Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
File: f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft (raw, json)
Hash identifier: 7WR9eDEONGhQn2hRe33dQTmrgH2t+ytkOGFza+t1dJI=
Subject key identifier: 27:49:DB:67:51:5C:07:29:D1:70:A6:07:7A:BF:EA:41:6F:EA:BC:09
Authority key identifier: 7F:4A:E5:7E:E6:E0:A9:C5:10:1F:C1:4A:87:A5:33:41:50:BB:AB:46
Certificate issuer: /CN=7f4ae57ee6e0a9c5101fc14a87a5334150bbab46
Certificate serial: 019A70A4E7B13EEC50CA48ED1C62CFE97762
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f0rlfubgqcUQH8FKh6UzQVC7q0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
Manifest number: 066D
Signing time: Tue 11 Nov 2025 02:00:46 +0000
Manifest this update: Tue 11 Nov 2025 02:00:46 +0000
Manifest next update: Wed 12 Nov 2025 02:00:46 +0000
Files and hashes: 1: f0rlfubgqcUQH8FKh6UzQVC7q0Y.crl (hash: Nsa+B+0nw0nM310uoj28d+SgzodZxvsTuFsqLGI98BQ=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/f0rlfubgqcUQH8FKh6UzQVC7q0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 02:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:70:a4:e7:b1:3e:ec:50:ca:48:ed:1c:62:cf:e9:77:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f4ae57ee6e0a9c5101fc14a87a5334150bbab46
Validity
Not Before: Nov 11 02:00:46 2025 GMT
Not After : Nov 12 02:00:46 2025 GMT
Subject: CN=2749db67515c0729d170a6077abfea416feabc09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:44:0b:c8:27:f5:e4:c6:27:16:1b:57:e7:df:
88:1a:97:52:03:62:76:6b:23:f0:c9:65:ed:24:2e:
8b:65:c1:28:45:a4:ef:2d:66:2b:28:b0:2a:30:49:
3d:8b:85:34:35:03:d7:b3:66:93:6a:6c:88:2e:f3:
d9:d9:cd:75:60:49:c6:a4:16:f4:0f:fb:2c:30:e2:
bb:e4:32:eb:14:19:3f:2d:a2:d7:dd:8c:28:a0:c2:
e3:67:55:89:22:d9:e9:b0:14:76:57:0f:33:a6:cd:
06:92:4b:a7:0d:45:19:00:b6:7d:18:1c:54:da:5b:
b8:1e:52:f2:ea:8f:2d:c5:24:98:3b:5e:1d:db:44:
1e:75:51:a8:ae:ea:c2:98:40:f8:2f:01:78:e1:b8:
3f:d9:42:51:bb:8b:4d:77:e2:23:1a:20:34:b8:7d:
12:9d:ed:0a:03:e2:1c:2c:22:4a:5a:f6:09:d8:c5:
ba:06:50:63:1e:30:13:5b:db:64:54:04:a1:d5:71:
4a:49:d5:cf:24:2f:a3:48:37:7d:62:76:78:72:61:
ef:c9:f1:da:c4:34:c0:02:71:b0:32:6d:2f:2f:5f:
f5:e5:9f:30:e1:f7:18:04:53:f2:42:84:55:2d:05:
c3:6e:c3:dc:db:02:c7:e4:a4:1b:55:27:e8:15:27:
e8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:49:DB:67:51:5C:07:29:D1:70:A6:07:7A:BF:EA:41:6F:EA:BC:09
X509v3 Authority Key Identifier:
keyid:7F:4A:E5:7E:E6:E0:A9:C5:10:1F:C1:4A:87:A5:33:41:50:BB:AB:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0rlfubgqcUQH8FKh6UzQVC7q0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/11fa44-8879-4d19-b468-5b5d98f5361e/1/f0rlfubgqcUQH8FKh6UzQVC7q0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
0a:46:97:97:04:a1:55:39:c6:e1:1c:73:61:60:6b:8c:ac:84:
12:67:33:9f:f9:96:66:76:27:28:62:ac:88:d3:3a:34:7c:f3:
61:b2:5f:6a:5c:09:7c:31:d5:14:6a:ce:57:b7:e2:d6:6b:f9:
bd:ad:b7:c8:a7:78:8e:1c:34:11:5f:ea:c6:89:aa:36:09:e8:
07:70:66:44:e6:b7:e4:96:22:cd:53:f9:65:b9:14:41:76:8e:
3f:6e:09:cd:12:a1:23:9f:90:83:0c:15:ca:2e:52:6e:44:3a:
fc:1a:f0:b2:40:87:c8:c6:62:80:01:cd:cb:48:45:e1:46:72:
59:60:b7:78:04:7b:0c:32:e9:94:69:df:12:2a:62:07:30:55:
63:b4:29:9f:73:6d:37:7d:9e:86:11:49:dd:1b:eb:2f:56:f5:
29:1a:c8:3b:24:b9:45:c0:f1:b1:85:ab:ac:a1:61:4e:62:dc:
3f:63:a0:a0:df:ca:21:a1:a2:c6:ea:4b:b4:38:0c:98:ea:c0:
d1:ad:48:c6:f9:3f:77:e5:b5:16:b5:a7:2a:b2:38:db:dd:40:
ab:08:d8:1b:36:c3:fe:0f:85:69:17:32:b6:35:4f:5e:02:fa:
83:ec:49:93:1f:99:24:9a:56:6d:f6:c1:df:60:98:de:05:af:
37:c6:68:8c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpwpOexPuxQykjtHGLP6XdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNGFlNTdlZTZlMGE5YzUxMDFmYzE0YTg3YTUzMzQxNTBi
YmFiNDYwHhcNMjUxMTExMDIwMDQ2WhcNMjUxMTEyMDIwMDQ2WjAzMTEwLwYDVQQD
EygyNzQ5ZGI2NzUxNWMwNzI5ZDE3MGE2MDc3YWJmZWE0MTZmZWFiYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUQLyCf15MYnFhtX59+IGpdSA2J2
ayPwyWXtJC6LZcEoRaTvLWYrKLAqMEk9i4U0NQPXs2aTamyILvPZ2c11YEnGpBb0
D/ssMOK75DLrFBk/LaLX3YwooMLjZ1WJItnpsBR2Vw8zps0GkkunDUUZALZ9GBxU
2lu4HlLy6o8txSSYO14d20QedVGorurCmED4LwF44bg/2UJRu4tNd+IjGiA0uH0S
ne0KA+IcLCJKWvYJ2MW6BlBjHjATW9tkVASh1XFKSdXPJC+jSDd9YnZ4cmHvyfHa
xDTAAnGwMm0vL1/15Z8w4fcYBFPyQoRVLQXDbsPc2wLH5KQbVSfoFSfoRwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCdJ22dRXAcp0XCmB3q/6kFv6rwJMB8GA1UdIwQY
MBaAFH9K5X7m4KnFEB/BSoelM0FQu6tGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjBybGZ1YmdxY1VRSDhGS2g2VXpRVkM3cTBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xMWZhNDQtODg3OS00ZDE5LWI0Njgt
NWI1ZDk4ZjUzNjFlLzEvZjBybGZ1YmdxY1VRSDhGS2g2VXpRVkM3cTBZLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xMWZhNDQtODg3OS00ZDE5LWI0NjgtNWI1ZDk4ZjUzNjFl
LzEvZjBybGZ1YmdxY1VRSDhGS2g2VXpRVkM3cTBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACkaXlwSh
VTnG4RxzYWBrjKyEEmczn/mWZnYnKGKsiNM6NHzzYbJfalwJfDHVFGrOV7fi1mv5
va23yKd4jhw0EV/qxomqNgnoB3BmROa35JYizVP5ZbkUQXaOP24JzRKhI5+QgwwV
yi5SbkQ6/BrwskCHyMZigAHNy0hF4UZyWWC3eAR7DDLplGnfEipiBzBVY7Qpn3Nt
N32ehhFJ3RvrL1b1KRrIOyS5RcDxsYWrrKFhTmLcP2OgoN/KIaGixupLtDgMmOrA
0a1Ixvk/d+W1FrWnKrI4291AqwjYGzbD/g+FaRcytjVPXgL6g+xJkx+ZJJpWbfbB
32CY3gWvN8ZojA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:53:57 2025 by rpki-client