Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
File: 2afNm3hyoceqJis_rRqQdlAlKDI.mft (raw, json)
Hash identifier: WUx9KIp43dlMTU8l8oFRAEXuit7pUK9SXdPuRKFc+Bg=
Subject key identifier: 70:58:DC:53:84:11:28:46:24:4A:70:F4:7F:AF:ED:D5:BC:72:92:67
Authority key identifier: D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
Certificate issuer: /CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Certificate serial: 019A006BF100060BA500599DD77CC93EE62C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
Manifest number: 050A
Signing time: Mon 20 Oct 2025 07:01:05 +0000
Manifest this update: Mon 20 Oct 2025 07:01:05 +0000
Manifest next update: Tue 21 Oct 2025 07:01:05 +0000
Files and hashes: 1: 2afNm3hyoceqJis_rRqQdlAlKDI.crl (hash: X+tL1TrE9aYGeiwq0HSv7ecyiancrgWpbKjlyy8xMH8=)
2: 8xRb-DPzCzHiHinhBGSiJKFCfq0.roa (hash: A9plqAZ6tW823XWa6YGs85LIMKZtOqJdz/q0S+8zYRE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 07:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6b:f1:00:06:0b:a5:00:59:9d:d7:7c:c9:3e:e6:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9a7cd9b7872a1c7aa262b3fad1a907650252832
Validity
Not Before: Oct 20 07:01:05 2025 GMT
Not After : Oct 21 07:01:05 2025 GMT
Subject: CN=7058dc5384112846244a70f47fafedd5bc729267
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:37:25:86:23:38:bf:30:1c:fd:25:a8:b7:3d:
6e:45:e5:18:7c:82:75:c1:00:bd:ce:3e:54:a1:a1:
5e:d4:97:9d:34:3b:a2:41:d7:cf:44:40:2e:e7:58:
32:e6:53:eb:8b:53:fd:00:1d:92:2b:56:0c:e6:b8:
4e:d6:ea:ec:61:f1:12:76:de:5e:25:9d:e1:ad:e5:
8e:d4:10:6a:83:45:c8:70:e7:a4:4c:f0:61:41:ce:
b2:15:7f:48:c3:63:8a:09:c4:18:5d:c4:52:e3:9b:
21:37:4d:2d:2e:73:c3:0a:2d:1b:b5:c5:4e:5b:a9:
10:70:46:5e:b0:4c:84:5e:8a:3d:40:8f:1a:5f:7a:
82:95:e2:01:cf:8b:a5:27:c8:ce:11:ae:fe:d0:64:
97:9d:20:23:d2:32:84:d5:71:c3:e9:e9:e2:2e:1f:
bf:8f:65:8d:7b:42:b8:a1:e5:88:47:34:81:67:33:
1d:12:ba:c0:27:68:f1:05:84:de:a6:63:36:0a:b4:
94:50:3c:5f:33:3e:c4:9c:c0:87:c9:1b:86:82:a3:
b8:a9:13:ed:a9:52:0f:0f:32:91:56:1d:5e:36:0e:
69:48:93:05:79:63:0b:63:b3:1f:79:a7:84:0b:9a:
58:63:46:d5:b9:53:66:20:78:fc:a8:a9:b8:fe:49:
4e:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:58:DC:53:84:11:28:46:24:4A:70:F4:7F:AF:ED:D5:BC:72:92:67
X509v3 Authority Key Identifier:
keyid:D9:A7:CD:9B:78:72:A1:C7:AA:26:2B:3F:AD:1A:90:76:50:25:28:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2afNm3hyoceqJis_rRqQdlAlKDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/c06f09-9072-4d57-9b64-d05be8c5a4b1/1/2afNm3hyoceqJis_rRqQdlAlKDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
bb:ad:6e:c5:b4:33:7c:08:1e:55:ac:95:fc:a7:4c:c1:2e:d3:
f8:5b:14:b0:bb:c2:89:fb:40:4b:d1:da:62:9b:3c:de:c1:de:
50:b2:66:c2:90:70:14:6d:1d:ee:94:ca:ba:f4:55:6f:5c:e7:
46:31:e6:c3:12:a8:58:fb:87:10:97:47:2c:fe:7c:a0:33:fa:
a6:d9:28:b3:28:14:d3:a6:b0:c5:c1:ad:49:ed:61:35:53:d1:
e8:07:8d:06:1b:9d:b2:3b:cd:b4:72:4b:71:bb:0b:46:30:25:
3b:73:65:cc:3f:3e:a3:2d:63:cf:58:dd:a8:57:9a:39:b9:90:
d4:fe:73:92:54:43:18:68:5a:7f:8a:ed:6c:99:7b:e4:7f:7b:
be:88:98:f6:ea:f2:87:06:3e:86:6a:e5:17:cd:77:fc:fb:fb:
6c:dc:e0:26:a0:d5:8a:b7:e0:e5:f7:30:2f:57:9f:6a:19:62:
e4:e2:de:e1:c8:b0:d4:7f:55:18:31:f7:46:ae:29:2b:c4:36:
e4:c5:0b:1c:a2:b9:6b:ce:40:56:8a:09:6e:68:05:3e:fc:94:
79:3d:a3:05:8d:15:23:de:e7:ce:50:12:00:9e:e2:90:9a:b0:
62:e7:b5:7d:23:55:01:2d:5c:29:dc:c3:ef:ad:f0:52:b4:64:
36:b5:df:a9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoAa/EABgulAFmd13zJPuYsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5YTdjZDliNzg3MmExYzdhYTI2MmIzZmFkMWE5MDc2NTAy
NTI4MzIwHhcNMjUxMDIwMDcwMTA1WhcNMjUxMDIxMDcwMTA1WjAzMTEwLwYDVQQD
Eyg3MDU4ZGM1Mzg0MTEyODQ2MjQ0YTcwZjQ3ZmFmZWRkNWJjNzI5MjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzclhiM4vzAc/SWotz1uReUYfIJ1
wQC9zj5UoaFe1JedNDuiQdfPREAu51gy5lPri1P9AB2SK1YM5rhO1ursYfESdt5e
JZ3hreWO1BBqg0XIcOekTPBhQc6yFX9Iw2OKCcQYXcRS45shN00tLnPDCi0btcVO
W6kQcEZesEyEXoo9QI8aX3qCleIBz4ulJ8jOEa7+0GSXnSAj0jKE1XHD6eniLh+/
j2WNe0K4oeWIRzSBZzMdErrAJ2jxBYTepmM2CrSUUDxfMz7EnMCHyRuGgqO4qRPt
qVIPDzKRVh1eNg5pSJMFeWMLY7MfeaeEC5pYY0bVuVNmIHj8qKm4/klO3QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHBY3FOEEShGJEpw9H+v7dW8cpJnMB8GA1UdIwQY
MBaAFNmnzZt4cqHHqiYrP60akHZQJSgyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQt
ZDA1YmU4YzVhNGIxLzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9jMDZmMDktOTA3Mi00ZDU3LTliNjQtZDA1YmU4YzVhNGIx
LzEvMmFmTm0zaHlvY2VxSmlzX3JScVFkbEFsS0RJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAu61uxbQz
fAgeVayV/KdMwS7T+FsUsLvCiftAS9HaYps83sHeULJmwpBwFG0d7pTKuvRVb1zn
RjHmwxKoWPuHEJdHLP58oDP6ptkosygU06awxcGtSe1hNVPR6AeNBhudsjvNtHJL
cbsLRjAlO3NlzD8+oy1jz1jdqFeaObmQ1P5zklRDGGhaf4rtbJl75H97voiY9ury
hwY+hmrlF813/Pv7bNzgJqDVirfg5fcwL1efahli5OLe4ciw1H9VGDH3Rq4pK8Q2
5MULHKK5a85AVooJbmgFPvyUeT2jBY0VI97nzlASAJ7ikJqwYue1fSNVAS1cKdzD
763wUrRkNrXfqQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:33:33 2025 by rpki-client