Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
File: S2T4wOGznYqO-OjItaD_7itTtYc.mft (raw, json)
Hash identifier: INTtgNTaaCBHo5qqum156G5ku/AUW0pThzZXJaw76Qs=
Subject key identifier: 0F:C9:02:E4:FA:56:59:26:39:1D:61:2F:85:01:7E:0B:B7:1A:B3:12
Authority key identifier: 4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
Certificate issuer: /CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Certificate serial: 019A71B924CCCB2E8F657620456D99173DDA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
Manifest number: 0849
Signing time: Tue 11 Nov 2025 07:02:30 +0000
Manifest this update: Tue 11 Nov 2025 07:02:30 +0000
Manifest next update: Wed 12 Nov 2025 07:02:30 +0000
Files and hashes: 1: S2T4wOGznYqO-OjItaD_7itTtYc.crl (hash: zhsUFY4xVs83uKST3lBc7S1nj/lG0tgkjJqxqDWAcGM=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:24:cc:cb:2e:8f:65:76:20:45:6d:99:17:3d:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b64f8c0e1b39d8a8ef8e8c8b5a0ffee2b53b587
Validity
Not Before: Nov 11 07:02:30 2025 GMT
Not After : Nov 12 07:02:30 2025 GMT
Subject: CN=0fc902e4fa565926391d612f85017e0bb71ab312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f5:44:f8:21:ac:58:b0:b0:fe:05:a7:1c:f6:
eb:01:67:52:7f:ff:f6:cc:79:43:05:9d:c6:18:a9:
a8:9a:4e:2f:00:5f:02:b5:13:1a:ff:f7:31:18:56:
e4:20:32:a7:37:55:3c:65:2e:30:ce:d3:53:9f:80:
ca:1f:45:d9:ef:6d:23:c6:fc:fd:11:03:08:f5:f5:
8e:b9:f3:9e:36:82:78:47:6d:02:fd:79:f5:dd:af:
9c:73:d8:d9:96:9f:b5:46:b4:1a:7f:4c:76:7c:85:
04:7f:62:d7:8b:c3:1f:3f:66:1f:6b:04:e5:d0:ee:
d7:54:24:24:15:e1:53:4f:87:94:36:f2:4d:ca:71:
95:69:8b:18:ff:0e:03:32:13:ea:b2:f4:67:4c:d7:
af:c4:a2:9c:8a:3f:74:7b:4c:be:81:a3:45:c3:e8:
c9:1f:c9:da:6f:a7:33:42:31:ea:83:90:5d:dd:de:
d9:85:4b:3d:26:1e:21:a1:69:2c:ea:a8:ce:a9:55:
34:d0:df:de:26:80:65:0e:ac:f5:c0:ee:a8:c4:b5:
43:50:62:3e:30:1f:fc:18:e7:7d:9b:04:79:e4:c2:
7a:70:61:ff:b9:4a:a1:91:a8:6b:aa:47:b9:64:7a:
fb:78:bc:45:a9:3b:31:f4:75:e0:81:cb:62:91:69:
e3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C9:02:E4:FA:56:59:26:39:1D:61:2F:85:01:7E:0B:B7:1A:B3:12
X509v3 Authority Key Identifier:
keyid:4B:64:F8:C0:E1:B3:9D:8A:8E:F8:E8:C8:B5:A0:FF:EE:2B:53:B5:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S2T4wOGznYqO-OjItaD_7itTtYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/c497be-f3b1-4c9b-859e-95d5e16cddef/1/S2T4wOGznYqO-OjItaD_7itTtYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
3e:83:f5:00:25:40:e4:da:ff:fd:bb:bd:65:d8:ef:69:01:d6:
df:46:4b:37:2d:81:d2:8b:29:fd:63:65:b2:88:bc:74:7b:e3:
eb:84:c8:98:f5:6e:11:5a:6a:43:af:c7:5e:40:08:b8:ca:86:
d3:59:4c:8d:5e:f8:a5:00:39:03:d5:0e:a4:f8:69:07:62:b5:
38:4a:f4:90:60:74:dc:e2:96:35:af:7e:78:01:90:ba:22:9c:
0a:97:62:e7:7d:e8:9e:c0:d5:e7:22:db:48:cc:d0:ab:2f:36:
2b:52:45:be:40:0f:1a:ad:94:8f:c7:15:04:72:90:b4:18:ef:
43:b1:05:7d:8b:4b:97:30:26:bc:5c:10:75:76:44:7a:dd:81:
32:5f:c6:8d:72:24:51:35:93:fe:d8:b8:0f:26:98:66:f2:d9:
78:99:3b:e9:3f:d4:5c:5c:d4:05:4b:60:d2:3a:9d:7c:a7:c5:
d1:28:b8:61:14:4c:79:ad:59:20:31:e6:d1:67:a6:3c:2b:22:
86:95:39:1b:77:b7:8e:c9:06:d2:fa:da:0c:0a:7b:08:8b:2b:
92:29:db:7f:54:9b:e0:46:d5:08:86:ba:f1:04:96:46:1a:a0:
b3:bd:c0:0e:6e:20:0b:b2:c2:0c:27:0c:1b:9c:81:cd:3b:6c:
00:4b:e2:ea
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuSTMyy6PZXYgRW2ZFz3aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNjRmOGMwZTFiMzlkOGE4ZWY4ZThjOGI1YTBmZmVlMmI1
M2I1ODcwHhcNMjUxMTExMDcwMjMwWhcNMjUxMTEyMDcwMjMwWjAzMTEwLwYDVQQD
EygwZmM5MDJlNGZhNTY1OTI2MzkxZDYxMmY4NTAxN2UwYmI3MWFiMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufVE+CGsWLCw/gWnHPbrAWdSf//2
zHlDBZ3GGKmomk4vAF8CtRMa//cxGFbkIDKnN1U8ZS4wztNTn4DKH0XZ720jxvz9
EQMI9fWOufOeNoJ4R20C/Xn13a+cc9jZlp+1RrQaf0x2fIUEf2LXi8MfP2YfawTl
0O7XVCQkFeFTT4eUNvJNynGVaYsY/w4DMhPqsvRnTNevxKKcij90e0y+gaNFw+jJ
H8nab6czQjHqg5Bd3d7ZhUs9Jh4hoWks6qjOqVU00N/eJoBlDqz1wO6oxLVDUGI+
MB/8GOd9mwR55MJ6cGH/uUqhkahrqke5ZHr7eLxFqTsx9HXggctikWnjFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFA/JAuT6VlkmOR1hL4UBfgu3GrMSMB8GA1UdIwQY
MBaAFEtk+MDhs52KjvjoyLWg/+4rU7WHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUt
OTVkNWUxNmNkZGVmLzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jNDk3YmUtZjNiMS00YzliLTg1OWUtOTVkNWUxNmNkZGVm
LzEvUzJUNHdPR3puWXFPLU9qSXRhRF83aXRUdFljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPoP1ACVA
5Nr//bu9ZdjvaQHW30ZLNy2B0osp/WNlsoi8dHvj64TImPVuEVpqQ6/HXkAIuMqG
01lMjV74pQA5A9UOpPhpB2K1OEr0kGB03OKWNa9+eAGQuiKcCpdi533onsDV5yLb
SMzQqy82K1JFvkAPGq2Uj8cVBHKQtBjvQ7EFfYtLlzAmvFwQdXZEet2BMl/GjXIk
UTWT/ti4DyaYZvLZeJk76T/UXFzUBUtg0jqdfKfF0Si4YRRMea1ZIDHm0WemPCsi
hpU5G3e3jskG0vraDAp7CIsrkinbf1Sb4EbVCIa68QSWRhqgs73ADm4gC7LCDCcM
G5yBzTtsAEvi6g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:40:57 2025 by rpki-client