Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
File: apc35u85FOD8zAaQI76XGYuRN5E.mft (raw, json)
Hash identifier: HEFZml3mG3I1keyHepa7LJ+li2MX3ZVWwf4Fsk3xw7o=
Subject key identifier: 7B:0D:9D:FD:32:B3:B5:B0:D5:F8:41:15:4B:9C:88:42:F7:BB:28:39
Authority key identifier: 6A:97:37:E6:EF:39:14:E0:FC:CC:06:90:23:BE:97:19:8B:91:37:91
Certificate issuer: /CN=6a9737e6ef3914e0fccc069023be97198b913791
Certificate serial: 019A71B7F7F865DD4F26C02B462C9634BCE6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
Manifest number: 171B
Signing time: Tue 11 Nov 2025 07:01:13 +0000
Manifest this update: Tue 11 Nov 2025 07:01:13 +0000
Manifest next update: Wed 12 Nov 2025 07:01:13 +0000
Files and hashes: 1: apc35u85FOD8zAaQI76XGYuRN5E.crl (hash: UhUUSe4XWaMP3aswzsTVsSzM+mEwsn6zpenaEx7qdIc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:f7:f8:65:dd:4f:26:c0:2b:46:2c:96:34:bc:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a9737e6ef3914e0fccc069023be97198b913791
Validity
Not Before: Nov 11 07:01:13 2025 GMT
Not After : Nov 12 07:01:13 2025 GMT
Subject: CN=7b0d9dfd32b3b5b0d5f841154b9c8842f7bb2839
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d2:4c:19:6f:be:41:a8:5a:ca:46:27:10:c2:
24:1a:27:ed:b3:59:72:a3:36:20:de:22:fa:e5:2e:
fc:7b:ff:13:9d:e0:94:b2:d0:07:b5:f5:63:37:11:
f5:19:33:e7:fd:57:67:29:f3:f6:f2:a2:c2:e2:3f:
7e:bc:29:73:8e:47:a1:e9:96:32:33:79:a9:e6:c4:
ad:12:a3:cd:7a:98:03:f9:45:dc:e1:af:07:45:11:
a4:ce:24:15:df:e2:05:1c:9e:a0:4e:92:be:5e:0f:
87:f2:45:c9:dd:91:7e:d0:45:a9:4d:60:99:38:c2:
00:8e:60:7b:b6:ae:d5:12:bb:b0:6d:cb:60:07:e5:
71:2f:c0:55:bd:de:8c:39:17:b2:0a:a0:7d:06:a4:
a6:b1:40:aa:dc:ba:c4:5c:b7:57:5e:b6:5e:4f:b1:
54:8f:53:47:05:d4:45:a9:3f:25:05:01:a2:4d:58:
74:11:04:e3:a6:2a:dc:53:2b:34:e4:51:89:e0:aa:
59:0a:89:d0:44:e6:00:8d:0a:58:8d:78:2c:cb:ca:
c9:5a:09:f2:ba:cb:5a:ea:2e:f3:fe:77:a3:e9:73:
8d:4c:64:e0:e0:8a:11:3a:c2:43:53:fd:c6:60:e2:
51:72:74:32:73:ca:17:0d:52:ad:4c:1e:d8:cb:70:
4d:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0D:9D:FD:32:B3:B5:B0:D5:F8:41:15:4B:9C:88:42:F7:BB:28:39
X509v3 Authority Key Identifier:
keyid:6A:97:37:E6:EF:39:14:E0:FC:CC:06:90:23:BE:97:19:8B:91:37:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/apc35u85FOD8zAaQI76XGYuRN5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8438f5-6c9c-4703-9fe2-015fde45d0ea/1/apc35u85FOD8zAaQI76XGYuRN5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
91:89:3e:f3:19:fd:fa:98:9c:28:cd:e4:69:4f:9c:2d:90:0b:
7b:29:45:4c:50:aa:67:21:49:25:ba:8d:69:f3:d7:dd:a6:98:
3b:4f:20:94:ca:61:98:da:89:b5:11:b5:80:28:3d:70:d4:02:
0f:2f:77:d0:18:ac:fc:cf:38:2e:88:23:e9:92:dd:e8:bc:b6:
40:d8:24:76:df:e1:4d:97:23:0a:6e:97:f8:33:c7:48:0d:8c:
1c:d4:aa:07:dd:4d:66:3a:36:d7:5c:5a:8d:5e:46:9a:c2:f5:
01:e6:76:62:3c:03:d1:e5:a5:77:30:fe:41:89:75:d0:39:69:
da:9a:01:52:92:02:68:7c:44:7f:31:1c:1b:64:60:5c:e4:4d:
8d:62:7c:63:32:2c:e5:82:06:8c:5c:d2:99:89:98:51:41:5d:
62:d6:d3:b5:71:4e:c2:fb:bd:f8:0e:69:9b:3a:28:02:1e:23:
15:89:58:f5:93:e9:bd:27:2d:c7:96:a3:12:fc:3b:3c:40:0b:
be:bf:17:d8:00:81:2b:10:e8:7a:da:92:17:c9:e4:03:f1:78:
7f:f3:80:a5:fa:dc:12:35:73:8f:cb:69:10:2c:04:02:b2:fd:
a6:f3:b0:82:9b:39:3b:2b:89:48:bb:46:bf:48:4b:6e:dd:8f:
d1:ff:ea:b2
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt/f4Zd1PJsArRiyWNLzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOTczN2U2ZWYzOTE0ZTBmY2NjMDY5MDIzYmU5NzE5OGI5
MTM3OTEwHhcNMjUxMTExMDcwMTEzWhcNMjUxMTEyMDcwMTEzWjAzMTEwLwYDVQQD
Eyg3YjBkOWRmZDMyYjNiNWIwZDVmODQxMTU0YjljODg0MmY3YmIyODM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9JMGW++QahaykYnEMIkGifts1ly
ozYg3iL65S78e/8TneCUstAHtfVjNxH1GTPn/VdnKfP28qLC4j9+vClzjkeh6ZYy
M3mp5sStEqPNepgD+UXc4a8HRRGkziQV3+IFHJ6gTpK+Xg+H8kXJ3ZF+0EWpTWCZ
OMIAjmB7tq7VEruwbctgB+VxL8BVvd6MOReyCqB9BqSmsUCq3LrEXLdXXrZeT7FU
j1NHBdRFqT8lBQGiTVh0EQTjpircUys05FGJ4KpZConQROYAjQpYjXgsy8rJWgny
usta6i7z/nej6XONTGTg4IoROsJDU/3GYOJRcnQyc8oXDVKtTB7Yy3BNzwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHsNnf0ys7Ww1fhBFUuciEL3uyg5MB8GA1UdIwQY
MBaAFGqXN+bvORTg/MwGkCO+lxmLkTeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84NDM4ZjUtNmM5Yy00NzAzLTlmZTIt
MDE1ZmRlNDVkMGVhLzEvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84NDM4ZjUtNmM5Yy00NzAzLTlmZTItMDE1ZmRlNDVkMGVh
LzEvYXBjMzV1ODVGT0Q4ekFhUUk3NlhHWXVSTjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkYk+8xn9
+picKM3kaU+cLZALeylFTFCqZyFJJbqNafPX3aaYO08glMphmNqJtRG1gCg9cNQC
Dy930Bis/M84Logj6ZLd6Ly2QNgkdt/hTZcjCm6X+DPHSA2MHNSqB91NZjo211xa
jV5GmsL1AeZ2YjwD0eWldzD+QYl10Dlp2poBUpICaHxEfzEcG2RgXORNjWJ8YzIs
5YIGjFzSmYmYUUFdYtbTtXFOwvu9+A5pmzooAh4jFYlY9ZPpvSctx5ajEvw7PEAL
vr8X2ACBKxDoetqSF8nkA/F4f/OApfrcEjVzj8tpECwEArL9pvOwgps5OyuJSLtG
v0hLbt2P0f/qsg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:38:57 2025 by rpki-client