a18f2369001211ab1525d8482f353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:99:92:92:aa:74:f3:aa:35:65:bb:2f:5a:f1:
90:00:32:0a:54:ff:79:78:bc:5f:e6:60:90:b6:89:
96:33:2f:6b:da:c1:31:d1:87:c6:1e:47:56:55:1b:
6d:d4:30:b1:31:ea:24:80:25:a3:9c:7f:14:bb:80:
6a:15:07:ca:c3:cc:94:e6:5d:5d:a8:84:c8:e9:26:
4d:24:4a:27:13:b2:41:66:56:33:ef:47:0f:a4:3a:
94:30:a5:d4:20:fe:4b:b3:fe:8a:a0:51:1a:57:3b:
92:20:74:c6:16:77:09:55:00:60:86:16:c3:05:d8:
e2:5e:82:6a:10:42:e2:fd:c9:71:9d:69:63:ff:a1:
e9:7f:21:0b:62:54:9f:bf:6e:36:26:71:72:ad:f0:
1e:e3:f3:e2:9d:3c:75:ea:b6:3e:5e:40:3e:2c:e2:
dd:50:b9:c0:50:a2:99:0a:98:4d:ff:8d:24:53:51:
f9:ee:27:5e:04:f3:28:ae:84:f9:de:d4:33:3d:11:
ad:aa:5e:f2:92:f0:a4:69:e9:7c:5f:1d:4d:45:42:
5b:4f:bf:02:2c:49:9d:88:41:2a:04:d6:c0:2b:06:
aa:bd:60:44:f2:bb:50:95:fa:40:34:1a:97:9f:cf:
5e:70:49:a9:79:a9:1c:a5:85:9b:4e:ce:ad:c0:37:
c7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:9E:A1:29:00:1A:18:F2:36:90:01:21:1A:B1:52:5D:84:82:F3:53
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
d6:bf:66:21:88:7f:9b:6f:b9:3f:e1:1b:92:a5:36:45:20:0d:
ca:0b:fa:89:c1:6e:af:50:54:ec:93:98:31:96:8a:f8:69:9e:
de:4e:e1:44:a1:42:a1:c7:24:56:bb:e7:b5:3b:89:e9:fa:44:
6d:1c:bc:01:6f:2b:9c:19:c2:df:fa:1e:98:ab:d5:7e:20:d8:
40:a2:a0:6c:6c:ea:a0:ec:28:37:ed:a2:a8:36:73:36:33:e1:
37:59:95:7a:b9:db:9f:67:04:df:07:69:2a:87:d2:01:89:a6:
e5:51:75:c5:c4:dc:36:c3:77:e1:7d:b4:ab:7a:e8:09:d0:ba:
49:f4:54:f7:c1:ec:0b:b9:49:a0:40:95:b6:7f:93:db:82:8f:
0f:82:df:fe:2c:e4:5a:e6:f4:17:e9:b3:be:45:99:a3:f9:84:
ad:79:98:14:22:ce:ee:9c:09:49:52:cc:30:59:71:31:63:90:
b9:bd:10:1a:4e:51:65:9d:8f:43:db:4a:2f:26:c5:fa:c2:fb:
d7:8e:84:83:2a:d0:6a:09:64:bb:d5:b2:20:d0:fe:9f:32:1f:
47:78:f9:2e:f9:a2:54:a3:c6:c7:e8:55:be:47:2c:6c:0d:03:
a1:c0:68:a5:4e:0a:dc:dd:c5:33:7c:11:cb:49:2c:d8:d4:97:
1f:5a:c1:a8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoDo7rmClGwItax7xC09jB6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUxMDIwMjIwMDUzWhcNMjUxMDIxMjIwMDUzWjAzMTEwLwYDVQQD
EygxMDllYTEyOTAwMWExOGYyMzY5MDAxMjExYWIxNTI1ZDg0ODJmMzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZmSkqp086o1ZbsvWvGQADIKVP95
eLxf5mCQtomWMy9r2sEx0YfGHkdWVRtt1DCxMeokgCWjnH8Uu4BqFQfKw8yU5l1d
qITI6SZNJEonE7JBZlYz70cPpDqUMKXUIP5Ls/6KoFEaVzuSIHTGFncJVQBghhbD
BdjiXoJqEELi/clxnWlj/6HpfyELYlSfv242JnFyrfAe4/PinTx16rY+XkA+LOLd
ULnAUKKZCphN/40kU1H57ideBPMoroT53tQzPRGtql7ykvCkael8Xx1NRUJbT78C
LEmdiEEqBNbAKwaqvWBE8rtQlfpANBqXn89ecEmpeakcpYWbTs6twDfHtwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBCeoSkAGhjyNpABIRqxUl2EgvNTMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1r9mIYh/
m2+5P+EbkqU2RSANygv6icFur1BU7JOYMZaK+Gme3k7hRKFCocckVrvntTuJ6fpE
bRy8AW8rnBnC3/oemKvVfiDYQKKgbGzqoOwoN+2iqDZzNjPhN1mVernbn2cE3wdp
KofSAYmm5VF1xcTcNsN34X20q3roCdC6SfRU98HsC7lJoECVtn+T24KPD4Lf/izk
Wub0F+mzvkWZo/mErXmYFCLO7pwJSVLMMFlxMWOQub0QGk5RZZ2PQ9tKLybF+sL7
146EgyrQaglku9WyIND+nzIfR3j5LvmiVKPGx+hVvkcsbA0DocBopU4K3N3FM3wR
y0ks2NSXH1rBqA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 06:31:11 2025 by rpki-client