Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
File: 2CsoRvCTvJQWBBvmiix4MWHrBN8.mft (raw, json)
Hash identifier: fmvUhG7GHzoee20GjTP85uF8EbsOPObNthd+Q6qwgkY=
Subject key identifier: 12:81:C3:14:73:EE:F1:B7:C2:21:29:F2:19:9F:C2:19:3A:62:DC:A0
Authority key identifier: D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
Certificate issuer: /CN=d82b2846f093bc9416041be68a2c783161eb04df
Certificate serial: 019A73019099BC3DBB1648357B77A4FD5ED0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
Manifest number: 08C7
Signing time: Tue 11 Nov 2025 13:01:13 +0000
Manifest this update: Tue 11 Nov 2025 13:01:13 +0000
Manifest next update: Wed 12 Nov 2025 13:01:13 +0000
Files and hashes: 1: 1tdaIrt9xypJtReKdxeXXdM964s.roa (hash: 2jF3CjF80ww6ITNBk+zVZgXhV0QGg1umOnc7I4ePaOY=)
2: 2CsoRvCTvJQWBBvmiix4MWHrBN8.crl (hash: v+q3wTqkDn6FLI7di8b8+8GC8cLgs6b/LA1haOM22T4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:90:99:bc:3d:bb:16:48:35:7b:77:a4:fd:5e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82b2846f093bc9416041be68a2c783161eb04df
Validity
Not Before: Nov 11 13:01:13 2025 GMT
Not After : Nov 12 13:01:13 2025 GMT
Subject: CN=1281c31473eef1b7c22129f2199fc2193a62dca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:80:f2:d6:2d:dc:26:56:72:6e:af:c1:c4:bf:
0f:fe:15:25:51:20:5b:2b:96:5a:f9:9f:9e:0b:78:
35:f3:1f:80:27:3a:aa:2f:34:bb:15:b5:41:80:7b:
7c:ba:ee:0e:c3:2c:c0:fa:97:56:a9:21:0d:25:f2:
fa:fe:d0:f5:e8:bf:6e:fb:6f:70:9e:7c:6e:83:5f:
39:ac:99:90:a8:90:50:40:4b:4b:2d:06:1f:8d:3b:
28:3f:8e:6d:a6:0a:67:9f:80:0e:39:9b:6c:49:9c:
bf:0c:63:84:9f:e6:d1:62:11:72:7c:df:0f:8c:ad:
d8:af:93:83:60:69:a4:89:b1:83:ff:9f:a4:c2:03:
62:a6:5e:3f:e6:af:ed:3b:51:4d:bb:ad:ba:38:5b:
e9:fa:94:17:5a:9e:c0:c5:58:0f:68:bb:fc:98:0d:
48:f5:b2:61:13:6b:64:15:f5:c2:96:ca:cb:9e:b8:
3c:cc:a0:54:99:70:5e:0c:2a:20:de:29:20:13:a9:
9e:78:75:1d:08:b5:f1:9e:16:4a:60:c9:e3:42:86:
b6:fb:29:8e:a2:35:c3:bd:e2:24:59:9f:a1:2a:79:
80:3a:41:de:b6:88:d1:94:e3:2f:3b:94:d4:47:a6:
f8:e4:56:7c:a5:69:c3:7a:e4:22:63:f2:81:de:d4:
b0:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:81:C3:14:73:EE:F1:B7:C2:21:29:F2:19:9F:C2:19:3A:62:DC:A0
X509v3 Authority Key Identifier:
keyid:D8:2B:28:46:F0:93:BC:94:16:04:1B:E6:8A:2C:78:31:61:EB:04:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2CsoRvCTvJQWBBvmiix4MWHrBN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/5b2d6e-8247-448f-a358-5473ee1daa9b/1/2CsoRvCTvJQWBBvmiix4MWHrBN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:b3:a8:f9:ff:91:84:61:74:60:bf:b1:f4:5c:3f:08:75:4a:
d5:0e:53:15:d1:07:e2:ef:c9:ec:51:03:92:59:c5:28:cd:29:
11:ea:23:49:3d:31:db:4d:25:ff:ed:6c:21:36:40:e3:88:36:
08:f2:03:cd:8e:a2:89:37:f0:48:af:46:0b:a0:d2:ad:b3:6a:
b8:51:7b:bf:ed:54:87:32:af:b1:41:7f:0b:c2:ee:72:b4:03:
5e:a5:e7:dd:1d:ad:38:ee:6c:2f:bb:1d:04:10:32:9a:88:27:
0b:0d:2c:13:26:7b:ab:44:e8:e1:56:17:27:93:d3:30:53:91:
cf:54:7a:d9:72:3c:3a:ef:05:2c:fc:d3:c1:b3:25:37:03:45:
65:9e:a9:bf:01:1f:91:e3:8e:9e:df:d5:8e:7b:c8:88:39:b4:
e3:5d:1b:0c:5f:b9:01:40:d3:59:62:65:7e:8a:a2:ab:94:51:
9d:5e:ae:5c:6f:93:83:b9:b2:38:82:35:83:91:53:4c:ac:5c:
92:3b:13:28:a0:3d:d8:58:1d:4e:37:56:79:ae:03:c3:18:03:
31:dd:59:90:72:71:6c:64:30:3c:d2:c4:5f:1d:52:fb:b2:9a:
a1:bd:4b:94:b1:b5:32:3d:c4:2a:9a:89:d8:c6:61:c2:51:34:
b9:9c:01:c4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAZCZvD27Fkg1e3ek/V7QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmIyODQ2ZjA5M2JjOTQxNjA0MWJlNjhhMmM3ODMxNjFl
YjA0ZGYwHhcNMjUxMTExMTMwMTEzWhcNMjUxMTEyMTMwMTEzWjAzMTEwLwYDVQQD
EygxMjgxYzMxNDczZWVmMWI3YzIyMTI5ZjIxOTlmYzIxOTNhNjJkY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oDy1i3cJlZybq/BxL8P/hUlUSBb
K5Za+Z+eC3g18x+AJzqqLzS7FbVBgHt8uu4OwyzA+pdWqSENJfL6/tD16L9u+29w
nnxug185rJmQqJBQQEtLLQYfjTsoP45tpgpnn4AOOZtsSZy/DGOEn+bRYhFyfN8P
jK3Yr5ODYGmkibGD/5+kwgNipl4/5q/tO1FNu626OFvp+pQXWp7AxVgPaLv8mA1I
9bJhE2tkFfXClsrLnrg8zKBUmXBeDCog3ikgE6meeHUdCLXxnhZKYMnjQoa2+ymO
ojXDveIkWZ+hKnmAOkHetojRlOMvO5TUR6b45FZ8pWnDeuQiY/KB3tSw2QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBKBwxRz7vG3wiEp8hmfwhk6YtygMB8GA1UdIwQY
MBaAFNgrKEbwk7yUFgQb5ooseDFh6wTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgt
NTQ3M2VlMWRhYTliLzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy81YjJkNmUtODI0Ny00NDhmLWEzNTgtNTQ3M2VlMWRhYTli
LzEvMkNzb1J2Q1R2SlFXQkJ2bWlpeDRNV0hyQk44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJLOo+f+R
hGF0YL+x9Fw/CHVK1Q5TFdEH4u/J7FEDklnFKM0pEeojST0x200l/+1sITZA44g2
CPIDzY6iiTfwSK9GC6DSrbNquFF7v+1UhzKvsUF/C8LucrQDXqXn3R2tOO5sL7sd
BBAymognCw0sEyZ7q0To4VYXJ5PTMFORz1R62XI8Ou8FLPzTwbMlNwNFZZ6pvwEf
keOOnt/VjnvIiDm0410bDF+5AUDTWWJlfoqiq5RRnV6uXG+Tg7myOII1g5FTTKxc
kjsTKKA92FgdTjdWea4DwxgDMd1ZkHJxbGQwPNLEXx1S+7Kaob1LlLG1Mj3EKpqJ
2MZhwlE0uZwBxA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:51:43 2025 by rpki-client