Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
File: 0q5eM4eU5g1di1I72yto7ErHYs4.mft (raw, json)
Hash identifier: KIl916E+CO2Ul2qXie3fKKLyO9jnT2EnP8+I0ZQhwtk=
Subject key identifier: 1B:58:62:68:C3:B2:E7:C3:D5:E6:21:90:73:95:92:CE:8B:CA:8F:EE
Authority key identifier: D2:AE:5E:33:87:94:E6:0D:5D:8B:52:3B:DB:2B:68:EC:4A:C7:62:CE
Certificate issuer: /CN=d2ae5e338794e60d5d8b523bdb2b68ec4ac762ce
Certificate serial: 019A2CD6846FCCF94E2D3E8EE1011242E13F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
Manifest number: 16FD
Signing time: Tue 28 Oct 2025 22:00:47 +0000
Manifest this update: Tue 28 Oct 2025 22:00:47 +0000
Manifest next update: Wed 29 Oct 2025 22:00:47 +0000
Files and hashes: 1: 0q5eM4eU5g1di1I72yto7ErHYs4.crl (hash: /TqyY3VzBNPZskzJFMlOdr66LM3+gXFA6IGuZQ14Um4=)
2: 5JInjtJs-s2-yK_dBCuc4HDNHSk.roa (hash: JUxQOg0RzN7jHCpHsSZf+phi3+AooD9Ty47K9VLPoKw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 22:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:d6:84:6f:cc:f9:4e:2d:3e:8e:e1:01:12:42:e1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2ae5e338794e60d5d8b523bdb2b68ec4ac762ce
Validity
Not Before: Oct 28 22:00:47 2025 GMT
Not After : Oct 29 22:00:47 2025 GMT
Subject: CN=1b586268c3b2e7c3d5e62190739592ce8bca8fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4f:02:b2:06:ab:d1:67:75:5a:c7:ec:50:fb:
4b:b2:ae:ab:84:78:e5:d6:cb:8f:fc:fa:ae:26:54:
a7:27:b0:9d:ce:6a:b3:93:fe:34:66:54:6e:c7:0b:
0b:00:3d:19:97:77:ff:7a:06:d1:80:14:e2:58:e2:
ca:5b:30:00:9a:dc:3c:27:97:bf:ee:e3:1f:2f:24:
ee:b1:7e:6c:7f:2d:4f:3d:26:5d:35:00:92:15:5f:
14:a7:bc:81:9f:59:c2:f2:25:32:62:24:ed:2f:36:
93:60:a6:81:0c:fe:70:47:ba:08:78:ec:f5:d1:cb:
a7:bd:39:9d:b2:33:0c:93:c1:1b:5a:3f:82:b8:d2:
ab:da:b2:80:3e:c5:cc:25:8c:c7:df:24:3c:25:9c:
85:39:7d:69:65:6d:cc:34:c2:51:cc:61:92:23:48:
a6:2a:b2:fb:88:87:f8:e1:bb:0a:2e:11:55:34:47:
4a:33:68:3c:42:30:0c:b0:ab:24:95:e8:bc:de:30:
cd:ab:8c:6a:87:4c:9f:61:5c:7c:8d:f1:c6:c6:10:
04:8a:5f:62:08:ad:18:32:ad:c2:53:a6:5b:0d:e1:
d3:13:38:86:1a:1c:31:d3:26:c7:6f:05:27:bd:b0:
b1:bb:b7:75:41:93:5f:a9:79:67:c3:3d:1c:02:f2:
91:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:58:62:68:C3:B2:E7:C3:D5:E6:21:90:73:95:92:CE:8B:CA:8F:EE
X509v3 Authority Key Identifier:
keyid:D2:AE:5E:33:87:94:E6:0D:5D:8B:52:3B:DB:2B:68:EC:4A:C7:62:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0q5eM4eU5g1di1I72yto7ErHYs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/d5df03-b5ee-4bf7-aedf-8d8e9ea14325/1/0q5eM4eU5g1di1I72yto7ErHYs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2c:60:22:f3:57:c0:f1:c3:2f:85:ee:87:ee:bd:4f:cd:0b:60:
c9:8a:c8:60:09:16:84:e4:db:09:72:6f:16:85:a5:46:06:f6:
c5:53:31:e2:73:52:a7:28:9d:fb:b6:73:6d:22:02:e2:27:5e:
85:7c:7e:1a:e6:48:f8:74:39:9e:54:48:84:9a:7e:1a:45:3c:
e4:40:c5:90:da:2c:be:00:45:cc:52:fa:51:d0:7c:07:02:22:
fc:4c:28:fd:90:03:b9:3d:07:3c:5c:f7:65:a4:78:dd:e2:41:
cc:35:3a:3b:b7:70:c1:bd:5f:1b:69:12:20:d9:61:0f:54:bf:
6c:b0:77:00:b7:cb:b2:4b:bd:bb:ec:ce:b7:0b:5b:85:31:d6:
1f:91:fa:22:11:21:70:82:90:7d:95:35:e4:4f:9a:0f:b6:37:
d5:a2:f6:40:4d:bc:70:91:6b:eb:9f:fd:8b:d9:66:b8:55:af:
ae:b0:b8:e9:44:45:ef:06:df:7a:1e:9c:a0:a9:0e:a8:8e:e0:
61:d1:98:c9:af:3c:7a:f8:3b:41:7a:aa:ca:1c:de:1a:2f:e2:
35:3d:14:22:9b:3d:02:82:f1:ee:aa:c5:4a:64:1a:10:1d:9b:
eb:48:4c:d7:6c:95:06:37:9a:dd:01:82:69:6c:8a:9e:86:19:
85:93:f9:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZos1oRvzPlOLT6O4QESQuE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYWU1ZTMzODc5NGU2MGQ1ZDhiNTIzYmRiMmI2OGVjNGFj
NzYyY2UwHhcNMjUxMDI4MjIwMDQ3WhcNMjUxMDI5MjIwMDQ3WjAzMTEwLwYDVQQD
EygxYjU4NjI2OGMzYjJlN2MzZDVlNjIxOTA3Mzk1OTJjZThiY2E4ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk8Csgar0Wd1WsfsUPtLsq6rhHjl
1suP/PquJlSnJ7Cdzmqzk/40ZlRuxwsLAD0Zl3f/egbRgBTiWOLKWzAAmtw8J5e/
7uMfLyTusX5sfy1PPSZdNQCSFV8Up7yBn1nC8iUyYiTtLzaTYKaBDP5wR7oIeOz1
0cunvTmdsjMMk8EbWj+CuNKr2rKAPsXMJYzH3yQ8JZyFOX1pZW3MNMJRzGGSI0im
KrL7iIf44bsKLhFVNEdKM2g8QjAMsKsklei83jDNq4xqh0yfYVx8jfHGxhAEil9i
CK0YMq3CU6ZbDeHTEziGGhwx0ybHbwUnvbCxu7d1QZNfqXlnwz0cAvKRdQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBtYYmjDsufD1eYhkHOVks6Lyo/uMB8GA1UdIwQY
MBaAFNKuXjOHlOYNXYtSO9sraOxKx2LOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9kNWRmMDMtYjVlZS00YmY3LWFlZGYt
OGQ4ZTllYTE0MzI1LzEvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9kNWRmMDMtYjVlZS00YmY3LWFlZGYtOGQ4ZTllYTE0MzI1
LzEvMHE1ZU00ZVU1ZzFkaTFJNzJ5dG83RXJIWXM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALGAi81fA
8cMvhe6H7r1PzQtgyYrIYAkWhOTbCXJvFoWlRgb2xVMx4nNSpyid+7ZzbSIC4ide
hXx+GuZI+HQ5nlRIhJp+GkU85EDFkNosvgBFzFL6UdB8BwIi/Ewo/ZADuT0HPFz3
ZaR43eJBzDU6O7dwwb1fG2kSINlhD1S/bLB3ALfLsku9u+zOtwtbhTHWH5H6IhEh
cIKQfZU15E+aD7Y31aL2QE28cJFr65/9i9lmuFWvrrC46URF7wbfeh6coKkOqI7g
YdGYya88evg7QXqqyhzeGi/iNT0UIps9AoLx7qrFSmQaEB2b60hM12yVBjea3QGC
aWyKnoYZhZP5NQ==
-----END CERTIFICATE-----
Generated at Wed Oct 29 02:25:10 2025 by rpki-client