Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
File: S2MqdYtZMJ6GEInWVTruBnprNT8.mft (raw, json)
Hash identifier: i3408XLvx8dM92h2mohuGRIGFyugMUIEgA60I3/zkKU=
Subject key identifier: 2E:95:5D:DC:EB:B5:7C:41:9D:2A:E5:3E:4C:5A:F9:3D:14:D9:B1:78
Authority key identifier: 4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F
Certificate issuer: /CN=4b632a758b59309e861089d6553aee067a6b353f
Certificate serial: 0199FF22EAED3CBAF1A7C8F707A0370B2590
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
Manifest number: 16E5
Signing time: Mon 20 Oct 2025 01:01:42 +0000
Manifest this update: Mon 20 Oct 2025 01:01:42 +0000
Manifest next update: Tue 21 Oct 2025 01:01:42 +0000
Files and hashes: 1: BFmKhRFnCi2AJyutOk-Yxml708c.roa (hash: 30fgE+QkDlz/nOmXI9WzL3BXCW8rLDMyhnps4H9jCSs=)
2: S2MqdYtZMJ6GEInWVTruBnprNT8.crl (hash: pyvvQ5e5XgAwNbIjj0TceePvWN6XH0GU5M3Zph9irPc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:ea:ed:3c:ba:f1:a7:c8:f7:07:a0:37:0b:25:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b632a758b59309e861089d6553aee067a6b353f
Validity
Not Before: Oct 20 01:01:42 2025 GMT
Not After : Oct 21 01:01:42 2025 GMT
Subject: CN=2e955ddcebb57c419d2ae53e4c5af93d14d9b178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b9:c6:59:27:df:8b:56:ee:ba:23:ab:2a:dc:
83:63:13:d2:c1:4c:3a:ca:05:cb:97:6d:d2:af:b7:
95:91:50:d2:2e:e1:c7:bd:60:05:1e:20:55:4d:76:
38:dc:df:33:7f:8a:2a:af:41:5f:34:67:5b:2c:80:
e4:d8:1d:14:c9:c9:d2:d5:d2:d5:22:4e:72:1f:77:
1b:fe:a6:4d:7b:fa:34:d4:83:76:2c:9c:d4:d4:2d:
3b:9b:65:9d:f9:3d:6b:58:cf:63:fe:f7:57:ea:76:
e1:ac:a3:69:69:f5:39:88:4e:b0:d1:a0:89:66:81:
b5:fa:3e:25:46:18:ce:94:6c:52:f7:1a:58:47:ca:
68:af:b8:34:84:67:a2:4e:59:9d:3c:0a:b4:6d:1a:
33:34:16:51:4c:cf:c5:56:db:8a:2d:2f:94:27:e5:
43:01:a1:4a:b4:98:ee:63:36:4d:1f:74:bd:fd:95:
2c:f8:65:97:04:87:af:f2:fc:7d:ba:4e:71:ba:10:
ef:e0:4e:7c:aa:5a:16:e1:ca:a8:72:14:eb:ec:6b:
4e:98:bd:81:0a:1d:52:6a:c8:f5:be:fb:31:a2:c3:
00:d7:3c:48:9b:c3:50:f3:9b:b0:78:85:eb:f8:3a:
68:6e:ec:85:ef:58:4b:1e:bf:c0:40:eb:67:28:3a:
96:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:95:5D:DC:EB:B5:7C:41:9D:2A:E5:3E:4C:5A:F9:3D:14:D9:B1:78
X509v3 Authority Key Identifier:
keyid:4B:63:2A:75:8B:59:30:9E:86:10:89:D6:55:3A:EE:06:7A:6B:35:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2MqdYtZMJ6GEInWVTruBnprNT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/213a95-aacf-40a9-9753-94c0b0b76029/1/S2MqdYtZMJ6GEInWVTruBnprNT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
90:4f:d9:dd:6b:0c:5f:0f:ea:19:ed:36:27:b9:80:9e:31:0e:
8f:4e:8c:56:53:30:3c:b3:9a:79:a7:7b:56:6a:3e:56:08:54:
4b:06:de:d5:23:93:cb:0a:fe:40:29:54:b2:de:01:34:0f:84:
78:36:f0:d3:10:d4:b5:88:8e:82:c2:a5:fc:02:01:7c:f9:e4:
ef:32:ee:db:66:49:85:e1:b9:59:d1:e2:f2:47:c5:ef:6d:85:
be:09:f2:ae:3c:a0:f0:b3:d4:78:e2:29:b2:68:5b:01:72:db:
70:6c:db:f9:5d:df:c9:4a:1c:81:bf:45:06:cf:0d:3f:f5:59:
8b:39:fb:31:5e:2b:14:37:21:d6:81:4c:48:8e:d8:a9:0a:05:
8c:c9:e6:3c:08:e6:94:78:a6:cf:80:c6:5b:53:68:dc:ce:64:
69:cd:77:38:d8:c5:a4:8f:6b:75:11:c1:14:20:f4:ef:b5:da:
a7:e8:ca:f0:07:a1:02:7e:04:93:61:1a:86:c8:6d:47:eb:32:
f6:d9:31:91:f8:10:2b:7b:9f:41:7f:fc:5a:92:e7:71:e8:13:
29:73:fd:7f:c1:8c:e3:2a:e4:95:a2:d9:a0:7b:57:bf:d9:c3:
86:b0:ac:ed:ce:06:c3:08:06:a8:62:64:3a:4c:0b:54:c5:c9:
a4:2b:7c:c3
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/IurtPLrxp8j3B6A3CyWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjMyYTc1OGI1OTMwOWU4NjEwODlkNjU1M2FlZTA2N2E2
YjM1M2YwHhcNMjUxMDIwMDEwMTQyWhcNMjUxMDIxMDEwMTQyWjAzMTEwLwYDVQQD
EygyZTk1NWRkY2ViYjU3YzQxOWQyYWU1M2U0YzVhZjkzZDE0ZDliMTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7nGWSffi1buuiOrKtyDYxPSwUw6
ygXLl23Sr7eVkVDSLuHHvWAFHiBVTXY43N8zf4oqr0FfNGdbLIDk2B0UycnS1dLV
Ik5yH3cb/qZNe/o01IN2LJzU1C07m2Wd+T1rWM9j/vdX6nbhrKNpafU5iE6w0aCJ
ZoG1+j4lRhjOlGxS9xpYR8por7g0hGeiTlmdPAq0bRozNBZRTM/FVtuKLS+UJ+VD
AaFKtJjuYzZNH3S9/ZUs+GWXBIev8vx9uk5xuhDv4E58qloW4cqochTr7GtOmL2B
Ch1Sasj1vvsxosMA1zxIm8NQ85uweIXr+DpobuyF71hLHr/AQOtnKDqWGwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFC6VXdzrtXxBnSrlPkxa+T0U2bF4MB8GA1UdIwQY
MBaAFEtjKnWLWTCehhCJ1lU67gZ6azU/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMt
OTRjMGIwYjc2MDI5LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS8yMTNhOTUtYWFjZi00MGE5LTk3NTMtOTRjMGIwYjc2MDI5
LzEvUzJNcWRZdFpNSjZHRUluV1ZUcnVCbnByTlQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkE/Z3WsM
Xw/qGe02J7mAnjEOj06MVlMwPLOaead7Vmo+VghUSwbe1SOTywr+QClUst4BNA+E
eDbw0xDUtYiOgsKl/AIBfPnk7zLu22ZJheG5WdHi8kfF722Fvgnyrjyg8LPUeOIp
smhbAXLbcGzb+V3fyUocgb9FBs8NP/VZizn7MV4rFDch1oFMSI7YqQoFjMnmPAjm
lHimz4DGW1No3M5kac13ONjFpI9rdRHBFCD077Xap+jK8AehAn4Ek2EahshtR+sy
9tkxkfgQK3ufQX/8WpLncegTKXP9f8GM4yrklaLZoHtXv9nDhrCs7c4GwwgGqGJk
OkwLVMXJpCt8ww==
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:23:07 2025 by rpki-client