Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
File: r2A0bQgbHFyBCzlMZuEFErv02Mk.mft (raw, json)
Hash identifier: Vp8eUmNnlNpM1HdGYhxuR8CXmA9BZkEJUFjvNYfB01M=
Subject key identifier: DB:5D:87:C9:5A:34:7D:25:26:34:6A:6D:7D:5B:D5:8F:6C:FC:78:7F
Authority key identifier: AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
Certificate issuer: /CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Certificate serial: 019A29D50890A8B28945231682C2A5EC46CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
Manifest number: 0413
Signing time: Tue 28 Oct 2025 08:00:18 +0000
Manifest this update: Tue 28 Oct 2025 08:00:18 +0000
Manifest next update: Wed 29 Oct 2025 08:00:18 +0000
Files and hashes: 1: j5QtHlhxEZZOM5CvXJMLssoxGGc.roa (hash: 8L3ZEU7bcEWssZWSFVojRb4D5wALELFNA26f5J8ZxnI=)
2: r2A0bQgbHFyBCzlMZuEFErv02Mk.crl (hash: pM713c5tbtkHHu9NraCx+mnRtsxLsQUfCEiP6dzgeCs=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:29:d5:08:90:a8:b2:89:45:23:16:82:c2:a5:ec:46:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af60346d081b1c5c810b394c66e10512bbf4d8c9
Validity
Not Before: Oct 28 08:00:18 2025 GMT
Not After : Oct 29 08:00:18 2025 GMT
Subject: CN=db5d87c95a347d2526346a6d7d5bd58f6cfc787f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fe:72:35:7c:68:f7:9c:bc:70:fa:0f:26:2a:
dc:9b:18:f3:98:6b:df:5c:02:dc:e2:fd:c4:da:a2:
c4:f0:b7:ec:74:86:3b:42:fe:2e:95:43:81:90:a4:
39:8c:90:44:f0:ff:b0:a5:61:05:d6:4d:aa:70:47:
79:c2:5b:9c:f3:88:29:dc:1d:e8:d0:d7:fd:3d:30:
11:95:26:cd:63:50:2a:a2:08:65:61:10:4b:a0:68:
04:33:8a:d8:b4:52:2c:61:34:4c:be:a1:5c:a8:bb:
0b:89:dc:4c:02:9e:53:75:91:f9:21:be:4c:03:fc:
23:70:60:ab:68:5e:fb:21:b4:54:06:78:32:62:2a:
9b:d9:d1:a3:c6:af:12:f5:ef:10:c5:6a:88:78:95:
0f:7b:3b:44:0f:64:1b:5c:e0:fc:ec:53:8c:f4:83:
62:dd:9b:34:fb:1f:85:6d:23:13:eb:b0:30:15:4d:
01:35:d2:69:f4:7a:cf:7d:4b:c6:23:a9:26:6c:b0:
ba:1c:d9:57:4c:69:3c:30:d4:58:02:d1:c3:2b:4d:
74:58:3a:1a:88:12:43:8d:8d:43:31:f1:88:28:20:
52:d2:dc:09:79:dc:7b:80:74:80:eb:89:b0:56:c2:
a0:58:c8:a0:35:c3:77:0f:d3:67:2b:5e:90:7a:0e:
ae:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:5D:87:C9:5A:34:7D:25:26:34:6A:6D:7D:5B:D5:8F:6C:FC:78:7F
X509v3 Authority Key Identifier:
keyid:AF:60:34:6D:08:1B:1C:5C:81:0B:39:4C:66:E1:05:12:BB:F4:D8:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r2A0bQgbHFyBCzlMZuEFErv02Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b660f4-88cb-45f3-a71a-2639839f828d/1/r2A0bQgbHFyBCzlMZuEFErv02Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8c:11:ac:b6:40:84:1e:6f:e1:f5:10:5d:80:b1:f7:3e:30:d1:
c7:7e:fe:2a:42:94:0a:c2:8c:6f:b1:fc:dc:07:62:e1:2b:95:
d0:78:0d:69:6f:e0:e0:27:c9:5f:c0:a3:f0:29:35:7c:f8:02:
42:14:0a:79:80:ce:24:45:d9:bc:72:7e:b6:a8:7e:8d:3c:55:
bc:62:91:57:9f:90:d0:09:ed:5c:7e:6b:6b:38:7a:2d:87:8a:
10:00:31:04:96:99:9a:ea:93:63:59:9e:2a:d0:47:46:3f:c5:
a4:18:4e:8b:4d:d3:8e:64:54:b8:a4:65:02:80:5e:02:a0:00:
33:ca:e7:b7:40:e1:ab:d5:d7:eb:ab:1a:d5:01:ab:7f:88:51:
15:10:c0:c9:f0:04:b6:6b:8f:ac:a7:56:af:00:9a:05:76:d6:
6c:3a:bf:f1:18:79:b1:f6:36:86:24:99:3f:1d:76:e1:a1:c7:
f0:9c:5f:30:42:c4:dd:93:b3:c9:8b:ed:2a:d4:45:23:8a:80:
a0:73:89:00:4b:2d:b4:12:29:8c:4b:25:b8:ac:ed:38:0d:b6:
86:39:9a:8a:46:1e:58:37:1f:eb:7c:ac:df:81:30:ed:f3:f8:
f8:e3:9f:3c:99:8e:fe:52:06:92:a0:76:24:5d:9f:82:7b:a3:
6c:21:6c:d7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZop1QiQqLKJRSMWgsKl7EbOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNjAzNDZkMDgxYjFjNWM4MTBiMzk0YzY2ZTEwNTEyYmJm
NGQ4YzkwHhcNMjUxMDI4MDgwMDE4WhcNMjUxMDI5MDgwMDE4WjAzMTEwLwYDVQQD
EyhkYjVkODdjOTVhMzQ3ZDI1MjYzNDZhNmQ3ZDViZDU4ZjZjZmM3ODdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAif5yNXxo95y8cPoPJircmxjzmGvf
XALc4v3E2qLE8LfsdIY7Qv4ulUOBkKQ5jJBE8P+wpWEF1k2qcEd5wluc84gp3B3o
0Nf9PTARlSbNY1AqoghlYRBLoGgEM4rYtFIsYTRMvqFcqLsLidxMAp5TdZH5Ib5M
A/wjcGCraF77IbRUBngyYiqb2dGjxq8S9e8QxWqIeJUPeztED2QbXOD87FOM9INi
3Zs0+x+FbSMT67AwFU0BNdJp9HrPfUvGI6kmbLC6HNlXTGk8MNRYAtHDK010WDoa
iBJDjY1DMfGIKCBS0twJedx7gHSA64mwVsKgWMigNcN3D9NnK16Qeg6uSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNtdh8laNH0lJjRqbX1b1Y9s/Hh/MB8GA1UdIwQY
MBaAFK9gNG0IGxxcgQs5TGbhBRK79NjJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEt
MjYzOTgzOWY4MjhkLzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9iNjYwZjQtODhjYi00NWYzLWE3MWEtMjYzOTgzOWY4Mjhk
LzEvcjJBMGJRZ2JIRnlCQ3psTVp1RUZFcnYwMk1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjBGstkCE
Hm/h9RBdgLH3PjDRx37+KkKUCsKMb7H83Adi4SuV0HgNaW/g4CfJX8Cj8Ck1fPgC
QhQKeYDOJEXZvHJ+tqh+jTxVvGKRV5+Q0AntXH5razh6LYeKEAAxBJaZmuqTY1me
KtBHRj/FpBhOi03TjmRUuKRlAoBeAqAAM8rnt0Dhq9XX66sa1QGrf4hRFRDAyfAE
tmuPrKdWrwCaBXbWbDq/8Rh5sfY2hiSZPx124aHH8JxfMELE3ZOzyYvtKtRFI4qA
oHOJAEsttBIpjEsluKztOA22hjmaikYeWDcf63ys34Ew7fP4+OOfPJmO/lIGkqB2
JF2fgnujbCFs1w==
-----END CERTIFICATE-----
Generated at Tue Oct 28 18:42:11 2025 by rpki-client