Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
File: MXBn6Bphoh_cFIWY72ull1f6A4A.mft (raw, json)
Hash identifier: qtmJzmktp4tKaCPQsPuI0CcpMKWk0nT7fV0RB/y78oQ=
Subject key identifier: C3:1C:02:63:E7:A1:2C:5C:95:F5:95:12:7E:51:27:9D:EA:89:25:94
Authority key identifier: 31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
Certificate issuer: /CN=317067e81a61a21fdc148598ef6ba59757fa0380
Certificate serial: 019A00351BF569DD4C597AD8FC00AD1F3C4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
Manifest number: 096B
Signing time: Mon 20 Oct 2025 06:01:11 +0000
Manifest this update: Mon 20 Oct 2025 06:01:11 +0000
Manifest next update: Tue 21 Oct 2025 06:01:11 +0000
Files and hashes: 1: 1kHURLGCgDrhi9IHuZm9V5RPr7o.roa (hash: QOJumlfbHeKteqZFgdexa+53Le46L9xrcfm0BrIrj/w=)
2: MXBn6Bphoh_cFIWY72ull1f6A4A.crl (hash: cpqrX79UqJwEL6xO80S8Darg7xmGsAJnPnec6FXk9ds=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:35:1b:f5:69:dd:4c:59:7a:d8:fc:00:ad:1f:3c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=317067e81a61a21fdc148598ef6ba59757fa0380
Validity
Not Before: Oct 20 06:01:11 2025 GMT
Not After : Oct 21 06:01:11 2025 GMT
Subject: CN=c31c0263e7a12c5c95f595127e51279dea892594
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:42:ca:c0:af:47:6b:6b:26:3f:85:b5:d1:88:
49:95:c9:30:b7:23:ed:18:38:91:30:e2:1a:7b:40:
37:57:e3:f7:c1:cd:04:88:e8:92:9e:2d:5f:09:31:
f4:d2:38:ea:93:0a:84:0f:a5:d0:42:31:7e:95:af:
c6:0f:ea:e3:d8:2d:be:2e:4c:1b:31:cf:26:90:a0:
3d:00:ff:11:cb:4e:a9:4a:d3:10:f6:c9:f1:d0:ce:
e8:0f:48:3f:40:7b:39:43:86:b3:01:ec:d6:0c:98:
56:9c:8a:08:39:83:eb:76:4b:84:09:19:d2:03:90:
a9:e5:6b:5c:e2:d4:a8:b6:f1:c9:33:c2:a5:f2:cf:
a1:2c:a3:16:fd:c6:97:85:81:ff:17:2c:75:37:06:
0e:51:89:2f:0c:f1:9a:0c:12:8b:29:de:a7:fe:b6:
ec:7d:cd:6d:b9:28:7c:7f:8d:5f:8b:51:06:d7:54:
54:f2:a8:cf:9e:26:15:8a:76:06:67:b8:45:23:02:
ae:6d:9f:5a:3f:77:98:e3:36:87:c8:e1:bf:21:56:
33:7a:73:09:6c:5b:88:97:31:aa:07:d7:41:8f:0e:
67:b0:57:26:5e:69:f6:90:48:98:48:ef:68:3c:f1:
62:db:5b:5a:53:06:55:b6:25:fa:15:8f:c6:50:d7:
64:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:1C:02:63:E7:A1:2C:5C:95:F5:95:12:7E:51:27:9D:EA:89:25:94
X509v3 Authority Key Identifier:
keyid:31:70:67:E8:1A:61:A2:1F:DC:14:85:98:EF:6B:A5:97:57:FA:03:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MXBn6Bphoh_cFIWY72ull1f6A4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/58a4e1-dfc1-4d81-b2c6-216597e03f11/1/MXBn6Bphoh_cFIWY72ull1f6A4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:5f:d4:6f:1e:ba:70:e4:3e:ce:d8:de:9a:65:5c:74:bb:c6:
77:e3:6e:fa:03:d0:02:ca:0c:84:17:52:fd:ef:8d:57:d4:c3:
d5:ea:2d:69:73:23:88:5f:6e:1f:67:78:8e:4e:df:c0:72:b3:
bb:55:a1:36:af:c3:f3:ce:45:0e:30:04:75:24:81:d0:4a:ba:
25:c6:f9:7c:25:ea:8f:8b:73:d8:01:d4:e0:0d:bc:a2:96:8a:
a5:6d:11:7d:ac:1e:c6:fc:af:59:42:5f:d9:0e:cd:47:1d:e8:
2a:eb:17:de:72:b3:74:45:8f:c0:ce:52:32:6c:ec:2a:18:12:
a9:81:e0:1b:f0:c5:38:1f:81:36:cd:06:ec:eb:75:c9:70:70:
0d:26:9b:9f:7f:f7:52:1b:53:f3:c5:6c:07:d6:11:fa:27:bf:
22:d4:3d:a5:78:42:43:9f:56:e8:2c:8e:90:ec:6a:50:ee:2f:
9f:6f:36:23:f8:03:58:26:41:fb:26:ea:d9:f8:1a:30:c1:0d:
3f:b8:25:46:49:71:7a:16:96:8c:2f:66:f5:7c:e8:5b:b3:a5:
f9:6b:d1:85:36:d0:3d:8a:61:6f:6c:9e:1e:ee:df:87:57:16:
66:ef:6a:a9:00:a7:02:c6:4e:57:6e:66:ef:ac:73:9c:2a:76:
a1:24:ee:f7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoANRv1ad1MWXrY/ACtHzxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNzA2N2U4MWE2MWEyMWZkYzE0ODU5OGVmNmJhNTk3NTdm
YTAzODAwHhcNMjUxMDIwMDYwMTExWhcNMjUxMDIxMDYwMTExWjAzMTEwLwYDVQQD
EyhjMzFjMDI2M2U3YTEyYzVjOTVmNTk1MTI3ZTUxMjc5ZGVhODkyNTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3kLKwK9Ha2smP4W10YhJlckwtyPt
GDiRMOIae0A3V+P3wc0EiOiSni1fCTH00jjqkwqED6XQQjF+la/GD+rj2C2+Lkwb
Mc8mkKA9AP8Ry06pStMQ9snx0M7oD0g/QHs5Q4azAezWDJhWnIoIOYPrdkuECRnS
A5Cp5Wtc4tSotvHJM8Kl8s+hLKMW/caXhYH/Fyx1NwYOUYkvDPGaDBKLKd6n/rbs
fc1tuSh8f41fi1EG11RU8qjPniYVinYGZ7hFIwKubZ9aP3eY4zaHyOG/IVYzenMJ
bFuIlzGqB9dBjw5nsFcmXmn2kEiYSO9oPPFi21taUwZVtiX6FY/GUNdkhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMMcAmPnoSxclfWVEn5RJ53qiSWUMB8GA1UdIwQY
MBaAFDFwZ+gaYaIf3BSFmO9rpZdX+gOAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYt
MjE2NTk3ZTAzZjExLzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81OGE0ZTEtZGZjMS00ZDgxLWIyYzYtMjE2NTk3ZTAzZjEx
LzEvTVhCbjZCcGhvaF9jRklXWTcydWxsMWY2QTRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANl/Ubx66
cOQ+ztjemmVcdLvGd+Nu+gPQAsoMhBdS/e+NV9TD1eotaXMjiF9uH2d4jk7fwHKz
u1WhNq/D885FDjAEdSSB0Eq6Jcb5fCXqj4tz2AHU4A28opaKpW0RfawexvyvWUJf
2Q7NRx3oKusX3nKzdEWPwM5SMmzsKhgSqYHgG/DFOB+BNs0G7Ot1yXBwDSabn3/3
UhtT88VsB9YR+ie/ItQ9pXhCQ59W6CyOkOxqUO4vn282I/gDWCZB+ybq2fgaMMEN
P7glRklxehaWjC9m9XzoW7Ol+WvRhTbQPYphb2yeHu7fh1cWZu9qqQCnAsZOV25m
76xznCp2oSTu9w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:25:37 2025 by rpki-client