Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
File: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft (raw, json)
Hash identifier: R5Zj3Qf1aArr26TbtGrI6FEP7AuzFarU+DO63jK55+k=
Subject key identifier: 5F:32:CD:EC:68:84:A5:B8:E9:B3:FA:CC:32:16:DE:27:2D:AF:18:C2
Authority key identifier: DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
Certificate issuer: /CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Certificate serial: 019A7293E98783AD595AB7749A72DADC40EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
Manifest number: 0561
Signing time: Tue 11 Nov 2025 11:01:27 +0000
Manifest this update: Tue 11 Nov 2025 11:01:27 +0000
Manifest next update: Wed 12 Nov 2025 11:01:27 +0000
Files and hashes: 1: 2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl (hash: XkC0v0G18mS1Dwg/lm2chaoQBu7uO6umhPWCMCUok5U=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:e9:87:83:ad:59:5a:b7:74:9a:72:da:dc:40:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daa67c58b4a6fe212fc20fb756949addc1a9a62c
Validity
Not Before: Nov 11 11:01:27 2025 GMT
Not After : Nov 12 11:01:27 2025 GMT
Subject: CN=5f32cdec6884a5b8e9b3facc3216de272daf18c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c5:85:32:8b:c2:5a:26:1c:c8:a3:ca:ba:70:
8a:c6:91:87:62:2f:6f:56:e4:f5:eb:3a:66:18:91:
b4:73:12:82:d4:20:54:22:d6:2f:aa:76:61:90:02:
c2:75:3c:2a:3d:b0:02:58:b5:88:4a:f6:3c:96:01:
4f:1d:41:50:31:08:6f:e5:c0:61:ec:9c:69:16:78:
78:08:47:ed:fb:91:dd:4d:6a:0e:03:4e:14:e3:ec:
c6:de:de:60:6d:45:25:3c:c4:2d:a0:7b:03:2f:d3:
66:59:4d:2d:4c:d3:c8:d2:ee:a8:67:2d:39:5d:ae:
6e:8c:62:26:39:48:87:75:14:fc:55:b6:dd:6c:dc:
b5:cf:41:66:5e:1b:d1:c6:c5:c1:03:40:5a:5c:2e:
5d:c0:15:11:bd:eb:0f:5d:e2:c5:13:aa:29:d5:dd:
9b:2d:a6:ae:d4:0d:02:89:0a:a2:71:0f:d1:eb:79:
90:7a:62:b8:e0:eb:d6:1c:d0:89:9c:ac:86:41:75:
c0:fd:d7:c6:7e:20:c0:9f:37:ab:fc:fb:31:cf:ca:
79:a4:bf:f5:61:63:91:d0:8a:c1:e2:2e:3c:16:05:
3f:02:c1:47:38:7c:a0:21:e3:e3:09:c8:8b:0a:14:
36:2e:3a:dd:f3:ed:95:26:31:62:5c:75:ea:b8:6b:
ee:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:32:CD:EC:68:84:A5:B8:E9:B3:FA:CC:32:16:DE:27:2D:AF:18:C2
X509v3 Authority Key Identifier:
keyid:DA:A6:7C:58:B4:A6:FE:21:2F:C2:0F:B7:56:94:9A:DD:C1:A9:A6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2qZ8WLSm_iEvwg-3VpSa3cGppiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f295ce-826d-4f54-970f-50f34f435f03/1/2qZ8WLSm_iEvwg-3VpSa3cGppiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
6c:82:9a:f2:da:d9:72:6c:36:32:d5:40:fb:9f:27:1b:f3:54:
51:09:9d:e9:11:9c:2c:de:5a:b8:d5:dc:c1:bf:d8:c7:29:af:
fd:df:6f:c6:5e:0a:c9:ec:26:2f:21:f2:65:3d:b7:f6:f4:d4:
5d:9f:5c:28:ca:af:64:dc:c8:ed:b8:4b:a8:a2:36:6c:89:ad:
f0:f5:40:e9:2f:74:c5:5b:3f:11:fa:f2:24:7d:a8:7c:38:37:
a9:ca:b0:aa:40:a9:43:6e:2f:5b:be:25:7d:8d:64:c0:1e:4c:
34:09:60:fa:37:90:9e:c6:22:48:7a:bc:0e:a0:58:a5:94:b8:
ff:af:e5:2b:15:1c:0e:b2:94:40:82:65:85:da:d4:d4:9c:1e:
51:54:71:72:5e:ea:c9:e7:b4:e0:dc:c9:43:f0:9a:2a:37:7f:
64:6e:65:95:7f:5a:4b:89:48:c3:65:b9:50:18:78:35:54:87:
65:48:09:31:d1:63:ab:30:03:d9:a5:ad:bc:b3:25:25:46:fd:
e3:1a:1f:a8:81:29:9d:43:bf:ca:cc:73:cd:4f:ae:25:b5:39:
4f:66:63:30:d9:f1:4c:8b:d1:20:a9:cf:77:a5:2b:6d:b1:2e:
e7:81:73:fd:fd:d8:5e:45:ad:69:a2:f7:40:e3:ca:c4:10:1b:
4b:74:9a:9b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+mHg61ZWrd0mnLa3EDuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYTY3YzU4YjRhNmZlMjEyZmMyMGZiNzU2OTQ5YWRkYzFh
OWE2MmMwHhcNMjUxMTExMTEwMTI3WhcNMjUxMTEyMTEwMTI3WjAzMTEwLwYDVQQD
Eyg1ZjMyY2RlYzY4ODRhNWI4ZTliM2ZhY2MzMjE2ZGUyNzJkYWYxOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MWFMovCWiYcyKPKunCKxpGHYi9v
VuT16zpmGJG0cxKC1CBUItYvqnZhkALCdTwqPbACWLWISvY8lgFPHUFQMQhv5cBh
7JxpFnh4CEft+5HdTWoOA04U4+zG3t5gbUUlPMQtoHsDL9NmWU0tTNPI0u6oZy05
Xa5ujGImOUiHdRT8VbbdbNy1z0FmXhvRxsXBA0BaXC5dwBURvesPXeLFE6op1d2b
Laau1A0CiQqicQ/R63mQemK44OvWHNCJnKyGQXXA/dfGfiDAnzer/Psxz8p5pL/1
YWOR0IrB4i48FgU/AsFHOHygIePjCciLChQ2Ljrd8+2VJjFiXHXquGvu/wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFF8yzexohKW46bP6zDIW3ictrxjCMB8GA1UdIwQY
MBaAFNqmfFi0pv4hL8IPt1aUmt3BqaYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYt
NTBmMzRmNDM1ZjAzLzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMjk1Y2UtODI2ZC00ZjU0LTk3MGYtNTBmMzRmNDM1ZjAz
LzEvMnFaOFdMU21faUV2d2ctM1ZwU2EzY0dwcGl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbIKa8trZ
cmw2MtVA+58nG/NUUQmd6RGcLN5auNXcwb/Yxymv/d9vxl4KyewmLyHyZT239vTU
XZ9cKMqvZNzI7bhLqKI2bImt8PVA6S90xVs/EfryJH2ofDg3qcqwqkCpQ24vW74l
fY1kwB5MNAlg+jeQnsYiSHq8DqBYpZS4/6/lKxUcDrKUQIJlhdrU1JweUVRxcl7q
yee04NzJQ/CaKjd/ZG5llX9aS4lIw2W5UBh4NVSHZUgJMdFjqzAD2aWtvLMlJUb9
4xofqIEpnUO/ysxzzU+uJbU5T2ZjMNnxTIvRIKnPd6UrbbEu54Fz/f3YXkWtaaL3
QOPKxBAbS3Samw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:02:38 2025 by rpki-client