Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/f72a1e-6adb-4302-a0e8-d42a81b81e23/1/20bM9fil_kT0v9m6ZrpRJG2osYQ.mft
File: 20bM9fil_kT0v9m6ZrpRJG2osYQ.mft (raw, json)
Hash identifier: JiPpH95n9XziAt/araiOfbeAIytCNikDAjhZSP5a+7I=
Subject key identifier: 74:BE:44:61:F1:82:E1:6C:C1:FD:9D:D9:B2:1D:84:39:AD:BD:7D:40
Authority key identifier: DB:46:CC:F5:F8:A5:FE:44:F4:BF:D9:BA:66:BA:51:24:6D:A8:B1:84
Certificate issuer: /CN=db46ccf5f8a5fe44f4bfd9ba66ba51246da8b184
Certificate serial: 019A725CD381566D8014A82D67BF4E850F70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/20bM9fil_kT0v9m6ZrpRJG2osYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/f72a1e-6adb-4302-a0e8-d42a81b81e23/1/20bM9fil_kT0v9m6ZrpRJG2osYQ.mft
Manifest number: 14E4
Signing time: Tue 11 Nov 2025 10:01:17 +0000
Manifest this update: Tue 11 Nov 2025 10:01:17 +0000
Manifest next update: Wed 12 Nov 2025 10:01:17 +0000
Files and hashes: 1: 20bM9fil_kT0v9m6ZrpRJG2osYQ.crl (hash: QzVtvO69cG5yD8uJokfhMp69uGXVVhrMyEaKzaV5xIE=)
2: tE13-Z8TEXFI2N_Q3eslEjXwYJ4.roa (hash: 7axnrMAdFOe7EcvPvTZA4mgDnvv0sfD7w1s1AvMo3bY=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/f72a1e-6adb-4302-a0e8-d42a81b81e23/1/20bM9fil_kT0v9m6ZrpRJG2osYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/f72a1e-6adb-4302-a0e8-d42a81b81e23/1/20bM9fil_kT0v9m6ZrpRJG2osYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/20bM9fil_kT0v9m6ZrpRJG2osYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:d3:81:56:6d:80:14:a8:2d:67:bf:4e:85:0f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db46ccf5f8a5fe44f4bfd9ba66ba51246da8b184
Validity
Not Before: Nov 11 10:01:17 2025 GMT
Not After : Nov 12 10:01:17 2025 GMT
Subject: CN=74be4461f182e16cc1fd9dd9b21d8439adbd7d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ff:c3:c6:0b:6a:5c:d1:d6:a7:6d:0e:b7:75:
76:65:fa:ac:4d:16:2e:56:84:e8:19:c2:84:f3:10:
eb:5a:a8:53:e4:77:69:df:9e:20:09:07:15:cf:45:
92:01:e0:aa:78:be:ad:01:62:5f:e2:90:cc:91:a6:
52:66:ce:76:1f:6e:19:c1:99:33:fa:ca:2b:a6:80:
64:19:25:f6:68:05:4f:75:b6:04:71:c9:17:bd:2b:
22:f8:37:c3:a1:3a:7e:e6:8f:2e:7b:40:94:08:e5:
ab:d6:f1:77:28:26:ce:d9:05:19:09:27:fe:39:bc:
5c:51:29:48:dc:b7:6f:d2:84:5d:b3:cb:fc:21:33:
7d:f8:f2:a0:e3:12:8c:13:70:f4:c9:72:9c:12:07:
59:30:5b:7d:74:d2:1a:a6:99:67:9b:8d:60:c1:24:
6c:89:e6:53:98:24:4b:49:20:88:2a:1a:e7:94:8c:
dd:9a:66:37:54:fe:36:47:35:24:20:fe:fe:cc:40:
39:65:bb:31:58:12:8d:2a:fa:0e:d1:56:30:80:24:
12:a9:1f:ec:28:98:bb:ea:5e:de:31:c3:0d:50:32:
59:50:11:ca:20:78:71:7e:f7:a9:09:f7:9a:7c:8d:
90:52:71:51:84:0a:5f:ac:53:dc:a2:42:3a:35:23:
86:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:BE:44:61:F1:82:E1:6C:C1:FD:9D:D9:B2:1D:84:39:AD:BD:7D:40
X509v3 Authority Key Identifier:
keyid:DB:46:CC:F5:F8:A5:FE:44:F4:BF:D9:BA:66:BA:51:24:6D:A8:B1:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/20bM9fil_kT0v9m6ZrpRJG2osYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f72a1e-6adb-4302-a0e8-d42a81b81e23/1/20bM9fil_kT0v9m6ZrpRJG2osYQ.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/f72a1e-6adb-4302-a0e8-d42a81b81e23/1/20bM9fil_kT0v9m6ZrpRJG2osYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
65:c4:a6:86:e2:16:99:29:e2:b6:e5:76:a7:a4:71:47:fa:7f:
16:5b:a6:d0:d0:dd:4b:77:2b:99:fb:ec:3c:2d:a2:09:6f:9c:
4e:2e:9c:9f:4f:4e:6b:f9:08:34:55:63:6b:d6:ee:91:2d:95:
e7:a0:8a:7c:0c:7a:e5:59:0e:bb:48:ab:79:c5:c7:6a:91:b7:
e7:e9:35:c2:6e:6b:f6:c4:d6:60:fc:5f:77:97:56:dc:a8:5d:
74:31:66:a3:34:6e:50:3b:29:3d:16:a8:25:f6:6e:96:07:53:
63:92:58:a5:8b:9f:83:d5:be:21:41:d1:88:95:b7:70:0a:c2:
4e:5d:04:4a:5b:18:2e:98:c3:24:2c:8e:48:33:48:e4:93:77:
b4:36:5e:bc:36:48:df:4f:9e:6c:c7:a5:f4:10:01:10:1a:e3:
2e:4f:4b:cf:ac:40:f7:83:f4:42:d7:3d:b0:ba:7c:94:b1:02:
15:1f:59:ad:81:94:7d:f7:ca:75:10:79:b9:13:2b:49:5d:92:
0a:3f:51:89:19:c7:06:2f:8b:d2:5f:8a:ac:c8:40:06:f6:77:
88:2f:ef:1f:9e:30:ca:10:65:0f:5a:44:37:ba:98:40:7f:f8:
c0:b7:e8:2d:dd:a0:c4:52:45:f4:aa:41:ff:11:6a:53:7f:11:
1b:6c:29:49
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXNOBVm2AFKgtZ79OhQ9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiNDZjY2Y1ZjhhNWZlNDRmNGJmZDliYTY2YmE1MTI0NmRh
OGIxODQwHhcNMjUxMTExMTAwMTE3WhcNMjUxMTEyMTAwMTE3WjAzMTEwLwYDVQQD
Eyg3NGJlNDQ2MWYxODJlMTZjYzFmZDlkZDliMjFkODQzOWFkYmQ3ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv/DxgtqXNHWp20Ot3V2ZfqsTRYu
VoToGcKE8xDrWqhT5Hdp354gCQcVz0WSAeCqeL6tAWJf4pDMkaZSZs52H24ZwZkz
+sorpoBkGSX2aAVPdbYEcckXvSsi+DfDoTp+5o8ue0CUCOWr1vF3KCbO2QUZCSf+
ObxcUSlI3Ldv0oRds8v8ITN9+PKg4xKME3D0yXKcEgdZMFt9dNIapplnm41gwSRs
ieZTmCRLSSCIKhrnlIzdmmY3VP42RzUkIP7+zEA5ZbsxWBKNKvoO0VYwgCQSqR/s
KJi76l7eMcMNUDJZUBHKIHhxfvepCfeafI2QUnFRhApfrFPcokI6NSOGKQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHS+RGHxguFswf2d2bIdhDmtvX1AMB8GA1UdIwQY
MBaAFNtGzPX4pf5E9L/Zuma6USRtqLGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjBiTTlmaWxfa1QwdjltNlpycFJKRzJvc1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9mNzJhMWUtNmFkYi00MzAyLWEwZTgt
ZDQyYTgxYjgxZTIzLzEvMjBiTTlmaWxfa1QwdjltNlpycFJKRzJvc1lRLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9mNzJhMWUtNmFkYi00MzAyLWEwZTgtZDQyYTgxYjgxZTIz
LzEvMjBiTTlmaWxfa1QwdjltNlpycFJKRzJvc1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZcSmhuIW
mSnituV2p6RxR/p/Flum0NDdS3crmfvsPC2iCW+cTi6cn09Oa/kINFVja9bukS2V
56CKfAx65VkOu0irecXHapG35+k1wm5r9sTWYPxfd5dW3KhddDFmozRuUDspPRao
JfZulgdTY5JYpYufg9W+IUHRiJW3cArCTl0ESlsYLpjDJCyOSDNI5JN3tDZevDZI
30+ebMel9BABEBrjLk9Lz6xA94P0Qtc9sLp8lLECFR9ZrYGUfffKdRB5uRMrSV2S
Cj9RiRnHBi+L0l+KrMhABvZ3iC/vH54wyhBlD1pEN7qYQH/4wLfoLd2gxFJF9KpB
/xFqU38RG2wpSQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:42:08 2025 by rpki-client