Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
File: 2D73FCmY5OZWYFPixjpwgIxuojc.mft (raw, json)
Hash identifier: LeJ4jx4z6sWn9dukBhbXVFxj/AaqTS/DMV6kCuOtsUY=
Subject key identifier: E2:32:54:88:96:B2:C5:90:FF:17:DD:3A:76:0C:81:50:CB:B7:23:42
Authority key identifier: D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
Certificate issuer: /CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Certificate serial: 019A00DA45C8CF6B789B0C16EC8104AAED19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
Manifest number: 0264
Signing time: Mon 20 Oct 2025 09:01:36 +0000
Manifest this update: Mon 20 Oct 2025 09:01:36 +0000
Manifest next update: Tue 21 Oct 2025 09:01:36 +0000
Files and hashes: 1: 2D73FCmY5OZWYFPixjpwgIxuojc.crl (hash: HblbVs2yfm9LGriUQmf5Gt8ySvkZGxR7oruDvh9BOVM=)
2: EWAO3dXqj4k_Zc24k1Bzcpcwlew.roa (hash: fG2UBrX6DjIKV9kptyQGomVTDY864OWJshOwmuCJfno=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:da:45:c8:cf:6b:78:9b:0c:16:ec:81:04:aa:ed:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d83ef7142998e4e6566053e2c63a70808c6ea237
Validity
Not Before: Oct 20 09:01:36 2025 GMT
Not After : Oct 21 09:01:36 2025 GMT
Subject: CN=e232548896b2c590ff17dd3a760c8150cbb72342
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:95:e6:77:b1:c7:0a:ac:28:e2:cf:ec:fd:f6:
fa:bd:9b:38:15:7a:5b:44:6e:59:63:d6:41:8b:48:
30:f1:1c:ea:c0:9a:2c:68:0f:81:ce:3c:7a:d6:bb:
e5:46:26:2b:e6:b0:69:ec:ca:3c:c9:9e:1c:e1:55:
ba:a4:f2:13:aa:3e:37:4c:32:e5:04:a1:ef:79:63:
2d:ef:68:d1:6f:fb:99:97:30:d7:96:9f:53:38:f5:
e2:a9:d3:70:eb:25:19:8d:3f:30:cf:79:63:dd:f5:
81:8a:02:55:02:8b:3b:66:64:1d:bb:e1:15:31:d7:
f5:ca:86:8b:34:09:7b:ca:a9:63:13:c2:b9:96:ad:
a8:4d:20:34:d7:ea:3a:e6:dc:84:67:fb:84:e2:3e:
af:f2:2a:5e:31:c0:92:4c:00:c9:8c:83:a0:59:ba:
2a:34:84:ec:41:bb:ca:11:19:96:65:36:64:c3:cb:
55:00:24:84:a1:ff:1f:90:9a:e1:5f:c0:34:8a:fd:
3c:81:1b:6d:42:56:7e:a1:98:aa:ed:da:cd:e5:dc:
a3:53:be:dc:b4:d3:c8:24:d8:9a:87:5c:90:9b:78:
a6:ab:d9:8d:08:fb:f4:15:47:5d:d5:76:f9:e4:78:
b9:86:77:0c:85:68:52:2b:0a:9b:4b:af:81:d6:df:
1c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:32:54:88:96:B2:C5:90:FF:17:DD:3A:76:0C:81:50:CB:B7:23:42
X509v3 Authority Key Identifier:
keyid:D8:3E:F7:14:29:98:E4:E6:56:60:53:E2:C6:3A:70:80:8C:6E:A2:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2D73FCmY5OZWYFPixjpwgIxuojc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/7fcb35-4408-4218-9862-7f75a1b10ec3/1/2D73FCmY5OZWYFPixjpwgIxuojc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:ea:02:b3:3d:6d:dc:d5:73:d0:01:7f:60:af:12:d0:e8:4c:
9c:02:6a:f1:50:05:f4:6c:69:c2:f9:74:26:6a:ac:0e:8a:79:
5b:e1:f0:e8:52:17:60:8d:ac:50:47:bd:38:03:dc:a4:9b:69:
8c:3f:b1:05:a6:78:3d:38:d8:ce:cf:f5:e8:73:09:82:3f:90:
3a:25:d9:5b:d4:5a:00:3f:d3:69:01:5e:53:1a:78:a4:97:0d:
c3:ef:20:79:18:6a:a0:bb:c4:d5:08:c7:ba:cc:e4:85:6d:9c:
59:2b:23:69:d9:e9:26:bd:1e:50:15:a8:69:b0:44:68:27:6a:
da:6e:ce:5f:05:43:93:55:16:1d:a7:8e:c2:46:3e:12:4e:e6:
87:41:60:8f:cf:3e:66:1a:6a:0a:d7:1c:94:cd:5b:cd:9f:de:
d1:91:50:9a:2f:2f:99:0c:e2:42:65:70:6d:bd:d2:c5:f4:c5:
6c:2b:85:dd:0a:66:5e:19:de:97:51:c1:eb:34:6f:3e:0a:97:
73:db:af:1d:16:3a:4e:7c:ff:15:23:38:92:4f:1e:4c:e2:b7:
9d:1b:22:43:8b:27:41:3b:d1:04:16:2a:83:11:30:58:bf:9e:
34:39:b3:33:3e:20:1f:0a:41:87:eb:9e:47:f5:d8:d5:ff:a9:
59:06:15:3f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoA2kXIz2t4mwwW7IEEqu0ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4M2VmNzE0Mjk5OGU0ZTY1NjYwNTNlMmM2M2E3MDgwOGM2
ZWEyMzcwHhcNMjUxMDIwMDkwMTM2WhcNMjUxMDIxMDkwMTM2WjAzMTEwLwYDVQQD
EyhlMjMyNTQ4ODk2YjJjNTkwZmYxN2RkM2E3NjBjODE1MGNiYjcyMzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05Xmd7HHCqwo4s/s/fb6vZs4FXpb
RG5ZY9ZBi0gw8RzqwJosaA+Bzjx61rvlRiYr5rBp7Mo8yZ4c4VW6pPITqj43TDLl
BKHveWMt72jRb/uZlzDXlp9TOPXiqdNw6yUZjT8wz3lj3fWBigJVAos7ZmQdu+EV
Mdf1yoaLNAl7yqljE8K5lq2oTSA01+o65tyEZ/uE4j6v8ipeMcCSTADJjIOgWboq
NITsQbvKERmWZTZkw8tVACSEof8fkJrhX8A0iv08gRttQlZ+oZiq7drN5dyjU77c
tNPIJNiah1yQm3imq9mNCPv0FUdd1Xb55Hi5hncMhWhSKwqbS6+B1t8c4QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOIyVIiWssWQ/xfdOnYMgVDLtyNCMB8GA1UdIwQY
MBaAFNg+9xQpmOTmVmBT4sY6cICMbqI3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy83ZmNiMzUtNDQwOC00MjE4LTk4NjIt
N2Y3NWExYjEwZWMzLzEvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy83ZmNiMzUtNDQwOC00MjE4LTk4NjItN2Y3NWExYjEwZWMz
LzEvMkQ3M0ZDbVk1T1pXWUZQaXhqcHdnSXh1b2pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALuoCsz1t
3NVz0AF/YK8S0OhMnAJq8VAF9Gxpwvl0JmqsDop5W+Hw6FIXYI2sUEe9OAPcpJtp
jD+xBaZ4PTjYzs/16HMJgj+QOiXZW9RaAD/TaQFeUxp4pJcNw+8geRhqoLvE1QjH
uszkhW2cWSsjadnpJr0eUBWoabBEaCdq2m7OXwVDk1UWHaeOwkY+Ek7mh0Fgj88+
ZhpqCtcclM1bzZ/e0ZFQmi8vmQziQmVwbb3SxfTFbCuF3QpmXhnel1HB6zRvPgqX
c9uvHRY6Tnz/FSM4kk8eTOK3nRsiQ4snQTvRBBYqgxEwWL+eNDmzMz4gHwpBh+ue
R/XY1f+pWQYVPw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:33:30 2025 by rpki-client