Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft
File: _2szYaGioA284xkBmCf-u3Fb0EQ.mft (raw, json)
Hash identifier: CckZH5LnJMsHXhm4nl8Ik79dJKJlb22SU2YCPb224i8=
Subject key identifier: EA:19:24:9B:41:5A:22:10:E7:7A:6E:59:63:38:E6:AB:26:34:50:9F
Authority key identifier: FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44
Certificate issuer: /CN=ff6b3361a1a2a00dbce319019827febb715bd044
Certificate serial: 019A006C087E226826B7E3DDB8AC6F0AB3FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft
Manifest number: 1647
Signing time: Mon 20 Oct 2025 07:01:11 +0000
Manifest this update: Mon 20 Oct 2025 07:01:11 +0000
Manifest next update: Tue 21 Oct 2025 07:01:11 +0000
Files and hashes: 1: WWNEma98vqvt3aWub4KvZrisRPY.roa (hash: 8ej/FxtmoHvT2+4JYPncO9OF+5JwUWMEm2sRynTw/0U=)
2: _2szYaGioA284xkBmCf-u3Fb0EQ.crl (hash: ScZ4hsvfnVVnSN5irCwRPDxM/nL1rcL1o+/9zZUH1zQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6c:08:7e:22:68:26:b7:e3:dd:b8:ac:6f:0a:b3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff6b3361a1a2a00dbce319019827febb715bd044
Validity
Not Before: Oct 20 07:01:11 2025 GMT
Not After : Oct 21 07:01:11 2025 GMT
Subject: CN=ea19249b415a2210e77a6e596338e6ab2634509f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:2c:ab:d4:59:1b:2e:e5:88:a2:e0:86:e4:d7:
af:ff:43:36:99:fb:5d:80:88:aa:c4:fc:3c:59:4e:
20:35:87:f5:b4:81:b5:93:12:e0:a8:53:f3:37:2a:
ab:9b:f8:75:90:0d:4d:66:bb:0b:d0:94:3b:ac:8e:
e1:0f:61:7a:b3:11:ff:01:57:2f:35:43:77:f0:1b:
51:d0:a5:26:91:fb:5c:1e:b0:f7:8b:53:cd:da:d2:
e9:5e:29:2a:59:15:d2:1d:78:b8:c6:38:30:df:81:
c1:51:8e:8a:c2:b8:38:3e:27:3c:84:ba:da:60:ac:
ae:f6:10:5f:55:fb:b6:32:9c:01:8b:b4:5d:ff:93:
94:20:05:43:81:8e:6c:da:36:7e:c9:a0:08:44:cb:
e7:a9:c6:14:ef:f4:a4:4a:04:85:52:5b:8d:fd:24:
96:be:fb:08:04:05:cf:4c:0b:84:dc:0e:1d:ac:a3:
31:ab:94:b8:8b:c9:7a:4a:02:c9:65:7b:c7:9c:ec:
d1:d7:51:7a:5a:55:46:bc:e5:f6:45:e2:e4:5d:9d:
a9:26:2d:41:10:d2:ab:b7:24:36:57:03:65:99:58:
16:ee:47:92:3f:66:ce:e5:3a:ea:3c:12:cc:ad:fe:
90:da:ef:e5:f3:24:e7:9c:3f:1c:21:50:f7:0e:9b:
d5:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:19:24:9B:41:5A:22:10:E7:7A:6E:59:63:38:E6:AB:26:34:50:9F
X509v3 Authority Key Identifier:
keyid:FF:6B:33:61:A1:A2:A0:0D:BC:E3:19:01:98:27:FE:BB:71:5B:D0:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2szYaGioA284xkBmCf-u3Fb0EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/96f9a0-8746-4b32-83ee-f62320951a36/1/_2szYaGioA284xkBmCf-u3Fb0EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3f:c4:0e:7d:3a:bc:01:ae:05:db:e7:53:48:c3:6a:d4:9c:ba:
77:5c:3a:5a:b0:39:c4:fd:b1:e8:fa:62:74:12:52:3f:e9:75:
2e:19:99:bc:1f:63:1f:a4:9f:e2:53:8e:f2:a1:1f:5b:2b:0a:
ab:8c:dc:8a:8f:61:0a:34:ce:84:4d:a4:f1:da:8b:47:0a:bb:
76:d1:5e:0c:71:09:0d:fa:47:70:04:b3:74:a6:66:39:72:31:
06:a1:dd:43:57:7e:8b:f8:69:43:3e:1b:ae:ce:83:8c:63:28:
ce:ce:07:8b:bd:99:9c:9b:4e:99:7e:4a:33:0b:e4:91:f5:9b:
dc:37:39:5a:a1:6e:be:25:2c:d7:61:b5:f0:81:6f:ce:8f:1c:
21:a0:16:45:b2:2b:ef:dc:fc:ac:2e:84:3c:6a:7f:c9:28:6c:
57:8e:1c:87:02:56:90:c7:fd:b6:d8:64:40:22:0c:9d:55:80:
42:62:9e:d7:c9:47:a4:e2:a4:83:41:b5:98:fd:90:91:02:9f:
c4:65:1b:41:f7:b6:a4:6a:4d:79:2f:87:da:22:b7:4d:40:f0:
6a:8b:25:ac:0c:2f:ac:ff:5d:e6:71:58:59:3d:99:89:f9:60:
ee:0b:5a:2d:c8:18:1c:92:64:b3:a0:33:6a:55:f8:9b:96:f6:
6d:5e:52:9a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAbAh+Imgmt+PduKxvCrP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNmIzMzYxYTFhMmEwMGRiY2UzMTkwMTk4MjdmZWJiNzE1
YmQwNDQwHhcNMjUxMDIwMDcwMTExWhcNMjUxMDIxMDcwMTExWjAzMTEwLwYDVQQD
EyhlYTE5MjQ5YjQxNWEyMjEwZTc3YTZlNTk2MzM4ZTZhYjI2MzQ1MDlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Cyr1FkbLuWIouCG5Nev/0M2mftd
gIiqxPw8WU4gNYf1tIG1kxLgqFPzNyqrm/h1kA1NZrsL0JQ7rI7hD2F6sxH/AVcv
NUN38BtR0KUmkftcHrD3i1PN2tLpXikqWRXSHXi4xjgw34HBUY6Kwrg4Pic8hLra
YKyu9hBfVfu2MpwBi7Rd/5OUIAVDgY5s2jZ+yaAIRMvnqcYU7/SkSgSFUluN/SSW
vvsIBAXPTAuE3A4drKMxq5S4i8l6SgLJZXvHnOzR11F6WlVGvOX2ReLkXZ2pJi1B
ENKrtyQ2VwNlmVgW7keSP2bO5TrqPBLMrf6Q2u/l8yTnnD8cIVD3DpvVhQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOoZJJtBWiIQ53puWWM45qsmNFCfMB8GA1UdIwQY
MBaAFP9rM2GhoqANvOMZAZgn/rtxW9BEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUt
ZjYyMzIwOTUxYTM2LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85NmY5YTAtODc0Ni00YjMyLTgzZWUtZjYyMzIwOTUxYTM2
LzEvXzJzellhR2lvQTI4NHhrQm1DZi11M0ZiMEVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP8QOfTq8
Aa4F2+dTSMNq1Jy6d1w6WrA5xP2x6PpidBJSP+l1LhmZvB9jH6Sf4lOO8qEfWysK
q4zcio9hCjTOhE2k8dqLRwq7dtFeDHEJDfpHcASzdKZmOXIxBqHdQ1d+i/hpQz4b
rs6DjGMozs4Hi72ZnJtOmX5KMwvkkfWb3Dc5WqFuviUs12G18IFvzo8cIaAWRbIr
79z8rC6EPGp/yShsV44chwJWkMf9tthkQCIMnVWAQmKe18lHpOKkg0G1mP2QkQKf
xGUbQfe2pGpNeS+H2iK3TUDwaoslrAwvrP9d5nFYWT2Ziflg7gtaLcgYHJJks6Az
alX4m5b2bV5Smg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:23:57 2025 by rpki-client