Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
File: 28lQCYQ2KBzuVCoedFRlUeHlUoM.mft (raw, json)
Hash identifier: fSmuHWECw0p/t3Q9/Ab9IFX/9uNJhXQ0VZHNpIrRobk=
Subject key identifier: A3:5B:3F:1B:2D:5E:0B:20:14:5E:95:B4:4B:89:34:69:55:46:D8:01
Authority key identifier: DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
Certificate issuer: /CN=dbc950098436281cee542a1e74546551e1e55283
Certificate serial: 019A02FEE6A27030492EECB4294256E36B12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
Manifest number: 16E8
Signing time: Mon 20 Oct 2025 19:00:50 +0000
Manifest this update: Mon 20 Oct 2025 19:00:50 +0000
Manifest next update: Tue 21 Oct 2025 19:00:50 +0000
Files and hashes: 1: 28lQCYQ2KBzuVCoedFRlUeHlUoM.crl (hash: Cd4hNx3JjYp4rRlFsRHnBm3zH+5tjVUJayCieQ0BC78=)
2: 5OG6iGTbUMv4yreuCzltBDVdDTU.roa (hash: B8Cg7jxvmm1JBGJPeKqbsREjncwII7bdGdlW3Ml3/PA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:fe:e6:a2:70:30:49:2e:ec:b4:29:42:56:e3:6b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dbc950098436281cee542a1e74546551e1e55283
Validity
Not Before: Oct 20 19:00:50 2025 GMT
Not After : Oct 21 19:00:50 2025 GMT
Subject: CN=a35b3f1b2d5e0b20145e95b44b8934695546d801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:74:54:6e:83:8f:29:72:98:1d:5e:bb:66:76:
27:38:ff:3e:71:b2:75:d2:39:44:1a:9a:16:32:9c:
d2:a9:95:d8:93:0a:8f:2c:9c:6d:7f:10:37:db:e5:
df:81:e7:64:29:8b:4e:64:a1:f7:8a:6f:1b:45:b0:
be:e9:2f:9e:fd:85:03:7e:1b:a4:e4:58:f4:80:77:
f9:af:53:3c:d5:46:8c:11:91:dd:30:df:4a:fe:32:
66:51:00:fc:5f:ce:ee:e8:85:3b:82:8c:6b:7e:30:
3e:61:ea:f9:ea:0c:62:1c:1d:e7:18:c5:e1:c1:ad:
4f:1b:34:94:f8:cf:f1:ca:a1:a0:91:01:3d:d0:d7:
d3:2d:37:fd:26:b7:8f:c6:b2:9a:70:ad:75:3b:33:
b1:b3:91:98:57:12:4d:d1:60:8e:ae:33:b7:a0:da:
0a:83:d9:85:85:5f:f6:c1:4a:99:6b:73:5c:3d:05:
4a:fe:52:e2:fa:e8:67:0c:d2:b6:ff:dd:52:c4:85:
34:24:8c:72:cb:6c:6b:d3:a0:b0:ab:c9:0c:2b:51:
e4:e0:a1:08:62:a4:31:10:68:9e:11:9d:9a:4d:35:
65:c0:10:1a:f5:fa:96:9e:5e:0b:ce:4e:d2:be:ff:
f1:8d:52:80:2d:c6:65:9b:9c:f9:f2:74:f9:28:de:
04:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5B:3F:1B:2D:5E:0B:20:14:5E:95:B4:4B:89:34:69:55:46:D8:01
X509v3 Authority Key Identifier:
keyid:DB:C9:50:09:84:36:28:1C:EE:54:2A:1E:74:54:65:51:E1:E5:52:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/28lQCYQ2KBzuVCoedFRlUeHlUoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/5aa448-643f-4aee-90d9-f47e169266c2/1/28lQCYQ2KBzuVCoedFRlUeHlUoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
50:9a:85:a6:c8:33:a1:b1:9c:96:ee:88:9b:d6:58:30:7e:f2:
b8:17:90:a2:fa:ba:b2:fe:ed:41:76:53:15:d9:e7:45:d5:f3:
43:c6:08:6a:5c:c1:d6:ef:3c:6f:0c:b7:ed:ca:fc:0f:cd:8a:
5d:f1:b9:82:78:d2:30:ff:9a:a8:79:25:11:a7:13:69:0f:e4:
70:2d:0d:b4:d0:11:5c:e5:f5:92:20:ff:ca:78:c0:2f:f7:da:
fc:94:67:91:37:68:3b:c3:63:26:02:17:5a:76:90:de:a4:51:
b6:6e:7a:fa:9e:74:06:7f:42:f1:b1:6c:3e:55:a5:42:1b:7f:
13:18:3d:1c:a8:ec:41:22:11:c0:bd:fc:0e:31:73:6f:c4:82:
1c:2a:6d:c6:61:ac:e9:52:2c:82:72:20:dd:52:90:cc:1e:51:
b5:bd:7d:52:8b:81:f8:88:5e:9b:78:b2:e4:db:6c:2a:d9:2d:
ee:4f:3b:b4:e2:4a:53:1d:59:2c:ed:39:7c:89:3a:2a:39:7f:
1f:42:ab:f0:23:8a:24:ad:ca:8a:d0:85:5d:7d:a4:0e:70:23:
0d:e5:97:5b:8e:71:b1:f0:3c:87:c7:0b:1d:5f:81:38:20:ba:
a7:a1:3e:88:92:db:4d:9c:b0:95:7c:d7:18:ca:e0:50:bc:fb:
7a:6d:ed:de
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoC/uaicDBJLuy0KUJW42sSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiYzk1MDA5ODQzNjI4MWNlZTU0MmExZTc0NTQ2NTUxZTFl
NTUyODMwHhcNMjUxMDIwMTkwMDUwWhcNMjUxMDIxMTkwMDUwWjAzMTEwLwYDVQQD
EyhhMzViM2YxYjJkNWUwYjIwMTQ1ZTk1YjQ0Yjg5MzQ2OTU1NDZkODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXRUboOPKXKYHV67ZnYnOP8+cbJ1
0jlEGpoWMpzSqZXYkwqPLJxtfxA32+XfgedkKYtOZKH3im8bRbC+6S+e/YUDfhuk
5Fj0gHf5r1M81UaMEZHdMN9K/jJmUQD8X87u6IU7goxrfjA+Yer56gxiHB3nGMXh
wa1PGzSU+M/xyqGgkQE90NfTLTf9JrePxrKacK11OzOxs5GYVxJN0WCOrjO3oNoK
g9mFhV/2wUqZa3NcPQVK/lLi+uhnDNK2/91SxIU0JIxyy2xr06Cwq8kMK1Hk4KEI
YqQxEGieEZ2aTTVlwBAa9fqWnl4Lzk7Svv/xjVKALcZlm5z58nT5KN4EUQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKNbPxstXgsgFF6VtEuJNGlVRtgBMB8GA1UdIwQY
MBaAFNvJUAmENigc7lQqHnRUZVHh5VKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDkt
ZjQ3ZTE2OTI2NmMyLzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi81YWE0NDgtNjQzZi00YWVlLTkwZDktZjQ3ZTE2OTI2NmMy
LzEvMjhsUUNZUTJLQnp1VkNvZWRGUmxVZUhsVW9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJqFpsgz
obGclu6Im9ZYMH7yuBeQovq6sv7tQXZTFdnnRdXzQ8YIalzB1u88bwy37cr8D82K
XfG5gnjSMP+aqHklEacTaQ/kcC0NtNARXOX1kiD/ynjAL/fa/JRnkTdoO8NjJgIX
WnaQ3qRRtm56+p50Bn9C8bFsPlWlQht/Exg9HKjsQSIRwL38DjFzb8SCHCptxmGs
6VIsgnIg3VKQzB5Rtb19UouB+Ihem3iy5NtsKtkt7k87tOJKUx1ZLO05fIk6Kjl/
H0Kr8COKJK3KitCFXX2kDnAjDeWXW45xsfA8h8cLHV+BOCC6p6E+iJLbTZywlXzX
GMrgULz7em3t3g==
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:07:51 2025 by rpki-client