Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/2dac8b-76cd-40f0-854e-1da2acc76e11/1/4rvHBn-KfFfWhtZ160aOmbhr1i0.mft
File: 4rvHBn-KfFfWhtZ160aOmbhr1i0.mft (raw, json)
Hash identifier: Y4QCUy9bNhPv0IgIj0mq5yKX8JECl+k3aHhISp4v29U=
Subject key identifier: 53:C6:88:7A:4D:8A:5B:D4:EE:BD:95:CA:86:8A:D6:B7:07:36:71:C4
Authority key identifier: E2:BB:C7:06:7F:8A:7C:57:D6:86:D6:75:EB:46:8E:99:B8:6B:D6:2D
Certificate issuer: /CN=e2bbc7067f8a7c57d686d675eb468e99b86bd62d
Certificate serial: 019A71B80FABE7FED596F919A3D7642547F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4rvHBn-KfFfWhtZ160aOmbhr1i0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/2dac8b-76cd-40f0-854e-1da2acc76e11/1/4rvHBn-KfFfWhtZ160aOmbhr1i0.mft
Manifest number: 16F2
Signing time: Tue 11 Nov 2025 07:01:19 +0000
Manifest this update: Tue 11 Nov 2025 07:01:19 +0000
Manifest next update: Wed 12 Nov 2025 07:01:19 +0000
Files and hashes: 1: 4rvHBn-KfFfWhtZ160aOmbhr1i0.crl (hash: Y2tFfj8nqsnYBV/ZTtbxe3yJvwWHfhZGpBCUeaB/qxc=)
2: S9IbEuckGJ-9L5NueHluP1etdYo.roa (hash: 3hI+07Eg5raje1kn4kUfDxud5d5a2unK+1/vO0g99aY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/2dac8b-76cd-40f0-854e-1da2acc76e11/1/4rvHBn-KfFfWhtZ160aOmbhr1i0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/2dac8b-76cd-40f0-854e-1da2acc76e11/1/4rvHBn-KfFfWhtZ160aOmbhr1i0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4rvHBn-KfFfWhtZ160aOmbhr1i0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:0f:ab:e7:fe:d5:96:f9:19:a3:d7:64:25:47:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2bbc7067f8a7c57d686d675eb468e99b86bd62d
Validity
Not Before: Nov 11 07:01:19 2025 GMT
Not After : Nov 12 07:01:19 2025 GMT
Subject: CN=53c6887a4d8a5bd4eebd95ca868ad6b7073671c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ee:32:1a:d7:43:c4:0c:52:a2:50:ec:90:63:
98:62:91:a2:5a:c8:73:e1:ba:0c:35:c9:99:fa:6b:
17:a9:98:ec:2f:a6:a0:92:5e:e6:7c:80:28:f1:17:
66:a5:73:54:02:ca:41:c9:04:30:6d:12:af:8f:20:
30:24:7f:de:bf:0b:84:82:5b:83:8d:b8:44:27:71:
9b:de:14:8f:1d:a5:e7:89:c1:59:ca:3f:5d:88:cb:
de:8e:3b:f2:d3:5a:86:e5:58:c4:78:52:26:11:c7:
4b:cd:e5:15:60:b8:75:98:23:3c:bd:c6:94:c6:9f:
24:75:cb:72:21:d3:2a:99:bd:b4:ff:1a:83:56:67:
86:eb:96:d7:b3:4f:6a:a8:7f:db:cb:c4:8c:f6:71:
e6:6e:08:46:24:31:f6:18:86:52:e5:7a:c3:87:f1:
6a:0f:ea:10:0e:c8:9b:25:ae:c2:05:94:3e:d6:23:
ad:ab:3e:f5:96:ef:ea:b7:69:1c:8f:2f:77:9c:e3:
5c:57:71:e3:4a:1f:4a:db:40:7f:0f:a3:88:74:7e:
0c:ea:18:bc:9e:96:67:a0:94:18:ef:bf:88:e5:23:
40:1a:03:6c:8a:76:ab:58:f7:b5:19:90:c4:2c:3b:
7d:22:19:a4:60:26:ab:ea:2c:84:87:f8:26:d4:51:
6b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C6:88:7A:4D:8A:5B:D4:EE:BD:95:CA:86:8A:D6:B7:07:36:71:C4
X509v3 Authority Key Identifier:
keyid:E2:BB:C7:06:7F:8A:7C:57:D6:86:D6:75:EB:46:8E:99:B8:6B:D6:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4rvHBn-KfFfWhtZ160aOmbhr1i0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2dac8b-76cd-40f0-854e-1da2acc76e11/1/4rvHBn-KfFfWhtZ160aOmbhr1i0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2dac8b-76cd-40f0-854e-1da2acc76e11/1/4rvHBn-KfFfWhtZ160aOmbhr1i0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
76:f4:f2:4f:78:88:cc:6c:a7:53:03:c1:1c:0b:24:b1:de:c5:
4a:94:21:31:00:32:57:5e:d4:60:76:cf:27:18:5e:06:2e:16:
77:52:3d:cd:97:ff:e4:6e:d0:a9:d9:ec:c5:25:0c:88:4c:3d:
46:4f:e9:0f:02:e6:46:b3:0d:65:2f:c0:1b:a3:b2:86:48:cc:
6a:46:a1:35:62:a4:6e:ee:6c:22:0c:c5:46:c1:e3:9b:f2:d2:
95:31:24:cc:30:97:41:ea:a9:22:d6:e4:9c:59:1e:02:51:73:
88:b9:e1:a8:c2:f1:ed:8c:48:4b:44:4e:84:0e:be:68:7f:bf:
6c:02:2b:72:bb:7a:f6:46:78:9b:41:a7:e5:cd:93:d6:a9:e2:
6a:bf:27:b5:73:c4:f7:db:fb:6f:b5:c4:dd:cc:cd:ee:35:b0:
18:b4:4c:db:8e:95:c8:d7:df:1e:85:06:2b:26:ba:f5:b2:23:
5e:4f:08:35:05:3c:e6:3b:e8:1a:72:1a:59:e3:5a:49:f9:5b:
bc:be:ae:2a:86:2b:ac:fe:56:8f:fd:10:d6:4b:f3:5b:b0:78:
7e:1a:de:df:56:94:64:62:13:e8:27:f6:98:a0:af:e9:27:df:
ab:10:8b:04:00:0f:32:52:80:31:49:1c:36:e3:fe:0d:58:82:
ef:2d:d3:57
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuA+r5/7VlvkZo9dkJUfyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYmJjNzA2N2Y4YTdjNTdkNjg2ZDY3NWViNDY4ZTk5Yjg2
YmQ2MmQwHhcNMjUxMTExMDcwMTE5WhcNMjUxMTEyMDcwMTE5WjAzMTEwLwYDVQQD
Eyg1M2M2ODg3YTRkOGE1YmQ0ZWViZDk1Y2E4NjhhZDZiNzA3MzY3MWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO4yGtdDxAxSolDskGOYYpGiWshz
4boMNcmZ+msXqZjsL6agkl7mfIAo8RdmpXNUAspByQQwbRKvjyAwJH/evwuEgluD
jbhEJ3Gb3hSPHaXnicFZyj9diMvejjvy01qG5VjEeFImEcdLzeUVYLh1mCM8vcaU
xp8kdctyIdMqmb20/xqDVmeG65bXs09qqH/by8SM9nHmbghGJDH2GIZS5XrDh/Fq
D+oQDsibJa7CBZQ+1iOtqz71lu/qt2kcjy93nONcV3HjSh9K20B/D6OIdH4M6hi8
npZnoJQY77+I5SNAGgNsinarWPe1GZDELDt9IhmkYCar6iyEh/gm1FFrYQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFPGiHpNilvU7r2VyoaK1rcHNnHEMB8GA1UdIwQY
MBaAFOK7xwZ/inxX1obWdetGjpm4a9YtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHJ2SEJuLUtmRmZXaHRaMTYwYU9tYmhyMWkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yZGFjOGItNzZjZC00MGYwLTg1NGUt
MWRhMmFjYzc2ZTExLzEvNHJ2SEJuLUtmRmZXaHRaMTYwYU9tYmhyMWkwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yZGFjOGItNzZjZC00MGYwLTg1NGUtMWRhMmFjYzc2ZTEx
LzEvNHJ2SEJuLUtmRmZXaHRaMTYwYU9tYmhyMWkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvTyT3iI
zGynUwPBHAsksd7FSpQhMQAyV17UYHbPJxheBi4Wd1I9zZf/5G7QqdnsxSUMiEw9
Rk/pDwLmRrMNZS/AG6OyhkjMakahNWKkbu5sIgzFRsHjm/LSlTEkzDCXQeqpItbk
nFkeAlFziLnhqMLx7YxIS0ROhA6+aH+/bAIrcrt69kZ4m0Gn5c2T1qniar8ntXPE
99v7b7XE3czN7jWwGLRM246VyNffHoUGKya69bIjXk8INQU85jvoGnIaWeNaSflb
vL6uKoYrrP5Wj/0Q1kvzW7B4fhre31aUZGIT6Cf2mKCv6SffqxCLBAAPMlKAMUkc
NuP+DViC7y3TVw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:56:32 2025 by rpki-client