Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
File: 7N0ioeDFuwAoDxkz7uz4HNig5rI.mft (raw, json)
Hash identifier: FlV1DtEv0ce7iFOlGmwjB9zjPpH4NRgtqTyxJA+8gsQ=
Subject key identifier: 4D:DD:94:3C:09:51:11:DB:5F:1D:F6:C3:B0:01:F7:7A:D8:BF:1F:77
Authority key identifier: EC:DD:22:A1:E0:C5:BB:00:28:0F:19:33:EE:EC:F8:1C:D8:A0:E6:B2
Certificate issuer: /CN=ecdd22a1e0c5bb00280f1933eeecf81cd8a0e6b2
Certificate serial: 019A71B8EFEFA6BF1DED531BA95F1DF7AF68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
Manifest number: 16AF
Signing time: Tue 11 Nov 2025 07:02:16 +0000
Manifest this update: Tue 11 Nov 2025 07:02:16 +0000
Manifest next update: Wed 12 Nov 2025 07:02:16 +0000
Files and hashes: 1: 7N0ioeDFuwAoDxkz7uz4HNig5rI.crl (hash: 3Dpsd946N8xHRGxRpZrH909w+aeGuPDlVljcgUfu03Q=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:ef:ef:a6:bf:1d:ed:53:1b:a9:5f:1d:f7:af:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecdd22a1e0c5bb00280f1933eeecf81cd8a0e6b2
Validity
Not Before: Nov 11 07:02:16 2025 GMT
Not After : Nov 12 07:02:16 2025 GMT
Subject: CN=4ddd943c095111db5f1df6c3b001f77ad8bf1f77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a6:42:36:60:46:40:11:d6:41:98:12:f8:e6:
98:df:47:88:d2:84:b3:e3:39:fd:e9:52:9a:cb:26:
49:5c:7f:90:93:91:84:00:cf:21:4f:bb:34:81:e7:
88:bd:b8:6a:5f:33:8b:f0:d6:b2:5d:f3:a3:9d:b4:
db:59:3c:10:3c:0d:17:4e:fc:47:25:15:36:6c:1c:
b9:5c:48:69:90:59:67:63:27:99:cc:b7:78:a3:ff:
51:3c:1c:5a:81:4e:20:86:6c:9d:e9:22:4e:48:0f:
0a:45:ec:df:20:ce:5d:1f:12:3e:ea:d5:63:85:54:
4a:58:dd:b2:73:42:8d:59:22:90:23:eb:d7:24:bb:
c8:04:f9:c8:84:a3:99:3c:44:7d:00:c9:59:3b:b7:
5b:11:7e:57:d8:d2:0d:54:51:1d:c8:7f:83:30:8d:
50:72:9e:d1:3a:92:0c:6c:74:49:ae:9b:ba:80:b9:
d9:7f:8e:d8:df:41:21:8a:6a:a5:46:d9:c9:48:50:
9f:d2:fc:33:6b:cb:1d:8f:de:17:8b:4f:17:b6:b9:
72:83:f9:0a:45:09:29:ca:6e:07:cf:c4:d7:42:1f:
a0:07:93:87:64:5c:44:4e:e7:05:6e:3d:1b:a2:24:
72:9f:b8:98:68:e7:91:31:f3:05:60:56:9a:4b:57:
b2:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DD:94:3C:09:51:11:DB:5F:1D:F6:C3:B0:01:F7:7A:D8:BF:1F:77
X509v3 Authority Key Identifier:
keyid:EC:DD:22:A1:E0:C5:BB:00:28:0F:19:33:EE:EC:F8:1C:D8:A0:E6:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7N0ioeDFuwAoDxkz7uz4HNig5rI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/717648-55c0-407a-811e-5961655c34d9/1/7N0ioeDFuwAoDxkz7uz4HNig5rI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:d7:b9:7c:b8:3f:2b:49:a9:c4:7a:ff:ad:93:7c:e6:04:ae:
66:00:69:ef:43:c5:5a:93:b3:c0:3c:19:84:e5:64:5b:d3:4c:
b1:93:4e:77:31:51:77:04:97:ae:5d:37:19:96:77:ac:bc:7c:
b7:9e:ee:6a:b2:f5:d1:61:f2:78:d3:71:ec:3c:dd:b1:60:10:
5a:dd:74:ec:b6:70:06:9a:ba:4e:42:ac:e2:5b:ed:3c:f6:52:
fc:d0:02:77:e2:11:17:e1:38:dd:ff:3a:62:92:b4:b7:a3:8b:
87:38:13:2f:46:9f:1e:54:e4:93:f7:63:a0:fc:74:65:01:e6:
ba:2c:27:35:61:9d:48:ca:ea:2a:8d:92:94:b0:ed:78:62:04:
e5:06:4e:c8:00:80:11:8c:73:48:63:d4:69:c4:ad:15:aa:5d:
6e:d5:ef:d0:4b:3a:f6:c8:62:0d:01:e3:67:11:13:8f:19:9d:
ba:a6:b9:93:13:db:7a:db:88:e1:66:a9:d3:8c:73:60:36:95:
0c:82:83:37:2e:53:9f:ac:42:59:77:6d:55:fe:0d:d9:df:8f:
45:f2:5a:04:04:00:7d:5d:89:71:27:b5:75:a4:a0:5e:da:99:
cf:57:92:93:20:2b:ef:17:2b:5f:f7:f4:ec:ec:d2:5d:bf:bb:
7b:e3:5a:92
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuO/vpr8d7VMbqV8d969oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZGQyMmExZTBjNWJiMDAyODBmMTkzM2VlZWNmODFjZDhh
MGU2YjIwHhcNMjUxMTExMDcwMjE2WhcNMjUxMTEyMDcwMjE2WjAzMTEwLwYDVQQD
Eyg0ZGRkOTQzYzA5NTExMWRiNWYxZGY2YzNiMDAxZjc3YWQ4YmYxZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKZCNmBGQBHWQZgS+OaY30eI0oSz
4zn96VKayyZJXH+Qk5GEAM8hT7s0geeIvbhqXzOL8NayXfOjnbTbWTwQPA0XTvxH
JRU2bBy5XEhpkFlnYyeZzLd4o/9RPBxagU4ghmyd6SJOSA8KRezfIM5dHxI+6tVj
hVRKWN2yc0KNWSKQI+vXJLvIBPnIhKOZPER9AMlZO7dbEX5X2NINVFEdyH+DMI1Q
cp7ROpIMbHRJrpu6gLnZf47Y30EhimqlRtnJSFCf0vwza8sdj94Xi08Xtrlyg/kK
RQkpym4Hz8TXQh+gB5OHZFxETucFbj0boiRyn7iYaOeRMfMFYFaaS1ey+QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFE3dlDwJURHbXx32w7AB93rYvx93MB8GA1UdIwQY
MBaAFOzdIqHgxbsAKA8ZM+7s+BzYoOayMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83MTc2NDgtNTVjMC00MDdhLTgxMWUt
NTk2MTY1NWMzNGQ5LzEvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83MTc2NDgtNTVjMC00MDdhLTgxMWUtNTk2MTY1NWMzNGQ5
LzEvN04waW9lREZ1d0FvRHhrejd1ejRITmlnNXJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUde5fLg/
K0mpxHr/rZN85gSuZgBp70PFWpOzwDwZhOVkW9NMsZNOdzFRdwSXrl03GZZ3rLx8
t57uarL10WHyeNNx7DzdsWAQWt107LZwBpq6TkKs4lvtPPZS/NACd+IRF+E43f86
YpK0t6OLhzgTL0afHlTkk/djoPx0ZQHmuiwnNWGdSMrqKo2SlLDteGIE5QZOyACA
EYxzSGPUacStFapdbtXv0Es69shiDQHjZxETjxmduqa5kxPbetuI4Wap04xzYDaV
DIKDNy5Tn6xCWXdtVf4N2d+PRfJaBAQAfV2JcSe1daSgXtqZz1eSkyAr7xcrX/f0
7OzSXb+7e+Nakg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:36:17 2025 by rpki-client