Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
File: giKx_lqaAWNQKFrAeI08yrPrORk.mft (raw, json)
Hash identifier: /gPeZmrL5BJ+AWsJEFQKBbpzgOdCHOMqjZsXwUJWzTM=
Subject key identifier: 2B:BB:5A:EA:14:6E:AC:FC:F2:A9:98:05:0E:AD:07:52:4A:C3:62:F7
Authority key identifier: 82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19
Certificate issuer: /CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
Certificate serial: 019A71EE973DB09C4077C55D8BE7B6324B48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
Manifest number: 0867
Signing time: Tue 11 Nov 2025 08:00:52 +0000
Manifest this update: Tue 11 Nov 2025 08:00:52 +0000
Manifest next update: Wed 12 Nov 2025 08:00:52 +0000
Files and hashes: 1: giKx_lqaAWNQKFrAeI08yrPrORk.crl (hash: AnJsewFR+Xkh+X/fVfr5VbWfWmRZeYLPwAYxnfYopXw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:ee:97:3d:b0:9c:40:77:c5:5d:8b:e7:b6:32:4b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8222b1fe5a9a016350285ac0788d3ccab3eb3919
Validity
Not Before: Nov 11 08:00:52 2025 GMT
Not After : Nov 12 08:00:52 2025 GMT
Subject: CN=2bbb5aea146eacfcf2a998050ead07524ac362f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7a:d8:38:be:ed:32:cd:ef:c2:ce:9e:0d:f1:
c1:83:c6:05:ea:df:5e:3a:73:02:b3:a1:33:7a:ca:
69:d5:11:27:77:4f:23:ce:32:a1:55:07:e5:ce:8b:
0b:8d:6b:3f:76:21:59:07:0b:37:82:d2:3d:51:a4:
a1:30:2e:bc:da:80:02:3b:ce:dd:40:4b:8c:04:f0:
b2:07:95:2d:4a:27:9b:4b:13:64:49:23:5d:70:67:
3f:56:e8:1f:1c:7d:12:aa:b9:58:5d:14:28:5c:9c:
95:4b:d5:7e:91:ff:9c:a9:01:f1:8a:41:87:73:d1:
a4:4f:ac:04:a4:1b:af:02:f7:f2:f9:d3:b6:c3:03:
34:a6:24:84:13:b6:55:49:f8:4f:ea:96:b2:06:d5:
80:d8:fa:08:b9:32:4a:80:9f:66:3f:86:98:2c:fc:
ac:f6:41:15:e0:c0:da:70:73:29:37:7e:ea:c8:cd:
0c:12:d5:10:74:c9:7c:03:7a:06:3b:f5:3d:0e:9b:
13:a2:d7:cb:b2:6b:4c:e8:69:a4:d1:2e:98:7f:28:
8f:dc:66:6c:37:27:6a:4d:65:04:0e:98:e6:eb:e7:
ad:b7:a7:55:12:4f:4e:14:63:58:4f:31:29:6c:87:
20:bd:98:12:7a:85:46:16:ef:52:fd:58:7a:d1:2a:
6d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BB:5A:EA:14:6E:AC:FC:F2:A9:98:05:0E:AD:07:52:4A:C3:62:F7
X509v3 Authority Key Identifier:
keyid:82:22:B1:FE:5A:9A:01:63:50:28:5A:C0:78:8D:3C:CA:B3:EB:39:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/giKx_lqaAWNQKFrAeI08yrPrORk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/220cae-8459-4870-a6a2-30a16485f5c4/1/giKx_lqaAWNQKFrAeI08yrPrORk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
66:bc:29:84:99:b2:a6:e0:81:75:2a:15:59:4d:db:86:6d:af:
11:74:86:cf:77:26:a0:37:bc:60:23:33:e5:28:85:56:dd:2a:
b0:f1:ca:15:d5:ab:6a:f8:5a:be:ce:b0:84:69:e1:6e:18:5e:
f4:a0:b3:42:37:b5:1c:80:68:e9:29:ee:0f:2c:06:3f:52:f4:
34:52:ed:80:78:25:b9:92:9f:02:20:a7:d0:76:53:0b:5c:9d:
0a:53:84:cb:35:3f:42:b7:44:80:20:c8:46:5b:14:4e:11:c6:
42:86:b1:9d:bf:9e:96:35:77:c5:d3:b8:2a:59:ab:d5:f5:3e:
c7:ad:86:66:b1:09:cc:c6:fc:31:a0:87:fb:bf:04:20:e5:77:
bb:49:e9:4b:40:e7:0d:eb:5c:17:41:d7:ba:ba:71:bf:34:bc:
fc:83:63:79:9e:c3:2f:e6:9d:4d:7a:c9:c0:fa:ad:f9:c1:c8:
02:82:07:4f:1f:2b:72:24:c9:f1:65:87:f4:4f:35:04:ea:48:
c1:79:c5:d4:da:af:50:d1:34:34:9c:00:ea:2b:b5:2c:9c:93:
b0:95:d0:29:44:fb:c9:9f:1e:47:52:c1:de:f8:ed:8c:18:30:
b8:96:d7:e6:40:e8:7a:c6:ce:e6:23:4f:cf:98:fb:9f:d9:e4:
83:3e:59:20
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpx7pc9sJxAd8Vdi+e2MktIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMjJiMWZlNWE5YTAxNjM1MDI4NWFjMDc4OGQzY2NhYjNl
YjM5MTkwHhcNMjUxMTExMDgwMDUyWhcNMjUxMTEyMDgwMDUyWjAzMTEwLwYDVQQD
EygyYmJiNWFlYTE0NmVhY2ZjZjJhOTk4MDUwZWFkMDc1MjRhYzM2MmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXrYOL7tMs3vws6eDfHBg8YF6t9e
OnMCs6Ezespp1REnd08jzjKhVQflzosLjWs/diFZBws3gtI9UaShMC682oACO87d
QEuMBPCyB5UtSiebSxNkSSNdcGc/VugfHH0SqrlYXRQoXJyVS9V+kf+cqQHxikGH
c9GkT6wEpBuvAvfy+dO2wwM0piSEE7ZVSfhP6payBtWA2PoIuTJKgJ9mP4aYLPys
9kEV4MDacHMpN37qyM0MEtUQdMl8A3oGO/U9DpsTotfLsmtM6Gmk0S6YfyiP3GZs
NydqTWUEDpjm6+ett6dVEk9OFGNYTzEpbIcgvZgSeoVGFu9S/Vh60SptVQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCu7WuoUbqz88qmYBQ6tB1JKw2L3MB8GA1UdIwQY
MBaAFIIisf5amgFjUChawHiNPMqz6zkZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTIt
MzBhMTY0ODVmNWM0LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yMjBjYWUtODQ1OS00ODcwLWE2YTItMzBhMTY0ODVmNWM0
LzEvZ2lLeF9scWFBV05RS0ZyQWVJMDh5clByT1JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZrwphJmy
puCBdSoVWU3bhm2vEXSGz3cmoDe8YCMz5SiFVt0qsPHKFdWravhavs6whGnhbhhe
9KCzQje1HIBo6SnuDywGP1L0NFLtgHgluZKfAiCn0HZTC1ydClOEyzU/QrdEgCDI
RlsUThHGQoaxnb+eljV3xdO4Klmr1fU+x62GZrEJzMb8MaCH+78EIOV3u0npS0Dn
DetcF0HXurpxvzS8/INjeZ7DL+adTXrJwPqt+cHIAoIHTx8rciTJ8WWH9E81BOpI
wXnF1NqvUNE0NJwA6iu1LJyTsJXQKUT7yZ8eR1LB3vjtjBgwuJbX5kDoesbO5iNP
z5j7n9nkgz5ZIA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:43:14 2025 by rpki-client