Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File: Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier: 5hJkopZgYOQZY7PvOvRZ6gfpt4LWsjgJDKW8tGjHGB8=
Subject key identifier: 25:D6:64:98:D5:DF:61:E7:B9:BB:75:62:84:39:2C:CD:95:44:D4:81
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer: /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial: 019A7225CD5B2C125F8713F1AB00308A99DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number: 0871
Signing time: Tue 11 Nov 2025 09:01:11 +0000
Manifest this update: Tue 11 Nov 2025 09:01:11 +0000
Manifest next update: Wed 12 Nov 2025 09:01:11 +0000
Files and hashes: 1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: yWpnZJuxmNKOr0iarv+MkzAA1a9YdmCchBcJ+v3jxmo=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:cd:5b:2c:12:5f:87:13:f1:ab:00:30:8a:99:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
Validity
Not Before: Nov 11 09:01:11 2025 GMT
Not After : Nov 12 09:01:11 2025 GMT
Subject: CN=25d66498d5df61e7b9bb756284392ccd9544d481
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:46:64:14:54:e3:f8:d4:ae:ad:33:bf:ca:3c:
4b:bf:ae:c6:7e:40:63:16:36:b1:bc:7b:24:df:39:
0d:14:6f:e5:3c:e8:78:ef:f9:ce:f1:21:e6:e2:73:
63:de:04:af:df:14:99:04:89:db:85:f4:d9:b8:b2:
4c:74:82:df:ab:61:75:37:ee:f4:74:6a:99:39:eb:
4e:66:bb:c8:e1:21:1a:a3:3c:a4:98:cb:7d:03:98:
f2:5b:f5:ab:5f:5f:6a:f7:d6:2c:0a:ee:04:4f:f7:
10:5c:19:3c:e4:82:83:28:5f:c7:22:6f:90:34:67:
f4:43:27:20:4d:db:17:c5:14:db:ce:5e:1e:53:b2:
a5:61:ee:d6:c4:3f:05:a8:a8:d5:06:13:5b:26:44:
39:a2:6e:c1:ac:06:dc:0f:e3:07:f9:6f:fe:ea:d1:
80:2a:3b:d8:7b:65:f6:50:58:2e:92:63:45:2c:20:
5d:62:5a:25:9f:e1:c1:45:4d:d8:6f:56:81:28:15:
49:91:1b:17:26:29:d5:8f:5e:0a:a6:10:8f:8e:20:
64:35:6f:df:d1:52:c6:0c:82:ae:24:e7:ca:30:f5:
84:c5:8a:f5:e9:c0:16:62:52:a3:e9:87:fe:05:d5:
49:cc:d5:87:24:86:52:8b:4b:dc:2c:d0:8c:93:2c:
9e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D6:64:98:D5:DF:61:E7:B9:BB:75:62:84:39:2C:CD:95:44:D4:81
X509v3 Authority Key Identifier:
keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
5e:9c:e2:2c:2d:2b:9d:5c:39:3c:98:0f:ce:fe:4a:3d:a8:fc:
e1:22:69:b7:b5:5d:7b:45:a5:e9:63:fb:f9:69:60:8e:99:d3:
6d:8f:8e:ac:d1:9d:81:33:68:21:c5:78:fc:ac:bc:8a:76:bf:
1a:e2:6b:40:43:33:1c:31:86:d2:14:3c:31:66:82:08:84:1e:
24:6e:07:6d:92:60:8c:48:fd:2e:da:9e:19:70:69:00:a5:38:
ad:78:17:87:8c:07:27:70:b6:f7:78:4e:51:01:0d:07:e5:62:
1e:78:b9:ae:2c:88:8b:d6:37:44:c6:e1:19:f1:dd:95:da:2f:
b6:0c:a3:e4:87:c0:5c:01:7c:52:cf:6a:db:04:d3:65:30:cc:
4a:69:b3:ca:0b:2b:85:d8:50:44:94:0f:d0:22:ce:50:02:48:
66:c6:59:d9:d6:da:ef:49:57:5d:4c:81:07:e2:1a:aa:dc:54:
f3:d3:19:ab:56:70:d7:e3:ef:9c:a7:60:90:d9:f7:6f:bb:cb:
36:cc:a6:12:47:e0:3e:ac:bf:0d:52:0e:9b:4a:e2:9a:bc:4b:
f8:63:fe:2d:51:c2:ad:3b:3c:e7:9c:c9:09:21:09:31:a4:23:
a6:de:1f:38:4a:a2:a3:33:ea:b9:7d:ec:97:ea:a5:02:e1:d0:
f5:34:b2:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJc1bLBJfhxPxqwAwipneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjUxMTExMDkwMTExWhcNMjUxMTEyMDkwMTExWjAzMTEwLwYDVQQD
EygyNWQ2NjQ5OGQ1ZGY2MWU3YjliYjc1NjI4NDM5MmNjZDk1NDRkNDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUZkFFTj+NSurTO/yjxLv67GfkBj
FjaxvHsk3zkNFG/lPOh47/nO8SHm4nNj3gSv3xSZBInbhfTZuLJMdILfq2F1N+70
dGqZOetOZrvI4SEaozykmMt9A5jyW/WrX19q99YsCu4ET/cQXBk85IKDKF/HIm+Q
NGf0QycgTdsXxRTbzl4eU7KlYe7WxD8FqKjVBhNbJkQ5om7BrAbcD+MH+W/+6tGA
KjvYe2X2UFgukmNFLCBdYloln+HBRU3Yb1aBKBVJkRsXJinVj14KphCPjiBkNW/f
0VLGDIKuJOfKMPWExYr16cAWYlKj6Yf+BdVJzNWHJIZSi0vcLNCMkyyecQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCXWZJjV32Hnubt1YoQ5LM2VRNSBMB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXpziLC0r
nVw5PJgPzv5KPaj84SJpt7Vde0Wl6WP7+WlgjpnTbY+OrNGdgTNoIcV4/Ky8ina/
GuJrQEMzHDGG0hQ8MWaCCIQeJG4HbZJgjEj9LtqeGXBpAKU4rXgXh4wHJ3C293hO
UQENB+ViHni5riyIi9Y3RMbhGfHdldovtgyj5IfAXAF8Us9q2wTTZTDMSmmzygsr
hdhQRJQP0CLOUAJIZsZZ2dba70lXXUyBB+IaqtxU89MZq1Zw1+PvnKdgkNn3b7vL
NsymEkfgPqy/DVIOm0rimrxL+GP+LVHCrTs855zJCSEJMaQjpt4fOEqiozPquX3s
l+qlAuHQ9TSyiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:42:47 2025 by rpki-client