Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
File: shUnDjtZdrRPOt7OVwR9HgeHunU.mft (raw, json)
Hash identifier: FMxvze7hc3Q8M+3X4wbZI1Tq5Xy5WRP1wobQ7Ntc05Q=
Subject key identifier: 73:AF:8B:A4:A7:D3:E2:6F:FB:AB:31:40:55:3D:67:65:A6:C3:19:F4
Authority key identifier: B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
Certificate issuer: /CN=b215270e3b5976b44f3adece57047d1e0787ba75
Certificate serial: 019A1D2C151C34BBAB6F487C70DCBA2AB33B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
Manifest number: 16F2
Signing time: Sat 25 Oct 2025 21:00:19 +0000
Manifest this update: Sat 25 Oct 2025 21:00:19 +0000
Manifest next update: Sun 26 Oct 2025 21:00:19 +0000
Files and hashes: 1: P2sE-3tUICXx7cfC0favLdtRCZ0.roa (hash: ayIaE8Pk074Tx7I6FVVUWCPvr0NKwOuaUa8Xe24IzDg=)
2: eGoVDFCAKRgMU7yFCgUyj1lHOYk.roa (hash: i9IHtchSCoTvu2jWZ+d1LDgXIzrS7PbiIZtxvaQvRRk=)
3: shUnDjtZdrRPOt7OVwR9HgeHunU.crl (hash: ZLpq74OEWJnlO5YXXBHXBaGZgyW7y+0arK7iOlHx7Hs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 19:59:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1d:2c:15:1c:34:bb:ab:6f:48:7c:70:dc:ba:2a:b3:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215270e3b5976b44f3adece57047d1e0787ba75
Validity
Not Before: Oct 25 21:00:19 2025 GMT
Not After : Oct 26 21:00:19 2025 GMT
Subject: CN=73af8ba4a7d3e26ffbab3140553d6765a6c319f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d0:3c:b8:ca:63:36:ca:aa:21:54:28:c9:79:
d6:c3:c4:9a:5a:ae:4a:7f:db:46:03:dd:1a:d0:11:
bb:67:5c:d3:02:98:68:a9:ca:9b:8f:c2:13:d4:6f:
bd:c0:2f:6d:68:f6:74:7b:c7:01:a9:07:5d:d6:5a:
f3:a9:7f:d1:35:87:f5:3b:47:b3:f7:ff:2b:0e:66:
87:ef:ae:69:6f:61:b1:17:53:8c:4b:33:3b:b1:be:
1b:80:07:3b:1a:04:04:18:dd:97:57:40:88:cf:e1:
92:b0:2d:00:37:95:03:93:d5:da:4f:40:2a:88:e3:
be:2a:b2:ce:e3:32:76:63:ed:d7:ae:5b:ff:ac:07:
c1:bf:a3:b2:9c:75:12:8b:b5:94:76:43:df:73:19:
4b:59:6e:80:77:0e:e6:bf:fa:0e:47:27:95:55:66:
c1:18:23:a2:bb:40:90:5f:fc:2e:31:e1:8c:df:fe:
c6:65:1c:ea:33:62:f0:d2:c1:d7:aa:c9:3e:b7:21:
bc:28:d6:22:ac:8b:e6:5f:53:a7:a3:57:64:56:0b:
86:12:b0:1f:23:82:88:09:af:c3:39:77:58:24:61:
97:77:55:a0:56:aa:40:e5:35:fc:ab:5f:bc:bb:e5:
7d:a0:e3:b0:63:de:f3:68:ea:1d:eb:ff:65:13:2a:
c4:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:AF:8B:A4:A7:D3:E2:6F:FB:AB:31:40:55:3D:67:65:A6:C3:19:F4
X509v3 Authority Key Identifier:
keyid:B2:15:27:0E:3B:59:76:B4:4F:3A:DE:CE:57:04:7D:1E:07:87:BA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shUnDjtZdrRPOt7OVwR9HgeHunU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/bd59ae-5b7d-4c26-8e14-24b9e8211885/1/shUnDjtZdrRPOt7OVwR9HgeHunU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8e:d5:a2:7e:06:c8:d9:fa:81:11:18:fe:3a:1b:68:29:19:f8:
c2:5e:3c:99:3b:f8:ef:66:42:09:18:00:23:28:d4:81:db:ac:
f8:5b:b0:0a:38:14:84:61:a3:16:81:37:0e:24:87:8d:28:50:
6f:c6:ed:72:7d:05:f7:98:c3:33:6b:6d:14:62:85:be:2b:16:
26:08:b1:6a:b2:47:54:ab:ae:ed:dc:a8:ff:bb:97:3d:16:44:
6b:f4:da:f6:87:c0:ce:8f:15:5a:d7:d6:58:e4:dc:4e:d1:d4:
b6:ca:37:cb:57:76:23:93:94:10:68:23:25:91:ba:01:b2:07:
9c:ac:90:e2:70:82:fb:aa:d1:1a:2e:a0:fb:ba:f3:b2:42:4e:
d7:9a:d0:96:0c:2a:75:ca:74:62:d4:44:06:91:b6:6e:bc:5c:
0b:cd:44:df:4b:cc:7b:25:06:f8:42:e9:fc:6b:75:09:1b:f5:
86:22:44:cd:0d:2e:9a:c5:44:2f:45:1b:f4:92:0a:ce:ba:44:
e6:4a:40:e0:e9:05:de:28:a1:60:57:85:a2:7e:2b:d3:02:7c:
b5:87:fb:bb:18:e5:f7:51:6f:5e:9f:b0:ce:99:05:14:4b:0b:
7d:27:29:9c:52:d9:20:12:60:a4:ee:20:04:1b:4b:b8:f2:e2:
55:62:a8:79
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZodLBUcNLurb0h8cNy6KrM7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTUyNzBlM2I1OTc2YjQ0ZjNhZGVjZTU3MDQ3ZDFlMDc4
N2JhNzUwHhcNMjUxMDI1MjEwMDE5WhcNMjUxMDI2MjEwMDE5WjAzMTEwLwYDVQQD
Eyg3M2FmOGJhNGE3ZDNlMjZmZmJhYjMxNDA1NTNkNjc2NWE2YzMxOWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99A8uMpjNsqqIVQoyXnWw8SaWq5K
f9tGA90a0BG7Z1zTAphoqcqbj8IT1G+9wC9taPZ0e8cBqQdd1lrzqX/RNYf1O0ez
9/8rDmaH765pb2GxF1OMSzM7sb4bgAc7GgQEGN2XV0CIz+GSsC0AN5UDk9XaT0Aq
iOO+KrLO4zJ2Y+3Xrlv/rAfBv6OynHUSi7WUdkPfcxlLWW6Adw7mv/oORyeVVWbB
GCOiu0CQX/wuMeGM3/7GZRzqM2Lw0sHXqsk+tyG8KNYirIvmX1Ono1dkVguGErAf
I4KICa/DOXdYJGGXd1WgVqpA5TX8q1+8u+V9oOOwY97zaOod6/9lEyrECQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHOvi6Sn0+Jv+6sxQFU9Z2Wmwxn0MB8GA1UdIwQY
MBaAFLIVJw47WXa0TzrezlcEfR4Hh7p1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQt
MjRiOWU4MjExODg1LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9iZDU5YWUtNWI3ZC00YzI2LThlMTQtMjRiOWU4MjExODg1
LzEvc2hVbkRqdFpkclJQT3Q3T1Z3UjlIZ2VIdW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjtWifgbI
2fqBERj+OhtoKRn4wl48mTv472ZCCRgAIyjUgdus+FuwCjgUhGGjFoE3DiSHjShQ
b8btcn0F95jDM2ttFGKFvisWJgixarJHVKuu7dyo/7uXPRZEa/Ta9ofAzo8VWtfW
WOTcTtHUtso3y1d2I5OUEGgjJZG6AbIHnKyQ4nCC+6rRGi6g+7rzskJO15rQlgwq
dcp0YtREBpG2brxcC81E30vMeyUG+ELp/Gt1CRv1hiJEzQ0umsVEL0Ub9JIKzrpE
5kpA4OkF3iihYFeFon4r0wJ8tYf7uxjl91FvXp+wzpkFFEsLfScpnFLZIBJgpO4g
BBtLuPLiVWKoeQ==
-----END CERTIFICATE-----
Generated at Sun Oct 26 03:18:49 2025 by rpki-client