Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
File: 20YNIBeVpqmS7UrBi7fFLBCLeFI.mft (raw, json)
Hash identifier: RXQo+9dLU4FXk4qSdheThA/jSWmE6GDli8mp3n8GKcA=
Subject key identifier: 43:4B:42:C5:4C:D8:D5:41:0B:0C:8C:92:DA:86:8B:2B:4C:50:5A:78
Authority key identifier: DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
Certificate issuer: /CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Certificate serial: 019A725C91BB11C463E5D9074E7F160BB404
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
Manifest number: 171B
Signing time: Tue 11 Nov 2025 10:01:00 +0000
Manifest this update: Tue 11 Nov 2025 10:01:00 +0000
Manifest next update: Wed 12 Nov 2025 10:01:00 +0000
Files and hashes: 1: 20YNIBeVpqmS7UrBi7fFLBCLeFI.crl (hash: JVk6QMyaEzMwLJNNkXHhw+kPbeWAdTrpbUrHsBGywrk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:91:bb:11:c4:63:e5:d9:07:4e:7f:16:0b:b4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db460d201795a6a992ed4ac18bb7c52c108b7852
Validity
Not Before: Nov 11 10:01:00 2025 GMT
Not After : Nov 12 10:01:00 2025 GMT
Subject: CN=434b42c54cd8d5410b0c8c92da868b2b4c505a78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:47:2d:f3:00:52:60:9b:e8:72:95:03:94:56:
0b:d6:6e:42:fc:e2:5e:6a:09:3a:21:5c:19:e8:3d:
47:9e:7f:5d:4e:50:8e:1e:54:9d:fd:d6:88:09:29:
5d:2b:63:30:70:8b:76:28:5e:c4:a7:97:fc:54:74:
76:28:1f:b1:fb:ea:5b:6e:67:42:2e:ca:06:c6:d6:
b5:65:09:ca:8c:e0:bd:7f:e6:ba:4c:c8:03:43:2e:
4b:3a:50:30:47:a3:d6:ff:f6:ac:5d:27:0d:dd:68:
85:80:e5:4a:69:e7:bb:93:9c:94:4c:9c:90:84:bb:
a7:61:a9:b9:a8:4d:40:de:09:b6:1d:80:71:fe:73:
84:1a:2c:01:61:1c:7a:f6:9a:09:49:19:42:49:a3:
d5:80:b2:a2:9b:ef:00:9a:55:19:33:cf:87:ba:e5:
f7:5d:c4:5c:ef:3f:fb:1b:af:23:cc:6e:e0:8e:d4:
07:10:e0:6e:5d:8b:fa:d5:13:63:bc:f7:76:82:6a:
ba:90:c7:c6:c0:09:f3:e6:f4:9f:0c:5d:55:ec:17:
ef:5e:ab:55:dc:93:b8:d3:a9:0c:da:da:2b:c4:c4:
b0:51:84:4a:16:cb:33:89:55:a4:b7:e2:bf:70:da:
ed:25:bc:f9:6e:5e:11:2f:7a:51:79:ac:ce:5d:7c:
00:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:4B:42:C5:4C:D8:D5:41:0B:0C:8C:92:DA:86:8B:2B:4C:50:5A:78
X509v3 Authority Key Identifier:
keyid:DB:46:0D:20:17:95:A6:A9:92:ED:4A:C1:8B:B7:C5:2C:10:8B:78:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20YNIBeVpqmS7UrBi7fFLBCLeFI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/1f346a-a87d-4957-a4ce-e82ed3d76a87/1/20YNIBeVpqmS7UrBi7fFLBCLeFI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
2e:cf:4b:d3:3f:63:c8:51:9a:98:2e:af:6d:c6:04:56:12:f2:
ad:c9:b9:f1:95:52:2a:0e:b8:3d:3b:ed:9e:11:d4:2e:2a:c6:
b5:e9:26:ea:72:03:36:96:20:25:a8:20:d5:be:0e:f5:f6:05:
e3:be:de:60:51:41:75:c6:ad:b2:52:39:16:b8:6b:2d:c5:11:
fb:64:12:d3:aa:92:65:f8:0e:4b:40:5e:64:62:2d:a4:87:57:
4d:aa:83:94:02:20:3b:3f:3e:3b:68:53:4d:13:58:9d:8b:a9:
53:fa:89:bb:c5:c3:dd:e9:ac:e0:04:d3:1a:c8:52:ac:cf:d5:
de:12:6e:fb:31:dc:59:de:7f:d4:bb:f3:4c:91:e9:16:0b:c7:
a9:e7:30:45:3c:68:3c:7d:40:6a:6a:0b:43:17:f3:99:54:cc:
21:dc:7e:c0:c0:6e:9c:7c:35:0e:82:d2:86:3c:7f:ae:6d:e1:
e1:ed:a5:69:de:4f:94:54:4e:6f:ed:06:97:ae:87:00:73:dc:
43:a7:71:73:43:62:51:7c:96:f1:9c:f6:f8:f1:7f:a8:20:20:
2b:26:7d:f4:d6:fd:99:aa:82:c1:0a:c0:98:4f:e2:51:25:60:
9d:de:1c:e1:87:33:ab:ad:0c:c1:2d:d8:e0:41:34:19:3a:1b:
5a:d2:19:3a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXJG7EcRj5dkHTn8WC7QEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDYwZDIwMTc5NWE2YTk5MmVkNGFjMThiYjdjNTJjMTA4
Yjc4NTIwHhcNMjUxMTExMTAwMTAwWhcNMjUxMTEyMTAwMTAwWjAzMTEwLwYDVQQD
Eyg0MzRiNDJjNTRjZDhkNTQxMGIwYzhjOTJkYTg2OGIyYjRjNTA1YTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkct8wBSYJvocpUDlFYL1m5C/OJe
agk6IVwZ6D1Hnn9dTlCOHlSd/daICSldK2MwcIt2KF7Ep5f8VHR2KB+x++pbbmdC
LsoGxta1ZQnKjOC9f+a6TMgDQy5LOlAwR6PW//asXScN3WiFgOVKaee7k5yUTJyQ
hLunYam5qE1A3gm2HYBx/nOEGiwBYRx69poJSRlCSaPVgLKim+8AmlUZM8+HuuX3
XcRc7z/7G68jzG7gjtQHEOBuXYv61RNjvPd2gmq6kMfGwAnz5vSfDF1V7BfvXqtV
3JO406kM2torxMSwUYRKFssziVWkt+K/cNrtJbz5bl4RL3pReazOXXwA5wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFENLQsVM2NVBCwyMktqGiytMUFp4MB8GA1UdIwQY
MBaAFNtGDSAXlaapku1KwYu3xSwQi3hSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2Ut
ZTgyZWQzZDc2YTg3LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy8xZjM0NmEtYTg3ZC00OTU3LWE0Y2UtZTgyZWQzZDc2YTg3
LzEvMjBZTklCZVZwcW1TN1VyQmk3ZkZMQkNMZUZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALs9L0z9j
yFGamC6vbcYEVhLyrcm58ZVSKg64PTvtnhHULirGtekm6nIDNpYgJagg1b4O9fYF
477eYFFBdcatslI5FrhrLcUR+2QS06qSZfgOS0BeZGItpIdXTaqDlAIgOz8+O2hT
TRNYnYupU/qJu8XD3ems4ATTGshSrM/V3hJu+zHcWd5/1LvzTJHpFgvHqecwRTxo
PH1AamoLQxfzmVTMIdx+wMBunHw1DoLShjx/rm3h4e2lad5PlFROb+0Gl66HAHPc
Q6dxc0NiUXyW8Zz2+PF/qCAgKyZ99Nb9maqCwQrAmE/iUSVgnd4c4Yczq60MwS3Y
4EE0GTobWtIZOg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:04:37 2025 by rpki-client