Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
File: 2yNWAARVt7WJTO0UaYWgqIifnkw.mft (raw, json)
Hash identifier: P3m5qt6lZyP5FQkNqV7ceqrQ/FiSAiwGL72r390GckA=
Subject key identifier: 29:72:8F:0D:3F:5B:05:40:01:40:BD:EC:72:4D:61:A2:50:E4:70:63
Authority key identifier: DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C
Certificate issuer: /CN=db2356000455b7b5894ced146985a0a8889f9e4c
Certificate serial: 0199FC8F4D4D18095ABC1FBB3921D0A21454
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
Manifest number: 14FD
Signing time: Sun 19 Oct 2025 13:01:13 +0000
Manifest this update: Sun 19 Oct 2025 13:01:13 +0000
Manifest next update: Mon 20 Oct 2025 13:01:13 +0000
Files and hashes: 1: 2yNWAARVt7WJTO0UaYWgqIifnkw.crl (hash: w+IZjNutv0AKsn3DUmIoN3OHo4y+7k2K0i+md3HrA+A=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:8f:4d:4d:18:09:5a:bc:1f:bb:39:21:d0:a2:14:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db2356000455b7b5894ced146985a0a8889f9e4c
Validity
Not Before: Oct 19 13:01:13 2025 GMT
Not After : Oct 20 13:01:13 2025 GMT
Subject: CN=29728f0d3f5b05400140bdec724d61a250e47063
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:cc:99:2b:9b:18:4a:b0:f5:01:da:b3:94:27:
97:50:1e:82:5d:0d:e7:c3:4d:9d:9d:24:b5:8d:8b:
ee:5c:63:a9:c5:b2:75:48:f9:05:ae:c3:bd:0b:88:
f9:ee:91:b6:e7:e9:bf:74:23:45:7b:84:34:ab:51:
df:c4:8a:3c:fe:72:81:06:e3:3e:b9:58:97:28:8c:
25:22:99:5b:a4:d9:55:fa:0e:c4:30:3f:a5:07:4e:
9b:d5:e2:7c:63:b3:54:73:ea:bc:c0:1f:3b:cc:a5:
71:6e:4b:42:75:49:b9:55:17:ee:7d:f4:3f:a5:36:
a1:16:65:a7:ba:f6:f8:be:44:6d:7c:55:8b:43:b7:
4c:4d:b4:8f:35:61:b0:85:72:cb:7b:e5:d1:ef:e2:
19:c0:2d:cf:41:48:94:45:b4:9b:81:08:b4:fd:5d:
ea:a9:ec:ab:33:0e:91:e2:16:1d:f9:aa:67:1f:5c:
f1:cf:f0:49:78:71:fe:71:d9:81:8e:1d:26:65:d2:
99:47:f7:3c:d5:0e:8a:7a:95:8d:64:61:37:6d:86:
d1:0d:15:bb:ae:7d:89:e0:b4:11:59:c1:c3:a4:9e:
7e:a3:4f:dd:33:54:fe:ac:53:88:a6:e5:3e:c8:3c:
98:a4:be:dd:8b:8e:77:7c:2c:ff:6e:77:25:51:d2:
08:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:72:8F:0D:3F:5B:05:40:01:40:BD:EC:72:4D:61:A2:50:E4:70:63
X509v3 Authority Key Identifier:
keyid:DB:23:56:00:04:55:B7:B5:89:4C:ED:14:69:85:A0:A8:88:9F:9E:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2yNWAARVt7WJTO0UaYWgqIifnkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/9b87f8-ca94-483f-88ea-4863911412fa/1/2yNWAARVt7WJTO0UaYWgqIifnkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
70:7e:15:4f:69:e9:57:89:4d:43:a0:46:f3:2b:ab:62:70:e8:
4c:cf:77:87:6f:43:c8:11:e2:38:53:d8:5e:2b:ac:8d:50:17:
2f:47:16:5d:55:b8:62:0b:1d:02:0d:7f:8f:e8:ae:df:c8:e0:
54:aa:ae:0a:1a:4d:c3:9b:d0:e5:56:a2:95:66:dd:28:11:a1:
51:a2:ce:2d:8e:6b:23:98:00:50:2b:ba:3c:23:75:2f:34:a7:
d0:7d:98:ff:51:7d:a2:c3:b5:5b:f0:a5:38:30:be:61:dc:6f:
73:60:11:d9:86:15:ba:cc:3e:97:61:5d:b2:53:09:c5:21:1e:
40:f8:92:39:de:5a:fd:d9:c3:ca:7d:d9:28:13:df:20:97:0e:
7c:34:1c:2a:41:83:f4:9b:65:1b:ab:f6:28:03:78:86:7e:f1:
89:7e:ab:ff:c0:de:80:dd:05:21:40:ba:a7:9e:d0:10:a1:4b:
40:79:c6:89:71:a3:8b:d6:37:49:ae:06:94:e4:b0:f0:3e:12:
7e:1b:e2:de:f6:fe:af:d3:b8:81:61:a0:21:66:07:f3:02:c5:
6d:b4:a5:cc:7f:d9:b6:39:50:57:cf:c6:3e:80:84:d0:66:c4:
59:4b:a3:c3:d3:9f:af:4f:b9:77:69:dc:6e:11:51:c9:60:bf:
8d:e7:fa:b0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8j01NGAlavB+7OSHQohRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMjM1NjAwMDQ1NWI3YjU4OTRjZWQxNDY5ODVhMGE4ODg5
ZjllNGMwHhcNMjUxMDE5MTMwMTEzWhcNMjUxMDIwMTMwMTEzWjAzMTEwLwYDVQQD
EygyOTcyOGYwZDNmNWIwNTQwMDE0MGJkZWM3MjRkNjFhMjUwZTQ3MDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MyZK5sYSrD1AdqzlCeXUB6CXQ3n
w02dnSS1jYvuXGOpxbJ1SPkFrsO9C4j57pG25+m/dCNFe4Q0q1HfxIo8/nKBBuM+
uViXKIwlIplbpNlV+g7EMD+lB06b1eJ8Y7NUc+q8wB87zKVxbktCdUm5VRfuffQ/
pTahFmWnuvb4vkRtfFWLQ7dMTbSPNWGwhXLLe+XR7+IZwC3PQUiURbSbgQi0/V3q
qeyrMw6R4hYd+apnH1zxz/BJeHH+cdmBjh0mZdKZR/c81Q6KepWNZGE3bYbRDRW7
rn2J4LQRWcHDpJ5+o0/dM1T+rFOIpuU+yDyYpL7di453fCz/bnclUdIIqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFClyjw0/WwVAAUC97HJNYaJQ5HBjMB8GA1UdIwQY
MBaAFNsjVgAEVbe1iUztFGmFoKiIn55MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEt
NDg2MzkxMTQxMmZhLzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC85Yjg3ZjgtY2E5NC00ODNmLTg4ZWEtNDg2MzkxMTQxMmZh
LzEvMnlOV0FBUlZ0N1dKVE8wVWFZV2dxSWlmbmt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcH4VT2np
V4lNQ6BG8yurYnDoTM93h29DyBHiOFPYXiusjVAXL0cWXVW4YgsdAg1/j+iu38jg
VKquChpNw5vQ5VailWbdKBGhUaLOLY5rI5gAUCu6PCN1LzSn0H2Y/1F9osO1W/Cl
ODC+Ydxvc2AR2YYVusw+l2FdslMJxSEeQPiSOd5a/dnDyn3ZKBPfIJcOfDQcKkGD
9JtlG6v2KAN4hn7xiX6r/8DegN0FIUC6p57QEKFLQHnGiXGji9Y3Sa4GlOSw8D4S
fhvi3vb+r9O4gWGgIWYH8wLFbbSlzH/ZtjlQV8/GPoCE0GbEWUujw9Ofr0+5d2nc
bhFRyWC/jef6sA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:10:16 2025 by rpki-client