Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
File: 2AtWXXc2dT2-f2YkvfHSvBiW98A.mft (raw, json)
Hash identifier: JwnB8Ov5n6yIXEaGskPw9oBJG4pQFuPdBTITYQAUzg8=
Subject key identifier: 08:E0:F0:3A:AC:C4:F2:B0:F7:B1:AE:BC:9A:65:4B:80:6C:E3:FF:97
Authority key identifier: D8:0B:56:5D:77:36:75:3D:BE:7F:66:24:BD:F1:D2:BC:18:96:F7:C0
Certificate issuer: /CN=d80b565d7736753dbe7f6624bdf1d2bc1896f7c0
Certificate serial: 019A73012E06778EB48C14E5D8F8559DC331
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
Manifest number: 107B
Signing time: Tue 11 Nov 2025 13:00:48 +0000
Manifest this update: Tue 11 Nov 2025 13:00:48 +0000
Manifest next update: Wed 12 Nov 2025 13:00:48 +0000
Files and hashes: 1: 2AtWXXc2dT2-f2YkvfHSvBiW98A.crl (hash: 1jgmWrIwfLXg2f5h1+5DzWaZqFukj7d+5G+JTFBwHmQ=)
2: t0yBm1hFtLLJBLZuRWFSy1DPMfs.roa (hash: j8/P6OOBiK4e2CmSebJ2V2wOYlJSy/jx7/iDkS26Tbo=)
3: wpUZVReQHXzsn_DPk2ck08lBo6E.roa (hash: uqt9xMeCs/4H5VzlZsIDbAr0gO/Vsft4k85bkU/+qVM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:2e:06:77:8e:b4:8c:14:e5:d8:f8:55:9d:c3:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d80b565d7736753dbe7f6624bdf1d2bc1896f7c0
Validity
Not Before: Nov 11 13:00:48 2025 GMT
Not After : Nov 12 13:00:48 2025 GMT
Subject: CN=08e0f03aacc4f2b0f7b1aebc9a654b806ce3ff97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:a5:a7:c8:5a:53:e6:7a:7c:5a:25:3d:73:da:
ec:45:18:9a:34:13:2a:6f:24:ce:aa:9c:58:74:75:
e5:de:20:03:cb:6f:5b:39:4e:84:55:4d:8f:7e:2a:
e5:19:a8:cc:9f:6e:2e:a0:92:16:a6:ae:b4:e1:14:
5c:72:80:11:11:30:6b:d7:6b:d1:0b:8f:f4:9b:a2:
df:f6:f2:99:fc:84:c5:bc:a2:31:c1:07:98:06:05:
bf:1a:7c:7e:95:cc:e2:53:93:e8:83:79:bc:ed:27:
1f:a8:5e:b9:55:61:c4:1c:14:91:9f:6b:2b:fa:93:
43:16:98:5b:7a:13:8a:c8:82:5e:b3:e8:29:c6:d7:
c5:a1:81:1f:0d:e4:87:08:ae:5b:1a:7b:5a:a3:1e:
58:9d:e5:5f:85:0c:f9:60:32:7d:d2:94:31:c7:99:
26:85:3f:26:8e:b8:43:1a:9d:67:62:58:e6:8c:f4:
4b:c5:20:19:04:99:39:23:59:4c:3f:a6:2d:38:15:
0e:98:25:a0:97:46:80:f8:f9:8a:d0:67:4c:b9:bd:
12:65:09:7a:82:fd:8e:9a:8f:03:de:16:83:c8:4f:
d0:fd:70:69:8f:e0:0e:8d:51:e1:04:40:05:7d:68:
f2:66:57:9c:07:99:4d:0b:f4:47:3c:75:45:d7:f7:
58:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E0:F0:3A:AC:C4:F2:B0:F7:B1:AE:BC:9A:65:4B:80:6C:E3:FF:97
X509v3 Authority Key Identifier:
keyid:D8:0B:56:5D:77:36:75:3D:BE:7F:66:24:BD:F1:D2:BC:18:96:F7:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2AtWXXc2dT2-f2YkvfHSvBiW98A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f76339-1714-403b-9927-23277822fefa/1/2AtWXXc2dT2-f2YkvfHSvBiW98A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8d:e0:8a:10:7b:01:ca:29:a8:22:3a:58:42:df:88:50:0d:f5:
ac:b1:dc:9e:38:1f:04:91:fc:04:4f:54:a6:6c:f4:24:f6:99:
3b:21:4f:6f:22:ca:e8:f7:f5:3f:e4:7f:04:6a:0e:8b:bd:64:
ca:3e:89:be:cd:bc:31:b8:e9:88:58:7b:05:9f:37:85:d6:c9:
22:49:18:5e:f9:4a:26:6d:e7:f0:f6:cd:60:1d:49:54:b4:2a:
a2:e9:ce:c8:7b:43:a8:cf:86:ff:be:d9:f1:53:aa:59:bf:1d:
b1:0c:03:d2:e6:5e:bc:d2:c9:23:df:a6:37:40:07:75:bd:d7:
6f:87:bb:1f:32:93:dd:d9:23:6e:90:56:76:98:02:4f:cf:c1:
9d:e6:22:97:f1:4f:f8:ca:64:67:64:7e:b4:99:1e:4c:68:b8:
ed:99:ad:d2:b2:c7:7e:f1:77:35:cc:ea:d3:6b:c0:3e:c3:8e:
45:f5:76:a7:2c:8d:db:16:71:a4:58:7c:19:13:86:cc:4a:95:
84:46:ec:2a:ee:b9:ec:1c:58:4f:f4:f7:12:14:69:cc:d4:2c:
59:fa:84:b7:62:c1:ca:dd:ee:5a:de:8f:6c:a5:6c:1e:f3:34:
11:b2:67:d1:4d:e2:62:7f:78:6a:dc:30:a1:4e:e8:97:f2:71:
9a:49:46:d4
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAS4Gd460jBTl2PhVncMxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MGI1NjVkNzczNjc1M2RiZTdmNjYyNGJkZjFkMmJjMTg5
NmY3YzAwHhcNMjUxMTExMTMwMDQ4WhcNMjUxMTEyMTMwMDQ4WjAzMTEwLwYDVQQD
EygwOGUwZjAzYWFjYzRmMmIwZjdiMWFlYmM5YTY1NGI4MDZjZTNmZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqWnyFpT5np8WiU9c9rsRRiaNBMq
byTOqpxYdHXl3iADy29bOU6EVU2PfirlGajMn24uoJIWpq604RRccoARETBr12vR
C4/0m6Lf9vKZ/ITFvKIxwQeYBgW/Gnx+lcziU5Pog3m87ScfqF65VWHEHBSRn2sr
+pNDFphbehOKyIJes+gpxtfFoYEfDeSHCK5bGntaox5YneVfhQz5YDJ90pQxx5km
hT8mjrhDGp1nYljmjPRLxSAZBJk5I1lMP6YtOBUOmCWgl0aA+PmK0GdMub0SZQl6
gv2Omo8D3haDyE/Q/XBpj+AOjVHhBEAFfWjyZlecB5lNC/RHPHVF1/dY6wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjg8DqsxPKw97GuvJplS4Bs4/+XMB8GA1UdIwQY
MBaAFNgLVl13NnU9vn9mJL3x0rwYlvfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mNzYzMzktMTcxNC00MDNiLTk5Mjct
MjMyNzc4MjJmZWZhLzEvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mNzYzMzktMTcxNC00MDNiLTk5MjctMjMyNzc4MjJmZWZh
LzEvMkF0V1hYYzJkVDItZjJZa3ZmSFN2QmlXOThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjeCKEHsB
yimoIjpYQt+IUA31rLHcnjgfBJH8BE9Upmz0JPaZOyFPbyLK6Pf1P+R/BGoOi71k
yj6Jvs28MbjpiFh7BZ83hdbJIkkYXvlKJm3n8PbNYB1JVLQqounOyHtDqM+G/77Z
8VOqWb8dsQwD0uZevNLJI9+mN0AHdb3Xb4e7HzKT3dkjbpBWdpgCT8/BneYil/FP
+MpkZ2R+tJkeTGi47Zmt0rLHfvF3Nczq02vAPsOORfV2pyyN2xZxpFh8GROGzEqV
hEbsKu657BxYT/T3EhRpzNQsWfqEt2LByt3uWt6PbKVsHvM0EbJn0U3iYn94atww
oU7ol/JxmklG1A==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:18 2025 by rpki-client