Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
File: 2671wyvqS1TRfiQbXMyvB7wKjuk.mft (raw, json)
Hash identifier: yYVLUpknUNKn/pzNd3APqbgSZNJAvTjbotGoYtg2ilw=
Subject key identifier: 97:F3:6F:0C:9A:B0:7C:AC:A8:39:87:93:A6:F2:20:B5:85:68:87:E4
Authority key identifier: DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
Certificate issuer: /CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Certificate serial: 019A70DBF8CA3174213DD4FB040023E30F67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
Manifest number: 1098
Signing time: Tue 11 Nov 2025 03:00:55 +0000
Manifest this update: Tue 11 Nov 2025 03:00:55 +0000
Manifest next update: Wed 12 Nov 2025 03:00:55 +0000
Files and hashes: 1: 1K5S67uusJJll8Ab0hq1pL5liKA.roa (hash: StmRzvzcRi3NdAfCMsQ2aiXFRAlDcm1+BCF0RfR6JW8=)
2: 2671wyvqS1TRfiQbXMyvB7wKjuk.crl (hash: pxcATjQxD5mDRt9lS31n/Jh7qkyuFduR/FUgzWXeL8E=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 03:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:db:f8:ca:31:74:21:3d:d4:fb:04:00:23:e3:0f:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbaef5c32bea4b54d17e241b5cccaf07bc0a8ee9
Validity
Not Before: Nov 11 03:00:55 2025 GMT
Not After : Nov 12 03:00:55 2025 GMT
Subject: CN=97f36f0c9ab07caca8398793a6f220b5856887e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:96:69:2a:be:37:38:de:54:77:e8:ec:6a:42:
cb:e2:4a:56:df:72:e0:c1:22:ad:ce:5c:de:10:28:
f4:0b:15:78:a9:cf:73:9b:df:38:02:f9:a7:43:5c:
f7:a3:b0:b2:c8:e1:92:0f:fc:73:44:e9:ea:bf:a5:
dc:e4:c8:b9:e2:15:82:52:e5:b4:57:dc:7a:2b:8b:
4b:b1:0d:e8:27:1b:c9:a9:5b:ec:32:37:5c:9b:ce:
b4:c6:2a:55:b1:0e:e4:c3:54:a5:da:94:bc:f5:4f:
b6:f0:a5:ee:be:75:0d:b7:83:4d:6e:1e:50:d9:36:
6e:49:1f:d0:46:67:dd:cf:e6:b9:cb:59:a0:66:06:
1b:03:d1:1a:c8:32:13:cb:82:84:25:5c:51:0a:69:
37:ce:c1:72:fc:c0:ec:f8:4b:63:dc:90:85:54:3c:
60:4b:6c:2d:2a:9e:8e:7e:5c:c3:8c:04:6d:c1:4f:
f3:00:81:e3:06:e0:48:16:ed:70:38:ed:ec:9b:66:
85:69:9a:12:a6:a2:e1:e9:54:71:03:e9:84:44:f3:
55:4d:1a:5f:f9:1d:89:18:3e:eb:c8:69:56:8c:f9:
59:37:01:7b:ba:74:7b:c9:4e:07:43:b5:23:9e:cb:
4b:30:53:63:29:d4:bb:a9:a5:f3:56:a4:0e:3a:d8:
1f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F3:6F:0C:9A:B0:7C:AC:A8:39:87:93:A6:F2:20:B5:85:68:87:E4
X509v3 Authority Key Identifier:
keyid:DB:AE:F5:C3:2B:EA:4B:54:D1:7E:24:1B:5C:CC:AF:07:BC:0A:8E:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2671wyvqS1TRfiQbXMyvB7wKjuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dee66f-45cc-4cb4-9fbb-642ce674f974/1/2671wyvqS1TRfiQbXMyvB7wKjuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
84:bf:fa:53:72:d8:7d:ae:4c:ac:90:27:66:18:7d:fd:ae:58:
9c:85:2f:ef:64:60:80:58:e4:38:b4:6f:c1:02:eb:92:a8:8b:
ad:79:d7:b5:cd:60:fa:0a:10:0a:73:8c:ed:e4:95:e4:bb:e6:
af:84:92:48:ea:71:c8:e6:07:96:ed:44:b8:e9:b7:43:2e:14:
73:ef:93:23:66:5a:ed:6a:35:3d:11:76:a2:d4:b0:8c:62:5c:
1c:98:a7:df:80:b6:b3:6b:cb:30:68:5a:66:0a:62:0b:d5:05:
72:6f:f1:02:06:8d:6a:82:1b:62:40:13:0f:a9:47:58:73:d8:
dd:f5:52:79:c8:e5:98:99:92:cc:16:c4:76:82:d3:84:9a:3a:
65:b5:a5:23:9c:08:d7:95:5e:76:e6:0b:53:00:27:87:c9:db:
ed:ac:a5:b8:b5:38:7d:46:8a:b4:3b:be:5f:30:22:02:62:6c:
c5:9b:d1:7d:cc:82:86:de:37:5f:10:1a:06:1a:04:4d:77:39:
e5:d3:e9:0f:4e:c2:09:0c:0f:00:74:ec:38:11:1f:71:73:b0:
b4:1b:08:0b:82:ba:a7:4e:7f:c0:0d:43:51:97:d0:52:94:bb:
c7:b6:70:55:5e:2c:e3:2a:b5:6f:c8:45:1c:96:fa:e5:84:50:
93:bd:2f:c1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpw2/jKMXQhPdT7BAAj4w9nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYWVmNWMzMmJlYTRiNTRkMTdlMjQxYjVjY2NhZjA3YmMw
YThlZTkwHhcNMjUxMTExMDMwMDU1WhcNMjUxMTEyMDMwMDU1WjAzMTEwLwYDVQQD
Eyg5N2YzNmYwYzlhYjA3Y2FjYTgzOTg3OTNhNmYyMjBiNTg1Njg4N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJZpKr43ON5Ud+jsakLL4kpW33Lg
wSKtzlzeECj0CxV4qc9zm984AvmnQ1z3o7CyyOGSD/xzROnqv6Xc5Mi54hWCUuW0
V9x6K4tLsQ3oJxvJqVvsMjdcm860xipVsQ7kw1Sl2pS89U+28KXuvnUNt4NNbh5Q
2TZuSR/QRmfdz+a5y1mgZgYbA9EayDITy4KEJVxRCmk3zsFy/MDs+Etj3JCFVDxg
S2wtKp6OflzDjARtwU/zAIHjBuBIFu1wOO3sm2aFaZoSpqLh6VRxA+mERPNVTRpf
+R2JGD7ryGlWjPlZNwF7unR7yU4HQ7UjnstLMFNjKdS7qaXzVqQOOtgfSQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJfzbwyasHysqDmHk6byILWFaIfkMB8GA1UdIwQY
MBaAFNuu9cMr6ktU0X4kG1zMrwe8Co7pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmIt
NjQyY2U2NzRmOTc0LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kZWU2NmYtNDVjYy00Y2I0LTlmYmItNjQyY2U2NzRmOTc0
LzEvMjY3MXd5dnFTMVRSZmlRYlhNeXZCN3dLanVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhL/6U3LY
fa5MrJAnZhh9/a5YnIUv72RggFjkOLRvwQLrkqiLrXnXtc1g+goQCnOM7eSV5Lvm
r4SSSOpxyOYHlu1EuOm3Qy4Uc++TI2Za7Wo1PRF2otSwjGJcHJin34C2s2vLMGha
ZgpiC9UFcm/xAgaNaoIbYkATD6lHWHPY3fVSecjlmJmSzBbEdoLThJo6ZbWlI5wI
15VeduYLUwAnh8nb7ayluLU4fUaKtDu+XzAiAmJsxZvRfcyCht43XxAaBhoETXc5
5dPpD07CCQwPAHTsOBEfcXOwtBsIC4K6p05/wA1DUZfQUpS7x7ZwVV4s4yq1b8hF
HJb65YRQk70vwQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:18 2025 by rpki-client