Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
File: 2iHQJGSziv86MckIeNYnI7nHQqY.mft (raw, json)
Hash identifier: lBzDiZw/PptAWI+BRSnxWNmsuiC081wv5tjgcE1XR6I=
Subject key identifier: E8:92:C6:5B:F1:A3:94:B8:D0:0A:50:2E:76:14:2B:4D:24:70:01:74
Authority key identifier: DA:21:D0:24:64:B3:8A:FF:3A:31:C9:08:78:D6:27:23:B9:C7:42:A6
Certificate issuer: /CN=da21d02464b38aff3a31c90878d62723b9c742a6
Certificate serial: 019A71B826A99656B37B09D9CA7E3EA314F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2iHQJGSziv86MckIeNYnI7nHQqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
Manifest number: 011C
Signing time: Tue 11 Nov 2025 07:01:25 +0000
Manifest this update: Tue 11 Nov 2025 07:01:25 +0000
Manifest next update: Wed 12 Nov 2025 07:01:25 +0000
Files and hashes: 1: 0JT7tPGuP5h5ZUvLvPxi-tJv5wk.roa (hash: BbMNBUCTeRLtRw1Vi3eOuHY/lINHO4oBENygtqlAkSk=)
2: 2iHQJGSziv86MckIeNYnI7nHQqY.crl (hash: o4SaXV/uYhxyp+4cX5up4xReCGb7nur9xtuAjOTJE70=)
3: vqXNaSZgp3ssNrNy6651RrVFS3Y.roa (hash: giLaYS/A+9rxwvGKkolgztkk8t+vnflpFT/hVk3pswQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2iHQJGSziv86MckIeNYnI7nHQqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:26:a9:96:56:b3:7b:09:d9:ca:7e:3e:a3:14:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da21d02464b38aff3a31c90878d62723b9c742a6
Validity
Not Before: Nov 11 07:01:25 2025 GMT
Not After : Nov 12 07:01:25 2025 GMT
Subject: CN=e892c65bf1a394b8d00a502e76142b4d24700174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:73:2a:ee:9b:37:1b:23:9b:d7:c5:f0:c6:83:
97:aa:64:75:5b:22:08:de:80:55:87:1d:96:29:ac:
74:5d:8e:24:91:5e:d9:c9:a9:b2:23:24:b4:54:69:
98:e7:39:8b:95:4f:bb:8d:c0:a1:12:c4:c1:41:df:
c8:f5:97:a0:f0:37:7a:e6:2e:5d:91:37:66:e0:19:
43:66:6b:1d:a9:ff:39:8d:6c:a1:3e:2e:9d:00:cf:
a4:bf:2c:33:99:af:82:05:a2:a6:53:c6:89:f6:92:
87:6c:4f:6c:98:85:b5:d0:f4:75:25:4c:41:8c:8b:
e1:20:f1:31:08:24:84:57:a9:0d:78:fb:69:8b:00:
37:2f:92:9f:c1:63:5b:8e:5c:30:be:14:c9:c1:19:
a7:03:e3:d3:e0:b7:74:c5:9f:34:9d:41:5f:ab:b1:
24:24:fc:f7:56:c1:ac:93:76:63:87:d7:90:b4:69:
54:6b:15:65:86:af:c8:37:d9:d4:99:bf:fa:0a:54:
d8:2a:51:79:e3:9a:a8:bb:9a:30:14:ec:bf:d7:b1:
71:47:b5:51:f3:5c:76:9c:4e:07:e4:3e:d2:81:f0:
b8:eb:a6:f8:e8:1e:81:fa:1d:28:29:a8:c6:33:e1:
2c:22:df:17:b0:c5:e6:53:a5:67:44:53:5c:49:20:
5a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:92:C6:5B:F1:A3:94:B8:D0:0A:50:2E:76:14:2B:4D:24:70:01:74
X509v3 Authority Key Identifier:
keyid:DA:21:D0:24:64:B3:8A:FF:3A:31:C9:08:78:D6:27:23:B9:C7:42:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2iHQJGSziv86MckIeNYnI7nHQqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/8e61f4-1a41-4cca-b85c-76f52b1dd718/1/2iHQJGSziv86MckIeNYnI7nHQqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
68:30:49:86:2a:13:1f:ea:a4:f5:3c:ae:e7:59:bb:2f:d0:f8:
87:6d:61:5b:61:0b:8e:c7:ec:57:ee:9d:2e:55:47:21:31:81:
28:93:bc:fa:2b:69:ee:d2:4c:a7:3a:fb:95:d3:00:6d:f6:6e:
c6:90:a6:f8:d0:57:87:00:83:a8:8b:ce:9c:04:0a:66:94:a4:
d6:78:9e:2e:1a:d5:ee:97:08:01:4a:f4:90:48:44:e6:5b:a3:
81:65:96:51:cb:ea:80:4c:eb:a9:84:6d:ff:bd:ec:b6:27:9b:
b7:3a:5b:72:79:6a:d8:99:bf:95:5b:52:7a:6e:73:15:94:23:
e7:bd:c5:b3:ee:e5:9c:3c:69:60:2b:1b:bf:40:73:21:4b:4c:
54:52:e9:d6:7f:83:3d:07:53:4c:1d:4b:9e:3e:14:c8:71:5f:
71:f0:50:89:5d:aa:2d:7a:ad:9b:14:14:72:41:a1:72:f1:6d:
ff:53:92:e2:23:ca:8f:83:ae:e2:b3:27:e8:0c:ab:31:bc:9d:
ad:1d:62:cb:1a:31:6f:00:81:f3:a6:8c:c8:84:d4:12:77:e2:
53:fe:40:d8:23:c1:e4:74:02:c9:99:4c:57:b4:6e:56:de:e1:
b1:69:5d:f6:c3:b7:3b:d3:95:37:ab:d5:38:3c:7e:44:75:02:
ce:1f:53:f9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCapllazewnZyn4+oxTwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMjFkMDI0NjRiMzhhZmYzYTMxYzkwODc4ZDYyNzIzYjlj
NzQyYTYwHhcNMjUxMTExMDcwMTI1WhcNMjUxMTEyMDcwMTI1WjAzMTEwLwYDVQQD
EyhlODkyYzY1YmYxYTM5NGI4ZDAwYTUwMmU3NjE0MmI0ZDI0NzAwMTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHMq7ps3GyOb18XwxoOXqmR1WyII
3oBVhx2WKax0XY4kkV7ZyamyIyS0VGmY5zmLlU+7jcChEsTBQd/I9Zeg8Dd65i5d
kTdm4BlDZmsdqf85jWyhPi6dAM+kvywzma+CBaKmU8aJ9pKHbE9smIW10PR1JUxB
jIvhIPExCCSEV6kNePtpiwA3L5KfwWNbjlwwvhTJwRmnA+PT4Ld0xZ80nUFfq7Ek
JPz3VsGsk3Zjh9eQtGlUaxVlhq/IN9nUmb/6ClTYKlF545qou5owFOy/17FxR7VR
81x2nE4H5D7SgfC466b46B6B+h0oKajGM+EsIt8XsMXmU6VnRFNcSSBagwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOiSxlvxo5S40ApQLnYUK00kcAF0MB8GA1UdIwQY
MBaAFNoh0CRks4r/OjHJCHjWJyO5x0KmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmlIUUpHU3ppdjg2TWNrSWVOWW5JN25IUXFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84ZTYxZjQtMWE0MS00Y2NhLWI4NWMt
NzZmNTJiMWRkNzE4LzEvMmlIUUpHU3ppdjg2TWNrSWVOWW5JN25IUXFZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84ZTYxZjQtMWE0MS00Y2NhLWI4NWMtNzZmNTJiMWRkNzE4
LzEvMmlIUUpHU3ppdjg2TWNrSWVOWW5JN25IUXFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaDBJhioT
H+qk9Tyu51m7L9D4h21hW2ELjsfsV+6dLlVHITGBKJO8+itp7tJMpzr7ldMAbfZu
xpCm+NBXhwCDqIvOnAQKZpSk1nieLhrV7pcIAUr0kEhE5lujgWWWUcvqgEzrqYRt
/73stiebtzpbcnlq2Jm/lVtSem5zFZQj573Fs+7lnDxpYCsbv0BzIUtMVFLp1n+D
PQdTTB1Lnj4UyHFfcfBQiV2qLXqtmxQUckGhcvFt/1OS4iPKj4Ou4rMn6AyrMbyd
rR1iyxoxbwCB86aMyITUEnfiU/5A2CPB5HQCyZlMV7RuVt7hsWld9sO3O9OVN6vV
ODx+RHUCzh9T+Q==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:35:08 2025 by rpki-client