Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.mft
File: g2pzvtdapO-ld-2QrTVi4hlR0bI.mft (raw, json)
Hash identifier: RvcDRcSJz6rSmOhwx+baVFU3yXkY07JfZKsnbyOIM4E=
Subject key identifier: 97:5D:6E:03:98:D4:22:DE:99:D2:E9:83:5E:92:1B:24:0B:24:64:5B
Authority key identifier: 83:6A:73:BE:D7:5A:A4:EF:A5:77:ED:90:AD:35:62:E2:19:51:D1:B2
Certificate issuer: /CN=836a73bed75aa4efa577ed90ad3562e21951d1b2
Certificate serial: 0199FF5957B271B83638D3D651FF26995F2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2pzvtdapO-ld-2QrTVi4hlR0bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.mft
Manifest number: 14EA
Signing time: Mon 20 Oct 2025 02:01:09 +0000
Manifest this update: Mon 20 Oct 2025 02:01:09 +0000
Manifest next update: Tue 21 Oct 2025 02:01:09 +0000
Files and hashes: 1: g2pzvtdapO-ld-2QrTVi4hlR0bI.crl (hash: pVFSaQQjWGm9WgKYWzXi2izgpnEkIu9djBnW+fmVd0w=)
2: pCExSDuPpylceZEh-3ghVJcWtXU.roa (hash: EmDT0awECjqFFQZyEcdl/Y2PrhZj4pSyXOCLhHqwv2c=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/g2pzvtdapO-ld-2QrTVi4hlR0bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:59:57:b2:71:b8:36:38:d3:d6:51:ff:26:99:5f:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836a73bed75aa4efa577ed90ad3562e21951d1b2
Validity
Not Before: Oct 20 02:01:09 2025 GMT
Not After : Oct 21 02:01:09 2025 GMT
Subject: CN=975d6e0398d422de99d2e9835e921b240b24645b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:19:60:06:65:23:99:c0:6d:f3:8f:9e:62:32:
70:5d:38:b2:d6:fe:64:ab:71:e5:2d:3e:4a:b9:ea:
7e:a9:43:e5:48:58:b9:d0:53:80:c0:d6:5e:df:e6:
70:de:eb:70:7e:02:7f:3a:de:b9:bb:8b:d4:28:a0:
51:bd:f5:0f:3e:95:b8:76:2b:87:d8:c7:f9:f5:11:
51:81:25:73:1f:ee:29:5a:99:ca:e3:af:30:c1:8e:
29:ad:c6:01:3a:a9:49:31:2b:29:ce:3b:02:d9:fd:
20:95:46:84:a4:92:cd:98:2c:7f:f3:ee:52:72:c8:
1f:49:fa:5f:a7:af:fc:28:8a:e6:13:4b:c7:02:91:
66:c3:ae:1c:8f:87:ac:da:7f:d0:2d:10:6d:76:3d:
7b:cf:1a:6e:10:c8:c8:1e:01:81:2d:ff:86:42:84:
2a:5d:d2:37:25:91:df:1d:cf:a5:d0:e1:61:67:bc:
37:23:b6:28:ea:58:d7:da:b9:8f:3e:bc:f4:be:a6:
c3:2b:f1:62:63:66:e6:fd:b6:57:fd:69:76:9d:bc:
a1:88:0a:66:76:74:40:5d:36:97:29:73:28:52:0f:
12:96:bf:c8:45:d0:7e:2f:eb:c2:6a:ae:a5:f9:a2:
ee:9d:e7:a3:94:a6:dc:13:73:5c:65:28:88:18:62:
c5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5D:6E:03:98:D4:22:DE:99:D2:E9:83:5E:92:1B:24:0B:24:64:5B
X509v3 Authority Key Identifier:
keyid:83:6A:73:BE:D7:5A:A4:EF:A5:77:ED:90:AD:35:62:E2:19:51:D1:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2pzvtdapO-ld-2QrTVi4hlR0bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/ab34ad-9e9a-4289-8727-b1acd75018c3/1/g2pzvtdapO-ld-2QrTVi4hlR0bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:79:d2:1c:66:1d:ea:6a:59:46:b6:42:06:c5:f1:fc:39:c3:
71:6f:64:4c:8c:5c:05:1d:4d:ab:46:90:2e:c2:81:aa:79:75:
76:63:76:3d:d1:f8:39:f6:6b:c7:b7:1d:4c:5f:70:ba:49:ea:
cf:6c:b2:0c:c6:56:ec:f0:1e:85:71:02:24:d8:dd:46:f5:1a:
29:13:18:c6:98:0e:a7:78:11:1d:25:35:29:4b:7d:70:2c:31:
62:58:64:25:f7:17:93:6a:54:76:01:8e:81:86:8e:a5:3e:85:
6b:a4:0d:d4:f3:cd:15:ee:93:fd:90:4c:5e:84:a6:89:74:80:
55:38:aa:bc:a7:e8:9e:00:ba:3c:e9:6f:68:64:ec:1c:98:c5:
3f:a4:13:a4:9a:01:ab:fb:29:32:ae:2b:37:65:ef:a9:9a:4b:
7e:63:77:90:5d:c7:cd:41:77:e4:b1:e7:bf:51:38:ba:ae:37:
0d:e9:ee:16:2a:bc:57:14:ab:58:04:38:9f:50:fc:ab:79:fc:
2a:f7:58:22:7e:ca:64:4c:5d:62:28:e3:64:33:9b:44:fe:8c:
ce:cf:36:59:ea:71:ff:b7:48:f8:a3:27:1c:a4:d5:5f:65:ca:
cd:e1:d3:e8:7f:45:29:fd:64:1c:46:c1:46:c9:ad:47:df:9b:
94:aa:99:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/WVeycbg2ONPWUf8mmV8uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNmE3M2JlZDc1YWE0ZWZhNTc3ZWQ5MGFkMzU2MmUyMTk1
MWQxYjIwHhcNMjUxMDIwMDIwMTA5WhcNMjUxMDIxMDIwMTA5WjAzMTEwLwYDVQQD
Eyg5NzVkNmUwMzk4ZDQyMmRlOTlkMmU5ODM1ZTkyMWIyNDBiMjQ2NDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BlgBmUjmcBt84+eYjJwXTiy1v5k
q3HlLT5Kuep+qUPlSFi50FOAwNZe3+Zw3utwfgJ/Ot65u4vUKKBRvfUPPpW4diuH
2Mf59RFRgSVzH+4pWpnK468wwY4prcYBOqlJMSspzjsC2f0glUaEpJLNmCx/8+5S
csgfSfpfp6/8KIrmE0vHApFmw64cj4es2n/QLRBtdj17zxpuEMjIHgGBLf+GQoQq
XdI3JZHfHc+l0OFhZ7w3I7Yo6ljX2rmPPrz0vqbDK/FiY2bm/bZX/Wl2nbyhiApm
dnRAXTaXKXMoUg8Slr/IRdB+L+vCaq6l+aLuneejlKbcE3NcZSiIGGLFNQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJddbgOY1CLemdLpg16SGyQLJGRbMB8GA1UdIwQY
MBaAFINqc77XWqTvpXftkK01YuIZUdGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJwenZ0ZGFwTy1sZC0yUXJUVmk0aGxSMGJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hYjM0YWQtOWU5YS00Mjg5LTg3Mjct
YjFhY2Q3NTAxOGMzLzEvZzJwenZ0ZGFwTy1sZC0yUXJUVmk0aGxSMGJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hYjM0YWQtOWU5YS00Mjg5LTg3MjctYjFhY2Q3NTAxOGMz
LzEvZzJwenZ0ZGFwTy1sZC0yUXJUVmk0aGxSMGJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT3nSHGYd
6mpZRrZCBsXx/DnDcW9kTIxcBR1Nq0aQLsKBqnl1dmN2PdH4OfZrx7cdTF9wuknq
z2yyDMZW7PAehXECJNjdRvUaKRMYxpgOp3gRHSU1KUt9cCwxYlhkJfcXk2pUdgGO
gYaOpT6Fa6QN1PPNFe6T/ZBMXoSmiXSAVTiqvKfongC6POlvaGTsHJjFP6QTpJoB
q/spMq4rN2XvqZpLfmN3kF3HzUF35LHnv1E4uq43DenuFiq8VxSrWAQ4n1D8q3n8
KvdYIn7KZExdYijjZDObRP6Mzs82Wepx/7dI+KMnHKTVX2XKzeHT6H9FKf1kHEbB
RsmtR9+blKqZGQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:57:15 2025 by rpki-client