Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
File: 2f-H9S43t2bsv0s_nLJlWN0wiCA.mft (raw, json)
Hash identifier: YcmJcBUcySiZFHlbsg5ZPQBqx44kQdH3T1DhiNIduxA=
Subject key identifier: 64:3B:64:E6:09:A5:E3:55:B3:36:B7:3D:B7:6C:20:85:2A:5F:21:D2
Authority key identifier: D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
Certificate issuer: /CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Certificate serial: 019A00DA177EFBCADE3A882729A437071E8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
Manifest number: 0CB3
Signing time: Mon 20 Oct 2025 09:01:24 +0000
Manifest this update: Mon 20 Oct 2025 09:01:24 +0000
Manifest next update: Tue 21 Oct 2025 09:01:24 +0000
Files and hashes: 1: 2f-H9S43t2bsv0s_nLJlWN0wiCA.crl (hash: tCEwi8XiTDizHl/gRaMgdvieVxBJ7Y70nS3F41ZPLlk=)
2: nyss7FejNtDGTUXRBz8EpK-bUtQ.roa (hash: 1YbJTbv2jhWedSFo8tfV4w9Efzyk/as9DY0FQwn+kas=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:da:17:7e:fb:ca:de:3a:88:27:29:a4:37:07:1e:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9ff87f52e37b766ecbf4b3f9cb26558dd308820
Validity
Not Before: Oct 20 09:01:24 2025 GMT
Not After : Oct 21 09:01:24 2025 GMT
Subject: CN=643b64e609a5e355b336b73db76c20852a5f21d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3d:0f:c3:0f:87:a3:d2:30:7f:ed:74:54:50:
e9:8f:c3:76:64:dc:0a:f5:97:63:e6:a8:bd:81:4b:
2c:33:1b:bf:d8:dd:f4:ab:ff:f7:8e:cd:c3:77:82:
78:e2:e9:8e:9d:67:4f:96:3b:d8:31:57:bd:ef:4e:
d0:b4:67:22:ac:4a:80:ad:83:25:0a:8e:95:97:3e:
40:31:c3:cf:52:56:e5:da:5d:79:aa:9c:22:6f:53:
e5:4e:95:55:5a:0a:30:1e:87:45:d8:da:73:a6:50:
ac:d0:2b:8c:d0:68:20:37:1b:3e:07:a0:ea:09:e3:
49:f3:e8:be:ad:20:87:d5:e7:27:ee:42:f3:32:c4:
d9:67:14:df:5d:97:f9:57:a7:cc:63:d1:74:03:1d:
36:bc:71:30:2c:16:41:71:67:52:9b:e5:97:39:f7:
bc:d5:80:2e:6c:74:94:4b:e1:39:16:e6:3c:b2:b6:
5e:fa:e3:30:c6:2a:84:85:1e:96:c8:81:87:53:0f:
2d:d9:39:fb:bc:74:c7:dd:0a:c1:ff:50:35:3d:c8:
27:cc:e4:a2:a0:e5:c9:5a:58:7d:77:5f:d8:15:ce:
04:3f:40:fa:f2:a9:8f:bd:bd:0d:66:fb:93:f3:8b:
2a:58:7f:ff:49:c3:29:f5:1e:88:8b:b3:16:68:07:
b0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3B:64:E6:09:A5:E3:55:B3:36:B7:3D:B7:6C:20:85:2A:5F:21:D2
X509v3 Authority Key Identifier:
keyid:D9:FF:87:F5:2E:37:B7:66:EC:BF:4B:3F:9C:B2:65:58:DD:30:88:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f-H9S43t2bsv0s_nLJlWN0wiCA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/e2aad8-e212-4828-a5fc-1e7300ccda36/1/2f-H9S43t2bsv0s_nLJlWN0wiCA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
ac:6b:56:3d:91:09:29:59:b4:d9:f9:1f:ac:46:e3:cb:e4:e3:
24:67:89:ef:61:0b:d2:7e:54:07:90:25:52:98:9b:b3:e5:55:
fe:f8:a2:08:80:cc:84:8a:d8:ac:e6:39:1c:d4:64:1a:97:99:
ff:c9:c0:7d:2a:86:d3:f7:81:3f:3d:d4:66:72:60:bc:4c:85:
87:0e:b4:db:7d:27:b9:69:9c:e6:18:61:ad:29:2a:a9:ce:33:
b3:54:40:f3:83:e4:0c:49:0a:43:71:9a:9d:57:4a:e9:f7:0f:
9f:1f:b6:a8:bd:0f:4d:20:3b:8b:5a:a5:9b:1c:2a:d6:4d:c5:
da:ac:0c:3a:79:9f:f8:bc:31:71:de:3f:4d:39:28:da:a8:bf:
87:fc:16:73:29:28:bc:0d:92:09:7f:d5:f7:74:72:70:e7:1f:
5f:96:c8:67:46:8d:80:54:de:63:ad:d1:cd:b8:ed:55:89:3a:
63:e6:ff:83:2d:26:c4:cf:5c:1e:d1:08:23:d6:31:60:94:19:
72:46:6f:8b:26:76:db:b4:6e:ff:09:cc:37:80:64:97:59:d5:
2b:25:2d:a7:19:52:47:74:48:2a:05:b7:aa:fb:be:56:da:16:
28:b3:11:1a:5b:9f:c2:6f:e6:d4:30:4d:99:03:43:96:d6:06:
29:6b:40:37
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2hd++8reOognKaQ3Bx6PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZmY4N2Y1MmUzN2I3NjZlY2JmNGIzZjljYjI2NTU4ZGQz
MDg4MjAwHhcNMjUxMDIwMDkwMTI0WhcNMjUxMDIxMDkwMTI0WjAzMTEwLwYDVQQD
Eyg2NDNiNjRlNjA5YTVlMzU1YjMzNmI3M2RiNzZjMjA4NTJhNWYyMWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyD0Pww+Ho9Iwf+10VFDpj8N2ZNwK
9Zdj5qi9gUssMxu/2N30q//3js3Dd4J44umOnWdPljvYMVe9707QtGcirEqArYMl
Co6Vlz5AMcPPUlbl2l15qpwib1PlTpVVWgowHodF2NpzplCs0CuM0GggNxs+B6Dq
CeNJ8+i+rSCH1ecn7kLzMsTZZxTfXZf5V6fMY9F0Ax02vHEwLBZBcWdSm+WXOfe8
1YAubHSUS+E5FuY8srZe+uMwxiqEhR6WyIGHUw8t2Tn7vHTH3QrB/1A1PcgnzOSi
oOXJWlh9d1/YFc4EP0D68qmPvb0NZvuT84sqWH//ScMp9R6Ii7MWaAew+wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGQ7ZOYJpeNVsza3PbdsIIUqXyHSMB8GA1UdIwQY
MBaAFNn/h/UuN7dm7L9LP5yyZVjdMIggMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMt
MWU3MzAwY2NkYTM2LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lMmFhZDgtZTIxMi00ODI4LWE1ZmMtMWU3MzAwY2NkYTM2
LzEvMmYtSDlTNDN0MmJzdjBzX25MSmxXTjB3aUNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArGtWPZEJ
KVm02fkfrEbjy+TjJGeJ72EL0n5UB5AlUpibs+VV/viiCIDMhIrYrOY5HNRkGpeZ
/8nAfSqG0/eBPz3UZnJgvEyFhw60230nuWmc5hhhrSkqqc4zs1RA84PkDEkKQ3Ga
nVdK6fcPnx+2qL0PTSA7i1qlmxwq1k3F2qwMOnmf+Lwxcd4/TTko2qi/h/wWcyko
vA2SCX/V93RycOcfX5bIZ0aNgFTeY63RzbjtVYk6Y+b/gy0mxM9cHtEII9YxYJQZ
ckZviyZ227Ru/wnMN4Bkl1nVKyUtpxlSR3RIKgW3qvu+VtoWKLMRGlufwm/m1DBN
mQNDltYGKWtANw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:09:04 2025 by rpki-client