Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft
File: 8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft (raw, json)
Hash identifier: AzVId7mnLMiW27QnvKOluRyMwP4buNlfRrRW9zmoNh4=
Subject key identifier: 9A:2A:41:FD:54:8B:BB:2F:8F:90:76:CD:1D:23:00:66:A4:6E:66:C7
Authority key identifier: F0:AC:0C:E7:00:B1:7D:49:9E:89:8E:C7:A1:47:30:40:51:57:C4:78
Certificate issuer: /CN=f0ac0ce700b17d499e898ec7a14730405157c478
Certificate serial: 019A7112D5BD890087C85094E4453CC3DE9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KwM5wCxfUmeiY7HoUcwQFFXxHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 04:00:50 +0000
Manifest this update: Tue 11 Nov 2025 04:00:50 +0000
Manifest next update: Wed 12 Nov 2025 04:00:50 +0000
Files and hashes: 1: 8KwM5wCxfUmeiY7HoUcwQFFXxHg.crl (hash: j5hnxvPydOuJHhCR8VVm70uZR+sF4wBKPon09AlS/PE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/8KwM5wCxfUmeiY7HoUcwQFFXxHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:d5:bd:89:00:87:c8:50:94:e4:45:3c:c3:de:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0ac0ce700b17d499e898ec7a14730405157c478
Validity
Not Before: Nov 11 04:00:50 2025 GMT
Not After : Nov 12 04:00:50 2025 GMT
Subject: CN=9a2a41fd548bbb2f8f9076cd1d230066a46e66c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:70:a9:8f:07:fb:05:5a:ca:a8:be:e1:c1:41:
23:f5:69:4a:0b:61:8f:41:f2:56:3b:d1:4b:3a:88:
89:4f:24:46:4d:94:cb:f9:12:c5:3b:8a:73:b3:5b:
26:b4:1d:e4:f6:d6:87:9f:8d:a2:7d:37:df:64:4b:
dc:8a:96:9d:ac:96:6a:5c:96:f0:e6:19:78:a0:4f:
2d:9c:f3:42:f8:b2:f1:72:77:d4:85:9b:8a:8c:f8:
d4:ad:76:5a:15:25:5c:d8:79:d1:44:cf:85:e3:42:
d8:67:c1:51:68:d3:72:9b:06:f5:9b:f8:37:ec:a8:
7e:ed:d5:31:f8:db:c6:fc:9e:bb:42:2a:e7:b5:7b:
ee:e6:d0:6a:86:23:8b:3a:3d:df:b3:de:33:81:a9:
36:ba:51:65:2f:7d:31:79:d9:33:71:27:47:18:9a:
88:93:f0:2c:1e:26:8c:01:98:49:ac:84:74:35:0d:
b5:e3:18:3f:8f:44:f9:96:18:bf:59:18:c3:cd:c3:
22:95:42:b2:13:74:cf:c7:ce:68:66:55:23:a3:4e:
95:b8:6f:39:89:8d:0d:22:23:6a:df:79:79:0a:a0:
5f:77:20:7e:ca:ef:99:27:c8:5b:bc:d1:76:dc:d9:
77:bd:36:91:86:84:0e:4a:7c:95:9a:26:ec:75:5a:
5d:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2A:41:FD:54:8B:BB:2F:8F:90:76:CD:1D:23:00:66:A4:6E:66:C7
X509v3 Authority Key Identifier:
keyid:F0:AC:0C:E7:00:B1:7D:49:9E:89:8E:C7:A1:47:30:40:51:57:C4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KwM5wCxfUmeiY7HoUcwQFFXxHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/8fb2a6-cae5-4f39-a858-7e46cc3701b9/1/8KwM5wCxfUmeiY7HoUcwQFFXxHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
94:91:96:e3:ac:bd:e8:96:a6:1a:2d:da:6c:a3:f7:b5:8c:00:
86:9c:96:77:bc:d6:8d:5e:9b:67:76:6d:d7:49:a8:ec:27:63:
f0:fb:d8:03:38:73:46:66:b5:e2:8f:9f:a2:ec:6f:c2:c8:7b:
43:0c:01:30:bc:a3:28:b9:87:04:1f:2f:42:98:a2:12:51:d5:
1a:6d:30:d3:3b:04:e0:72:4f:c8:53:bf:70:f7:4b:55:60:93:
2c:14:e6:85:0b:6a:50:51:50:f9:e3:aa:5a:ec:7a:93:f9:2c:
a8:1f:9a:20:1e:fa:f1:69:e2:f9:e8:80:82:97:34:2d:91:88:
33:c9:36:4f:c1:e8:80:52:56:67:18:5d:63:76:e9:f7:0c:b3:
92:47:51:16:ef:8e:25:63:69:7a:52:cc:bf:93:3d:b5:f8:fc:
42:76:c3:63:90:ae:2c:f5:43:4d:5c:9b:d1:bf:32:4d:f2:04:
df:9e:18:d4:a5:86:8b:e5:82:31:73:47:07:b5:17:e2:61:4e:
1e:7f:4f:a1:e6:aa:2f:e4:62:a9:87:a1:52:60:c1:3e:a9:44:
a5:cf:5f:d5:d8:f0:b8:c0:17:f2:15:4b:ae:42:72:b0:18:0e:
c3:d5:bf:fd:bb:1e:d1:f6:ae:bb:d8:3e:d3:0f:ea:0b:b0:e4:
b5:a2:72:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEtW9iQCHyFCU5EU8w96cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYWMwY2U3MDBiMTdkNDk5ZTg5OGVjN2ExNDczMDQwNTE1
N2M0NzgwHhcNMjUxMTExMDQwMDUwWhcNMjUxMTEyMDQwMDUwWjAzMTEwLwYDVQQD
Eyg5YTJhNDFmZDU0OGJiYjJmOGY5MDc2Y2QxZDIzMDA2NmE0NmU2NmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXCpjwf7BVrKqL7hwUEj9WlKC2GP
QfJWO9FLOoiJTyRGTZTL+RLFO4pzs1smtB3k9taHn42ifTffZEvcipadrJZqXJbw
5hl4oE8tnPNC+LLxcnfUhZuKjPjUrXZaFSVc2HnRRM+F40LYZ8FRaNNymwb1m/g3
7Kh+7dUx+NvG/J67QirntXvu5tBqhiOLOj3fs94zgak2ulFlL30xedkzcSdHGJqI
k/AsHiaMAZhJrIR0NQ214xg/j0T5lhi/WRjDzcMilUKyE3TPx85oZlUjo06VuG85
iY0NIiNq33l5CqBfdyB+yu+ZJ8hbvNF23Nl3vTaRhoQOSnyVmibsdVpdswIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJoqQf1Ui7svj5B2zR0jAGakbmbHMB8GA1UdIwQY
MBaAFPCsDOcAsX1JnomOx6FHMEBRV8R4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEt3TTV3Q3hmVW1laVk3SG9VY3dRRkZYeEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC84ZmIyYTYtY2FlNS00ZjM5LWE4NTgt
N2U0NmNjMzcwMWI5LzEvOEt3TTV3Q3hmVW1laVk3SG9VY3dRRkZYeEhnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC84ZmIyYTYtY2FlNS00ZjM5LWE4NTgtN2U0NmNjMzcwMWI5
LzEvOEt3TTV3Q3hmVW1laVk3SG9VY3dRRkZYeEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlJGW46y9
6JamGi3abKP3tYwAhpyWd7zWjV6bZ3Zt10mo7Cdj8PvYAzhzRma14o+fouxvwsh7
QwwBMLyjKLmHBB8vQpiiElHVGm0w0zsE4HJPyFO/cPdLVWCTLBTmhQtqUFFQ+eOq
Wux6k/ksqB+aIB768Wni+eiAgpc0LZGIM8k2T8HogFJWZxhdY3bp9wyzkkdRFu+O
JWNpelLMv5M9tfj8QnbDY5CuLPVDTVyb0b8yTfIE354Y1KWGi+WCMXNHB7UX4mFO
Hn9PoeaqL+RiqYehUmDBPqlEpc9f1djwuMAX8hVLrkJysBgOw9W//bse0fauu9g+
0w/qC7DktaJyIA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:16:09 2025 by rpki-client