Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.mft
File: 2OnkD_n7tigNo26XLyDTElAMGFw.mft (raw, json)
Hash identifier: K4AlaQdmhpO1CL3fCpQySoZJ7CLBMS+ldRD4eY2RRXU=
Subject key identifier: 84:A1:1F:0E:08:8E:86:75:90:39:38:E2:D8:03:34:4A:6A:BA:AF:2A
Authority key identifier: D8:E9:E4:0F:F9:FB:B6:28:0D:A3:6E:97:2F:20:D3:12:50:0C:18:5C
Certificate issuer: /CN=d8e9e40ff9fbb6280da36e972f20d312500c185c
Certificate serial: 0199FC215F89F2817C22A113F993336DE27E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2OnkD_n7tigNo26XLyDTElAMGFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.mft
Manifest number: 13CA
Signing time: Sun 19 Oct 2025 11:01:09 +0000
Manifest this update: Sun 19 Oct 2025 11:01:09 +0000
Manifest next update: Mon 20 Oct 2025 11:01:09 +0000
Files and hashes: 1: 2OnkD_n7tigNo26XLyDTElAMGFw.crl (hash: deDvQgZ7UguK01jpufJq9oIEaEKVn/IXpT+dgCa4afA=)
2: h5ibvBXljsm0_9K-AnuxEpyWzoI.roa (hash: SvGB7aqcdXdN/Cdk0NHyr1xHsC5MuHnt2HID1mkRiq8=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2OnkD_n7tigNo26XLyDTElAMGFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:21:5f:89:f2:81:7c:22:a1:13:f9:93:33:6d:e2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8e9e40ff9fbb6280da36e972f20d312500c185c
Validity
Not Before: Oct 19 11:01:09 2025 GMT
Not After : Oct 20 11:01:09 2025 GMT
Subject: CN=84a11f0e088e8675903938e2d803344a6abaaf2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f3:c2:e3:97:1d:ac:fc:89:c3:62:74:d9:5a:
5b:99:6b:c7:e4:56:bb:4f:fd:06:8a:15:90:dc:fc:
15:6b:c8:c1:21:74:24:18:0d:68:af:40:19:af:93:
c0:91:3f:c6:89:24:e1:89:8f:5f:4a:ee:6e:38:46:
cc:ca:d3:77:35:9e:2d:b2:81:c6:96:0f:b6:f7:b7:
6e:1f:83:3d:71:79:a9:3b:d6:82:3d:9a:1f:30:2a:
2f:82:00:b9:61:e0:9f:6b:be:44:94:c6:8c:10:42:
6d:97:ff:38:1f:6f:55:00:50:13:f3:7f:bf:33:cb:
fe:c0:1b:b8:f6:b3:0a:00:2a:2f:b2:cb:ae:59:9d:
95:1f:4a:79:74:85:11:88:82:62:0a:6e:05:5f:a7:
82:b4:6a:00:c4:18:45:95:fe:a0:16:bf:5e:8b:b6:
8a:fb:77:b4:70:2c:ad:41:cb:d1:a6:c1:4c:de:d3:
7e:db:4e:f1:4d:5d:fb:e6:46:75:32:4c:84:fe:5d:
a6:a2:4e:8f:26:bd:f3:2e:1e:d4:a0:da:99:05:4a:
ae:5f:87:fc:9a:97:a5:82:fd:7d:1f:c2:29:a3:c2:
8b:0a:bf:75:7c:69:e4:b2:9c:5a:91:27:04:70:53:
32:a6:86:42:80:44:42:5a:7b:f3:3a:da:0e:a9:5e:
b0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:A1:1F:0E:08:8E:86:75:90:39:38:E2:D8:03:34:4A:6A:BA:AF:2A
X509v3 Authority Key Identifier:
keyid:D8:E9:E4:0F:F9:FB:B6:28:0D:A3:6E:97:2F:20:D3:12:50:0C:18:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2OnkD_n7tigNo26XLyDTElAMGFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/8738b9-2d0a-4ef6-afad-1ae506ea1760/1/2OnkD_n7tigNo26XLyDTElAMGFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:e4:cc:1d:12:b1:dd:c9:e4:85:87:87:a6:33:22:47:42:d1:
fd:c9:1a:f3:74:e7:78:13:d4:6a:56:bf:15:b3:52:ee:1c:97:
37:bd:3f:86:04:38:96:a3:ff:4c:b0:92:23:8d:4e:fd:fc:34:
4e:b2:3a:c4:72:70:ff:ed:fe:18:96:3d:d0:79:27:2e:83:ed:
43:aa:f9:d6:86:02:8d:5a:ad:8d:1d:31:60:3c:af:98:fd:02:
65:52:ee:31:79:ea:55:ca:54:c4:19:19:b5:8c:99:53:e1:f7:
73:d5:b7:09:ac:04:ef:8e:b7:a2:69:32:39:f5:b4:e4:eb:2f:
41:d0:11:cd:51:08:b3:bd:86:ff:b9:4e:4f:10:7a:25:bb:6b:
0b:7d:74:38:2f:61:1f:ea:c7:0d:8e:f8:19:b6:92:98:c5:90:
b7:84:03:4b:89:11:7d:6b:89:53:34:77:73:d3:82:8f:48:4a:
cc:a5:1c:f3:4c:b6:59:d7:68:03:71:c2:16:b2:20:fc:4d:96:
67:c1:a9:e9:78:86:45:3a:de:de:40:e7:5c:97:85:fd:03:30:
f0:9d:27:b4:b3:f9:58:d8:97:e0:36:dd:8b:fc:8d:21:43:10:
7a:49:8f:57:a6:4b:d5:df:d8:f1:b2:b9:b8:74:9b:6b:b5:96:
b3:36:64:84
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn8IV+J8oF8IqET+ZMzbeJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZTllNDBmZjlmYmI2MjgwZGEzNmU5NzJmMjBkMzEyNTAw
YzE4NWMwHhcNMjUxMDE5MTEwMTA5WhcNMjUxMDIwMTEwMTA5WjAzMTEwLwYDVQQD
Eyg4NGExMWYwZTA4OGU4Njc1OTAzOTM4ZTJkODAzMzQ0YTZhYmFhZjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfPC45cdrPyJw2J02VpbmWvH5Fa7
T/0GihWQ3PwVa8jBIXQkGA1or0AZr5PAkT/GiSThiY9fSu5uOEbMytN3NZ4tsoHG
lg+297duH4M9cXmpO9aCPZofMCovggC5YeCfa75ElMaMEEJtl/84H29VAFAT83+/
M8v+wBu49rMKACovssuuWZ2VH0p5dIURiIJiCm4FX6eCtGoAxBhFlf6gFr9ei7aK
+3e0cCytQcvRpsFM3tN+207xTV375kZ1MkyE/l2mok6PJr3zLh7UoNqZBUquX4f8
mpelgv19H8Ipo8KLCr91fGnkspxakScEcFMypoZCgERCWnvzOtoOqV6wxwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIShHw4IjoZ1kDk44tgDNEpquq8qMB8GA1UdIwQY
MBaAFNjp5A/5+7YoDaNuly8g0xJQDBhcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMk9ua0Rfbjd0aWdObzI2WEx5RFRFbEFNR0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS84NzM4YjktMmQwYS00ZWY2LWFmYWQt
MWFlNTA2ZWExNzYwLzEvMk9ua0Rfbjd0aWdObzI2WEx5RFRFbEFNR0Z3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS84NzM4YjktMmQwYS00ZWY2LWFmYWQtMWFlNTA2ZWExNzYw
LzEvMk9ua0Rfbjd0aWdObzI2WEx5RFRFbEFNR0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApOTMHRKx
3cnkhYeHpjMiR0LR/cka83TneBPUala/FbNS7hyXN70/hgQ4lqP/TLCSI41O/fw0
TrI6xHJw/+3+GJY90HknLoPtQ6r51oYCjVqtjR0xYDyvmP0CZVLuMXnqVcpUxBkZ
tYyZU+H3c9W3CawE7463omkyOfW05OsvQdARzVEIs72G/7lOTxB6JbtrC310OC9h
H+rHDY74GbaSmMWQt4QDS4kRfWuJUzR3c9OCj0hKzKUc80y2WddoA3HCFrIg/E2W
Z8Gp6XiGRTre3kDnXJeF/QMw8J0ntLP5WNiX4Dbdi/yNIUMQekmPV6ZL1d/Y8bK5
uHSba7WWszZkhA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:40:29 2025 by rpki-client