Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
File: i9lSvUDOCXP5EEEfWS426QE2wuo.mft (raw, json)
Hash identifier: zG4fKix5gxlEB14esax7wlEctJcjiXdhdg2tuc4s/4U=
Subject key identifier: 65:C5:F0:00:96:BA:F3:AC:0E:27:15:6C:CE:B9:58:24:F2:0C:0C:0D
Authority key identifier: 8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA
Certificate issuer: /CN=8bd952bd40ce0973f910411f592e36e90136c2ea
Certificate serial: 019A7301186490AEC41B8C5954C0261FAE8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
Manifest number: 089F
Signing time: Tue 11 Nov 2025 13:00:42 +0000
Manifest this update: Tue 11 Nov 2025 13:00:42 +0000
Manifest next update: Wed 12 Nov 2025 13:00:42 +0000
Files and hashes: 1: i9lSvUDOCXP5EEEfWS426QE2wuo.crl (hash: 7TokVodgMxml1TZUs14QF5lPrgOEZu3BYubaLuB/a2g=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:18:64:90:ae:c4:1b:8c:59:54:c0:26:1f:ae:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bd952bd40ce0973f910411f592e36e90136c2ea
Validity
Not Before: Nov 11 13:00:42 2025 GMT
Not After : Nov 12 13:00:42 2025 GMT
Subject: CN=65c5f00096baf3ac0e27156cceb95824f20c0c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:88:3f:03:59:da:94:8e:64:c9:0e:4e:b5:3a:
3d:87:c9:03:bf:d2:3d:15:a1:f0:60:07:28:d9:b3:
ec:66:58:a5:4d:81:f7:8b:aa:15:b6:bc:c2:39:ed:
70:04:3f:cd:65:79:e9:34:db:23:b3:3d:c6:1f:ab:
68:08:35:4a:2c:b1:37:e7:e7:bd:db:f0:6a:a1:dd:
30:ec:5d:11:cc:1b:15:4b:fb:c3:fa:72:03:8d:a2:
a5:a4:3f:e9:9d:fd:10:be:5f:b7:0d:d3:0a:1a:80:
d9:ec:2b:d7:fd:d2:4f:02:38:cc:6b:20:3e:44:6e:
2f:f0:5e:5a:ec:07:05:ef:1b:cd:56:28:cf:5d:c7:
1e:fc:1c:d7:b9:c2:98:79:74:94:26:d2:16:3b:ca:
3e:87:e7:dd:54:8f:c6:5b:e4:b1:f1:5a:c7:59:5d:
ec:a9:30:af:54:0b:c6:de:dc:c9:48:74:cc:ca:0c:
cd:94:d7:aa:88:75:fb:72:48:67:d8:b6:90:7b:09:
22:65:29:f1:36:0b:9c:c5:9d:45:fd:05:dd:0c:84:
0e:82:81:77:e7:32:22:55:35:8a:34:a9:11:77:f7:
86:5b:2e:75:31:56:3b:fc:d1:b8:67:eb:73:31:c7:
68:b1:c1:cc:3d:33:32:f6:41:5c:34:66:0b:5d:e1:
b7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C5:F0:00:96:BA:F3:AC:0E:27:15:6C:CE:B9:58:24:F2:0C:0C:0D
X509v3 Authority Key Identifier:
keyid:8B:D9:52:BD:40:CE:09:73:F9:10:41:1F:59:2E:36:E9:01:36:C2:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i9lSvUDOCXP5EEEfWS426QE2wuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/3edb8c-1850-488f-afdf-5c2abe5394e6/1/i9lSvUDOCXP5EEEfWS426QE2wuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
42:c0:34:57:d5:0e:f7:8e:6e:ec:fb:ed:3f:bc:85:2a:a0:5d:
71:5e:27:93:6e:c6:30:cb:6a:4a:98:cf:42:bf:18:7d:e2:90:
ca:db:ec:30:b6:7c:97:96:d2:1d:7c:24:76:63:d6:38:45:27:
77:89:d3:04:e8:e6:ce:5f:9c:eb:0f:d3:bf:8c:0b:08:fe:98:
7c:f3:ca:15:a3:f1:2d:19:b5:ef:4c:31:9d:0e:69:7b:c6:4c:
6d:86:8d:7a:51:b4:c8:4b:d7:a4:be:97:21:fc:79:28:72:db:
b6:09:7e:65:a0:2e:de:bc:9a:8e:ad:df:b0:39:17:5d:8c:90:
44:2b:7b:10:59:13:fb:eb:13:be:b9:49:22:29:5e:d0:ff:f6:
cc:35:65:49:54:f5:7c:6c:4e:55:2d:bb:f8:0a:c3:5d:fa:7a:
e1:61:11:1e:de:78:dd:52:f6:83:dc:79:85:7a:ac:5c:17:61:
8c:e2:10:78:56:f8:c5:cc:31:44:c5:74:fd:8e:5c:93:67:53:
68:c0:31:76:2e:cd:6b:92:a4:01:52:07:58:df:da:a0:f3:dd:
6c:63:ca:cf:9e:3e:0d:e8:1d:f7:05:aa:11:90:1d:99:31:82:
3a:04:05:61:c8:0c:3e:f9:e6:da:dc:e0:92:c9:08:40:e6:73:
2c:6d:b0:b6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzARhkkK7EG4xZVMAmH66NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZDk1MmJkNDBjZTA5NzNmOTEwNDExZjU5MmUzNmU5MDEz
NmMyZWEwHhcNMjUxMTExMTMwMDQyWhcNMjUxMTEyMTMwMDQyWjAzMTEwLwYDVQQD
Eyg2NWM1ZjAwMDk2YmFmM2FjMGUyNzE1NmNjZWI5NTgyNGYyMGMwYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0og/A1nalI5kyQ5OtTo9h8kDv9I9
FaHwYAco2bPsZlilTYH3i6oVtrzCOe1wBD/NZXnpNNsjsz3GH6toCDVKLLE35+e9
2/Bqod0w7F0RzBsVS/vD+nIDjaKlpD/pnf0Qvl+3DdMKGoDZ7CvX/dJPAjjMayA+
RG4v8F5a7AcF7xvNVijPXcce/BzXucKYeXSUJtIWO8o+h+fdVI/GW+Sx8VrHWV3s
qTCvVAvG3tzJSHTMygzNlNeqiHX7ckhn2LaQewkiZSnxNgucxZ1F/QXdDIQOgoF3
5zIiVTWKNKkRd/eGWy51MVY7/NG4Z+tzMcdoscHMPTMy9kFcNGYLXeG3fwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGXF8ACWuvOsDicVbM65WCTyDAwNMB8GA1UdIwQY
MBaAFIvZUr1Azglz+RBBH1kuNukBNsLqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYt
NWMyYWJlNTM5NGU2LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8zZWRiOGMtMTg1MC00ODhmLWFmZGYtNWMyYWJlNTM5NGU2
LzEvaTlsU3ZVRE9DWFA1RUVFZldTNDI2UUUyd3VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQsA0V9UO
945u7PvtP7yFKqBdcV4nk27GMMtqSpjPQr8YfeKQytvsMLZ8l5bSHXwkdmPWOEUn
d4nTBOjmzl+c6w/Tv4wLCP6YfPPKFaPxLRm170wxnQ5pe8ZMbYaNelG0yEvXpL6X
Ifx5KHLbtgl+ZaAu3ryajq3fsDkXXYyQRCt7EFkT++sTvrlJIile0P/2zDVlSVT1
fGxOVS27+ArDXfp64WERHt543VL2g9x5hXqsXBdhjOIQeFb4xcwxRMV0/Y5ck2dT
aMAxdi7Na5KkAVIHWN/aoPPdbGPKz54+Degd9wWqEZAdmTGCOgQFYcgMPvnm2tzg
kskIQOZzLG2wtg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:28:14 2025 by rpki-client