Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
File: ya3PjO-lllmLJLm2q2UHDdkcp5w.mft (raw, json)
Hash identifier: 6eAF4wt/nPoInPl5XpKLFgvkrKluzAHfi9frw7F6yJo=
Subject key identifier: A1:3A:52:8D:62:2C:3B:BF:70:43:5B:AD:DE:7B:14:52:DA:8F:80:61
Authority key identifier: C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
Certificate issuer: /CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Certificate serial: 019A71B93DC3659CEC4F1CDE7F79F76EF463
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
Manifest number: 07C6
Signing time: Tue 11 Nov 2025 07:02:36 +0000
Manifest this update: Tue 11 Nov 2025 07:02:36 +0000
Manifest next update: Wed 12 Nov 2025 07:02:36 +0000
Files and hashes: 1: ya3PjO-lllmLJLm2q2UHDdkcp5w.crl (hash: P8ttkmtmc7iztZCp9YMxeRLi/Mj8JG/Xiv+wjlmkRYY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:3d:c3:65:9c:ec:4f:1c:de:7f:79:f7:6e:f4:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9adcf8cefa596598b24b9b6ab65070dd91ca79c
Validity
Not Before: Nov 11 07:02:36 2025 GMT
Not After : Nov 12 07:02:36 2025 GMT
Subject: CN=a13a528d622c3bbf70435badde7b1452da8f8061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b0:46:cf:35:cc:12:7a:c5:21:a0:8d:63:e8:
c3:0a:14:a1:8c:6a:7b:f4:93:fe:4f:98:de:db:66:
79:d7:94:14:93:9c:06:aa:7c:13:51:0f:99:05:d2:
91:7d:32:ff:8e:4e:3d:1e:66:d0:bc:b7:31:48:e9:
e9:d9:10:1b:ba:0e:73:10:c0:35:cd:e7:10:e6:50:
54:12:68:4b:f8:db:b2:22:39:59:fb:bb:c6:cc:60:
01:a4:0a:ee:6a:9b:c8:25:53:7f:2f:48:43:aa:3c:
1b:6c:83:d6:64:3b:34:fa:65:e6:0b:81:3a:d1:d8:
9a:a5:77:40:83:b2:fd:53:05:42:ef:4e:38:23:51:
01:cb:f1:a9:28:bd:6a:6b:67:78:a6:39:f8:96:d0:
68:4e:f7:8b:ad:3e:d5:ca:c3:54:00:38:49:fe:cf:
4d:7e:3d:2b:08:0b:ab:29:c0:f9:f5:1d:a7:ff:2e:
21:54:d8:e2:2f:8a:33:b0:06:a4:e1:99:60:91:30:
e9:24:9e:08:bb:2f:60:a8:0b:dc:f7:4a:28:85:bf:
dd:81:e8:26:78:68:c4:ff:e8:96:1a:3b:67:f8:cb:
af:b4:6e:e1:f0:68:79:3d:0e:6d:c9:e3:f3:f1:96:
f6:83:10:58:e0:8f:be:0f:db:60:f9:41:c6:8c:b4:
2d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:3A:52:8D:62:2C:3B:BF:70:43:5B:AD:DE:7B:14:52:DA:8F:80:61
X509v3 Authority Key Identifier:
keyid:C9:AD:CF:8C:EF:A5:96:59:8B:24:B9:B6:AB:65:07:0D:D9:1C:A7:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ya3PjO-lllmLJLm2q2UHDdkcp5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b0057c-5472-48d5-b107-c55372fab335/1/ya3PjO-lllmLJLm2q2UHDdkcp5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
c6:be:03:5c:af:29:af:9d:64:e3:d1:d6:f0:a4:15:c7:41:97:
1d:b1:84:fd:54:f9:74:23:02:a4:77:aa:42:70:2b:0f:04:c7:
37:a5:44:0f:4e:ef:b5:4e:11:7f:1d:d9:50:e2:85:e2:a2:9d:
2c:b7:ca:2c:e6:b3:31:dd:2a:05:15:12:86:f3:e1:e9:dd:34:
a7:48:3d:c5:ff:91:b5:43:94:60:34:a2:3d:d4:fd:0e:58:86:
31:65:d1:13:4d:da:21:e0:8f:bb:60:3a:73:68:f7:85:f8:39:
19:e3:81:fe:3e:48:c0:bc:9f:15:eb:52:9a:c8:8c:51:4a:1b:
2f:fe:2a:dd:be:45:17:24:ae:93:97:55:06:41:e5:60:da:82:
2e:8c:d3:b2:23:94:be:d7:3d:02:06:30:28:70:d7:6b:2e:0e:
c8:61:cc:70:45:10:5a:8b:55:f6:72:ea:82:48:6e:f2:07:73:
62:f0:34:f9:29:9a:57:6d:1f:43:9b:d1:dd:e1:46:23:37:0a:
8f:e5:54:8c:3b:8b:67:58:ae:1a:58:92:5d:e9:35:ac:a8:90:
55:ad:09:93:e3:d2:e6:7c:8c:2c:48:4d:e9:52:07:47:57:a9:
29:a1:aa:a5:68:e0:23:77:2a:82:6b:e8:8f:e2:00:56:d7:3a:
fa:de:b0:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuT3DZZzsTxzef3n3bvRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5YWRjZjhjZWZhNTk2NTk4YjI0YjliNmFiNjUwNzBkZDkx
Y2E3OWMwHhcNMjUxMTExMDcwMjM2WhcNMjUxMTEyMDcwMjM2WjAzMTEwLwYDVQQD
EyhhMTNhNTI4ZDYyMmMzYmJmNzA0MzViYWRkZTdiMTQ1MmRhOGY4MDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7BGzzXMEnrFIaCNY+jDChShjGp7
9JP+T5je22Z515QUk5wGqnwTUQ+ZBdKRfTL/jk49HmbQvLcxSOnp2RAbug5zEMA1
zecQ5lBUEmhL+NuyIjlZ+7vGzGABpAruapvIJVN/L0hDqjwbbIPWZDs0+mXmC4E6
0diapXdAg7L9UwVC7044I1EBy/GpKL1qa2d4pjn4ltBoTveLrT7VysNUADhJ/s9N
fj0rCAurKcD59R2n/y4hVNjiL4ozsAak4ZlgkTDpJJ4Iuy9gqAvc90oohb/dgegm
eGjE/+iWGjtn+MuvtG7h8Gh5PQ5tyePz8Zb2gxBY4I++D9tg+UHGjLQt/QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKE6Uo1iLDu/cENbrd57FFLaj4BhMB8GA1UdIwQY
MBaAFMmtz4zvpZZZiyS5tqtlBw3ZHKecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDct
YzU1MzcyZmFiMzM1LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iMDA1N2MtNTQ3Mi00OGQ1LWIxMDctYzU1MzcyZmFiMzM1
LzEveWEzUGpPLWxsbG1MSkxtMnEyVUhEZGtjcDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAxr4DXK8p
r51k49HW8KQVx0GXHbGE/VT5dCMCpHeqQnArDwTHN6VED07vtU4Rfx3ZUOKF4qKd
LLfKLOazMd0qBRUShvPh6d00p0g9xf+RtUOUYDSiPdT9DliGMWXRE03aIeCPu2A6
c2j3hfg5GeOB/j5IwLyfFetSmsiMUUobL/4q3b5FFySuk5dVBkHlYNqCLozTsiOU
vtc9AgYwKHDXay4OyGHMcEUQWotV9nLqgkhu8gdzYvA0+SmaV20fQ5vR3eFGIzcK
j+VUjDuLZ1iuGliSXek1rKiQVa0Jk+PS5nyMLEhN6VIHR1epKaGqpWjgI3cqgmvo
j+IAVtc6+t6w5g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:10:54 2025 by rpki-client