Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
File: rHI58-_bN5H1vlVSmbXYFpfz0BI.mft (raw, json)
Hash identifier: XgdT8jJzHlh2psPDWUGGjDm4cC92O1suCOSEylZCyUw=
Subject key identifier: 30:70:EE:10:E2:18:6F:BA:12:85:3A:A6:70:BE:5B:2C:82:46:27:3C
Authority key identifier: AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
Certificate issuer: /CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Certificate serial: 019A722679D883A6345E42736A181F985507
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
Manifest number: 12DB
Signing time: Tue 11 Nov 2025 09:01:55 +0000
Manifest this update: Tue 11 Nov 2025 09:01:55 +0000
Manifest next update: Wed 12 Nov 2025 09:01:55 +0000
Files and hashes: 1: rHI58-_bN5H1vlVSmbXYFpfz0BI.crl (hash: PS3dkVA/cerr7hBDc7rU6eYfxflApMi7WjUiEgzZLNk=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:79:d8:83:a6:34:5e:42:73:6a:18:1f:98:55:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7239f3efdb3791f5be555299b5d81697f3d012
Validity
Not Before: Nov 11 09:01:55 2025 GMT
Not After : Nov 12 09:01:55 2025 GMT
Subject: CN=3070ee10e2186fba12853aa670be5b2c8246273c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5a:24:29:d4:cf:13:04:0b:ed:16:c0:7a:d8:
d8:8d:73:4a:ea:c0:d7:33:77:5b:d9:b4:20:2e:2c:
ad:8b:2a:d4:69:5d:a8:d9:ae:ce:76:a6:a2:8c:9f:
73:c5:c7:6a:f2:6d:9c:88:34:5b:8c:a5:24:b5:4d:
fb:47:79:1b:df:0e:aa:dd:9f:59:33:9b:59:94:61:
37:b6:4c:d8:a3:43:d0:c9:57:f4:18:06:59:11:13:
df:90:99:1c:fd:2b:3a:99:18:80:62:cf:44:de:91:
0e:15:7e:cc:6e:c6:dd:f2:72:8b:2d:2c:5c:e9:64:
bb:3f:bd:ad:cf:7d:8d:0a:d0:1a:f7:60:05:51:0f:
aa:a1:a8:e7:98:6b:e9:05:af:fe:72:f6:8d:49:b9:
e5:ba:f1:22:e7:fc:e4:9f:b0:83:8c:9e:8f:af:7e:
44:12:f3:cf:25:a8:ca:ba:da:22:35:0a:45:80:f6:
20:b8:30:42:b3:b9:a1:00:d2:0c:35:7e:28:74:b4:
0e:b4:f0:11:7e:94:b5:1f:4a:15:d4:a1:a6:f5:87:
ac:4d:10:4e:71:54:73:f9:bc:77:fb:c2:5b:2e:2c:
11:8e:06:60:d6:28:f2:60:66:e0:0d:73:63:01:3d:
c3:8f:65:cd:3d:2d:cb:01:2a:54:7b:a8:42:f9:90:
8d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:70:EE:10:E2:18:6F:BA:12:85:3A:A6:70:BE:5B:2C:82:46:27:3C
X509v3 Authority Key Identifier:
keyid:AC:72:39:F3:EF:DB:37:91:F5:BE:55:52:99:B5:D8:16:97:F3:D0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHI58-_bN5H1vlVSmbXYFpfz0BI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/c890fc-2cf8-4075-875d-ccfc7f07b9cb/1/rHI58-_bN5H1vlVSmbXYFpfz0BI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
8b:0e:61:83:e9:4e:5c:9c:1b:6a:bc:37:28:77:46:f2:ac:e9:
b0:4d:7c:c4:2a:4a:04:7a:f3:f0:b8:a8:ef:08:ce:6e:fb:42:
f2:ee:72:9c:5d:8e:53:2d:29:df:70:74:4d:42:ae:f9:d1:15:
6d:3b:6c:a7:bb:e6:f8:57:58:ee:31:0b:05:8e:9b:f5:8a:c1:
5e:ae:25:7e:03:99:ec:7a:78:b1:74:33:4a:62:c6:c8:4c:0f:
3d:d1:e2:e1:92:16:2e:55:81:f3:e6:92:eb:f2:04:1f:d2:aa:
cc:fc:3e:c7:4b:5c:61:04:d3:d9:a7:c4:7a:a4:c8:3d:86:13:
9a:68:07:d9:39:51:48:09:d0:90:63:65:e2:60:91:23:55:b3:
ff:00:09:32:58:65:36:9b:bb:f4:1f:cf:38:ce:48:ca:cd:b6:
91:99:5d:61:e1:ba:96:c2:9c:4d:85:4e:62:db:dc:02:8f:5f:
ed:f3:4d:8d:8d:8a:bf:13:ab:71:70:6f:16:d2:46:c0:8c:e8:
ca:2f:fa:4f:64:ee:6a:62:aa:48:2d:f3:e1:5f:7b:78:de:60:
ac:08:d1:33:da:0c:cb:7c:3a:dd:c3:d8:f8:64:75:c1:26:53:
3c:c7:b6:1e:34:30:34:fa:da:4b:f3:0a:91:df:15:14:ed:a7:
2f:bf:9c:0d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJnnYg6Y0XkJzahgfmFUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNzIzOWYzZWZkYjM3OTFmNWJlNTU1Mjk5YjVkODE2OTdm
M2QwMTIwHhcNMjUxMTExMDkwMTU1WhcNMjUxMTEyMDkwMTU1WjAzMTEwLwYDVQQD
EygzMDcwZWUxMGUyMTg2ZmJhMTI4NTNhYTY3MGJlNWIyYzgyNDYyNzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVokKdTPEwQL7RbAetjYjXNK6sDX
M3db2bQgLiytiyrUaV2o2a7OdqaijJ9zxcdq8m2ciDRbjKUktU37R3kb3w6q3Z9Z
M5tZlGE3tkzYo0PQyVf0GAZZERPfkJkc/Ss6mRiAYs9E3pEOFX7Mbsbd8nKLLSxc
6WS7P72tz32NCtAa92AFUQ+qoajnmGvpBa/+cvaNSbnluvEi5/zkn7CDjJ6Pr35E
EvPPJajKutoiNQpFgPYguDBCs7mhANIMNX4odLQOtPARfpS1H0oV1KGm9YesTRBO
cVRz+bx3+8JbLiwRjgZg1ijyYGbgDXNjAT3Dj2XNPS3LASpUe6hC+ZCNFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDBw7hDiGG+6EoU6pnC+WyyCRic8MB8GA1UdIwQY
MBaAFKxyOfPv2zeR9b5VUpm12BaX89ASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQt
Y2NmYzdmMDdiOWNiLzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9jODkwZmMtMmNmOC00MDc1LTg3NWQtY2NmYzdmMDdiOWNi
LzEvckhJNTgtX2JONUgxdmxWU21iWFlGcGZ6MEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiw5hg+lO
XJwbarw3KHdG8qzpsE18xCpKBHrz8Lio7wjObvtC8u5ynF2OUy0p33B0TUKu+dEV
bTtsp7vm+FdY7jELBY6b9YrBXq4lfgOZ7Hp4sXQzSmLGyEwPPdHi4ZIWLlWB8+aS
6/IEH9KqzPw+x0tcYQTT2afEeqTIPYYTmmgH2TlRSAnQkGNl4mCRI1Wz/wAJMlhl
Npu79B/POM5Iys22kZldYeG6lsKcTYVOYtvcAo9f7fNNjY2KvxOrcXBvFtJGwIzo
yi/6T2TuamKqSC3z4V97eN5grAjRM9oMy3w63cPY+GR1wSZTPMe2HjQwNPraS/MK
kd8VFO2nL7+cDQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:49:47 2025 by rpki-client