Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
File: 2ko-wHuXhY5oNKWh-I64_jG_eyA.mft (raw, json)
Hash identifier: pgvZV1A5HzGntlFQW84g3bH+SWCAvro8gCeYxh+2UN4=
Subject key identifier: EF:51:6A:96:95:43:AA:55:D6:D9:B9:76:91:50:B3:03:B6:F4:64:4E
Authority key identifier: DA:4A:3E:C0:7B:97:85:8E:68:34:A5:A1:F8:8E:B8:FE:31:BF:7B:20
Certificate issuer: /CN=da4a3ec07b97858e6834a5a1f88eb8fe31bf7b20
Certificate serial: 019A72CA45688304A90034F2E6A1B7BB7C6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ko-wHuXhY5oNKWh-I64_jG_eyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
Manifest number: 07CB
Signing time: Tue 11 Nov 2025 12:00:49 +0000
Manifest this update: Tue 11 Nov 2025 12:00:49 +0000
Manifest next update: Wed 12 Nov 2025 12:00:49 +0000
Files and hashes: 1: 2ko-wHuXhY5oNKWh-I64_jG_eyA.crl (hash: nfUDTbVeM8krJK6GTrqxcRNahHWrIl+m/ouxJcgJ3Mw=)
2: SKL1Cd8Tn-ZKbcOxgMo9-wJ0gbQ.roa (hash: 4u4TOuVY+peXwBlO4N668GLOAFUf52/Bj870kxpoG3I=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2ko-wHuXhY5oNKWh-I64_jG_eyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:45:68:83:04:a9:00:34:f2:e6:a1:b7:bb:7c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da4a3ec07b97858e6834a5a1f88eb8fe31bf7b20
Validity
Not Before: Nov 11 12:00:49 2025 GMT
Not After : Nov 12 12:00:49 2025 GMT
Subject: CN=ef516a969543aa55d6d9b9769150b303b6f4644e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:57:c5:b3:0c:80:97:39:f7:f3:92:d1:c1:a0:
79:6a:6a:c6:ef:c8:5b:51:b5:e7:a8:51:95:67:4a:
f9:be:85:2c:c7:07:c1:43:76:e7:00:3a:85:66:5d:
a9:4d:f9:e2:b7:6f:9d:cb:45:b0:ac:b5:f0:22:8e:
65:10:75:bd:d1:fa:9f:23:34:0f:2d:b8:2c:92:fd:
5c:1e:cc:5b:af:6d:1a:61:91:87:91:16:ad:24:4e:
25:8a:1d:bf:4c:bd:31:b4:7f:82:1d:55:e4:43:eb:
f7:d9:c3:59:a9:16:46:a4:75:b2:b4:ec:88:35:f6:
66:dc:10:86:75:2e:59:6a:41:a5:36:16:eb:92:54:
6c:93:24:83:60:7c:a0:1b:77:a6:f8:07:62:0a:f2:
08:74:63:5e:21:8e:e1:90:67:ba:12:ad:91:83:f4:
5b:30:26:11:70:bc:fd:6f:b9:cb:8e:c7:5b:3d:93:
ef:fc:63:55:5b:e6:bf:af:a4:20:74:bb:ff:f5:60:
cd:ad:f3:aa:0b:8e:62:a3:fb:49:6d:e7:06:a8:36:
92:25:c6:6c:ad:c7:75:07:62:4a:8c:a5:2c:47:34:
57:89:d4:10:8e:23:da:97:1f:ca:0d:26:d7:63:02:
e7:50:d5:18:81:b8:53:6a:aa:ac:79:56:a3:13:41:
17:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:51:6A:96:95:43:AA:55:D6:D9:B9:76:91:50:B3:03:B6:F4:64:4E
X509v3 Authority Key Identifier:
keyid:DA:4A:3E:C0:7B:97:85:8E:68:34:A5:A1:F8:8E:B8:FE:31:BF:7B:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ko-wHuXhY5oNKWh-I64_jG_eyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/fe0306-af84-4e8e-8885-b84a9819ead6/1/2ko-wHuXhY5oNKWh-I64_jG_eyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:06:58:f5:ee:1a:92:0c:77:ca:88:d0:ec:b8:fa:1f:bb:67:
df:f8:15:7d:bd:dc:7f:12:53:ef:e3:e0:a3:68:ea:8b:97:ee:
cf:15:96:1f:85:16:db:ac:fc:3a:1a:38:52:37:fb:98:1b:6c:
67:bd:2b:a8:f7:ee:47:4d:fa:46:17:2b:96:c7:1e:48:b2:aa:
ef:db:4d:22:8e:62:e9:09:5a:cf:9c:7e:98:68:7d:67:f0:bc:
ea:ff:90:41:e0:bf:aa:6a:8d:f7:24:48:28:eb:c7:db:ed:e0:
63:35:4d:36:75:17:49:99:7f:f8:e0:82:d3:68:bb:e5:78:15:
f3:b4:02:60:cb:23:9b:1c:cd:d4:04:4d:f9:07:0a:99:45:e2:
cb:c1:05:7d:47:3c:9d:1a:4f:bf:e0:88:d1:f9:bf:60:41:df:
23:15:b0:87:d4:27:c7:9c:a9:8f:96:dd:f7:cc:2d:a8:8d:23:
f0:12:3f:d2:33:80:28:98:0f:91:06:ad:15:fd:43:02:a0:90:
4d:be:6c:84:2f:4d:b3:0c:67:dc:20:5d:24:34:b0:f9:01:64:
c2:cb:2b:77:b6:9f:0e:5b:e7:51:ae:5a:f2:98:c0:a7:ea:97:
00:55:86:08:f0:bc:78:9c:2b:a9:1d:4b:ca:44:3e:91:0d:7d:
81:6f:1d:80
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykVogwSpADTy5qG3u3xrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhNGEzZWMwN2I5Nzg1OGU2ODM0YTVhMWY4OGViOGZlMzFi
ZjdiMjAwHhcNMjUxMTExMTIwMDQ5WhcNMjUxMTEyMTIwMDQ5WjAzMTEwLwYDVQQD
EyhlZjUxNmE5Njk1NDNhYTU1ZDZkOWI5NzY5MTUwYjMwM2I2ZjQ2NDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlfFswyAlzn385LRwaB5amrG78hb
UbXnqFGVZ0r5voUsxwfBQ3bnADqFZl2pTfnit2+dy0WwrLXwIo5lEHW90fqfIzQP
Lbgskv1cHsxbr20aYZGHkRatJE4lih2/TL0xtH+CHVXkQ+v32cNZqRZGpHWytOyI
NfZm3BCGdS5ZakGlNhbrklRskySDYHygG3em+AdiCvIIdGNeIY7hkGe6Eq2Rg/Rb
MCYRcLz9b7nLjsdbPZPv/GNVW+a/r6QgdLv/9WDNrfOqC45io/tJbecGqDaSJcZs
rcd1B2JKjKUsRzRXidQQjiPalx/KDSbXYwLnUNUYgbhTaqqseVajE0EXbwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO9RapaVQ6pV1tm5dpFQswO29GROMB8GA1UdIwQY
MBaAFNpKPsB7l4WOaDSlofiOuP4xv3sgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmtvLXdIdVhoWTVvTktXaC1JNjRfakdfZXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9mZTAzMDYtYWY4NC00ZThlLTg4ODUt
Yjg0YTk4MTllYWQ2LzEvMmtvLXdIdVhoWTVvTktXaC1JNjRfakdfZXlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9mZTAzMDYtYWY4NC00ZThlLTg4ODUtYjg0YTk4MTllYWQ2
LzEvMmtvLXdIdVhoWTVvTktXaC1JNjRfakdfZXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmgZY9e4a
kgx3yojQ7Lj6H7tn3/gVfb3cfxJT7+Pgo2jqi5fuzxWWH4UW26z8Oho4Ujf7mBts
Z70rqPfuR036RhcrlsceSLKq79tNIo5i6Qlaz5x+mGh9Z/C86v+QQeC/qmqN9yRI
KOvH2+3gYzVNNnUXSZl/+OCC02i75XgV87QCYMsjmxzN1ARN+QcKmUXiy8EFfUc8
nRpPv+CI0fm/YEHfIxWwh9Qnx5ypj5bd98wtqI0j8BI/0jOAKJgPkQatFf1DAqCQ
Tb5shC9Nswxn3CBdJDSw+QFkwssrd7afDlvnUa5a8pjAp+qXAFWGCPC8eJwrqR1L
ykQ+kQ19gW8dgA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:03:44 2025 by rpki-client