Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft
File: 2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft (raw, json)
Hash identifier: AbYxzyexmjMi1Ga6eITX6irQ914MyorN3fEoPhBO7OA=
Subject key identifier: B4:82:00:36:47:35:2B:E7:D2:D0:03:96:D9:BA:61:90:F4:11:40:16
Authority key identifier: D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
Certificate issuer: /CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Certificate serial: 019A1203AFCA75924C7678C779F749BA5675
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft
Manifest number: 15B6
Signing time: Thu 23 Oct 2025 17:00:22 +0000
Manifest this update: Thu 23 Oct 2025 17:00:22 +0000
Manifest next update: Fri 24 Oct 2025 17:00:22 +0000
Files and hashes: 1: 2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl (hash: MClGCOfnKYW/a8+6g8BzubIQPPsWMlwnk44GlcNgRDk=)
2: jnl0pkc8VZioDFc1rU2LXYR9u10.roa (hash: hBLoItEXtLXi0Hx0eyOzMHvYDZZAUIWBeCW6pZ7dYGc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 24 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:12:03:af:ca:75:92:4c:76:78:c7:79:f7:49:ba:56:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Validity
Not Before: Oct 23 17:00:22 2025 GMT
Not After : Oct 24 17:00:22 2025 GMT
Subject: CN=b482003647352be7d2d00396d9ba6190f4114016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3f:f0:72:a4:fd:f1:63:02:ca:7e:dc:72:18:
6e:6b:a4:34:25:94:e2:c1:5b:08:4f:48:e2:58:1e:
3b:e2:c9:5f:86:a1:ab:a1:a2:81:61:2a:81:c8:00:
1a:db:d6:7f:d9:cf:63:c5:07:04:cf:0f:c0:f2:b9:
fa:f8:25:a6:53:83:39:64:c2:bf:d4:c4:62:a5:b7:
2c:69:a7:a6:62:be:d0:cb:e1:3f:14:37:12:e5:9b:
d4:16:68:70:b1:ef:0c:ed:85:fc:95:62:08:63:0d:
85:40:63:db:59:93:d3:9e:a9:54:f2:f6:e8:ba:66:
f4:6e:ac:05:8f:8e:e9:1e:b3:55:5b:c4:bf:6e:78:
56:ab:0e:e9:a6:3c:46:9e:b3:67:cb:0c:e0:cc:96:
aa:e7:8d:29:e2:0d:53:49:0b:31:76:c7:9d:b5:76:
71:1a:81:79:c0:88:5a:54:db:67:e1:71:5e:20:17:
af:24:1d:00:2b:fd:58:7e:46:a8:78:ca:fd:02:f6:
f0:48:88:56:b0:51:ee:c1:d0:ef:a9:94:9a:38:96:
18:2b:22:36:96:5f:e4:71:ca:cc:72:b9:6c:18:3f:
e9:6b:57:c6:9f:2e:ee:82:87:dd:38:b0:de:3e:49:
5e:97:7f:d0:8e:f2:c7:f4:bd:59:d2:3a:9b:c8:d2:
0f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:82:00:36:47:35:2B:E7:D2:D0:03:96:D9:BA:61:90:F4:11:40:16
X509v3 Authority Key Identifier:
keyid:D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7c:d8:24:58:bf:0f:bc:3e:ef:6b:10:f5:38:eb:30:51:11:6c:
54:76:b4:c3:7a:1c:63:cf:30:98:1b:5e:62:9b:5d:a5:cc:8e:
e2:65:36:cd:6d:77:c0:71:39:c3:93:bf:d2:e0:bf:69:34:d7:
2d:86:90:e2:e1:5c:70:9c:12:50:da:c3:4f:97:b0:9a:28:01:
f7:22:62:a3:4f:d1:50:be:dc:ea:6a:96:2c:52:6c:a6:99:82:
84:3c:b7:8e:28:eb:35:30:21:e7:25:03:76:ea:2f:52:83:1d:
7d:0e:ae:db:8d:4c:39:b5:d0:66:36:32:a5:bd:09:f6:ca:80:
72:0c:df:f6:ab:28:15:b0:93:71:4a:2a:d3:17:0e:a1:66:bf:
ff:bb:31:53:3a:71:b0:32:c1:c5:8a:31:3d:00:8a:4d:f9:bd:
dd:3f:db:10:8b:9e:62:b2:a4:63:64:2b:ed:97:5d:fe:bf:fc:
26:2c:9b:a8:16:d4:5d:9f:b6:4d:08:a1:f3:c3:5e:b5:99:e6:
99:5e:42:b3:9a:79:e3:c5:95:4e:69:cd:06:5f:e3:64:eb:bf:
9f:b7:f6:6c:72:62:f5:65:d5:40:ae:45:ad:df:ae:eb:1f:58:
56:ca:82:57:86:82:94:b2:64:5d:10:cd:6c:b4:2e:62:fc:e9:
83:43:e9:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoSA6/KdZJMdnjHefdJulZ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NzczZDczM2QxODQ1YzQxZDNmOWEzNjJiNTViNzRlNjg2
ZjljMDIwHhcNMjUxMDIzMTcwMDIyWhcNMjUxMDI0MTcwMDIyWjAzMTEwLwYDVQQD
EyhiNDgyMDAzNjQ3MzUyYmU3ZDJkMDAzOTZkOWJhNjE5MGY0MTE0MDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j/wcqT98WMCyn7cchhua6Q0JZTi
wVsIT0jiWB474slfhqGroaKBYSqByAAa29Z/2c9jxQcEzw/A8rn6+CWmU4M5ZMK/
1MRipbcsaaemYr7Qy+E/FDcS5ZvUFmhwse8M7YX8lWIIYw2FQGPbWZPTnqlU8vbo
umb0bqwFj47pHrNVW8S/bnhWqw7ppjxGnrNnywzgzJaq540p4g1TSQsxdsedtXZx
GoF5wIhaVNtn4XFeIBevJB0AK/1YfkaoeMr9AvbwSIhWsFHuwdDvqZSaOJYYKyI2
ll/kccrMcrlsGD/pa1fGny7ugofdOLDePklel3/QjvLH9L1Z0jqbyNIPDwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLSCADZHNSvn0tADltm6YZD0EUAWMB8GA1UdIwQY
MBaAFNl3PXM9GEXEHT+aNitVt05ob5wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMt
MDFhMjlmNWY2ZGRlLzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMtMDFhMjlmNWY2ZGRl
LzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfNgkWL8P
vD7vaxD1OOswURFsVHa0w3ocY88wmBteYptdpcyO4mU2zW13wHE5w5O/0uC/aTTX
LYaQ4uFccJwSUNrDT5ewmigB9yJio0/RUL7c6mqWLFJsppmChDy3jijrNTAh5yUD
duovUoMdfQ6u241MObXQZjYypb0J9sqAcgzf9qsoFbCTcUoq0xcOoWa//7sxUzpx
sDLBxYoxPQCKTfm93T/bEIueYrKkY2Qr7Zdd/r/8JiybqBbUXZ+2TQih88NetZnm
mV5Cs5p548WVTmnNBl/jZOu/n7f2bHJi9WXVQK5Frd+u6x9YVsqCV4aClLJkXRDN
bLQuYvzpg0PpfQ==
-----END CERTIFICATE-----
Generated at Thu Oct 23 21:50:03 2025 by rpki-client