Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft
File: IaqfF_jMpH37krSQLSwrMgPb7aY.mft (raw, json)
Hash identifier: m3KC91PfyX/dcQMPhh4PY527HI12a9PPno8PiazLGok=
Subject key identifier: 27:8F:C8:0E:B2:63:F2:C3:08:23:4C:EA:68:55:98:81:5D:B1:85:0A
Authority key identifier: 21:AA:9F:17:F8:CC:A4:7D:FB:92:B4:90:2D:2C:2B:32:03:DB:ED:A6
Certificate issuer: /CN=21aa9f17f8cca47dfb92b4902d2c2b3203dbeda6
Certificate serial: 019A71B7BDB23B8339EFE203CC33C219FD82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaqfF_jMpH37krSQLSwrMgPb7aY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft
Manifest number: 07BB
Signing time: Tue 11 Nov 2025 07:00:58 +0000
Manifest this update: Tue 11 Nov 2025 07:00:58 +0000
Manifest next update: Wed 12 Nov 2025 07:00:58 +0000
Files and hashes: 1: IaqfF_jMpH37krSQLSwrMgPb7aY.crl (hash: WdfdJ7dgBfsQGVxu3agAcdU61ky4SgSkKumkMWvmF1Y=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IaqfF_jMpH37krSQLSwrMgPb7aY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:bd:b2:3b:83:39:ef:e2:03:cc:33:c2:19:fd:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa9f17f8cca47dfb92b4902d2c2b3203dbeda6
Validity
Not Before: Nov 11 07:00:58 2025 GMT
Not After : Nov 12 07:00:58 2025 GMT
Subject: CN=278fc80eb263f2c308234cea685598815db1850a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:94:3d:01:fa:4b:04:58:8d:8a:5e:a1:67:f7:
0c:94:56:b5:f6:41:4c:00:de:44:bc:70:60:25:31:
2c:4c:50:4b:58:82:23:24:fa:40:de:c6:0b:ed:dc:
59:d9:0e:1c:88:0b:80:d4:46:cc:da:63:c4:a3:6c:
b1:e4:c0:ff:b8:a7:5a:be:e5:40:96:dd:0d:de:e3:
d2:39:e8:b4:69:2f:c5:da:f1:26:40:e5:2f:b1:59:
80:8f:e4:2d:d9:a5:24:0e:96:19:88:cf:8f:b8:06:
18:e7:dc:56:ae:9d:ba:a6:91:55:20:a3:7c:48:65:
a9:55:bc:47:9b:19:32:4c:93:9e:4e:32:d8:cc:c5:
7f:92:55:78:43:a1:85:4a:18:3b:5b:37:be:1d:e6:
9b:d3:31:b7:44:a7:60:e0:53:74:fa:d9:5c:63:b9:
a9:95:34:b5:f1:45:db:90:a4:fe:07:e3:30:30:8b:
30:42:dc:b3:1e:d0:5e:b2:a7:90:31:27:76:b4:f6:
be:5c:51:7d:0f:d5:1b:80:8b:d7:7d:d2:b2:73:92:
09:c2:f6:85:49:1d:50:ae:51:a4:b6:1a:aa:79:8b:
75:dc:62:bb:c0:55:e3:d4:80:33:07:0a:94:82:aa:
c0:d3:80:19:cb:95:c1:7f:76:9b:bf:8d:62:b2:e2:
32:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:8F:C8:0E:B2:63:F2:C3:08:23:4C:EA:68:55:98:81:5D:B1:85:0A
X509v3 Authority Key Identifier:
keyid:21:AA:9F:17:F8:CC:A4:7D:FB:92:B4:90:2D:2C:2B:32:03:DB:ED:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaqfF_jMpH37krSQLSwrMgPb7aY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/d68dff-95e1-4c90-9ec6-55029280fec1/1/IaqfF_jMpH37krSQLSwrMgPb7aY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a0:89:c4:c1:58:4f:94:66:c1:e1:f0:ac:49:c5:7a:e2:ce:68:
96:56:ce:d7:cc:ac:1b:c4:70:2f:cf:b2:4c:d0:7f:80:c9:72:
54:71:54:a3:11:4a:78:18:7f:68:06:32:21:2b:dd:73:26:b9:
6e:d7:15:43:a4:7c:5a:a0:3b:2a:4b:b0:86:2b:06:02:45:45:
66:b1:8a:d9:61:10:6b:d7:cc:f0:2a:b7:f0:4c:3c:b1:6a:7f:
76:47:9f:64:4f:8b:6a:5c:e5:18:d2:ea:36:a8:98:2e:bb:75:
7e:7a:5d:b5:20:45:3e:96:14:d0:94:28:4e:06:10:ef:d4:11:
64:89:c7:cc:8a:e8:95:be:dc:71:94:f9:90:97:2a:4c:8b:67:
88:f6:7b:4b:d0:81:58:29:73:1b:a6:e6:d3:9e:f7:0f:0d:1a:
7b:bc:c1:58:ae:8e:a0:02:98:ca:e0:5e:e4:48:7f:8c:5b:15:
e2:ed:c4:d3:f4:ca:09:da:8d:9c:99:ab:94:1b:fc:c8:7a:98:
70:04:b2:25:b0:0b:e9:aa:97:60:43:80:28:56:69:73:7a:9a:
2e:aa:e4:6c:90:ba:c4:22:5c:dc:0a:d9:bd:22:74:7c:1b:4f:
57:d1:fd:7d:0d:69:2a:ae:2a:74:a2:bd:28:fc:1f:ef:f1:bd:
58:d9:a2:e7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt72yO4M57+IDzDPCGf2CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWE5ZjE3ZjhjY2E0N2RmYjkyYjQ5MDJkMmMyYjMyMDNk
YmVkYTYwHhcNMjUxMTExMDcwMDU4WhcNMjUxMTEyMDcwMDU4WjAzMTEwLwYDVQQD
EygyNzhmYzgwZWIyNjNmMmMzMDgyMzRjZWE2ODU1OTg4MTVkYjE4NTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5Q9AfpLBFiNil6hZ/cMlFa19kFM
AN5EvHBgJTEsTFBLWIIjJPpA3sYL7dxZ2Q4ciAuA1EbM2mPEo2yx5MD/uKdavuVA
lt0N3uPSOei0aS/F2vEmQOUvsVmAj+Qt2aUkDpYZiM+PuAYY59xWrp26ppFVIKN8
SGWpVbxHmxkyTJOeTjLYzMV/klV4Q6GFShg7Wze+Heab0zG3RKdg4FN0+tlcY7mp
lTS18UXbkKT+B+MwMIswQtyzHtBesqeQMSd2tPa+XFF9D9UbgIvXfdKyc5IJwvaF
SR1QrlGkthqqeYt13GK7wFXj1IAzBwqUgqrA04AZy5XBf3abv41isuIyaQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCePyA6yY/LDCCNM6mhVmIFdsYUKMB8GA1UdIwQY
MBaAFCGqnxf4zKR9+5K0kC0sKzID2+2mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFxZkZfak1wSDM3a3JTUUxTd3JNZ1BiN2FZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi9kNjhkZmYtOTVlMS00YzkwLTllYzYt
NTUwMjkyODBmZWMxLzEvSWFxZkZfak1wSDM3a3JTUUxTd3JNZ1BiN2FZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi9kNjhkZmYtOTVlMS00YzkwLTllYzYtNTUwMjkyODBmZWMx
LzEvSWFxZkZfak1wSDM3a3JTUUxTd3JNZ1BiN2FZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoInEwVhP
lGbB4fCsScV64s5ollbO18ysG8RwL8+yTNB/gMlyVHFUoxFKeBh/aAYyISvdcya5
btcVQ6R8WqA7KkuwhisGAkVFZrGK2WEQa9fM8Cq38Ew8sWp/dkefZE+LalzlGNLq
NqiYLrt1fnpdtSBFPpYU0JQoTgYQ79QRZInHzIrolb7ccZT5kJcqTItniPZ7S9CB
WClzG6bm0573Dw0ae7zBWK6OoAKYyuBe5Eh/jFsV4u3E0/TKCdqNnJmrlBv8yHqY
cASyJbAL6aqXYEOAKFZpc3qaLqrkbJC6xCJc3ArZvSJ0fBtPV9H9fQ1pKq4qdKK9
KPwf7/G9WNmi5w==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:37:32 2025 by rpki-client