Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.mft
File: 2y11xtVHdQZCJBsHSc-gUsjBfzQ.mft (raw, json)
Hash identifier: 0oPd/OybwEv0IBYpxRVBAejUIU3mEd+tOrJ6zI9z8y8=
Subject key identifier: CD:29:EA:3E:87:C1:5B:4B:41:7A:86:87:F4:C7:A3:EC:B0:15:2A:FB
Authority key identifier: DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
Certificate issuer: /CN=db2d75c6d547750642241b0749cfa052c8c17f34
Certificate serial: 019A7225AB5FA2E7C48297EB8FFA11A61127
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.mft
Manifest number: 171F
Signing time: Tue 11 Nov 2025 09:01:02 +0000
Manifest this update: Tue 11 Nov 2025 09:01:02 +0000
Manifest next update: Wed 12 Nov 2025 09:01:02 +0000
Files and hashes: 1: 2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl (hash: CyaJBd32K4BL91IYkXrrgnIMFG+RgY/GaKWhMRYQBY4=)
2: hbj2DwbTO4-tmysNHMyxl2vxyPM.roa (hash: W6g4GPDJbcaX24i4+eflWzczpsq5sBQlzCM+vJ6ScIM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ab:5f:a2:e7:c4:82:97:eb:8f:fa:11:a6:11:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2d75c6d547750642241b0749cfa052c8c17f34
Validity
Not Before: Nov 11 09:01:02 2025 GMT
Not After : Nov 12 09:01:02 2025 GMT
Subject: CN=cd29ea3e87c15b4b417a8687f4c7a3ecb0152afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a9:40:68:f3:06:4f:19:39:ce:8b:b5:f5:24:
fa:c6:64:28:44:0c:30:8f:d3:80:4c:bc:4c:a0:5b:
c0:99:f2:86:b4:d7:a4:5f:ee:5d:22:1f:d7:e3:37:
59:9c:fa:9b:2a:6e:a3:66:44:b5:4b:9e:24:bf:ed:
8a:be:64:5c:48:e5:b2:35:b8:c4:25:f4:a0:6b:a0:
03:38:4e:d5:d3:9f:05:c0:53:76:73:e5:58:22:b1:
38:2f:a0:cf:07:ba:4d:fd:d2:18:e8:49:e7:58:f1:
dc:b1:75:c5:1f:df:5c:2f:e6:ca:be:1e:2a:a2:09:
3e:e2:10:39:73:e3:c4:b2:1a:d7:70:1e:d2:2c:71:
b2:2c:30:05:a2:12:79:e8:2b:e7:4c:25:5e:f7:84:
27:ee:7e:d2:d5:95:fa:c7:d5:b8:33:73:96:cc:1d:
91:7a:b0:64:05:73:3f:3b:0f:72:e7:b3:42:88:61:
63:ad:68:ac:c6:6c:2a:3f:bf:e9:34:6f:b9:43:cd:
c5:92:18:16:e9:48:0e:7e:a2:b9:58:8f:67:79:ec:
cf:f2:71:d2:bd:56:95:b1:cd:e5:8c:53:5b:d1:12:
0c:8c:91:f5:4b:ea:6c:c3:80:d0:9d:41:d7:a8:5f:
8c:ad:c8:96:e7:5e:a8:5c:b0:d7:17:79:40:88:38:
45:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:29:EA:3E:87:C1:5B:4B:41:7A:86:87:F4:C7:A3:EC:B0:15:2A:FB
X509v3 Authority Key Identifier:
keyid:DB:2D:75:C6:D5:47:75:06:42:24:1B:07:49:CF:A0:52:C8:C1:7F:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2y11xtVHdQZCJBsHSc-gUsjBfzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/cc40a9-8b3f-43d6-a078-a901e034afe5/1/2y11xtVHdQZCJBsHSc-gUsjBfzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:83:0d:34:1c:34:c2:da:f9:f4:16:45:33:f5:6b:b9:1b:7c:
87:1d:67:15:c0:41:82:f8:f1:44:d3:23:04:fa:3a:c1:15:0a:
8d:1b:ce:1a:bf:54:a4:6a:b4:45:06:4d:31:25:8c:a2:a0:a2:
50:d5:1d:66:81:ee:00:1d:c6:16:d8:28:53:c1:51:d0:15:1a:
cd:d7:50:09:79:96:c9:7c:dc:30:2d:26:d9:96:a7:08:c8:0b:
52:2f:e5:4d:4d:11:60:9b:2d:70:b5:91:c4:64:a6:ee:d4:7b:
ef:36:ce:f4:14:7c:15:9a:73:bb:cc:fc:c6:a5:b5:5c:47:8f:
7b:63:4b:40:fa:3e:a1:75:f4:f6:13:04:5c:99:53:73:26:1f:
cd:3b:1f:26:80:f8:62:e9:ef:d4:7a:d5:29:33:48:37:1b:48:
d0:0c:44:b3:29:ec:1b:cb:03:e3:1a:25:6e:68:22:58:b2:07:
8d:4a:9e:f3:6b:8d:5e:66:d3:2f:9b:b5:1d:2f:d7:0c:3e:0b:
45:85:0e:03:fb:21:55:4f:f3:40:9c:ec:e8:d4:0c:b4:c1:0e:
2c:0e:cb:41:7f:fc:f5:3a:ed:f0:e6:53:1b:d0:84:24:af:05:
6c:48:af:cc:5c:fc:6b:ce:57:01:13:0e:9e:b7:78:90:b2:fb:
4f:b0:04:46
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJatfoufEgpfrj/oRphEnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMmQ3NWM2ZDU0Nzc1MDY0MjI0MWIwNzQ5Y2ZhMDUyYzhj
MTdmMzQwHhcNMjUxMTExMDkwMTAyWhcNMjUxMTEyMDkwMTAyWjAzMTEwLwYDVQQD
EyhjZDI5ZWEzZTg3YzE1YjRiNDE3YTg2ODdmNGM3YTNlY2IwMTUyYWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6lAaPMGTxk5zou19ST6xmQoRAww
j9OATLxMoFvAmfKGtNekX+5dIh/X4zdZnPqbKm6jZkS1S54kv+2KvmRcSOWyNbjE
JfSga6ADOE7V058FwFN2c+VYIrE4L6DPB7pN/dIY6EnnWPHcsXXFH99cL+bKvh4q
ogk+4hA5c+PEshrXcB7SLHGyLDAFohJ56CvnTCVe94Qn7n7S1ZX6x9W4M3OWzB2R
erBkBXM/Ow9y57NCiGFjrWisxmwqP7/pNG+5Q83FkhgW6UgOfqK5WI9neezP8nHS
vVaVsc3ljFNb0RIMjJH1S+psw4DQnUHXqF+MrciW516oXLDXF3lAiDhFNwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM0p6j6HwVtLQXqGh/THo+ywFSr7MB8GA1UdIwQY
MBaAFNstdcbVR3UGQiQbB0nPoFLIwX80MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgt
YTkwMWUwMzRhZmU1LzEvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9jYzQwYTktOGIzZi00M2Q2LWEwNzgtYTkwMWUwMzRhZmU1
LzEvMnkxMXh0VkhkUVpDSkJzSFNjLWdVc2pCZnpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKYMNNBw0
wtr59BZFM/VruRt8hx1nFcBBgvjxRNMjBPo6wRUKjRvOGr9UpGq0RQZNMSWMoqCi
UNUdZoHuAB3GFtgoU8FR0BUazddQCXmWyXzcMC0m2ZanCMgLUi/lTU0RYJstcLWR
xGSm7tR77zbO9BR8FZpzu8z8xqW1XEePe2NLQPo+oXX09hMEXJlTcyYfzTsfJoD4
Yunv1HrVKTNINxtI0AxEsynsG8sD4xolbmgiWLIHjUqe82uNXmbTL5u1HS/XDD4L
RYUOA/shVU/zQJzs6NQMtMEOLA7LQX/89Trt8OZTG9CEJK8FbEivzFz8a85XARMO
nrd4kLL7T7AERg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:20:29 2025 by rpki-client