Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
File: clOCbDGl92CXvNwqL2UZiKE2flM.mft (raw, json)
Hash identifier: rT/T0agDLRO2W7UVeybeJX/FWQjDr3qHlrQqTsHHQ7Q=
Subject key identifier: DA:0B:15:19:83:34:1D:4E:9B:5F:7F:78:4B:D0:69:B2:69:97:6F:0E
Authority key identifier: 72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
Certificate issuer: /CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Certificate serial: 019A722667B82489FA05FB9CDD4C94D8DBFB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
Manifest number: 09F7
Signing time: Tue 11 Nov 2025 09:01:50 +0000
Manifest this update: Tue 11 Nov 2025 09:01:50 +0000
Manifest next update: Wed 12 Nov 2025 09:01:50 +0000
Files and hashes: 1: clOCbDGl92CXvNwqL2UZiKE2flM.crl (hash: XAQE5a/c3j8vmkZuu8U2K8yyLoo5b7RTAo5g67tjve0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:67:b8:24:89:fa:05:fb:9c:dd:4c:94:d8:db:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7253826c31a5f76097bcdc2a2f651988a1367e53
Validity
Not Before: Nov 11 09:01:50 2025 GMT
Not After : Nov 12 09:01:50 2025 GMT
Subject: CN=da0b151983341d4e9b5f7f784bd069b269976f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:13:84:71:db:c4:a2:f5:5e:c3:9f:ad:f4:0b:
84:b1:9e:81:79:9a:c0:a5:e4:dd:f1:d8:d0:77:f4:
49:de:e2:ca:79:78:17:1b:18:97:3c:15:cf:de:e4:
8a:3a:f6:33:7b:3d:16:8f:8f:d0:be:1d:b1:0b:0b:
f3:eb:65:8c:f2:c6:da:74:af:06:86:52:37:7b:68:
e4:82:90:dc:34:4c:e1:7d:76:ea:54:66:bf:ea:b9:
85:cd:31:a3:1e:90:6b:06:3d:0b:a3:ec:50:ba:1b:
75:b4:a1:a1:56:6b:54:49:c4:01:bc:7b:d4:f8:5c:
8c:83:19:d9:77:e1:4f:4a:3f:87:e0:ba:94:2f:7b:
51:4d:a1:89:27:e4:7d:2a:90:14:19:d9:89:7d:67:
4a:2a:1f:5c:16:bc:23:cd:5e:5a:e6:e9:e0:87:3e:
71:56:63:fa:06:e8:1a:d1:20:d8:34:a9:f9:e0:b2:
02:49:6f:03:6d:98:ae:94:68:f4:59:50:9c:1f:b7:
99:4b:77:e9:1b:0a:a3:51:be:13:14:f2:07:11:35:
f5:47:a2:7e:4f:4f:bf:55:ac:c0:67:a6:a9:ec:93:
93:be:90:f6:9d:46:e6:7e:f6:9c:c6:42:8a:c6:44:
20:70:2b:e5:f1:fb:b0:b0:b6:b5:ad:d9:1a:5d:71:
fa:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:0B:15:19:83:34:1D:4E:9B:5F:7F:78:4B:D0:69:B2:69:97:6F:0E
X509v3 Authority Key Identifier:
keyid:72:53:82:6C:31:A5:F7:60:97:BC:DC:2A:2F:65:19:88:A1:36:7E:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/clOCbDGl92CXvNwqL2UZiKE2flM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/7a4a42-7dc5-40c0-804b-f3f51c1070b9/1/clOCbDGl92CXvNwqL2UZiKE2flM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:1b:14:e5:48:fc:1f:74:12:f0:d7:50:2c:fa:ea:6f:a5:7b:
99:ec:ed:46:2b:d0:6d:86:55:1b:5e:ee:23:ad:22:af:f7:07:
67:ba:2d:02:7e:21:61:73:e3:26:b8:e7:5c:a2:30:21:b9:7f:
46:dc:08:82:f6:a6:5a:af:eb:14:9b:a0:98:f6:a5:c7:60:75:
06:00:e0:e1:d8:48:c4:27:6e:40:a4:ad:a3:6f:b9:7d:dd:33:
3a:f8:3f:45:01:2c:f6:9b:95:ca:e7:26:da:f8:96:24:4a:59:
03:5d:5c:85:e3:d2:77:48:e8:de:c7:cc:fb:80:c3:f8:ac:f9:
96:0e:ce:6b:df:75:46:9b:da:a0:da:8a:4a:ee:c2:16:1d:97:
e6:34:8f:cb:c1:aa:bc:60:b1:aa:2a:1c:c3:3c:2c:ef:42:8a:
ca:91:d6:e6:64:a0:cc:fd:8f:4d:bf:78:94:07:2b:46:00:a9:
eb:ee:9f:ae:9c:93:c2:c3:d1:6e:44:71:6d:f8:23:69:c8:27:
65:f1:60:b5:ac:c7:bd:f5:49:15:d6:cd:ec:a5:0b:c9:ea:90:
04:c8:e2:70:41:e7:54:86:3d:49:4d:bc:04:59:9d:5d:f3:bf:
08:01:5a:e9:10:19:cf:8f:3b:8f:55:b3:e0:a1:2f:92:2e:93:
7d:19:2a:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJme4JIn6Bfuc3UyU2Nv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNTM4MjZjMzFhNWY3NjA5N2JjZGMyYTJmNjUxOTg4YTEz
NjdlNTMwHhcNMjUxMTExMDkwMTUwWhcNMjUxMTEyMDkwMTUwWjAzMTEwLwYDVQQD
EyhkYTBiMTUxOTgzMzQxZDRlOWI1ZjdmNzg0YmQwNjliMjY5OTc2ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9BOEcdvEovVew5+t9AuEsZ6BeZrA
peTd8djQd/RJ3uLKeXgXGxiXPBXP3uSKOvYzez0Wj4/Qvh2xCwvz62WM8sbadK8G
hlI3e2jkgpDcNEzhfXbqVGa/6rmFzTGjHpBrBj0Lo+xQuht1tKGhVmtUScQBvHvU
+FyMgxnZd+FPSj+H4LqUL3tRTaGJJ+R9KpAUGdmJfWdKKh9cFrwjzV5a5unghz5x
VmP6Buga0SDYNKn54LICSW8DbZiulGj0WVCcH7eZS3fpGwqjUb4TFPIHETX1R6J+
T0+/VazAZ6ap7JOTvpD2nUbmfvacxkKKxkQgcCvl8fuwsLa1rdkaXXH60wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNoLFRmDNB1Om19/eEvQabJpl28OMB8GA1UdIwQY
MBaAFHJTgmwxpfdgl7zcKi9lGYihNn5TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGIt
ZjNmNTFjMTA3MGI5LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy83YTRhNDItN2RjNS00MGMwLTgwNGItZjNmNTFjMTA3MGI5
LzEvY2xPQ2JER2w5MkNYdk53cUwyVVppS0UyZmxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRsU5Uj8
H3QS8NdQLPrqb6V7meztRivQbYZVG17uI60ir/cHZ7otAn4hYXPjJrjnXKIwIbl/
RtwIgvamWq/rFJugmPalx2B1BgDg4dhIxCduQKSto2+5fd0zOvg/RQEs9puVyucm
2viWJEpZA11chePSd0jo3sfM+4DD+Kz5lg7Oa991RpvaoNqKSu7CFh2X5jSPy8Gq
vGCxqiocwzws70KKypHW5mSgzP2PTb94lAcrRgCp6+6frpyTwsPRbkRxbfgjacgn
ZfFgtazHvfVJFdbN7KULyeqQBMjicEHnVIY9SU28BFmdXfO/CAFa6RAZz487j1Wz
4KEvki6TfRkqBA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:26:59 2025 by rpki-client