Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft
File: raXVKzyodFRXW2W3IO74GiYqXzo.mft (raw, json)
Hash identifier: Yi8bDK8QGDxOovLAW2k+/7Fwdi3sQ42mt9cF7w+4YU8=
Subject key identifier: 25:E2:7F:0A:80:04:D7:0A:2B:13:9B:DE:60:7C:DD:75:DF:62:60:4A
Authority key identifier: AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
Certificate issuer: /CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Certificate serial: 0199526685566C0CA0CEE9ADF5268AB30D10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft
Manifest number: 0FC9
Signing time: Tue 16 Sep 2025 12:01:14 +0000
Manifest this update: Tue 16 Sep 2025 12:01:14 +0000
Manifest next update: Wed 17 Sep 2025 12:01:14 +0000
Files and hashes: 1: YkyLNJe8eg5_ZWWXRqgb1FEedCU.roa (hash: yKbeF3cM/odTGzY3J6HPYew0I5seEJaLqL9iFLq9XbY=)
2: raXVKzyodFRXW2W3IO74GiYqXzo.crl (hash: WBz1hiMdiAjrbrksUq5T/geEn2jWjACNSs3xejzjjOQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 12:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:66:85:56:6c:0c:a0:ce:e9:ad:f5:26:8a:b3:0d:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ada5d52b3ca87454575b65b720eef81a262a5f3a
Validity
Not Before: Sep 16 12:01:14 2025 GMT
Not After : Sep 17 12:01:14 2025 GMT
Subject: CN=25e27f0a8004d70a2b139bde607cdd75df62604a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:2a:e3:f7:18:5b:df:af:dc:ab:dd:b2:bf:
70:fc:f4:3b:2b:44:1a:a6:47:5b:b6:c6:93:6b:16:
19:9c:99:06:1c:39:5d:19:01:2b:8c:c8:92:2e:ef:
0a:87:57:3a:c0:f0:d3:54:94:65:c4:86:c6:41:bd:
19:d0:fc:59:ad:9d:34:c1:de:77:67:73:2b:fd:09:
b2:3e:4f:ec:63:9f:48:7f:85:58:ef:fa:e2:f5:bf:
12:f6:fc:35:60:1e:3d:33:08:96:8e:53:ee:ca:4a:
2f:fb:a2:8f:c7:a5:b3:fc:9f:fa:5b:ed:19:dd:39:
94:03:37:db:9e:d0:01:2f:65:61:63:c1:8f:71:83:
f7:6e:a1:f8:19:2b:41:16:87:2e:10:66:57:7c:c1:
27:d6:a8:59:81:2d:80:d3:b0:c1:cc:b3:da:56:4b:
b2:89:60:9a:d6:9c:38:e6:d3:e2:92:e8:fe:c9:0c:
3f:ee:5a:73:d5:5e:13:54:f2:68:d6:2b:d0:de:40:
b5:bf:b0:49:43:3c:44:6e:e7:23:66:0c:d2:6a:69:
84:87:ab:62:79:32:16:d6:65:a0:1e:cd:b6:83:43:
57:34:35:f3:84:4e:bb:de:15:93:ca:e6:18:d4:1c:
2b:56:c7:c3:b7:ef:79:d7:cb:27:b5:85:3a:79:b4:
62:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:E2:7F:0A:80:04:D7:0A:2B:13:9B:DE:60:7C:DD:75:DF:62:60:4A
X509v3 Authority Key Identifier:
keyid:AD:A5:D5:2B:3C:A8:74:54:57:5B:65:B7:20:EE:F8:1A:26:2A:5F:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/raXVKzyodFRXW2W3IO74GiYqXzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5d8453-0380-475e-9edc-d18ab4f7f5df/1/raXVKzyodFRXW2W3IO74GiYqXzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:fe:0d:1f:9c:10:d7:f6:79:fc:7f:1e:40:4c:e8:ae:cd:18:
26:82:49:87:05:ad:36:be:a5:8d:78:9e:da:67:a9:9c:84:3f:
d6:13:7a:7d:c7:e2:89:af:01:ab:50:50:8c:8d:ed:f2:c9:cb:
65:f9:4e:cc:a8:1a:d8:ad:4c:74:b7:97:4c:e3:39:bb:09:16:
26:7a:95:81:4e:0d:4d:a9:73:85:22:81:7d:a3:a6:0a:c4:4c:
64:a8:6b:a4:81:6c:b9:5d:17:15:74:38:7c:dd:7d:be:a6:8e:
59:5f:7c:4d:1f:a3:62:ce:5a:25:e1:2b:ff:9a:6a:90:5e:d5:
d6:6d:99:89:71:a5:e0:ec:2d:8f:4c:89:f2:35:71:73:7f:c6:
0f:b2:4c:4f:2f:5d:2e:1a:5d:f5:e6:94:6d:b0:af:18:d7:1d:
14:60:ee:01:fe:6d:15:ad:7f:40:64:e2:62:b0:59:cd:00:4f:
fa:e5:ba:ae:b2:fa:57:f0:aa:60:ff:8a:ea:3e:fb:b1:c7:49:
2b:11:97:e9:2a:1d:f8:43:a0:d2:d6:22:9c:b3:c9:2a:89:42:
85:3d:78:d2:0e:25:aa:7f:79:7d:73:cf:2c:8c:34:1f:c1:bd:
c9:8f:72:09:3f:f0:6e:09:82:35:3f:2c:5c:b0:31:4d:e0:8f:
2d:b0:0c:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZlSZoVWbAygzumt9SaKsw0QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYTVkNTJiM2NhODc0NTQ1NzViNjViNzIwZWVmODFhMjYy
YTVmM2EwHhcNMjUwOTE2MTIwMTE0WhcNMjUwOTE3MTIwMTE0WjAzMTEwLwYDVQQD
EygyNWUyN2YwYTgwMDRkNzBhMmIxMzliZGU2MDdjZGQ3NWRmNjI2MDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqIq4/cYW9+v3Kvdsr9w/PQ7K0Qa
pkdbtsaTaxYZnJkGHDldGQErjMiSLu8Kh1c6wPDTVJRlxIbGQb0Z0PxZrZ00wd53
Z3Mr/QmyPk/sY59If4VY7/ri9b8S9vw1YB49MwiWjlPuykov+6KPx6Wz/J/6W+0Z
3TmUAzfbntABL2VhY8GPcYP3bqH4GStBFocuEGZXfMEn1qhZgS2A07DBzLPaVkuy
iWCa1pw45tPikuj+yQw/7lpz1V4TVPJo1ivQ3kC1v7BJQzxEbucjZgzSammEh6ti
eTIW1mWgHs22g0NXNDXzhE673hWTyuYY1BwrVsfDt+9518sntYU6ebRiswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXifwqABNcKKxOb3mB83XXfYmBKMB8GA1UdIwQY
MBaAFK2l1Ss8qHRUV1tltyDu+BomKl86MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMt
ZDE4YWI0ZjdmNWRmLzEvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81ZDg0NTMtMDM4MC00NzVlLTllZGMtZDE4YWI0ZjdmNWRm
LzEvcmFYVkt6eW9kRlJYVzJXM0lPNzRHaVlxWHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAif4NH5wQ
1/Z5/H8eQEzors0YJoJJhwWtNr6ljXie2mepnIQ/1hN6fcfiia8Bq1BQjI3t8snL
ZflOzKga2K1MdLeXTOM5uwkWJnqVgU4NTalzhSKBfaOmCsRMZKhrpIFsuV0XFXQ4
fN19vqaOWV98TR+jYs5aJeEr/5pqkF7V1m2ZiXGl4Owtj0yJ8jVxc3/GD7JMTy9d
Lhpd9eaUbbCvGNcdFGDuAf5tFa1/QGTiYrBZzQBP+uW6rrL6V/CqYP+K6j77scdJ
KxGX6Sod+EOg0tYinLPJKolChT140g4lqn95fXPPLIw0H8G9yY9yCT/wbgmCNT8s
XLAxTeCPLbAMPw==
-----END CERTIFICATE-----
Generated at Tue Sep 16 20:30:04 2025 by rpki-client