Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
File: 2sedKFW4l0GCCNR7puUUYAFbXXs.mft (raw, json)
Hash identifier: BDLKCJgOf2ulLPwdnZYBnBlx24ldSlNxihq0cCnLMC0=
Subject key identifier: 98:77:E2:01:F8:55:D5:B4:0E:77:AA:18:44:DB:B1:38:9B:34:FC:49
Authority key identifier: DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
Certificate issuer: /CN=dac79d2855b897418208d47ba6e51460015b5d7b
Certificate serial: 019A134D512E7B92B0D398B6B87096CA5585
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
Manifest number: 16EF
Signing time: Thu 23 Oct 2025 23:00:25 +0000
Manifest this update: Thu 23 Oct 2025 23:00:25 +0000
Manifest next update: Fri 24 Oct 2025 23:00:25 +0000
Files and hashes: 1: 2sedKFW4l0GCCNR7puUUYAFbXXs.crl (hash: XBZY6+v1n6Es9aktRfwG4Ej52P1ZKmXbHR0tLQjfh5Y=)
2: tC1yV2tBIFtyur1CynjIgKWGcBM.roa (hash: 1+DYEAvIp/jbF3nPZX2n/Pi9ZPPyvPQVRKTGpXSrouQ=)
3: yHaEkoOTCPurcY3b0F-9VL88Kwc.roa (hash: Y+GSgGL/KpLcJxeK38gow6fyI44wgNDdjmQduqWLn3A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:13:4d:51:2e:7b:92:b0:d3:98:b6:b8:70:96:ca:55:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dac79d2855b897418208d47ba6e51460015b5d7b
Validity
Not Before: Oct 23 23:00:25 2025 GMT
Not After : Oct 24 23:00:25 2025 GMT
Subject: CN=9877e201f855d5b40e77aa1844dbb1389b34fc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:39:68:ba:bd:45:9d:f8:42:8d:2a:df:e5:d8:
d2:16:e6:72:7e:e4:9c:32:e1:24:0a:da:b3:a0:2b:
3f:f8:ee:2f:aa:d5:1f:25:0d:75:6e:ba:7b:e4:44:
29:f7:1e:59:c2:79:03:3d:16:ae:f4:6f:d1:08:ac:
fe:bd:1c:5a:61:6b:0b:b5:0e:8b:0c:ed:d0:90:fd:
03:cf:5a:07:5a:5d:db:85:1e:de:77:ec:d6:3b:5c:
33:17:0b:ed:67:49:fc:db:99:75:b5:73:a7:7c:55:
be:b3:80:2e:00:b5:d1:5d:c6:8c:0a:70:22:f3:42:
6d:66:7a:bb:cc:40:98:c3:bf:92:42:24:59:7b:e2:
24:23:83:a1:9b:f6:0c:2d:b4:30:a3:77:05:4a:1b:
f5:b6:88:b7:df:a7:39:d2:79:37:70:6c:74:37:38:
54:ed:a1:26:38:73:38:53:40:9c:d1:4c:5e:20:3a:
85:cf:ef:f1:e7:65:93:e2:2f:cf:48:9c:92:76:7e:
09:99:45:c5:35:96:98:f1:9a:6a:f6:50:c4:60:28:
2d:c8:ae:a5:62:da:2f:94:ca:01:8b:1f:27:9b:dd:
90:ed:26:1b:a4:39:b7:18:74:48:67:ed:e0:f8:4f:
47:62:23:79:b4:8f:86:70:fe:b3:4e:7f:45:18:dc:
0c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:77:E2:01:F8:55:D5:B4:0E:77:AA:18:44:DB:B1:38:9B:34:FC:49
X509v3 Authority Key Identifier:
keyid:DA:C7:9D:28:55:B8:97:41:82:08:D4:7B:A6:E5:14:60:01:5B:5D:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2sedKFW4l0GCCNR7puUUYAFbXXs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/5b1149-647d-4067-9807-445d4588c312/1/2sedKFW4l0GCCNR7puUUYAFbXXs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2d:56:c0:72:0a:bc:fb:8d:d2:4f:7f:fd:bd:88:0d:41:d8:76:
53:7d:db:03:ac:2e:32:f0:4d:9c:ce:6b:89:e5:2b:ac:62:e6:
ad:2b:75:6b:30:1d:8f:ca:3c:23:b3:cb:85:c4:06:47:67:e9:
40:62:97:91:90:cc:41:d0:59:d3:ba:83:80:5e:eb:70:e1:01:
03:ca:2f:48:c1:74:ba:c4:e6:83:5f:00:c6:12:3b:cb:49:e0:
1b:1c:c0:92:9c:5d:d2:35:00:c3:c8:86:2e:62:f3:08:74:9e:
e6:3c:0f:e9:e3:bd:81:91:86:12:0b:50:94:80:f1:52:83:8e:
7d:15:e2:54:49:74:0e:c4:16:3c:cd:e8:af:47:27:72:ee:47:
e7:f4:c5:80:f2:da:b0:32:45:ad:38:67:48:2a:d7:24:8d:7e:
b2:61:12:eb:0e:5d:d4:3f:5a:1f:0b:e1:6e:bc:a3:f2:38:e1:
ed:b0:e0:5e:f6:e9:16:06:7b:09:20:00:5f:92:59:c2:8a:82:
5e:a5:c9:53:d0:81:af:39:5e:60:60:24:6e:b9:77:65:8f:b7:
47:7f:f9:1c:e6:7f:e1:48:26:3c:aa:75:46:f9:ff:a3:f5:6f:
ee:ec:2f:b5:20:92:58:f4:bd:65:6f:39:0f:cf:92:4c:ab:41:
e4:cc:0b:25
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoTTVEue5Kw05i2uHCWylWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYzc5ZDI4NTViODk3NDE4MjA4ZDQ3YmE2ZTUxNDYwMDE1
YjVkN2IwHhcNMjUxMDIzMjMwMDI1WhcNMjUxMDI0MjMwMDI1WjAzMTEwLwYDVQQD
Eyg5ODc3ZTIwMWY4NTVkNWI0MGU3N2FhMTg0NGRiYjEzODliMzRmYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8zlour1FnfhCjSrf5djSFuZyfuSc
MuEkCtqzoCs/+O4vqtUfJQ11brp75EQp9x5ZwnkDPRau9G/RCKz+vRxaYWsLtQ6L
DO3QkP0Dz1oHWl3bhR7ed+zWO1wzFwvtZ0n825l1tXOnfFW+s4AuALXRXcaMCnAi
80JtZnq7zECYw7+SQiRZe+IkI4Ohm/YMLbQwo3cFShv1toi336c50nk3cGx0NzhU
7aEmOHM4U0Cc0UxeIDqFz+/x52WT4i/PSJySdn4JmUXFNZaY8Zpq9lDEYCgtyK6l
YtovlMoBix8nm92Q7SYbpDm3GHRIZ+3g+E9HYiN5tI+GcP6zTn9FGNwMcQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJh34gH4VdW0DneqGETbsTibNPxJMB8GA1UdIwQY
MBaAFNrHnShVuJdBggjUe6blFGABW117MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDct
NDQ1ZDQ1ODhjMzEyLzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny81YjExNDktNjQ3ZC00MDY3LTk4MDctNDQ1ZDQ1ODhjMzEy
LzEvMnNlZEtGVzRsMEdDQ05SN3B1VVVZQUZiWFhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALVbAcgq8
+43ST3/9vYgNQdh2U33bA6wuMvBNnM5rieUrrGLmrSt1azAdj8o8I7PLhcQGR2fp
QGKXkZDMQdBZ07qDgF7rcOEBA8ovSMF0usTmg18AxhI7y0ngGxzAkpxd0jUAw8iG
LmLzCHSe5jwP6eO9gZGGEgtQlIDxUoOOfRXiVEl0DsQWPM3or0cncu5H5/TFgPLa
sDJFrThnSCrXJI1+smES6w5d1D9aHwvhbryj8jjh7bDgXvbpFgZ7CSAAX5JZwoqC
XqXJU9CBrzleYGAkbrl3ZY+3R3/5HOZ/4UgmPKp1Rvn/o/Vv7uwvtSCSWPS9ZW85
D8+STKtB5MwLJQ==
-----END CERTIFICATE-----
Generated at Fri Oct 24 08:14:47 2025 by rpki-client