Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
File: 1GRmfDSn27AvBTC85ILRGtQkh70.mft (raw, json)
Hash identifier: wu5HdgmODWVTUVKaBQjQdm0HMFkvCnjm/KEyoAcMeiA=
Subject key identifier: 8D:29:35:65:C0:4D:0C:1B:CF:57:B2:F3:4C:F5:04:BA:AE:82:CC:3B
Authority key identifier: D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD
Certificate issuer: /CN=d464667c34a7dbb02f0530bce482d11ad42487bd
Certificate serial: 019A232E1F11DF8D3891229A9AE2AB768318
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
Manifest number: 09E1
Signing time: Mon 27 Oct 2025 01:00:16 +0000
Manifest this update: Mon 27 Oct 2025 01:00:16 +0000
Manifest next update: Tue 28 Oct 2025 01:00:16 +0000
Files and hashes: 1: 1GRmfDSn27AvBTC85ILRGtQkh70.crl (hash: LsIMQfxItUOKFASGJUtcrc1gih60yTV9kBR+XS6t0Eo=)
2: ngLzTXL9yL8qZxP4JODs6i0oJzI.roa (hash: D6+JXEaHb1tO3mpKT7yT9VZcfkQ3PmJxwgv/yQik0ys=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:23:2e:1f:11:df:8d:38:91:22:9a:9a:e2:ab:76:83:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d464667c34a7dbb02f0530bce482d11ad42487bd
Validity
Not Before: Oct 27 01:00:16 2025 GMT
Not After : Oct 28 01:00:16 2025 GMT
Subject: CN=8d293565c04d0c1bcf57b2f34cf504baae82cc3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9c:8d:79:ae:2f:b5:88:ff:0d:fd:93:f2:d9:
ed:ec:a4:e1:61:9f:bf:63:91:a9:8a:0b:50:d4:d4:
16:0d:bd:68:31:bc:aa:11:70:73:e4:14:d4:ba:6c:
02:78:0c:b3:d8:68:e0:ee:dd:ec:8e:bd:42:cd:c4:
f0:fc:25:e3:e7:59:64:26:93:1a:3b:b9:b9:c6:68:
3c:bd:2b:f0:cd:82:5d:5e:ac:b8:cc:9f:05:5d:ab:
27:17:45:ce:55:3a:05:47:5a:92:9d:fb:91:56:0b:
dd:5c:e0:a5:f7:98:e0:32:c7:4e:a6:60:8c:2c:48:
22:9f:10:19:35:fd:bb:fd:41:f7:4e:9b:12:60:5b:
73:6a:4b:f6:22:21:49:08:5a:5e:47:f4:7b:b6:3d:
a9:e2:a4:27:a8:7b:40:3c:bf:52:82:cd:d0:90:06:
10:d1:61:27:c2:34:9e:8d:7c:6b:d9:c3:d2:ee:94:
43:a8:2b:01:af:be:ab:9b:a7:82:76:3e:83:22:e1:
1e:19:34:2e:cb:19:b5:26:56:25:84:ee:9b:04:00:
3e:c3:c6:6b:cb:49:ee:92:20:f7:8d:dc:e0:7a:aa:
80:51:25:43:7f:c6:4e:81:a1:e5:e8:09:5d:e6:a7:
2f:77:c5:19:0a:8a:91:37:31:59:45:80:9a:7a:d9:
f9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:29:35:65:C0:4D:0C:1B:CF:57:B2:F3:4C:F5:04:BA:AE:82:CC:3B
X509v3 Authority Key Identifier:
keyid:D4:64:66:7C:34:A7:DB:B0:2F:05:30:BC:E4:82:D1:1A:D4:24:87:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1GRmfDSn27AvBTC85ILRGtQkh70.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/bf4793-0c84-422c-9b8e-260de6cbf456/1/1GRmfDSn27AvBTC85ILRGtQkh70.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
12:0f:c1:a5:35:aa:3d:11:50:c0:73:24:58:b8:d2:e0:7e:0b:
0c:9b:f3:b4:9f:a0:59:f3:68:78:07:22:aa:64:d4:28:97:83:
3d:5d:43:a7:90:d3:65:d8:f7:ea:a5:f3:08:06:eb:bb:ad:9f:
b9:12:00:60:5b:d0:50:c1:ee:5f:79:88:ce:b5:33:cb:30:b3:
b4:b0:da:af:d8:70:fd:c1:1c:8e:f4:eb:a5:c1:c2:64:19:93:
5d:95:df:73:9e:09:bd:94:4f:cb:f5:9c:ae:eb:66:50:57:f0:
5b:bf:34:b1:79:06:b8:31:30:1f:0b:a8:3c:7c:3d:ec:f8:0d:
88:02:32:dd:b9:97:a5:0d:41:46:66:b3:a9:e7:c7:ea:ee:f6:
d8:12:87:f4:15:5e:84:75:e1:7b:5a:96:89:84:96:a5:cf:3b:
db:88:7c:78:ff:a8:fd:41:98:a8:57:65:66:68:8e:55:c3:c0:
b8:06:50:be:19:83:ce:ff:17:d3:61:ca:53:56:e7:ef:a8:a7:
dc:93:a4:50:84:04:58:0f:49:00:ce:42:d1:e5:0d:c1:c3:4b:
da:aa:fa:91:c1:ee:96:6e:e8:28:9c:42:44:06:68:87:c7:8d:
fa:03:a8:97:f1:18:4e:e7:07:bd:c4:b3:ac:37:5d:92:ac:64:
e1:e0:20:e0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZojLh8R3404kSKamuKrdoMYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NjQ2NjdjMzRhN2RiYjAyZjA1MzBiY2U0ODJkMTFhZDQy
NDg3YmQwHhcNMjUxMDI3MDEwMDE2WhcNMjUxMDI4MDEwMDE2WjAzMTEwLwYDVQQD
Eyg4ZDI5MzU2NWMwNGQwYzFiY2Y1N2IyZjM0Y2Y1MDRiYWFlODJjYzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5yNea4vtYj/Df2T8tnt7KThYZ+/
Y5GpigtQ1NQWDb1oMbyqEXBz5BTUumwCeAyz2Gjg7t3sjr1CzcTw/CXj51lkJpMa
O7m5xmg8vSvwzYJdXqy4zJ8FXasnF0XOVToFR1qSnfuRVgvdXOCl95jgMsdOpmCM
LEginxAZNf27/UH3TpsSYFtzakv2IiFJCFpeR/R7tj2p4qQnqHtAPL9Sgs3QkAYQ
0WEnwjSejXxr2cPS7pRDqCsBr76rm6eCdj6DIuEeGTQuyxm1JlYlhO6bBAA+w8Zr
y0nukiD3jdzgeqqAUSVDf8ZOgaHl6Ald5qcvd8UZCoqRNzFZRYCaetn5tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI0pNWXATQwbz1ey80z1BLqugsw7MB8GA1UdIwQY
MBaAFNRkZnw0p9uwLwUwvOSC0RrUJIe9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUt
MjYwZGU2Y2JmNDU2LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iZjQ3OTMtMGM4NC00MjJjLTliOGUtMjYwZGU2Y2JmNDU2
LzEvMUdSbWZEU24yN0F2QlRDODVJTFJHdFFraDcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEg/BpTWq
PRFQwHMkWLjS4H4LDJvztJ+gWfNoeAciqmTUKJeDPV1Dp5DTZdj36qXzCAbru62f
uRIAYFvQUMHuX3mIzrUzyzCztLDar9hw/cEcjvTrpcHCZBmTXZXfc54JvZRPy/Wc
rutmUFfwW780sXkGuDEwHwuoPHw97PgNiAIy3bmXpQ1BRmazqefH6u722BKH9BVe
hHXhe1qWiYSWpc8724h8eP+o/UGYqFdlZmiOVcPAuAZQvhmDzv8X02HKU1bn76in
3JOkUIQEWA9JAM5C0eUNwcNL2qr6kcHulm7oKJxCRAZoh8eN+gOol/EYTucHvcSz
rDddkqxk4eAg4A==
-----END CERTIFICATE-----
Generated at Mon Oct 27 06:28:26 2025 by rpki-client