Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
File: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft (raw, json)
Hash identifier: QbcXs6AQW2sxBn2g11uI2f0JHeCY573exRYH6DQwtYg=
Subject key identifier: 90:B2:3C:0B:2F:A0:40:0F:7E:79:AE:74:94:D4:BA:AB:91:7F:14:6E
Authority key identifier: D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
Certificate issuer: /CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Certificate serial: 019A0147E449E393216B05876B0FEB64449F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
Manifest number: 16E3
Signing time: Mon 20 Oct 2025 11:01:19 +0000
Manifest this update: Mon 20 Oct 2025 11:01:19 +0000
Manifest next update: Tue 21 Oct 2025 11:01:19 +0000
Files and hashes: 1: 0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl (hash: 8nNUyblwElL8NZ4WC5UVbiEvAr24vX2nh3Zfu2FssLI=)
2: uFIkyOKWSzQfZzP96vWM093yaBY.roa (hash: TWsqJU2I8/yV3h8FtJmMbNc3AlR1EJP1BU5hPExE0mk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 11:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:47:e4:49:e3:93:21:6b:05:87:6b:0f:eb:64:44:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2702a3b27ce9bd04ddca28c21d9d0f5ff32a909
Validity
Not Before: Oct 20 11:01:19 2025 GMT
Not After : Oct 21 11:01:19 2025 GMT
Subject: CN=90b23c0b2fa0400f7e79ae7494d4baab917f146e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2a:ec:32:1e:0c:33:2a:06:6f:12:2c:4e:fb:
d8:24:7b:f5:ea:6f:41:3d:b4:3e:d3:b2:e2:45:c7:
43:49:2e:c8:57:29:fa:f8:d7:0b:31:9c:a8:29:17:
2a:25:21:62:32:30:22:56:e8:4d:19:bc:e6:47:cf:
23:39:ab:ec:7b:ca:c7:99:7a:33:23:45:32:fd:a4:
3d:85:f6:2c:07:45:ab:1c:8e:64:a2:f2:06:db:71:
7f:9d:ae:ca:f2:1b:9c:0d:89:b4:24:40:eb:48:b1:
db:d8:fa:57:f5:4f:f7:ea:c2:f3:9a:e8:28:35:02:
ea:25:cc:8b:f0:3c:7b:dc:d4:bd:35:5d:e3:02:38:
1f:b1:35:03:60:06:79:93:60:f4:8e:f0:d8:90:f8:
47:7c:74:a8:4f:21:3d:e5:ca:09:54:78:c6:ed:ac:
12:ae:a9:d7:c3:24:dd:f7:57:6a:fe:7c:9b:16:91:
2a:3f:af:3d:b0:3b:55:37:d5:d3:05:ca:81:b8:fe:
ac:aa:f4:0c:55:8e:e9:4b:8e:02:f5:a4:a7:0b:f2:
03:3d:19:50:b6:6e:e3:74:de:9f:c1:26:47:2c:8f:
f5:cb:55:3d:d7:2c:ae:92:c1:1f:47:54:ae:2c:02:
01:a2:97:b9:67:f7:30:1a:26:65:91:a3:62:cd:e9:
82:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B2:3C:0B:2F:A0:40:0F:7E:79:AE:74:94:D4:BA:AB:91:7F:14:6E
X509v3 Authority Key Identifier:
keyid:D2:70:2A:3B:27:CE:9B:D0:4D:DC:A2:8C:21:D9:D0:F5:FF:32:A9:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/49f528-e72f-4da7-902e-6975cadb2262/1/0nAqOyfOm9BN3KKMIdnQ9f8yqQk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:00:71:a8:9d:be:d4:03:eb:b6:04:b7:90:34:1e:c9:53:99:
0c:50:36:8f:6e:cd:93:e7:9a:09:47:18:33:ce:e5:40:d0:f8:
e3:1a:78:6f:25:df:f2:0f:1e:af:39:dd:c0:cc:f8:76:ad:b6:
08:b4:43:87:1e:0a:f5:1a:50:b8:0e:1d:55:56:8b:ed:c1:b1:
ac:ac:5b:cc:7f:75:a8:f9:32:af:73:93:bd:42:20:03:bb:8c:
f9:1b:8e:7d:68:0b:be:65:1a:e2:6e:58:75:79:1e:f2:da:ff:
b8:1b:e8:e1:e2:ea:32:0d:e5:05:07:7b:d7:ee:7e:c8:7b:ee:
2f:34:84:11:85:ff:13:c0:48:ec:3f:b5:ec:c2:71:fc:b8:bb:
85:90:74:49:e9:29:98:03:49:06:52:47:4f:df:52:fb:b2:7d:
64:0c:2c:4d:12:32:33:31:24:bd:77:68:50:60:80:4d:04:77:
83:94:2c:8d:08:10:65:fa:34:95:9b:70:46:2c:7d:54:a5:2b:
88:79:24:f9:3f:bc:b2:8d:20:9e:7d:15:f6:ca:02:4b:34:04:
45:ce:3d:1a:af:7a:d1:04:59:80:69:54:2d:fd:7c:48:e7:76:
f2:d8:3a:b4:9c:d0:92:81:9e:0e:76:76:09:6a:f9:71:a5:a8:
dd:8b:31:10
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoBR+RJ45MhawWHaw/rZESfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzAyYTNiMjdjZTliZDA0ZGRjYTI4YzIxZDlkMGY1ZmYz
MmE5MDkwHhcNMjUxMDIwMTEwMTE5WhcNMjUxMDIxMTEwMTE5WjAzMTEwLwYDVQQD
Eyg5MGIyM2MwYjJmYTA0MDBmN2U3OWFlNzQ5NGQ0YmFhYjkxN2YxNDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtirsMh4MMyoGbxIsTvvYJHv16m9B
PbQ+07LiRcdDSS7IVyn6+NcLMZyoKRcqJSFiMjAiVuhNGbzmR88jOavse8rHmXoz
I0Uy/aQ9hfYsB0WrHI5kovIG23F/na7K8hucDYm0JEDrSLHb2PpX9U/36sLzmugo
NQLqJcyL8Dx73NS9NV3jAjgfsTUDYAZ5k2D0jvDYkPhHfHSoTyE95coJVHjG7awS
rqnXwyTd91dq/nybFpEqP689sDtVN9XTBcqBuP6sqvQMVY7pS44C9aSnC/IDPRlQ
tm7jdN6fwSZHLI/1y1U91yyuksEfR1SuLAIBope5Z/cwGiZlkaNizemCWQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJCyPAsvoEAPfnmudJTUuquRfxRuMB8GA1UdIwQY
MBaAFNJwKjsnzpvQTdyijCHZ0PX/MqkJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUt
Njk3NWNhZGIyMjYyLzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi80OWY1MjgtZTcyZi00ZGE3LTkwMmUtNjk3NWNhZGIyMjYy
LzEvMG5BcU95Zk9tOUJOM0tLTUlkblE5Zjh5cVFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIQBxqJ2+
1APrtgS3kDQeyVOZDFA2j27Nk+eaCUcYM87lQND44xp4byXf8g8erzndwMz4dq22
CLRDhx4K9RpQuA4dVVaL7cGxrKxbzH91qPkyr3OTvUIgA7uM+RuOfWgLvmUa4m5Y
dXke8tr/uBvo4eLqMg3lBQd71+5+yHvuLzSEEYX/E8BI7D+17MJx/Li7hZB0Sekp
mANJBlJHT99S+7J9ZAwsTRIyMzEkvXdoUGCATQR3g5QsjQgQZfo0lZtwRix9VKUr
iHkk+T+8so0gnn0V9soCSzQERc49Gq960QRZgGlULf18SOd28tg6tJzQkoGeDnZ2
CWr5caWo3YsxEA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 19:04:27 2025 by rpki-client