Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
File: 2q_pD50IEzTMko7e6bxzFUBwjf0.mft (raw, json)
Hash identifier: rRIyt6YL1fkb2vzbHpuMkUoZBFfBwGvLj0Mj7nZI7oc=
Subject key identifier: 38:87:15:FF:D3:6A:06:E0:E0:1D:47:8E:35:03:DA:C9:54:85:79:54
Authority key identifier: DA:AF:E9:0F:9D:08:13:34:CC:92:8E:DE:E9:BC:73:15:40:70:8D:FD
Certificate issuer: /CN=daafe90f9d081334cc928edee9bc731540708dfd
Certificate serial: 019A71B8602FF509D89A1F28E3C468702C5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
Manifest number: 0A74
Signing time: Tue 11 Nov 2025 07:01:39 +0000
Manifest this update: Tue 11 Nov 2025 07:01:39 +0000
Manifest next update: Wed 12 Nov 2025 07:01:39 +0000
Files and hashes: 1: 2q_pD50IEzTMko7e6bxzFUBwjf0.crl (hash: terJgQayUDzOTZsD8jtX6iZ4hUdKFv7Ben6SD8d5iDc=)
2: ptCjyawSJ9frfP9fH_ikMswCnsI.roa (hash: qlAjQ7L6msxhMlwj1dEaHE32m8HH4N1buR0Bga+2/Qo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:60:2f:f5:09:d8:9a:1f:28:e3:c4:68:70:2c:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daafe90f9d081334cc928edee9bc731540708dfd
Validity
Not Before: Nov 11 07:01:39 2025 GMT
Not After : Nov 12 07:01:39 2025 GMT
Subject: CN=388715ffd36a06e0e01d478e3503dac954857954
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8b:ba:f9:2a:db:02:2b:1b:ea:60:47:ae:d5:
3e:8f:bd:1f:e7:f5:26:47:19:fb:42:f2:34:99:53:
7e:93:77:61:36:6b:92:25:ac:66:fe:3f:0f:00:3a:
7c:58:c1:74:c7:69:41:78:d0:4a:61:79:df:47:d9:
ec:ff:a7:19:69:77:af:97:98:f0:f6:49:dc:f6:9d:
80:c6:88:89:ad:4b:94:3b:e9:91:d7:23:51:0d:94:
3b:80:92:92:85:fd:6a:fc:e2:4a:ce:1c:47:b3:5b:
9d:3e:4e:0b:56:59:0e:30:b8:55:a4:e9:0b:da:c3:
df:16:31:b3:c4:5d:f2:b5:a9:5a:6a:ab:14:0c:f4:
68:1a:ee:e1:7d:ee:f6:d6:8a:ee:d2:74:bc:29:a8:
7b:18:08:57:0e:ca:8a:89:31:6c:b4:10:ec:1c:f2:
71:f3:a6:23:a0:af:46:c0:40:73:bf:d0:f8:fd:54:
52:fb:03:9a:15:20:7f:09:fc:71:1d:57:ab:fb:0a:
fe:f0:c3:7c:26:d4:18:f3:f0:b1:69:86:6c:ac:f8:
b7:8a:82:b9:f6:e1:62:61:8b:55:1d:cf:89:3f:8b:
af:51:68:70:d0:fa:f3:f8:09:2d:71:1a:ae:a0:3d:
bf:f5:74:28:f3:e1:ce:cd:3b:95:3d:b2:9c:44:dd:
c2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:87:15:FF:D3:6A:06:E0:E0:1D:47:8E:35:03:DA:C9:54:85:79:54
X509v3 Authority Key Identifier:
keyid:DA:AF:E9:0F:9D:08:13:34:CC:92:8E:DE:E9:BC:73:15:40:70:8D:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q_pD50IEzTMko7e6bxzFUBwjf0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8bb3c1-199d-449b-ac46-bbd92ccafa88/1/2q_pD50IEzTMko7e6bxzFUBwjf0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
52:ae:c3:32:2e:fb:f0:0e:60:a8:67:db:5e:61:d5:05:67:39:
e3:21:e2:c8:23:40:70:44:47:69:66:00:3e:23:1f:d7:72:33:
26:f4:4f:1e:18:84:e7:b7:1a:e3:44:c7:8f:c2:a0:a5:ef:02:
38:04:f3:06:77:03:3c:b2:3e:cf:f5:d8:07:42:c9:e8:c2:bc:
95:bf:fd:78:3a:05:18:b7:b6:59:c9:e2:da:85:14:cb:40:a5:
62:99:5d:03:f7:37:bb:06:c7:be:a4:28:16:f4:02:23:4b:8f:
f8:3a:3c:21:23:f7:40:95:9d:b1:48:40:20:62:94:0d:36:bf:
cb:69:c6:32:20:4a:e6:64:3d:cb:8d:b4:a0:b3:ac:28:79:5d:
1e:9e:20:51:7f:19:e5:92:54:50:f0:0b:a3:36:e3:bc:5f:82:
6c:04:9f:78:c3:d2:28:d6:bf:dc:6b:37:e9:a5:84:f0:c1:41:
76:f6:b8:a8:28:f5:30:aa:68:33:59:74:8e:8a:a8:66:d9:e1:
d6:72:77:03:31:ea:b9:78:04:09:1c:34:a5:26:0e:4d:5c:a3:
3e:54:4f:22:87:f1:a5:a1:ab:e4:40:1b:5a:9e:bb:ec:29:68:
17:78:ae:8e:6c:dd:bc:ad:2c:9a:fd:29:00:90:38:92:fc:3d:
3b:f9:f5:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuGAv9QnYmh8o48RocCxbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWZlOTBmOWQwODEzMzRjYzkyOGVkZWU5YmM3MzE1NDA3
MDhkZmQwHhcNMjUxMTExMDcwMTM5WhcNMjUxMTEyMDcwMTM5WjAzMTEwLwYDVQQD
EygzODg3MTVmZmQzNmEwNmUwZTAxZDQ3OGUzNTAzZGFjOTU0ODU3OTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsou6+SrbAisb6mBHrtU+j70f5/Um
Rxn7QvI0mVN+k3dhNmuSJaxm/j8PADp8WMF0x2lBeNBKYXnfR9ns/6cZaXevl5jw
9knc9p2AxoiJrUuUO+mR1yNRDZQ7gJKShf1q/OJKzhxHs1udPk4LVlkOMLhVpOkL
2sPfFjGzxF3ytalaaqsUDPRoGu7hfe721oru0nS8Kah7GAhXDsqKiTFstBDsHPJx
86YjoK9GwEBzv9D4/VRS+wOaFSB/CfxxHVer+wr+8MN8JtQY8/CxaYZsrPi3ioK5
9uFiYYtVHc+JP4uvUWhw0Prz+AktcRquoD2/9XQo8+HOzTuVPbKcRN3CkwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDiHFf/Tagbg4B1HjjUD2slUhXlUMB8GA1UdIwQY
MBaAFNqv6Q+dCBM0zJKO3um8cxVAcI39MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84YmIzYzEtMTk5ZC00NDliLWFjNDYt
YmJkOTJjY2FmYTg4LzEvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84YmIzYzEtMTk5ZC00NDliLWFjNDYtYmJkOTJjY2FmYTg4
LzEvMnFfcEQ1MElFelRNa283ZTZieHpGVUJ3amYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUq7DMi77
8A5gqGfbXmHVBWc54yHiyCNAcERHaWYAPiMf13IzJvRPHhiE57ca40THj8Kgpe8C
OATzBncDPLI+z/XYB0LJ6MK8lb/9eDoFGLe2Wcni2oUUy0ClYpldA/c3uwbHvqQo
FvQCI0uP+Do8ISP3QJWdsUhAIGKUDTa/y2nGMiBK5mQ9y420oLOsKHldHp4gUX8Z
5ZJUUPALozbjvF+CbASfeMPSKNa/3Gs36aWE8MFBdva4qCj1MKpoM1l0joqoZtnh
1nJ3AzHquXgECRw0pSYOTVyjPlRPIofxpaGr5EAbWp677CloF3iujmzdvK0smv0p
AJA4kvw9O/n1/g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:03 2025 by rpki-client