Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/3d47de-35ca-4b75-b0b0-b9dcde2f9601/1/AvVGiQSoqn3bXUKeoF6NMYc2RBk.mft
File: AvVGiQSoqn3bXUKeoF6NMYc2RBk.mft (raw, json)
Hash identifier: LCmpkQltNIGXD2AipZeby6npuFBLl6eJL3q1O95H8ns=
Subject key identifier: B4:B8:A7:4B:E8:27:90:2C:44:5D:B3:FC:FD:EF:33:C7:24:CE:BE:92
Authority key identifier: 02:F5:46:89:04:A8:AA:7D:DB:5D:42:9E:A0:5E:8D:31:87:36:44:19
Certificate issuer: /CN=02f5468904a8aa7ddb5d429ea05e8d3187364419
Certificate serial: 019A7293F77ACF11A30AA2694685205DE2FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvVGiQSoqn3bXUKeoF6NMYc2RBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/3d47de-35ca-4b75-b0b0-b9dcde2f9601/1/AvVGiQSoqn3bXUKeoF6NMYc2RBk.mft
Manifest number: BC
Signing time: Tue 11 Nov 2025 11:01:31 +0000
Manifest this update: Tue 11 Nov 2025 11:01:31 +0000
Manifest next update: Wed 12 Nov 2025 11:01:31 +0000
Files and hashes: 1: AvVGiQSoqn3bXUKeoF6NMYc2RBk.crl (hash: G3Po6FIeh2I/uI8maFgpFWi0VkLG3mO6dk3aLpxTs90=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/3d47de-35ca-4b75-b0b0-b9dcde2f9601/1/AvVGiQSoqn3bXUKeoF6NMYc2RBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/3d47de-35ca-4b75-b0b0-b9dcde2f9601/1/AvVGiQSoqn3bXUKeoF6NMYc2RBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/AvVGiQSoqn3bXUKeoF6NMYc2RBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:f7:7a:cf:11:a3:0a:a2:69:46:85:20:5d:e2:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02f5468904a8aa7ddb5d429ea05e8d3187364419
Validity
Not Before: Nov 11 11:01:31 2025 GMT
Not After : Nov 12 11:01:31 2025 GMT
Subject: CN=b4b8a74be827902c445db3fcfdef33c724cebe92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:97:55:5a:d7:21:be:a7:9f:55:39:f0:29:83:
c5:fd:a4:0a:a1:ad:1a:e6:b7:e1:3b:06:3e:2a:e3:
f7:96:58:22:3c:03:65:df:99:1d:b0:93:a4:69:4a:
45:fe:46:90:ab:ef:1c:65:55:52:d2:94:cd:49:37:
25:53:44:1e:4b:27:8e:dd:2a:e9:dd:0c:4b:90:cf:
7b:c0:90:b4:22:c9:b6:87:1c:04:09:82:11:59:d4:
7e:0f:4f:b9:43:26:75:0d:f5:12:b7:64:5f:c1:71:
ed:09:f4:1d:fb:11:e6:8b:fb:fd:98:bb:d2:a6:d3:
64:a0:3a:60:85:ed:36:f7:0b:1b:24:19:c6:f6:45:
53:b0:6e:fc:9a:7e:2e:03:d0:fd:63:13:8d:8e:2a:
cd:44:95:9f:89:4d:fc:0b:66:15:85:fe:55:9e:6c:
22:55:68:bc:11:80:84:4b:78:a7:73:38:b7:ba:da:
c4:56:64:e2:12:90:f5:31:7c:ed:d4:a7:f3:5a:1f:
e3:ae:69:50:f6:91:2a:2b:3d:95:52:b7:f8:c0:e4:
0b:14:b1:bb:c4:bd:7a:64:20:a9:b1:44:29:de:4c:
f3:da:23:8f:41:0a:b9:ad:d9:43:20:0a:a2:45:ec:
ca:14:15:2c:a8:81:01:57:64:ec:8d:f6:cb:e2:56:
5d:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B8:A7:4B:E8:27:90:2C:44:5D:B3:FC:FD:EF:33:C7:24:CE:BE:92
X509v3 Authority Key Identifier:
keyid:02:F5:46:89:04:A8:AA:7D:DB:5D:42:9E:A0:5E:8D:31:87:36:44:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvVGiQSoqn3bXUKeoF6NMYc2RBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/3d47de-35ca-4b75-b0b0-b9dcde2f9601/1/AvVGiQSoqn3bXUKeoF6NMYc2RBk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/3d47de-35ca-4b75-b0b0-b9dcde2f9601/1/AvVGiQSoqn3bXUKeoF6NMYc2RBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
99:13:66:7b:40:ef:2d:e3:29:3f:13:0c:9e:02:a3:34:b7:1d:
96:af:57:b0:14:21:f3:fb:af:ca:c7:86:94:c1:97:c4:45:38:
50:ee:f6:f9:9f:f5:82:3e:3b:9b:21:c4:8b:20:99:75:61:9d:
4d:98:7f:ef:66:56:d3:c9:1f:6e:1a:86:ec:53:b2:06:9f:c7:
97:b1:8d:7d:ed:9c:4e:5e:19:f7:b4:3c:50:53:f2:62:6c:c9:
af:6c:ce:94:00:b2:8b:5f:c8:92:4b:d8:ba:3c:88:f4:23:b7:
8a:ff:b7:4c:e8:62:29:35:85:c0:d8:77:f2:01:e0:07:87:59:
8a:46:b9:41:c3:41:b8:97:3e:46:2b:01:e0:78:54:a0:19:49:
46:28:7f:b8:65:f4:f4:b3:72:63:c0:db:f0:01:db:5d:27:83:
22:eb:bc:6b:19:5e:70:09:1b:25:ce:44:b6:8c:67:13:6f:e4:
06:c1:ad:f7:93:4e:9a:f6:c2:5d:49:b8:26:da:b3:04:43:98:
17:88:29:5f:65:56:0d:5e:3e:5f:0b:16:b1:8d:43:61:49:aa:
14:44:90:41:ec:d8:7c:48:95:d7:be:bb:e9:20:53:a8:38:e0:
0d:d7:a7:eb:a2:78:70:ad:af:45:e9:44:05:00:a2:64:0b:91:
c6:60:10:ba
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk/d6zxGjCqJpRoUgXeL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZjU0Njg5MDRhOGFhN2RkYjVkNDI5ZWEwNWU4ZDMxODcz
NjQ0MTkwHhcNMjUxMTExMTEwMTMxWhcNMjUxMTEyMTEwMTMxWjAzMTEwLwYDVQQD
EyhiNGI4YTc0YmU4Mjc5MDJjNDQ1ZGIzZmNmZGVmMzNjNzI0Y2ViZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJdVWtchvqefVTnwKYPF/aQKoa0a
5rfhOwY+KuP3llgiPANl35kdsJOkaUpF/kaQq+8cZVVS0pTNSTclU0QeSyeO3Srp
3QxLkM97wJC0Ism2hxwECYIRWdR+D0+5QyZ1DfUSt2RfwXHtCfQd+xHmi/v9mLvS
ptNkoDpghe029wsbJBnG9kVTsG78mn4uA9D9YxONjirNRJWfiU38C2YVhf5Vnmwi
VWi8EYCES3inczi3utrEVmTiEpD1MXzt1KfzWh/jrmlQ9pEqKz2VUrf4wOQLFLG7
xL16ZCCpsUQp3kzz2iOPQQq5rdlDIAqiRezKFBUsqIEBV2TsjfbL4lZdJwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLS4p0voJ5AsRF2z/P3vM8ckzr6SMB8GA1UdIwQY
MBaAFAL1RokEqKp9211CnqBejTGHNkQZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZWR2lRU29xbjNiWFVLZW9GNk5NWWMyUkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zZDQ3ZGUtMzVjYS00Yjc1LWIwYjAt
YjlkY2RlMmY5NjAxLzEvQXZWR2lRU29xbjNiWFVLZW9GNk5NWWMyUkJrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zZDQ3ZGUtMzVjYS00Yjc1LWIwYjAtYjlkY2RlMmY5NjAx
LzEvQXZWR2lRU29xbjNiWFVLZW9GNk5NWWMyUkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmRNme0Dv
LeMpPxMMngKjNLcdlq9XsBQh8/uvyseGlMGXxEU4UO72+Z/1gj47myHEiyCZdWGd
TZh/72ZW08kfbhqG7FOyBp/Hl7GNfe2cTl4Z97Q8UFPyYmzJr2zOlACyi1/IkkvY
ujyI9CO3iv+3TOhiKTWFwNh38gHgB4dZika5QcNBuJc+RisB4HhUoBlJRih/uGX0
9LNyY8Db8AHbXSeDIuu8axlecAkbJc5EtoxnE2/kBsGt95NOmvbCXUm4JtqzBEOY
F4gpX2VWDV4+XwsWsY1DYUmqFESQQezYfEiV17676SBTqDjgDden66J4cK2vRelE
BQCiZAuRxmAQug==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:47:30 2025 by rpki-client