
Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
File: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft (raw, json)
Hash identifier: BWCPAyvpu6/IeSFMvTNNjYTw10AshLHJotpu/+L2wBo=
Subject key identifier: 91:DB:C2:21:F7:F9:64:B3:F9:2C:41:89:FA:6B:DA:4B:6B:4C:D7:DC
Authority key identifier: D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
Certificate issuer: /CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Certificate serial: 0199FE103811C0E8373FBA6D18BA6F6D34BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
Manifest number: 0434
Signing time: Sun 19 Oct 2025 20:01:39 +0000
Manifest this update: Sun 19 Oct 2025 20:01:39 +0000
Manifest next update: Mon 20 Oct 2025 20:01:39 +0000
Files and hashes: 1: 2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl (hash: bZWReBQHMpihGAIygoVvHMGVSDIDDPThlqtfEbCLXRE=)
2: RFpSEEfmfhQM7TNBHUvPYNYCE48.roa (hash: iHrN3ygMDkDOsg7Lw4ctlZrjgMs+0h97Al7X6knMEEI=)
3: UkLoRo0mP_K3Dh8gkYYP1OxkE_I.roa (hash: Q3D4Rh06gP+xE8oXAtIwLH3P2XhdWnZQyb1Lpy85O7s=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fe:10:38:11:c0:e8:37:3f:ba:6d:18:ba:6f:6d:34:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d882a197340d3584e6ac17c1fb2a9900ae4f603c
Validity
Not Before: Oct 19 20:01:39 2025 GMT
Not After : Oct 20 20:01:39 2025 GMT
Subject: CN=91dbc221f7f964b3f92c4189fa6bda4b6b4cd7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0e:46:75:2d:9c:7d:28:54:6a:b5:83:1f:20:
eb:59:b1:10:24:bf:ec:ae:b2:8c:f4:71:74:a7:84:
f7:2f:65:ec:38:9a:e6:8b:35:57:72:2f:f6:dc:58:
73:cc:64:24:19:f9:3e:a0:52:92:13:58:f0:be:e0:
46:8f:35:15:58:38:ad:70:4e:cb:1a:e3:6f:da:65:
9c:30:23:ae:94:59:48:d9:9e:03:b6:41:b9:68:73:
3b:6e:5d:1d:4f:5e:4b:b8:33:cf:44:51:00:0c:c2:
07:e9:c5:f7:c1:94:4a:b3:43:dc:b4:bb:83:a2:f4:
88:44:e3:f8:59:a0:61:d6:c1:eb:e5:1b:fc:85:f8:
b9:06:d8:9d:d4:94:cf:06:2a:4f:9d:26:cc:04:63:
c8:c0:6a:12:ae:90:62:22:75:4d:cc:3f:02:dd:e5:
6a:8f:a9:af:6a:95:3f:cf:9d:98:fa:5a:ba:ed:f0:
af:0f:3a:18:ba:80:59:75:f9:42:f3:e6:6e:9c:6e:
9b:76:97:11:c5:4a:4f:83:06:5b:73:42:e4:aa:88:
d0:df:75:2b:46:85:aa:71:7a:b9:6f:6e:40:82:b4:
3b:fc:25:5c:a3:03:30:bf:82:e5:88:cc:91:17:1b:
b0:92:6e:19:b3:62:ce:4e:4e:ce:be:29:5e:e1:9b:
0b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DB:C2:21:F7:F9:64:B3:F9:2C:41:89:FA:6B:DA:4B:6B:4C:D7:DC
X509v3 Authority Key Identifier:
keyid:D8:82:A1:97:34:0D:35:84:E6:AC:17:C1:FB:2A:99:00:AE:4F:60:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2IKhlzQNNYTmrBfB-yqZAK5PYDw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/841c43-0269-4289-8fa5-b05ae5ca2d5e/1/2IKhlzQNNYTmrBfB-yqZAK5PYDw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
58:a8:c8:f4:d3:b8:78:fa:b3:2a:a9:4b:63:a4:a6:62:e1:ed:
f3:9f:d9:6c:d6:59:a0:f1:a0:8a:eb:ae:1e:d0:38:05:31:a0:
73:14:00:8e:86:0e:1c:3b:b1:dc:69:60:2f:51:01:79:44:ff:
b0:79:fa:ea:73:0b:78:53:8f:62:2a:25:31:18:31:be:70:56:
5c:c8:5a:5a:5a:68:cf:f5:36:90:63:6b:dc:e3:c6:68:43:f6:
c4:2c:28:99:f4:f9:ea:b6:43:ce:10:a3:19:fb:54:ab:ec:57:
c8:2d:ad:b5:d8:ea:9d:82:da:ef:f1:7d:ee:01:b6:b0:7b:f2:
33:2e:0b:5c:a2:20:84:82:df:b3:fb:2d:a2:ba:a5:34:97:e8:
85:8b:ca:9c:ff:48:b1:c6:64:cc:4c:55:86:6c:34:8f:38:d4:
73:03:37:4f:84:71:79:0c:c1:98:80:82:0a:30:b3:db:80:23:
f5:58:b3:f7:90:5f:71:cf:86:5f:8e:73:fc:66:cc:19:99:82:
b5:4e:a1:84:a7:12:de:80:31:0f:fe:c6:11:a7:0a:8c:38:c1:
95:78:04:61:07:96:b6:da:dc:5f:18:72:34:7a:c6:67:69:a9:
b9:56:fb:6f:70:b8:2f:9c:35:5d:43:13:51:c6:30:cd:13:6f:
65:67:03:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn+EDgRwOg3P7ptGLpvbTS7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ODJhMTk3MzQwZDM1ODRlNmFjMTdjMWZiMmE5OTAwYWU0
ZjYwM2MwHhcNMjUxMDE5MjAwMTM5WhcNMjUxMDIwMjAwMTM5WjAzMTEwLwYDVQQD
Eyg5MWRiYzIyMWY3Zjk2NGIzZjkyYzQxODlmYTZiZGE0YjZiNGNkN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4A5GdS2cfShUarWDHyDrWbEQJL/s
rrKM9HF0p4T3L2XsOJrmizVXci/23FhzzGQkGfk+oFKSE1jwvuBGjzUVWDitcE7L
GuNv2mWcMCOulFlI2Z4DtkG5aHM7bl0dT15LuDPPRFEADMIH6cX3wZRKs0PctLuD
ovSIROP4WaBh1sHr5Rv8hfi5Btid1JTPBipPnSbMBGPIwGoSrpBiInVNzD8C3eVq
j6mvapU/z52Y+lq67fCvDzoYuoBZdflC8+ZunG6bdpcRxUpPgwZbc0LkqojQ33Ur
RoWqcXq5b25AgrQ7/CVcowMwv4LliMyRFxuwkm4Zs2LOTk7Ovile4ZsLBwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJHbwiH3+WSz+SxBifpr2ktrTNfcMB8GA1UdIwQY
MBaAFNiCoZc0DTWE5qwXwfsqmQCuT2A8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUt
YjA1YWU1Y2EyZDVlLzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS84NDFjNDMtMDI2OS00Mjg5LThmYTUtYjA1YWU1Y2EyZDVl
LzEvMklLaGx6UU5OWVRtckJmQi15cVpBSzVQWUR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWKjI9NO4
ePqzKqlLY6SmYuHt85/ZbNZZoPGgiuuuHtA4BTGgcxQAjoYOHDux3GlgL1EBeUT/
sHn66nMLeFOPYiolMRgxvnBWXMhaWlpoz/U2kGNr3OPGaEP2xCwomfT56rZDzhCj
GftUq+xXyC2ttdjqnYLa7/F97gG2sHvyMy4LXKIghILfs/storqlNJfohYvKnP9I
scZkzExVhmw0jzjUcwM3T4RxeQzBmICCCjCz24Aj9Viz95Bfcc+GX45z/GbMGZmC
tU6hhKcS3oAxD/7GEacKjDjBlXgEYQeWttrcXxhyNHrGZ2mpuVb7b3C4L5w1XUMT
UcYwzRNvZWcDxg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:45:09 2025 by rpki-client