Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
File: 2O6Q00LYZepn8rDS-3TAOfg-Skg.mft (raw, json)
Hash identifier: 453Tjrv8a308YSgYCS9K7T5xokwoVbr6Nl5kuxq0Z2I=
Subject key identifier: D1:13:B8:E0:10:9C:97:63:E7:9F:CC:3C:FB:82:FE:BE:03:43:C9:46
Authority key identifier: D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
Certificate issuer: /CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Certificate serial: 0199FBEBADD1AC6D081BC263387EEA99BBCA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
Manifest number: 0404
Signing time: Sun 19 Oct 2025 10:02:30 +0000
Manifest this update: Sun 19 Oct 2025 10:02:30 +0000
Manifest next update: Mon 20 Oct 2025 10:02:30 +0000
Files and hashes: 1: 1vvIkvJGRy621vVPsoLS7KLp9WQ.roa (hash: AaLmkGEE5WFi/MsCmNoVGVjYg2GotUKYwJ8yvjW+a60=)
2: 2O6Q00LYZepn8rDS-3TAOfg-Skg.crl (hash: IIEeezY38raMhp2UMtyBZOfTkQ2ONxjuvw/HBORfPwg=)
3: KLjjQzFk9GYkvqPEoe40SA-mXbg.roa (hash: 2jEymy+mMO9pWyCpodUhIwEZFiuwLfDEfoelvtg+xqA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:eb:ad:d1:ac:6d:08:1b:c2:63:38:7e:ea:99:bb:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ee90d342d865ea67f2b0d2fb74c039f83e4a48
Validity
Not Before: Oct 19 10:02:30 2025 GMT
Not After : Oct 20 10:02:30 2025 GMT
Subject: CN=d113b8e0109c9763e79fcc3cfb82febe0343c946
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a6:2f:fb:03:13:37:fd:4a:7d:97:6b:f4:0c:
df:de:dd:40:7a:73:1e:37:3b:15:b7:d0:6d:89:e7:
e7:d8:11:97:a4:1f:d5:56:e6:bd:57:d8:42:4f:93:
96:bc:59:11:d1:29:5e:68:4f:65:f4:ee:15:a6:4b:
67:57:b1:80:69:ec:5b:ab:92:e1:53:18:6b:12:8d:
ff:7c:08:b9:8b:92:28:8c:63:c6:f9:20:24:d5:b8:
8b:b4:df:47:59:f9:34:46:ed:f9:b8:82:d2:19:12:
07:72:8f:1b:d1:16:52:f4:51:d0:39:98:71:34:51:
67:76:71:6e:58:c6:2d:1f:ae:93:75:2e:bc:89:19:
6c:59:2d:4c:b9:eb:7e:5f:09:07:92:dd:c1:ad:20:
c6:37:fd:79:9a:38:27:d8:fb:4d:b9:09:92:6f:fa:
2d:fe:31:36:23:63:1f:6c:e7:34:66:47:65:4a:ed:
1f:fa:7e:2c:68:87:36:c5:7a:c7:b0:4f:71:86:24:
73:a3:14:3b:6c:36:c8:21:2c:19:d3:1f:08:fb:ad:
39:e0:76:7f:54:b8:a4:a3:41:94:d1:e4:b5:ea:e7:
e8:cd:93:51:75:04:29:93:28:32:08:ad:a2:ae:a0:
c6:fe:6a:2c:af:ff:45:63:77:fe:a9:30:25:4c:18:
d4:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:13:B8:E0:10:9C:97:63:E7:9F:CC:3C:FB:82:FE:BE:03:43:C9:46
X509v3 Authority Key Identifier:
keyid:D8:EE:90:D3:42:D8:65:EA:67:F2:B0:D2:FB:74:C0:39:F8:3E:4A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2O6Q00LYZepn8rDS-3TAOfg-Skg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/cf5c10-2131-4116-b6f9-510525c4744c/1/2O6Q00LYZepn8rDS-3TAOfg-Skg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0e:8a:1b:bf:cd:9e:08:8d:f8:b1:a8:04:f2:cc:af:de:b5:ef:
de:36:da:02:4c:73:db:7e:7f:a7:d6:36:fe:03:56:7e:8b:b8:
8c:46:c6:b6:2d:72:cb:9f:b9:e8:79:d4:bc:9f:1d:3f:6a:d9:
f8:f9:0b:99:00:a9:e5:7a:d5:09:c9:b4:87:79:da:5f:4c:0c:
05:04:77:df:d9:fb:57:56:d5:09:5e:12:aa:ce:0b:2e:50:ef:
19:7f:8a:28:32:3c:ba:ca:5c:15:17:76:bf:f5:16:f6:4d:81:
89:f9:17:33:33:6b:d2:ee:17:c0:25:5e:9c:e7:e4:da:a4:41:
c0:2e:5a:a4:04:f0:48:50:9a:ab:ac:23:c6:37:ee:3e:8f:0d:
4b:32:a5:fd:07:0f:27:3d:17:63:e9:3a:ec:47:11:ac:99:ae:
69:71:ae:0e:b2:d7:6d:3c:59:27:37:3d:de:cc:d4:18:68:a9:
68:4b:a8:2e:bd:c4:ef:15:c5:e2:66:90:8a:6b:7f:ee:e2:74:
81:95:af:5d:62:c0:f4:f3:36:91:10:43:d2:6f:93:d3:26:1e:
73:62:53:a8:64:5d:84:92:e6:b3:32:1f:01:43:01:1f:ec:46:
11:70:ee:b3:20:70:d1:32:83:2b:6b:90:93:99:ab:55:aa:0d:
ba:ba:26:bd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn7663RrG0IG8JjOH7qmbvKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZWU5MGQzNDJkODY1ZWE2N2YyYjBkMmZiNzRjMDM5Zjgz
ZTRhNDgwHhcNMjUxMDE5MTAwMjMwWhcNMjUxMDIwMTAwMjMwWjAzMTEwLwYDVQQD
EyhkMTEzYjhlMDEwOWM5NzYzZTc5ZmNjM2NmYjgyZmViZTAzNDNjOTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6Yv+wMTN/1KfZdr9Azf3t1AenMe
NzsVt9Btiefn2BGXpB/VVua9V9hCT5OWvFkR0SleaE9l9O4VpktnV7GAaexbq5Lh
UxhrEo3/fAi5i5IojGPG+SAk1biLtN9HWfk0Ru35uILSGRIHco8b0RZS9FHQOZhx
NFFndnFuWMYtH66TdS68iRlsWS1Muet+XwkHkt3BrSDGN/15mjgn2PtNuQmSb/ot
/jE2I2MfbOc0ZkdlSu0f+n4saIc2xXrHsE9xhiRzoxQ7bDbIISwZ0x8I+6054HZ/
VLiko0GU0eS16ufozZNRdQQpkygyCK2irqDG/mosr/9FY3f+qTAlTBjUKwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNETuOAQnJdj55/MPPuC/r4DQ8lGMB8GA1UdIwQY
MBaAFNjukNNC2GXqZ/Kw0vt0wDn4PkpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2Zjkt
NTEwNTI1YzQ3NDRjLzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9jZjVjMTAtMjEzMS00MTE2LWI2ZjktNTEwNTI1YzQ3NDRj
LzEvMk82UTAwTFlaZXBuOHJEUy0zVEFPZmctU2tnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADoobv82e
CI34sagE8syv3rXv3jbaAkxz235/p9Y2/gNWfou4jEbGti1yy5+56HnUvJ8dP2rZ
+PkLmQCp5XrVCcm0h3naX0wMBQR339n7V1bVCV4Sqs4LLlDvGX+KKDI8uspcFRd2
v/UW9k2BifkXMzNr0u4XwCVenOfk2qRBwC5apATwSFCaq6wjxjfuPo8NSzKl/QcP
Jz0XY+k67EcRrJmuaXGuDrLXbTxZJzc93szUGGipaEuoLr3E7xXF4maQimt/7uJ0
gZWvXWLA9PM2kRBD0m+T0yYec2JTqGRdhJLmszIfAUMBH+xGEXDusyBw0TKDK2uQ
k5mrVaoNuromvQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:40:29 2025 by rpki-client