Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json)
Hash identifier: ussApG9r+55dSZngDZMWTkCCQnEZaB8lbBL3XTfDANA=
Subject key identifier: 19:06:23:B9:21:47:78:55:F9:F3:4C:64:63:A0:B2:EA:F8:49:EB:2C
Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Certificate serial: 019A72CA4BA93D69787E96FC3D0EC8E40718
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
Manifest number: 0366
Signing time: Tue 11 Nov 2025 12:00:51 +0000
Manifest this update: Tue 11 Nov 2025 12:00:51 +0000
Manifest next update: Wed 12 Nov 2025 12:00:51 +0000
Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: zhvx6oLM6Z926rmlbnRMoppGaUpFK+PZaGNtU+jrZNw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:ca:4b:a9:3d:69:78:7e:96:fc:3d:0e:c8:e4:07:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5
Validity
Not Before: Nov 11 12:00:51 2025 GMT
Not After : Nov 12 12:00:51 2025 GMT
Subject: CN=190623b921477855f9f34c6463a0b2eaf849eb2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:22:8e:a2:bf:f2:f9:00:9c:e2:f1:0f:a9:
d7:d0:ce:e0:b6:52:20:ff:4b:5b:b1:d5:94:e8:5d:
a8:43:46:f0:4a:fb:33:25:76:60:80:27:ef:ef:b5:
cc:ce:db:39:57:f7:9b:88:ec:d7:c0:8c:d6:24:3b:
85:32:4a:91:d0:d0:38:f6:1b:2c:c5:a7:4d:a4:22:
d8:be:00:c0:7e:c4:3c:4b:b3:32:bf:61:48:04:b6:
ee:92:45:70:ef:25:8c:49:aa:69:5e:92:9b:9e:9d:
8c:8c:e3:f9:83:4b:ff:84:ab:8c:a7:1a:96:8f:cd:
f3:14:5d:65:74:c3:df:34:df:53:a3:40:f3:a3:7d:
e9:f1:b6:01:6a:f7:98:0c:9b:46:9d:2c:8f:71:12:
61:82:a3:94:54:22:ab:0d:53:9e:4b:1e:ec:02:a9:
41:2a:0e:ac:34:59:ff:22:78:17:32:f9:19:45:5f:
00:18:b2:bf:19:00:3b:42:70:6f:9d:76:96:65:cc:
d6:ff:a8:8e:b2:85:33:99:0b:99:fc:7c:dc:7c:6f:
8b:e1:ba:cc:d6:c4:26:78:b8:98:55:28:1f:10:ec:
e2:04:1a:e3:68:6a:73:68:c6:db:92:4c:43:c8:f9:
5d:0e:0f:87:c7:06:bd:e6:3e:75:92:5f:b1:1d:3a:
b1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:06:23:B9:21:47:78:55:F9:F3:4C:64:63:A0:B2:EA:F8:49:EB:2C
X509v3 Authority Key Identifier:
keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
16:94:d4:63:b6:f5:a5:47:7c:70:9b:ae:9c:38:d6:0c:1e:04:
75:1e:5f:a3:09:54:8b:6d:9f:75:e9:32:90:b4:40:5b:0e:f3:
7e:e3:e6:34:ad:7a:bf:a5:a2:b0:d9:80:4c:98:44:3f:23:90:
a8:aa:e6:87:9f:f0:9b:af:fb:fc:ce:ec:bd:6b:5d:b7:6a:f7:
94:c4:51:ea:35:5b:9c:54:a0:1e:88:43:3d:9f:5d:cf:b8:a1:
b5:64:f0:61:31:7c:35:34:4c:15:37:86:07:6e:88:75:38:00:
3e:02:89:7f:cf:13:8d:e7:35:91:a5:f5:6e:0c:b4:c5:74:bd:
80:d9:e0:27:eb:01:11:af:29:cf:bd:b4:20:17:81:bc:de:20:
06:ef:0a:0d:c9:7a:91:50:1c:e6:4f:05:80:ec:2b:3c:84:6e:
0e:b2:b0:9c:5d:ee:ab:0d:10:f7:c0:cf:ab:80:49:59:fb:d1:
be:09:68:3a:4d:01:c4:79:14:4c:3a:8a:53:2f:35:a8:c8:0b:
0b:70:9f:78:81:94:7a:a5:40:99:94:d2:dc:b2:44:40:45:ad:
46:1b:cc:a9:2e:2c:0f:96:17:79:27:4a:82:eb:6e:94:a6:6b:
f5:4b:30:1a:d0:82:bc:84:6a:dc:2c:1f:d1:34:53:d5:07:50:
53:23:09:c2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyykupPWl4fpb8PQ7I5AcYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy
NGY1ZTUwHhcNMjUxMTExMTIwMDUxWhcNMjUxMTEyMTIwMDUxWjAzMTEwLwYDVQQD
EygxOTA2MjNiOTIxNDc3ODU1ZjlmMzRjNjQ2M2EwYjJlYWY4NDllYjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8oijqK/8vkAnOLxD6nX0M7gtlIg
/0tbsdWU6F2oQ0bwSvszJXZggCfv77XMzts5V/ebiOzXwIzWJDuFMkqR0NA49hss
xadNpCLYvgDAfsQ8S7Myv2FIBLbukkVw7yWMSappXpKbnp2MjOP5g0v/hKuMpxqW
j83zFF1ldMPfNN9To0Dzo33p8bYBaveYDJtGnSyPcRJhgqOUVCKrDVOeSx7sAqlB
Kg6sNFn/IngXMvkZRV8AGLK/GQA7QnBvnXaWZczW/6iOsoUzmQuZ/HzcfG+L4brM
1sQmeLiYVSgfEOziBBrjaGpzaMbbkkxDyPldDg+Hxwa95j51kl+xHTqxPwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFBkGI7khR3hV+fNMZGOgsur4SessMB8GA1UdIwQY
MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt
YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh
LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFpTUY7b1
pUd8cJuunDjWDB4EdR5fowlUi22fdekykLRAWw7zfuPmNK16v6WisNmATJhEPyOQ
qKrmh5/wm6/7/M7svWtdt2r3lMRR6jVbnFSgHohDPZ9dz7ihtWTwYTF8NTRMFTeG
B26IdTgAPgKJf88Tjec1kaX1bgy0xXS9gNngJ+sBEa8pz720IBeBvN4gBu8KDcl6
kVAc5k8FgOwrPIRuDrKwnF3uqw0Q98DPq4BJWfvRvgloOk0BxHkUTDqKUy81qMgL
C3CfeIGUeqVAmZTS3LJEQEWtRhvMqS4sD5YXeSdKgutulKZr9UswGtCCvIRq3Cwf
0TRT1QdQUyMJwg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 16:45:17 2025 by rpki-client