Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
File: cRcdWnbTurk3KszJJz66ffHFnPI.mft (raw, json)
Hash identifier: GbzltwjQWNImPQEX57vb29T2H5Fpu0/0GZGqaDKbs3c=
Subject key identifier: 8D:36:7F:7F:A4:D8:20:36:84:B7:11:31:20:25:E7:E8:63:37:F2:59
Authority key identifier: 71:17:1D:5A:76:D3:BA:B9:37:2A:CC:C9:27:3E:BA:7D:F1:C5:9C:F2
Certificate issuer: /CN=71171d5a76d3bab9372accc9273eba7df1c59cf2
Certificate serial: 019A71B93A0A386B067CF806C8F486E50657
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:02:35 +0000
Manifest this update: Tue 11 Nov 2025 07:02:35 +0000
Manifest next update: Wed 12 Nov 2025 07:02:35 +0000
Files and hashes: 1: cRcdWnbTurk3KszJJz66ffHFnPI.crl (hash: iSgc78+4VttmRwEAqBmi+cm6622zmGRABy38HDupKsQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:3a:0a:38:6b:06:7c:f8:06:c8:f4:86:e5:06:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71171d5a76d3bab9372accc9273eba7df1c59cf2
Validity
Not Before: Nov 11 07:02:35 2025 GMT
Not After : Nov 12 07:02:35 2025 GMT
Subject: CN=8d367f7fa4d8203684b711312025e7e86337f259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:04:6c:a5:97:02:0b:c4:c5:b6:f0:5e:68:d6:
4c:5a:91:54:c4:1d:f2:0b:4c:c5:e0:5b:f3:6f:7f:
1d:bf:83:a8:11:e7:c8:6e:35:e5:91:39:66:e6:1d:
c7:c4:69:46:f7:71:e9:52:0f:d6:82:0f:04:ed:b9:
2a:16:da:b6:9c:b5:a3:03:28:24:38:7f:54:54:bc:
d2:26:d5:76:5b:0e:65:06:4b:bf:81:a0:97:6b:cf:
ea:c1:a5:46:61:a7:a9:4b:0a:35:a5:d1:1f:a4:db:
a4:8d:6c:e7:27:51:db:23:0d:e4:77:56:53:d9:48:
ad:ff:da:24:69:cd:c4:d6:59:95:ce:af:17:12:fb:
d8:07:21:e2:01:70:41:6d:55:9e:88:e0:97:ef:95:
f6:bb:cf:97:e2:a3:77:f3:2e:1e:bc:22:3b:4f:d7:
2e:98:ae:8e:8b:e9:71:ae:fc:c6:ab:f7:bb:aa:45:
72:b3:2d:a5:e9:ef:84:40:d2:03:97:64:f7:f7:02:
d6:71:39:36:c9:b7:37:c7:83:4a:cf:cb:aa:24:b4:
b3:c3:2a:b3:fb:fd:59:cf:be:e2:67:60:32:32:c7:
99:9a:4a:6a:32:ad:11:c9:bd:41:44:48:a8:4d:c0:
31:53:00:d2:ec:81:0e:c2:ca:b0:0e:d3:b2:7a:d6:
9c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:36:7F:7F:A4:D8:20:36:84:B7:11:31:20:25:E7:E8:63:37:F2:59
X509v3 Authority Key Identifier:
keyid:71:17:1D:5A:76:D3:BA:B9:37:2A:CC:C9:27:3E:BA:7D:F1:C5:9C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRcdWnbTurk3KszJJz66ffHFnPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/dee8b9-c300-45eb-89e1-80699529cceb/1/cRcdWnbTurk3KszJJz66ffHFnPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
29:c8:e1:cf:b3:90:57:66:7c:a1:4e:03:a1:94:8e:a5:03:a0:
06:58:ab:54:b1:9a:94:5a:cc:9e:aa:0d:28:ba:88:b1:e2:a1:
c6:78:48:20:80:68:7f:bc:76:a2:ad:4c:52:80:e4:4b:d2:b0:
a6:76:14:cc:5c:41:6a:be:69:e5:8b:cb:46:08:09:89:f8:6d:
9a:0c:3c:63:f3:f3:a8:65:b8:3a:db:49:21:03:bd:61:d3:8f:
01:83:4b:b4:eb:0f:aa:42:c7:84:6b:d4:07:d8:ab:f0:c2:ab:
e0:28:9a:f7:24:8f:4f:23:8a:2e:37:cb:d9:f8:b8:3e:86:5d:
55:26:ae:c1:89:c2:0e:d6:86:59:b9:62:ea:f2:1e:3a:01:d3:
54:b8:9a:07:ff:01:d2:1c:cb:aa:15:be:89:9b:45:2c:7d:b7:
9d:28:a6:18:71:a4:7e:db:63:2b:e0:db:12:95:b8:69:e5:bd:
97:2c:02:db:69:ca:69:6a:d6:71:eb:e7:e0:27:2a:db:06:44:
46:5d:e6:ba:dc:89:bd:ed:64:61:2a:21:20:f4:4c:70:32:71:
bc:73:a7:88:69:46:3a:d4:18:a7:12:bd:51:ec:cf:a2:34:6c:
b3:b0:81:e3:a6:5b:f1:c7:c1:11:b2:34:9e:a1:c4:01:37:2d:
80:ae:a7:3b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuToKOGsGfPgGyPSG5QZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMTcxZDVhNzZkM2JhYjkzNzJhY2NjOTI3M2ViYTdkZjFj
NTljZjIwHhcNMjUxMTExMDcwMjM1WhcNMjUxMTEyMDcwMjM1WjAzMTEwLwYDVQQD
Eyg4ZDM2N2Y3ZmE0ZDgyMDM2ODRiNzExMzEyMDI1ZTdlODYzMzdmMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1QRspZcCC8TFtvBeaNZMWpFUxB3y
C0zF4Fvzb38dv4OoEefIbjXlkTlm5h3HxGlG93HpUg/Wgg8E7bkqFtq2nLWjAygk
OH9UVLzSJtV2Ww5lBku/gaCXa8/qwaVGYaepSwo1pdEfpNukjWznJ1HbIw3kd1ZT
2Uit/9okac3E1lmVzq8XEvvYByHiAXBBbVWeiOCX75X2u8+X4qN38y4evCI7T9cu
mK6Oi+lxrvzGq/e7qkVysy2l6e+EQNIDl2T39wLWcTk2ybc3x4NKz8uqJLSzwyqz
+/1Zz77iZ2AyMseZmkpqMq0Ryb1BREioTcAxUwDS7IEOwsqwDtOyetacmwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI02f3+k2CA2hLcRMSAl5+hjN/JZMB8GA1UdIwQY
MBaAFHEXHVp207q5NyrMySc+un3xxZzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZWU4YjktYzMwMC00NWViLTg5ZTEt
ODA2OTk1MjljY2ViLzEvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZWU4YjktYzMwMC00NWViLTg5ZTEtODA2OTk1MjljY2Vi
LzEvY1JjZFduYlR1cmszS3N6Skp6NjZmZkhGblBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKcjhz7OQ
V2Z8oU4DoZSOpQOgBlirVLGalFrMnqoNKLqIseKhxnhIIIBof7x2oq1MUoDkS9Kw
pnYUzFxBar5p5YvLRggJifhtmgw8Y/PzqGW4OttJIQO9YdOPAYNLtOsPqkLHhGvU
B9ir8MKr4Cia9ySPTyOKLjfL2fi4PoZdVSauwYnCDtaGWbli6vIeOgHTVLiaB/8B
0hzLqhW+iZtFLH23nSimGHGkfttjK+DbEpW4aeW9lywC22nKaWrWcevn4Ccq2wZE
Rl3mutyJve1kYSohIPRMcDJxvHOniGlGOtQYpxK9UezPojRss7CB46Zb8cfBEbI0
nqHEATctgK6nOw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:47:36 2025 by rpki-client