Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
File: ALlD7lfDXyx_T-wGhel9YDsHytI.mft (raw, json)
Hash identifier: vMqjl5RVouNknKU3bk45IG09Q5TZUa72g+qVrCmv9p8=
Subject key identifier: 6B:C9:63:DE:86:BA:06:22:B9:32:35:9E:3C:20:B1:8E:20:0D:A5:9D
Authority key identifier: 00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
Certificate issuer: /CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Certificate serial: 019A7112C8FC906F1AE0E560BE49EA58B398
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
Manifest number: 0AE1
Signing time: Tue 11 Nov 2025 04:00:47 +0000
Manifest this update: Tue 11 Nov 2025 04:00:47 +0000
Manifest next update: Wed 12 Nov 2025 04:00:47 +0000
Files and hashes: 1: ALlD7lfDXyx_T-wGhel9YDsHytI.crl (hash: g55PRntPnwcurNabmsjINOi15toRTba7vO7o578+9Uo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:12:c8:fc:90:6f:1a:e0:e5:60:be:49:ea:58:b3:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00b943ee57c35f2c7f4fec0685e97d603b07cad2
Validity
Not Before: Nov 11 04:00:47 2025 GMT
Not After : Nov 12 04:00:47 2025 GMT
Subject: CN=6bc963de86ba0622b932359e3c20b18e200da59d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:75:2a:8e:0a:41:21:1b:84:15:c4:c3:d8:b2:
01:73:cc:e1:97:ca:cc:ea:a5:d3:f0:7b:db:cc:9a:
f7:8c:bc:fb:20:8e:b9:d1:3d:3c:f2:10:b5:86:4f:
78:65:75:d3:e6:a4:0c:9b:9d:84:f0:71:3e:dd:e3:
82:4c:b6:88:a1:00:7e:bc:f1:cf:8e:4a:12:2d:99:
24:83:6c:de:dd:fb:45:1a:f7:75:0a:66:27:08:ab:
38:f5:89:24:5a:91:11:49:63:0e:5f:de:7f:fd:81:
63:58:1b:1a:05:a0:f6:0d:2b:82:7a:1b:7d:ac:a5:
58:36:e5:63:da:b9:a1:5e:6f:00:12:52:f9:08:e0:
0c:fd:4b:15:cd:2d:c4:35:fd:63:df:b9:c2:eb:67:
49:22:84:02:25:1a:66:63:2c:0b:ab:af:09:a5:dc:
25:73:40:c6:4f:b7:2a:3a:cc:68:7c:1f:8e:73:32:
54:41:40:d2:9b:d8:eb:07:08:28:c8:1f:cd:bc:7f:
f2:58:77:86:d2:b9:90:26:a5:c7:a5:55:56:6c:db:
49:3b:d0:a7:d5:f0:07:40:b5:b0:20:d7:2e:f5:32:
29:b5:d5:be:64:a3:05:0f:f8:cb:fc:16:7c:b1:e5:
45:7d:52:a5:da:ab:91:13:3f:6e:d1:ab:e3:c3:9b:
a7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:C9:63:DE:86:BA:06:22:B9:32:35:9E:3C:20:B1:8E:20:0D:A5:9D
X509v3 Authority Key Identifier:
keyid:00:B9:43:EE:57:C3:5F:2C:7F:4F:EC:06:85:E9:7D:60:3B:07:CA:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ALlD7lfDXyx_T-wGhel9YDsHytI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/48f09e-7386-4139-91c8-3c88e40e711c/1/ALlD7lfDXyx_T-wGhel9YDsHytI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
51:86:7e:67:f0:93:68:6c:85:e7:51:b5:98:fe:d0:7e:51:c4:
97:cf:73:dc:f7:e6:0b:d2:f6:bb:95:6a:1b:2c:0e:9e:d1:98:
20:55:67:19:cd:a5:ec:45:eb:80:39:d3:6a:9e:fc:5b:aa:61:
0c:0f:a9:8b:7b:1e:7c:9d:28:0f:7b:b7:25:e7:24:22:a1:82:
96:31:66:cb:b3:b1:b3:32:71:6f:6d:ca:4b:6b:2c:08:a4:83:
98:fc:35:f9:bd:2f:98:d5:2c:fe:9a:9c:37:39:e8:5a:92:50:
e0:b4:3f:de:65:10:a4:d5:6b:92:61:2b:40:6a:8e:25:e4:8f:
16:43:0e:08:30:e9:41:5a:0e:92:a8:84:63:6d:a0:9d:61:42:
dc:36:ac:42:4e:17:d8:6a:60:da:89:4f:f4:f6:b5:e1:e4:c8:
f7:5b:95:5f:d1:b2:e6:1c:1c:f7:58:f1:14:80:d1:de:8b:db:
d4:7e:ba:dc:b8:e3:49:76:54:81:cb:5e:11:42:9f:a0:e9:06:
98:97:75:6d:8b:f7:d9:b1:84:e7:94:05:b6:cc:94:ca:e4:27:
2c:53:77:eb:41:06:08:e9:35:05:a4:51:73:0f:de:ef:5d:26:
45:49:4d:d4:f6:6d:b8:6a:65:58:a3:d7:fa:3a:66:a0:3b:30:
3f:8f:ac:66
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxEsj8kG8a4OVgvknqWLOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYjk0M2VlNTdjMzVmMmM3ZjRmZWMwNjg1ZTk3ZDYwM2Iw
N2NhZDIwHhcNMjUxMTExMDQwMDQ3WhcNMjUxMTEyMDQwMDQ3WjAzMTEwLwYDVQQD
Eyg2YmM5NjNkZTg2YmEwNjIyYjkzMjM1OWUzYzIwYjE4ZTIwMGRhNTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXUqjgpBIRuEFcTD2LIBc8zhl8rM
6qXT8HvbzJr3jLz7II650T088hC1hk94ZXXT5qQMm52E8HE+3eOCTLaIoQB+vPHP
jkoSLZkkg2ze3ftFGvd1CmYnCKs49YkkWpERSWMOX95//YFjWBsaBaD2DSuCeht9
rKVYNuVj2rmhXm8AElL5COAM/UsVzS3ENf1j37nC62dJIoQCJRpmYywLq68Jpdwl
c0DGT7cqOsxofB+OczJUQUDSm9jrBwgoyB/NvH/yWHeG0rmQJqXHpVVWbNtJO9Cn
1fAHQLWwINcu9TIptdW+ZKMFD/jL/BZ8seVFfVKl2quREz9u0avjw5unawIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGvJY96GugYiuTI1njwgsY4gDaWdMB8GA1UdIwQY
MBaAFAC5Q+5Xw18sf0/sBoXpfWA7B8rSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgt
M2M4OGU0MGU3MTFjLzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80OGYwOWUtNzM4Ni00MTM5LTkxYzgtM2M4OGU0MGU3MTFj
LzEvQUxsRDdsZkRYeXhfVC13R2hlbDlZRHNIeXRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUYZ+Z/CT
aGyF51G1mP7QflHEl89z3PfmC9L2u5VqGywOntGYIFVnGc2l7EXrgDnTap78W6ph
DA+pi3sefJ0oD3u3JeckIqGCljFmy7OxszJxb23KS2ssCKSDmPw1+b0vmNUs/pqc
NznoWpJQ4LQ/3mUQpNVrkmErQGqOJeSPFkMOCDDpQVoOkqiEY22gnWFC3DasQk4X
2Gpg2olP9Pa14eTI91uVX9Gy5hwc91jxFIDR3ovb1H663LjjSXZUgcteEUKfoOkG
mJd1bYv32bGE55QFtsyUyuQnLFN360EGCOk1BaRRcw/e710mRUlN1PZtuGplWKPX
+jpmoDswP4+sZg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:32:45 2025 by rpki-client