Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
File: 2pxnKeHomJmE3YAtGpDonOL-Nzw.mft (raw, json)
Hash identifier: 9gELKfEEG/StjlVtgq43xmzYs6Vj/I+N7/RESRnpUSs=
Subject key identifier: EE:AA:B7:10:31:3C:0A:7A:98:E3:94:CA:80:E5:20:6E:00:70:98:E7
Authority key identifier: DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
Certificate issuer: /CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Certificate serial: 019A00D9F623E05EF5786C8D8FE035D867E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
Manifest number: 16E4
Signing time: Mon 20 Oct 2025 09:01:15 +0000
Manifest this update: Mon 20 Oct 2025 09:01:15 +0000
Manifest next update: Tue 21 Oct 2025 09:01:15 +0000
Files and hashes: 1: 24_mmtOlkG05yQ7mb26MLLzNTPk.roa (hash: NN9FJFjMrEoXgY4DCGNqxgbjsbFf0mQojMZSGAkFQFg=)
2: 2pxnKeHomJmE3YAtGpDonOL-Nzw.crl (hash: UXbCGlvJmnd4AXgl97tLnAtns1Id2n3nuh8FsJxSzVQ=)
3: bhkCmw6Utz1WDIi1a3ZQnDXW25w.roa (hash: vuvSrc/xAi8bu4mOjDMbPo9yb6kp8ev2fK1dkeS76Yo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:d9:f6:23:e0:5e:f5:78:6c:8d:8f:e0:35:d8:67:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da9c6729e1e8989984dd802d1a90e89ce2fe373c
Validity
Not Before: Oct 20 09:01:15 2025 GMT
Not After : Oct 21 09:01:15 2025 GMT
Subject: CN=eeaab710313c0a7a98e394ca80e5206e007098e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b2:b5:96:cd:71:a5:bf:f2:6c:38:a9:ca:8c:
97:5c:ff:df:d4:ea:84:6f:b3:61:e0:29:c5:c4:c3:
83:99:71:2b:8a:d3:9a:38:57:27:0e:ed:de:ec:94:
82:49:98:4b:bc:2d:86:72:c1:13:eb:37:44:5a:63:
26:64:9b:cc:de:73:e6:e8:56:c4:7a:f7:ec:de:7d:
ca:ba:fc:a4:11:35:d8:56:eb:92:18:f2:2b:d1:f2:
7e:e8:05:ba:64:76:02:91:22:d0:13:b3:1b:ca:26:
b2:90:d1:61:bf:95:43:32:d7:34:69:a2:c3:5f:65:
62:c9:e7:bf:4d:9a:00:98:f2:7a:33:46:77:7f:4d:
5e:ee:a6:06:04:5b:ad:6e:94:56:33:7c:e2:8a:be:
4b:0c:8f:c5:04:20:90:bb:e7:71:1a:b8:ab:63:46:
93:fa:93:38:3e:37:66:29:b1:be:1e:af:43:c4:8e:
8a:d8:8c:a9:c1:15:59:65:21:06:24:61:61:c3:3c:
27:04:09:ae:87:1f:0d:1a:bc:6f:5b:46:5f:f7:11:
db:7c:25:eb:38:28:ca:30:91:7c:d0:b0:fb:4d:45:
fc:53:22:79:85:f6:30:f7:ac:4f:09:68:98:32:97:
56:21:e7:62:0d:e1:ce:95:47:3f:94:fd:bb:b9:af:
30:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:AA:B7:10:31:3C:0A:7A:98:E3:94:CA:80:E5:20:6E:00:70:98:E7
X509v3 Authority Key Identifier:
keyid:DA:9C:67:29:E1:E8:98:99:84:DD:80:2D:1A:90:E8:9C:E2:FE:37:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2pxnKeHomJmE3YAtGpDonOL-Nzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/755c55-c4f5-4cb7-871d-69c68e2ef27d/1/2pxnKeHomJmE3YAtGpDonOL-Nzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
89:7e:8e:59:71:0b:a3:bb:9d:9f:46:6f:3b:f8:50:04:5a:de:
73:c0:c6:c3:23:35:d9:8b:3f:51:7b:c5:05:e8:1b:d3:2e:04:
64:a2:16:d0:50:93:bd:29:2d:44:a3:50:12:46:8b:52:c3:c1:
f4:88:3e:f3:f7:36:de:56:71:2f:b4:3d:66:1e:fd:98:5a:39:
94:e7:57:6c:65:0f:53:a6:54:36:24:95:2a:88:93:6d:80:96:
0e:38:b1:8f:38:30:d2:79:81:c7:39:bb:97:9a:20:86:a2:ef:
ba:94:5a:fa:15:a5:5e:5f:76:31:56:c8:de:e0:49:37:a0:77:
a4:11:27:13:77:db:45:20:3f:fd:31:f5:ce:6a:43:ee:f9:c5:
b8:32:ea:f5:10:1c:9b:c7:62:bd:92:ce:79:02:f6:6b:d7:ba:
9d:47:c7:8d:cf:13:21:ad:71:d3:df:45:6a:a3:17:d3:99:7b:
8b:1b:cf:41:89:55:90:7a:82:f3:5b:00:e4:f7:3b:df:70:51:
24:07:9e:b4:b4:58:cb:92:7e:ee:6e:3a:30:f7:74:a4:e1:2f:
2b:c8:51:78:01:ca:71:1b:47:40:0c:81:34:46:14:50:a7:93:
f0:f1:8a:88:a7:a3:41:3f:e5:8b:7e:5b:86:dc:96:1a:86:2f:
2f:12:8c:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2fYj4F71eGyNj+A12GfkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOWM2NzI5ZTFlODk4OTk4NGRkODAyZDFhOTBlODljZTJm
ZTM3M2MwHhcNMjUxMDIwMDkwMTE1WhcNMjUxMDIxMDkwMTE1WjAzMTEwLwYDVQQD
EyhlZWFhYjcxMDMxM2MwYTdhOThlMzk0Y2E4MGU1MjA2ZTAwNzA5OGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrK1ls1xpb/ybDipyoyXXP/f1OqE
b7Nh4CnFxMODmXEritOaOFcnDu3e7JSCSZhLvC2GcsET6zdEWmMmZJvM3nPm6FbE
evfs3n3KuvykETXYVuuSGPIr0fJ+6AW6ZHYCkSLQE7MbyiaykNFhv5VDMtc0aaLD
X2Viyee/TZoAmPJ6M0Z3f01e7qYGBFutbpRWM3ziir5LDI/FBCCQu+dxGrirY0aT
+pM4PjdmKbG+Hq9DxI6K2IypwRVZZSEGJGFhwzwnBAmuhx8NGrxvW0Zf9xHbfCXr
OCjKMJF80LD7TUX8UyJ5hfYw96xPCWiYMpdWIediDeHOlUc/lP27ua8wVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFO6qtxAxPAp6mOOUyoDlIG4AcJjnMB8GA1UdIwQY
MBaAFNqcZynh6JiZhN2ALRqQ6Jzi/jc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQt
NjljNjhlMmVmMjdkLzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC83NTVjNTUtYzRmNS00Y2I3LTg3MWQtNjljNjhlMmVmMjdk
LzEvMnB4bktlSG9tSm1FM1lBdEdwRG9uT0wtTnp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiX6OWXEL
o7udn0ZvO/hQBFrec8DGwyM12Ys/UXvFBegb0y4EZKIW0FCTvSktRKNQEkaLUsPB
9Ig+8/c23lZxL7Q9Zh79mFo5lOdXbGUPU6ZUNiSVKoiTbYCWDjixjzgw0nmBxzm7
l5oghqLvupRa+hWlXl92MVbI3uBJN6B3pBEnE3fbRSA//TH1zmpD7vnFuDLq9RAc
m8divZLOeQL2a9e6nUfHjc8TIa1x099FaqMX05l7ixvPQYlVkHqC81sA5Pc733BR
JAeetLRYy5J+7m46MPd0pOEvK8hReAHKcRtHQAyBNEYUUKeT8PGKiKejQT/li35b
htyWGoYvLxKMFg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:40:47 2025 by rpki-client