Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft
File: 2YtaX7E4aD0ajMcBn3iXC65ngig.mft (raw, json)
Hash identifier: ka2s+pMBoncI3pSfv48lX0Za/CW7hdsiC0pO+QbQucc=
Subject key identifier: 99:FB:EA:9D:63:C4:FB:E5:0B:5C:06:1A:B1:D8:49:DA:DD:12:4E:6D
Authority key identifier: D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28
Certificate issuer: /CN=d98b5a5fb138683d1a8cc7019f78970bae678228
Certificate serial: 019A70DC576F3B8554AE6BC047F0D75A169C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft
Manifest number: 1048
Signing time: Tue 11 Nov 2025 03:01:19 +0000
Manifest this update: Tue 11 Nov 2025 03:01:19 +0000
Manifest next update: Wed 12 Nov 2025 03:01:19 +0000
Files and hashes: 1: 2YtaX7E4aD0ajMcBn3iXC65ngig.crl (hash: FL9qz13FyJcuOhANQlkttD2b5pvcBD3Lov8o6jIj3dk=)
2: pGBMbGUVmfmMQKR1-BVF--sKK7U.roa (hash: ayj/a/EtllFNMGD1HzcA6KglHzS5bxHd+NVb8RRWcAY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft
rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:dc:57:6f:3b:85:54:ae:6b:c0:47:f0:d7:5a:16:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d98b5a5fb138683d1a8cc7019f78970bae678228
Validity
Not Before: Nov 11 03:01:19 2025 GMT
Not After : Nov 12 03:01:19 2025 GMT
Subject: CN=99fbea9d63c4fbe50b5c061ab1d849dadd124e6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:bf:ef:40:97:94:20:c4:13:fb:04:20:fc:
02:da:f3:61:5f:d2:ba:79:f9:35:e1:1d:db:67:25:
86:27:8a:a5:65:7f:c2:17:b5:51:e3:e1:2a:28:fd:
35:56:ee:90:1e:a2:a5:81:53:f7:1e:b5:49:37:c8:
3b:8a:6d:90:ee:73:f9:af:85:94:4e:df:79:76:92:
e2:50:5d:fc:4c:15:04:46:e9:45:4e:2d:49:b9:db:
b4:7a:bd:44:7e:a0:30:6e:f4:dd:9e:e0:b3:46:f2:
98:d1:d6:e9:65:c7:44:7d:0a:06:50:d8:11:99:8b:
5f:43:bb:dd:1e:da:cc:aa:17:1f:2f:e2:4e:04:53:
86:a8:67:5a:da:2b:9d:9d:bc:aa:a7:f0:1d:9b:26:
1b:3a:06:76:74:fd:5c:10:e3:19:70:10:b6:93:eb:
ab:01:f8:df:05:1b:eb:72:1c:b2:5d:01:ac:e4:78:
37:8d:c4:36:8b:1d:c8:2a:3b:2a:00:a4:ec:b2:83:
25:f6:92:4d:4d:26:b3:7f:07:5f:b1:16:ac:33:ff:
1d:4b:72:24:7c:7f:e4:73:dc:78:d5:71:ed:5e:3c:
44:cd:0a:0c:d5:c1:c9:6b:f0:f8:2d:6d:e0:72:22:
7a:16:a5:c1:5a:d8:6a:3f:96:02:4c:1f:77:96:6c:
a1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:FB:EA:9D:63:C4:FB:E5:0B:5C:06:1A:B1:D8:49:DA:DD:12:4E:6D
X509v3 Authority Key Identifier:
keyid:D9:8B:5A:5F:B1:38:68:3D:1A:8C:C7:01:9F:78:97:0B:AE:67:82:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2YtaX7E4aD0ajMcBn3iXC65ngig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/e2e95d-2cb7-46be-a228-8317a8288d10/1/2YtaX7E4aD0ajMcBn3iXC65ngig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:2b:da:1b:ce:9b:19:db:8d:78:39:99:dd:2e:90:5b:4b:50:
7c:f5:36:9c:e6:33:08:38:01:f1:38:bf:c9:06:f1:c9:34:99:
f0:c1:57:65:00:cf:a5:81:b9:64:e9:84:74:19:02:18:58:81:
2d:f7:cc:8d:81:ff:63:ae:3e:05:9b:20:d7:b3:ad:95:ab:4c:
8c:bb:06:dd:b5:37:50:a9:2e:81:fb:18:36:23:3c:ca:cd:7f:
19:81:fb:9e:96:7a:4c:89:d7:ee:3a:03:c1:3d:92:39:12:cc:
e5:4d:b3:b5:f4:4a:83:62:65:49:56:07:a8:fa:2e:5d:d6:87:
f9:42:9a:e8:ae:67:55:1b:b7:69:d4:e7:41:16:d6:50:4e:db:
98:03:d4:ea:c4:12:2f:25:ae:0a:35:bf:2b:fb:e1:87:49:e4:
55:39:40:5f:d9:3d:64:aa:f3:36:c5:37:ec:b7:93:17:61:95:
fc:cc:9d:8a:fa:e6:80:c4:13:ea:28:16:3f:62:40:25:f8:0b:
19:01:cf:45:60:90:32:0d:65:19:10:2e:64:48:0c:08:a5:ed:
fc:08:c8:f6:4c:83:93:fc:b8:41:86:7a:fc:98:5b:43:db:92:
ab:47:15:e2:c2:9b:be:95:49:69:6e:c2:dc:34:4e:c2:02:53:
ff:8c:b1:f1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw3FdvO4VUrmvAR/DXWhacMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5OGI1YTVmYjEzODY4M2QxYThjYzcwMTlmNzg5NzBiYWU2
NzgyMjgwHhcNMjUxMTExMDMwMTE5WhcNMjUxMTEyMDMwMTE5WjAzMTEwLwYDVQQD
Eyg5OWZiZWE5ZDYzYzRmYmU1MGI1YzA2MWFiMWQ4NDlkYWRkMTI0ZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG2/70CXlCDEE/sEIPwC2vNhX9K6
efk14R3bZyWGJ4qlZX/CF7VR4+EqKP01Vu6QHqKlgVP3HrVJN8g7im2Q7nP5r4WU
Tt95dpLiUF38TBUERulFTi1Judu0er1EfqAwbvTdnuCzRvKY0dbpZcdEfQoGUNgR
mYtfQ7vdHtrMqhcfL+JOBFOGqGda2iudnbyqp/AdmyYbOgZ2dP1cEOMZcBC2k+ur
AfjfBRvrchyyXQGs5Hg3jcQ2ix3IKjsqAKTssoMl9pJNTSazfwdfsRasM/8dS3Ik
fH/kc9x41XHtXjxEzQoM1cHJa/D4LW3gciJ6FqXBWthqP5YCTB93lmyhTQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJn76p1jxPvlC1wGGrHYSdrdEk5tMB8GA1UdIwQY
MBaAFNmLWl+xOGg9GozHAZ94lwuuZ4IoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgt
ODMxN2E4Mjg4ZDEwLzEvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9lMmU5NWQtMmNiNy00NmJlLWEyMjgtODMxN2E4Mjg4ZDEw
LzEvMll0YVg3RTRhRDBhak1jQm4zaVhDNjVuZ2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAESvaG86b
GduNeDmZ3S6QW0tQfPU2nOYzCDgB8Ti/yQbxyTSZ8MFXZQDPpYG5ZOmEdBkCGFiB
LffMjYH/Y64+BZsg17OtlatMjLsG3bU3UKkugfsYNiM8ys1/GYH7npZ6TInX7joD
wT2SORLM5U2ztfRKg2JlSVYHqPouXdaH+UKa6K5nVRu3adTnQRbWUE7bmAPU6sQS
LyWuCjW/K/vhh0nkVTlAX9k9ZKrzNsU37LeTF2GV/MydivrmgMQT6igWP2JAJfgL
GQHPRWCQMg1lGRAuZEgMCKXt/AjI9kyDk/y4QYZ6/JhbQ9uSq0cV4sKbvpVJaW7C
3DROwgJT/4yx8Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:37 2025 by rpki-client