Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
File: 2fhm-wqoOicaDLfckDAYjInSPl0.mft (raw, json)
Hash identifier: KUZTS0y3RhV9LAZ8majg1NLQzXEfNKAq30QGYleJ4hM=
Subject key identifier: D4:07:89:EC:5D:96:72:CC:D5:17:EF:02:DA:90:D4:4B:4D:3C:69:22
Authority key identifier: D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
Certificate issuer: /CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Certificate serial: 0199FF226B8621088D6299F02558461741E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
Manifest number: 16E5
Signing time: Mon 20 Oct 2025 01:01:09 +0000
Manifest this update: Mon 20 Oct 2025 01:01:09 +0000
Manifest next update: Tue 21 Oct 2025 01:01:09 +0000
Files and hashes: 1: 2fhm-wqoOicaDLfckDAYjInSPl0.crl (hash: PLZfMa7r/bt7yhqIdCw8NqYgv8vQje0AGiMGTSP6v9o=)
2: vaJcnuFh_402kJ74_w8V8zEZMEQ.roa (hash: zHT9dPUYaVKrJVgWZffBYu4o6dMRl6TWrXRAFSRU0bA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ff:22:6b:86:21:08:8d:62:99:f0:25:58:46:17:41:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Validity
Not Before: Oct 20 01:01:09 2025 GMT
Not After : Oct 21 01:01:09 2025 GMT
Subject: CN=d40789ec5d9672ccd517ef02da90d44b4d3c6922
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:61:3d:1b:2d:7e:f4:24:ab:22:cf:c4:5b:ba:
4a:14:5e:5b:5d:38:ec:b4:49:dc:67:97:56:71:e2:
98:55:f2:fb:18:98:6c:21:9a:fa:c6:1b:7b:fa:41:
5a:11:af:a2:ec:ab:36:67:cd:7d:dd:9f:fe:cf:20:
14:3c:bb:b8:e5:8e:cd:b5:a3:b0:c4:2f:87:99:68:
25:49:90:91:71:fa:15:fb:8d:aa:55:51:ed:6f:89:
d6:e7:35:13:59:e3:b9:c9:56:16:fd:35:1f:dd:9d:
25:fa:97:01:ed:0c:4a:ba:f9:2d:bd:88:6c:13:03:
05:b5:a3:08:5b:e4:2f:59:36:b1:bb:af:2a:50:21:
be:48:d5:c5:d6:a7:86:73:5f:bf:11:8b:66:9e:c5:
ac:b6:db:58:c4:ca:da:9e:2e:86:41:04:29:e7:27:
7c:14:10:e9:6d:64:37:ac:ea:50:93:42:ad:b8:fd:
8d:25:f7:77:e4:53:2d:2e:a0:34:dd:3a:4c:f0:ce:
2b:ca:6e:e3:af:b3:f4:f4:5d:b8:2c:95:4c:ea:96:
7e:1c:21:93:2b:33:84:fc:18:3c:ff:8a:fb:c5:d0:
e0:5c:1a:9f:a6:38:c9:7a:02:92:7f:c3:fa:1f:d8:
b0:87:64:cd:a5:1d:50:6b:8b:c1:5b:ce:bf:ce:a3:
9c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:07:89:EC:5D:96:72:CC:D5:17:EF:02:DA:90:D4:4B:4D:3C:69:22
X509v3 Authority Key Identifier:
keyid:D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:f4:4c:58:05:d2:c7:aa:4d:ca:b5:9a:be:60:9b:67:ba:63:
7e:8f:45:1a:5e:f8:3c:da:2a:33:e8:63:a2:11:85:fe:75:8d:
65:81:89:17:b2:98:f1:80:b2:5d:a1:88:fa:3c:14:ba:d2:d9:
29:21:a5:b0:0e:5d:09:57:57:b0:2a:2c:ca:ca:1e:46:a1:1c:
44:8f:aa:ef:2e:af:cb:5d:b5:76:f9:d7:e9:47:92:34:f7:53:
06:9e:6a:04:ae:2e:b1:df:88:0b:94:4e:10:3d:c0:b3:41:39:
70:82:56:ae:6a:ad:a2:07:95:58:d5:b6:84:9f:34:f6:ea:3e:
de:6e:8b:c1:fc:0b:fa:c7:ba:4e:19:59:6a:19:95:67:91:78:
e4:5c:8e:16:d1:72:98:e5:1d:d2:fb:70:dc:78:7a:39:e9:05:
c3:6b:be:ff:ad:b9:b6:60:6a:4c:5f:29:3f:c8:9c:ad:1a:4d:
df:bc:85:c8:0d:5c:4f:f8:ee:6d:b5:2e:d2:8a:15:90:00:e9:
78:52:69:e0:3b:24:9b:5a:c9:dc:2f:78:39:fd:f5:2a:09:6c:
19:14:39:b8:dc:c5:bd:57:3d:8d:59:75:a6:0c:16:35:a7:49:
c8:2b:9d:c1:2c:bb:3a:89:fb:60:36:a0:ef:c7:0a:91:7f:3d:
e6:36:17:b1
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZn/ImuGIQiNYpnwJVhGF0HlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5Zjg2NmZiMGFhODNhMjcxYTBjYjdkYzkwMzAxODhjODlk
MjNlNWQwHhcNMjUxMDIwMDEwMTA5WhcNMjUxMDIxMDEwMTA5WjAzMTEwLwYDVQQD
EyhkNDA3ODllYzVkOTY3MmNjZDUxN2VmMDJkYTkwZDQ0YjRkM2M2OTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomE9Gy1+9CSrIs/EW7pKFF5bXTjs
tEncZ5dWceKYVfL7GJhsIZr6xht7+kFaEa+i7Ks2Z8193Z/+zyAUPLu45Y7NtaOw
xC+HmWglSZCRcfoV+42qVVHtb4nW5zUTWeO5yVYW/TUf3Z0l+pcB7QxKuvktvYhs
EwMFtaMIW+QvWTaxu68qUCG+SNXF1qeGc1+/EYtmnsWstttYxMrani6GQQQp5yd8
FBDpbWQ3rOpQk0KtuP2NJfd35FMtLqA03TpM8M4rym7jr7P09F24LJVM6pZ+HCGT
KzOE/Bg8/4r7xdDgXBqfpjjJegKSf8P6H9iwh2TNpR1Qa4vBW86/zqOcqwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNQHiexdlnLM1RfvAtqQ1EtNPGkiMB8GA1UdIwQY
MBaAFNn4ZvsKqDonGgy33JAwGIyJ0j5dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYt
NWMxZDVhNjk5MmQ4LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYtNWMxZDVhNjk5MmQ4
LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJPRMWAXS
x6pNyrWavmCbZ7pjfo9FGl74PNoqM+hjohGF/nWNZYGJF7KY8YCyXaGI+jwUutLZ
KSGlsA5dCVdXsCosysoeRqEcRI+q7y6vy121dvnX6UeSNPdTBp5qBK4usd+IC5RO
ED3As0E5cIJWrmqtogeVWNW2hJ809uo+3m6LwfwL+se6ThlZahmVZ5F45FyOFtFy
mOUd0vtw3Hh6OekFw2u+/625tmBqTF8pP8icrRpN37yFyA1cT/jubbUu0ooVkADp
eFJp4Dskm1rJ3C94Of31KglsGRQ5uNzFvVc9jVl1pgwWNadJyCudwSy7Oon7YDag
78cKkX895jYXsQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 08:47:57 2025 by rpki-client