Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
File: 2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft (raw, json)
Hash identifier: 6ujLRCYv1qjI+B5Ktj6CodtQlVoBU0XmeG41fE7spnQ=
Subject key identifier: EE:B3:C0:13:46:E5:38:EC:F0:0E:5C:0A:AC:58:A1:63:5E:49:63:95
Authority key identifier: D8:18:43:03:21:64:E0:B6:2E:D6:DA:7C:67:55:7B:F4:68:95:D0:F0
Certificate issuer: /CN=d81843032164e0b62ed6da7c67557bf46895d0f0
Certificate serial: 019A71B8AFF8F324B370152D0B46B64A973E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BhDAyFk4LYu1tp8Z1V79GiV0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
Manifest number: 0825
Signing time: Tue 11 Nov 2025 07:02:00 +0000
Manifest this update: Tue 11 Nov 2025 07:02:00 +0000
Manifest next update: Wed 12 Nov 2025 07:02:00 +0000
Files and hashes: 1: 2BhDAyFk4LYu1tp8Z1V79GiV0PA.crl (hash: TuJjStPbEozeCNVxi1hDtrjPY3fla9AUqo4azGfmd+0=)
2: VyRcdQegnHw4kuW58Uqx25GobPA.roa (hash: lC++tHS3x+n6tHU4vit/ETgEcE0Z4ZJ+bg8pO+7AhEg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BhDAyFk4LYu1tp8Z1V79GiV0PA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:af:f8:f3:24:b3:70:15:2d:0b:46:b6:4a:97:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81843032164e0b62ed6da7c67557bf46895d0f0
Validity
Not Before: Nov 11 07:02:00 2025 GMT
Not After : Nov 12 07:02:00 2025 GMT
Subject: CN=eeb3c01346e538ecf00e5c0aac58a1635e496395
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bd:d0:71:f1:44:29:aa:c6:2e:b1:e1:21:b4:
89:9c:72:a1:3d:54:c1:44:df:dc:25:97:19:fe:c3:
6d:e3:2d:77:b0:dd:47:3f:1b:64:44:ef:6e:96:af:
b4:71:7e:72:db:98:73:c5:b1:82:15:fe:50:c3:73:
9a:ee:9f:d8:ad:c2:29:0a:ff:c4:54:06:bf:fb:1b:
1f:9c:ae:12:76:59:e1:b8:bc:04:06:0c:ad:f2:1f:
f2:db:e7:b6:aa:0c:32:b6:8c:b4:ca:0b:c8:20:53:
5d:b2:bb:f0:95:ed:25:0c:6d:5b:bb:93:f3:3c:0a:
0d:32:00:4d:d6:17:bf:2f:1e:49:9a:0c:87:22:43:
d2:f7:51:f8:1d:46:ea:24:56:f6:f2:85:6e:f2:c8:
18:ea:e8:2b:6e:ed:67:ed:fc:96:cf:06:99:59:ef:
5c:0e:e1:eb:2e:21:21:16:42:72:b3:b4:4e:23:17:
0f:24:23:05:0f:e0:77:0e:9e:c3:8f:a7:d0:3d:88:
a9:ba:4f:ef:f3:98:50:b4:f5:3f:4f:53:77:b9:90:
11:77:0e:2a:a4:c1:ac:78:83:d6:2f:52:bb:2c:94:
cd:d0:7a:bf:a2:91:ad:94:fb:c5:c5:d3:8e:82:93:
07:f3:27:72:55:63:48:68:b0:53:c8:69:9a:eb:a4:
2c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:B3:C0:13:46:E5:38:EC:F0:0E:5C:0A:AC:58:A1:63:5E:49:63:95
X509v3 Authority Key Identifier:
keyid:D8:18:43:03:21:64:E0:B6:2E:D6:DA:7C:67:55:7B:F4:68:95:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BhDAyFk4LYu1tp8Z1V79GiV0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/5c1eec-3700-49bb-bfee-65d373ab573f/1/2BhDAyFk4LYu1tp8Z1V79GiV0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
40:7d:45:b3:ae:ab:cf:5d:8c:b5:f3:05:1e:8c:8f:29:9c:07:
15:d9:4f:b6:14:04:27:30:5e:ef:97:73:b2:ae:b5:59:54:4e:
c6:85:24:bb:91:2c:f8:5a:64:7b:cd:d6:09:2a:45:84:55:e8:
ea:3e:23:07:3a:c1:69:a5:ac:b4:3b:d7:26:30:1d:60:62:b8:
c3:b3:16:1f:32:60:1e:8c:e4:7b:77:4a:7f:a0:bf:a3:22:95:
52:f8:42:25:11:6d:c2:b2:33:4a:47:84:d8:94:4a:51:a8:e8:
83:bb:9a:b9:f5:15:80:da:b5:7f:43:05:12:6c:eb:94:d9:b4:
81:6f:a3:88:02:fe:1c:59:6b:7b:05:ae:c3:17:c6:99:62:76:
eb:94:22:a2:31:ae:15:ce:1d:22:df:00:a3:16:5e:cb:3a:ed:
7c:6b:7a:f8:ef:64:11:0d:1d:a6:33:6e:e8:c7:84:94:00:41:
40:eb:05:5d:35:90:93:33:3c:db:d5:78:dd:88:44:62:ad:27:
37:6d:e7:a4:f5:8e:ca:60:3d:69:ba:99:23:c0:12:8b:04:7f:
e1:b8:6c:77:7e:59:b4:29:5a:eb:51:9a:3a:fb:5c:bd:3a:e0:
04:02:51:03:db:3b:b4:4f:03:7d:80:ac:2d:89:41:00:f4:a0:
1e:88:da:3c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuK/48ySzcBUtC0a2Spc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MTg0MzAzMjE2NGUwYjYyZWQ2ZGE3YzY3NTU3YmY0Njg5
NWQwZjAwHhcNMjUxMTExMDcwMjAwWhcNMjUxMTEyMDcwMjAwWjAzMTEwLwYDVQQD
EyhlZWIzYzAxMzQ2ZTUzOGVjZjAwZTVjMGFhYzU4YTE2MzVlNDk2Mzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqL3QcfFEKarGLrHhIbSJnHKhPVTB
RN/cJZcZ/sNt4y13sN1HPxtkRO9ulq+0cX5y25hzxbGCFf5Qw3Oa7p/YrcIpCv/E
VAa/+xsfnK4SdlnhuLwEBgyt8h/y2+e2qgwytoy0ygvIIFNdsrvwle0lDG1bu5Pz
PAoNMgBN1he/Lx5JmgyHIkPS91H4HUbqJFb28oVu8sgY6ugrbu1n7fyWzwaZWe9c
DuHrLiEhFkJys7ROIxcPJCMFD+B3Dp7Dj6fQPYipuk/v85hQtPU/T1N3uZARdw4q
pMGseIPWL1K7LJTN0Hq/opGtlPvFxdOOgpMH8ydyVWNIaLBTyGma66QsqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6zwBNG5Tjs8A5cCqxYoWNeSWOVMB8GA1UdIwQY
MBaAFNgYQwMhZOC2LtbafGdVe/RoldDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJoREF5Rms0TFl1MXRwOFoxVjc5R2lWMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS81YzFlZWMtMzcwMC00OWJiLWJmZWUt
NjVkMzczYWI1NzNmLzEvMkJoREF5Rms0TFl1MXRwOFoxVjc5R2lWMFBBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS81YzFlZWMtMzcwMC00OWJiLWJmZWUtNjVkMzczYWI1NzNm
LzEvMkJoREF5Rms0TFl1MXRwOFoxVjc5R2lWMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQH1Fs66r
z12MtfMFHoyPKZwHFdlPthQEJzBe75dzsq61WVROxoUku5Es+Fpke83WCSpFhFXo
6j4jBzrBaaWstDvXJjAdYGK4w7MWHzJgHozke3dKf6C/oyKVUvhCJRFtwrIzSkeE
2JRKUajog7uaufUVgNq1f0MFEmzrlNm0gW+jiAL+HFlrewWuwxfGmWJ265QiojGu
Fc4dIt8AoxZeyzrtfGt6+O9kEQ0dpjNu6MeElABBQOsFXTWQkzM829V43YhEYq0n
N23npPWOymA9abqZI8ASiwR/4bhsd35ZtCla61GaOvtcvTrgBAJRA9s7tE8DfYCs
LYlBAPSgHojaPA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:35:14 2025 by rpki-client