Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
File: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft (raw, json)
Hash identifier: La17pKaZcxzhfVIenPovuFDmMTNuz9VOPCJY4rFumNM=
Subject key identifier: 94:1B:88:21:BC:F9:D6:D4:93:39:30:19:BB:73:CA:BC:64:86:6A:2C
Authority key identifier: 31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B
Certificate issuer: /CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b
Certificate serial: 019A7226466D98B9175B39C63223D4D7487C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
Manifest number: 0A10
Signing time: Tue 11 Nov 2025 09:01:42 +0000
Manifest this update: Tue 11 Nov 2025 09:01:42 +0000
Manifest next update: Wed 12 Nov 2025 09:01:42 +0000
Files and hashes: 1: MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl (hash: PYhiZtjWHqeWvY4IsSTmXXYjE9Tu1TjxKj9VaCrZSXw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:46:6d:98:b9:17:5b:39:c6:32:23:d4:d7:48:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b1621ce28cbbfef038abd7549fc6cb50e7116b
Validity
Not Before: Nov 11 09:01:42 2025 GMT
Not After : Nov 12 09:01:42 2025 GMT
Subject: CN=941b8821bcf9d6d493393019bb73cabc64866a2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:07:b4:ff:4a:60:52:e6:34:90:02:f0:be:b4:
5b:fa:1f:30:00:fc:ee:32:0b:5b:3c:df:5d:6d:a1:
3d:2e:aa:a2:62:07:62:d6:71:42:71:96:1c:7b:98:
1a:f6:16:98:19:6b:47:81:41:46:19:ab:69:c3:5f:
5e:97:c0:f7:8e:06:1c:aa:ef:b0:96:0d:1c:2c:88:
32:71:4f:30:12:b0:42:b0:0c:58:3e:5f:92:21:4d:
57:00:73:bc:53:5e:19:c5:48:00:9f:1b:2c:0a:bc:
1e:a3:d9:2e:04:84:c0:76:05:80:0c:36:e1:30:6d:
d5:be:57:b5:99:b1:3c:a4:b0:b4:2c:4f:62:7c:14:
f4:7e:f7:0f:74:ac:0c:e4:63:c9:54:35:db:5f:2d:
13:c2:86:0f:ad:46:2f:aa:03:4d:bc:48:2a:b7:b5:
8f:8d:c0:51:bc:6b:4b:7e:ac:c1:90:72:67:e8:a8:
48:68:b1:64:95:41:56:11:65:ee:96:09:8f:03:4d:
bf:e8:f6:83:64:12:25:50:5a:07:4c:14:68:31:ec:
ba:94:1a:0c:f6:39:6a:f8:e1:9a:d3:a7:3d:2a:08:
86:ed:23:cd:2c:5d:7d:a3:0b:47:03:41:e0:15:7a:
12:6a:32:f5:51:c1:b3:4d:6a:32:a0:80:2a:0c:54:
e3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1B:88:21:BC:F9:D6:D4:93:39:30:19:BB:73:CA:BC:64:86:6A:2C
X509v3 Authority Key Identifier:
keyid:31:B1:62:1C:E2:8C:BB:FE:F0:38:AB:D7:54:9F:C6:CB:50:E7:11:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/20602c-8de4-4dec-8b24-6614632723b9/1/MbFiHOKMu_7wOKvXVJ_Gy1DnEWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
02:20:22:fb:09:1e:f8:1f:df:50:24:c0:16:d6:d1:20:05:45:
72:f0:09:89:52:a0:9b:a5:fc:9f:2d:17:72:ee:35:71:99:e6:
e0:23:f0:b4:3b:2c:60:35:8c:f9:be:f4:ce:26:d9:3d:ba:f9:
04:84:1b:67:ec:7d:d6:60:9d:26:95:10:cf:15:08:e5:4b:fe:
cf:25:08:0f:7b:52:dd:40:cf:ec:03:18:1f:b6:22:36:d6:5a:
6f:0a:cd:eb:d1:b8:ad:c1:36:6e:bd:24:54:f9:71:93:5c:16:
e7:32:c8:0b:f9:04:76:76:6a:95:4a:f3:74:eb:dc:5f:19:40:
35:d0:17:86:9a:1c:13:d8:ff:19:b6:74:5d:f0:26:29:bf:c8:
e5:cc:07:15:4c:89:bf:72:1f:a1:9d:c2:dd:10:50:ca:eb:0c:
c3:18:ca:33:65:15:bf:16:78:71:58:ae:50:49:e9:ac:7a:84:
39:ad:06:46:4d:70:1c:b2:de:b1:0b:76:15:ae:e0:35:e7:c0:
ec:1f:5a:30:e7:a6:42:c9:b4:47:eb:97:cd:57:b0:d1:87:bd:
f4:ce:9f:74:cc:ea:29:2f:27:1c:5e:88:ee:c3:3c:c2:65:4c:
f0:2e:1f:6f:fb:2a:8f:a3:34:08:46:33:0c:a9:ac:bc:1f:79:
1a:f4:87:d2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJkZtmLkXWznGMiPU10h8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjE2MjFjZTI4Y2JiZmVmMDM4YWJkNzU0OWZjNmNiNTBl
NzExNmIwHhcNMjUxMTExMDkwMTQyWhcNMjUxMTEyMDkwMTQyWjAzMTEwLwYDVQQD
Eyg5NDFiODgyMWJjZjlkNmQ0OTMzOTMwMTliYjczY2FiYzY0ODY2YTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQe0/0pgUuY0kALwvrRb+h8wAPzu
MgtbPN9dbaE9LqqiYgdi1nFCcZYce5ga9haYGWtHgUFGGatpw19el8D3jgYcqu+w
lg0cLIgycU8wErBCsAxYPl+SIU1XAHO8U14ZxUgAnxssCrweo9kuBITAdgWADDbh
MG3Vvle1mbE8pLC0LE9ifBT0fvcPdKwM5GPJVDXbXy0TwoYPrUYvqgNNvEgqt7WP
jcBRvGtLfqzBkHJn6KhIaLFklUFWEWXulgmPA02/6PaDZBIlUFoHTBRoMey6lBoM
9jlq+OGa06c9KgiG7SPNLF19owtHA0HgFXoSajL1UcGzTWoyoIAqDFTjRQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFJQbiCG8+dbUkzkwGbtzyrxkhmosMB8GA1UdIwQY
MBaAFDGxYhzijLv+8Dir11SfxstQ5xFrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQt
NjYxNDYzMjcyM2I5LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8yMDYwMmMtOGRlNC00ZGVjLThiMjQtNjYxNDYzMjcyM2I5
LzEvTWJGaUhPS011Xzd3T0t2WFZKX0d5MURuRVdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAiAi+wke
+B/fUCTAFtbRIAVFcvAJiVKgm6X8ny0Xcu41cZnm4CPwtDssYDWM+b70zibZPbr5
BIQbZ+x91mCdJpUQzxUI5Uv+zyUID3tS3UDP7AMYH7YiNtZabwrN69G4rcE2br0k
VPlxk1wW5zLIC/kEdnZqlUrzdOvcXxlANdAXhpocE9j/GbZ0XfAmKb/I5cwHFUyJ
v3IfoZ3C3RBQyusMwxjKM2UVvxZ4cViuUEnprHqEOa0GRk1wHLLesQt2Fa7gNefA
7B9aMOemQsm0R+uXzVew0Ye99M6fdMzqKS8nHF6I7sM8wmVM8C4fb/sqj6M0CEYz
DKmsvB95GvSH0g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:06:17 2025 by rpki-client