Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
File: l37KDVyVbeF79pcQRvLrlc5hXik.mft (raw, json)
Hash identifier: 91DCFfHApECZmc+XQgyV2eKqnfolAinmz0vPlB6jSKg=
Subject key identifier: C2:18:E8:B4:20:5A:18:2D:FC:77:7D:D6:30:5A:BC:E2:AA:E4:27:5F
Authority key identifier: 97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
Certificate issuer: /CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Certificate serial: 019A71B7DCF5AF4EE79D6B74ACCD3ADF8B6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:01:06 +0000
Manifest this update: Tue 11 Nov 2025 07:01:06 +0000
Manifest next update: Wed 12 Nov 2025 07:01:06 +0000
Files and hashes: 1: l37KDVyVbeF79pcQRvLrlc5hXik.crl (hash: VLfKITUMFbsDwU59oxt6OquqY29KkvQnlCO+hWI+aZw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:dc:f5:af:4e:e7:9d:6b:74:ac:cd:3a:df:8b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=977eca0d5c956de17bf6971046f2eb95ce615e29
Validity
Not Before: Nov 11 07:01:06 2025 GMT
Not After : Nov 12 07:01:06 2025 GMT
Subject: CN=c218e8b4205a182dfc777dd6305abce2aae4275f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:23:3b:5f:30:5b:ea:72:87:fd:aa:37:ce:bd:
c9:bc:7e:4f:1b:36:e4:50:14:8f:0f:a2:e1:60:fd:
17:22:5d:f8:55:6e:d3:cb:94:00:e5:6f:e8:0f:5b:
af:62:71:18:ea:bc:15:5b:0d:80:5b:d3:3c:8a:83:
95:44:ed:a9:c3:01:ad:5f:cb:48:04:ee:41:20:ae:
ab:54:c2:cf:16:2e:98:7d:0a:6d:6c:23:05:9a:75:
ca:aa:0d:28:47:21:8c:2b:bc:43:18:0b:5a:aa:df:
b7:ea:dd:96:5a:2c:94:fc:33:99:26:17:01:ec:11:
2d:7e:1b:0a:61:ae:9a:fd:04:6a:c8:41:8a:fd:3f:
38:75:bf:9b:0e:dd:dc:07:9c:76:f6:a9:24:cb:ab:
46:0b:1f:14:69:a6:3f:f0:7c:48:ce:6c:86:e3:8d:
7d:7f:2c:06:06:fe:27:52:eb:b7:c4:a0:f3:dc:58:
65:a6:0a:30:26:e6:09:86:ae:8e:16:bc:3d:a7:4c:
3b:bd:4e:88:68:84:3e:95:bf:b6:45:e7:ba:b4:0f:
9a:4a:32:da:4f:54:04:e5:8d:60:54:e8:e0:99:a8:
1b:4b:f2:ce:1d:08:4a:5e:c3:a4:c1:41:dd:a0:87:
e0:7e:c4:93:5f:df:6b:1c:42:ef:08:dd:20:1c:4f:
f8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:18:E8:B4:20:5A:18:2D:FC:77:7D:D6:30:5A:BC:E2:AA:E4:27:5F
X509v3 Authority Key Identifier:
keyid:97:7E:CA:0D:5C:95:6D:E1:7B:F6:97:10:46:F2:EB:95:CE:61:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l37KDVyVbeF79pcQRvLrlc5hXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/32abd8-bedb-4b7d-a463-79706b345bbb/1/l37KDVyVbeF79pcQRvLrlc5hXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
81:bc:45:c9:73:1a:ab:92:07:88:51:7e:09:c9:5e:3b:87:9d:
31:ad:4e:d2:32:a8:93:1c:91:73:fa:5c:17:f9:e8:38:7a:81:
a5:31:3a:38:e8:0c:42:9c:58:82:b5:86:0b:ce:92:ed:d3:58:
a5:aa:6d:cf:9f:15:53:6f:73:63:a6:61:f6:c1:97:10:49:b2:
d3:20:6b:13:24:9f:22:47:6a:0c:84:c0:78:1b:17:c0:00:6d:
5f:30:d9:9d:8f:61:1d:e2:84:6c:91:31:5d:eb:1b:d6:26:21:
0f:ac:60:42:2b:2e:7f:83:03:a2:c5:31:c7:76:3f:7b:2d:36:
b0:6b:0b:18:98:e4:da:af:59:20:42:c2:6c:0b:20:cf:35:cd:
33:f6:90:ee:3f:1c:bc:bf:ad:35:1b:39:81:c4:24:64:5b:40:
7b:67:cd:43:df:ce:a3:40:9e:b9:51:4c:e1:5a:e2:ef:54:1c:
16:c2:c4:63:34:10:54:6c:c8:03:22:d3:7c:8d:59:f9:23:e3:
41:11:9d:46:f0:28:7a:a1:3f:34:57:9f:c9:e9:74:dd:b1:da:
f7:73:27:a5:a4:4c:38:12:34:74:ef:d7:54:8b:7c:0c:fa:24:
d4:6f:cb:62:22:74:3f:5d:41:3d:50:1d:da:75:fa:24:13:2b:
1e:34:98:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt9z1r07nnWt0rM0634tsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3N2VjYTBkNWM5NTZkZTE3YmY2OTcxMDQ2ZjJlYjk1Y2U2
MTVlMjkwHhcNMjUxMTExMDcwMTA2WhcNMjUxMTEyMDcwMTA2WjAzMTEwLwYDVQQD
EyhjMjE4ZThiNDIwNWExODJkZmM3NzdkZDYzMDVhYmNlMmFhZTQyNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiM7XzBb6nKH/ao3zr3JvH5PGzbk
UBSPD6LhYP0XIl34VW7Ty5QA5W/oD1uvYnEY6rwVWw2AW9M8ioOVRO2pwwGtX8tI
BO5BIK6rVMLPFi6YfQptbCMFmnXKqg0oRyGMK7xDGAtaqt+36t2WWiyU/DOZJhcB
7BEtfhsKYa6a/QRqyEGK/T84db+bDt3cB5x29qkky6tGCx8UaaY/8HxIzmyG4419
fywGBv4nUuu3xKDz3FhlpgowJuYJhq6OFrw9p0w7vU6IaIQ+lb+2Ree6tA+aSjLa
T1QE5Y1gVOjgmagbS/LOHQhKXsOkwUHdoIfgfsSTX99rHELvCN0gHE/48QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMIY6LQgWhgt/Hd91jBavOKq5CdfMB8GA1UdIwQY
MBaAFJd+yg1clW3he/aXEEby65XOYV4pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMt
Nzk3MDZiMzQ1YmJiLzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8zMmFiZDgtYmVkYi00YjdkLWE0NjMtNzk3MDZiMzQ1YmJi
LzEvbDM3S0RWeVZiZUY3OXBjUVJ2THJsYzVoWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgbxFyXMa
q5IHiFF+CcleO4edMa1O0jKokxyRc/pcF/noOHqBpTE6OOgMQpxYgrWGC86S7dNY
paptz58VU29zY6Zh9sGXEEmy0yBrEySfIkdqDITAeBsXwABtXzDZnY9hHeKEbJEx
Xesb1iYhD6xgQisuf4MDosUxx3Y/ey02sGsLGJjk2q9ZIELCbAsgzzXNM/aQ7j8c
vL+tNRs5gcQkZFtAe2fNQ9/Oo0CeuVFM4Vri71QcFsLEYzQQVGzIAyLTfI1Z+SPj
QRGdRvAoeqE/NFefyel03bHa93MnpaRMOBI0dO/XVIt8DPok1G/LYiJ0P11BPVAd
2nX6JBMrHjSYzQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:58:39 2025 by rpki-client