Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
File: G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft (raw, json)
Hash identifier: QSD6Yyy3tzd0SisBCWVg2RsmQhvw/3mDHsHVOeX1JUA=
Subject key identifier: 4C:40:6F:F6:E2:93:AF:9B:DA:51:1D:9F:56:1B:AE:0A:82:27:80:FD
Authority key identifier: 1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE
Certificate issuer: /CN=1b69301fa8d788e02f7eb2fa8802109074206cfe
Certificate serial: 019A71B81AC2C0D381FABF089C4938D48039
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
Manifest number: 02C5
Signing time: Tue 11 Nov 2025 07:01:22 +0000
Manifest this update: Tue 11 Nov 2025 07:01:22 +0000
Manifest next update: Wed 12 Nov 2025 07:01:22 +0000
Files and hashes: 1: G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl (hash: S5Q93h1Ch8lW8w94HtlpbFDyldk0PXsKwg5ITJ6pbEU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:1a:c2:c0:d3:81:fa:bf:08:9c:49:38:d4:80:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b69301fa8d788e02f7eb2fa8802109074206cfe
Validity
Not Before: Nov 11 07:01:22 2025 GMT
Not After : Nov 12 07:01:22 2025 GMT
Subject: CN=4c406ff6e293af9bda511d9f561bae0a822780fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:76:2e:4e:7d:48:58:00:c1:6a:57:d6:2b:88:
d4:3c:01:e9:1a:48:ad:a0:e3:ef:94:c4:d9:da:62:
67:0f:75:a5:e5:fe:dc:da:48:62:6a:e3:71:43:a0:
a1:b6:c6:81:db:9a:e1:18:49:86:75:ba:5f:8c:74:
fd:7a:57:48:03:ba:69:ef:12:0b:f1:22:f1:97:26:
bf:07:e5:37:6c:ae:5a:2d:bd:ba:ba:25:ad:31:95:
5d:e8:dc:42:2b:e0:eb:a2:5b:3d:9b:80:fc:07:0d:
8e:35:2f:74:f8:bb:81:87:d1:6b:7b:4c:e7:a0:6e:
26:d7:e4:18:62:0e:4e:cc:ea:64:bd:d8:10:94:32:
e6:f3:8d:d6:f9:4b:77:80:f6:7c:98:3c:c0:98:8f:
52:fd:c6:7f:b3:c7:cd:bc:5e:c7:76:52:9c:fd:6d:
5e:2c:ce:c4:32:6c:34:e0:c7:b6:86:b1:31:3c:fa:
5b:77:c0:8b:68:b7:27:98:d7:61:2c:e9:b0:f2:5a:
5e:b9:29:4e:32:11:97:b4:c3:18:a9:df:00:93:34:
00:64:8b:4c:ed:a6:40:68:04:7b:a2:92:57:2f:26:
e4:a1:8d:2d:d6:b5:98:9b:19:7d:28:2d:b8:6d:95:
3d:30:54:8c:31:e2:df:15:33:3f:5d:85:71:9a:a0:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:40:6F:F6:E2:93:AF:9B:DA:51:1D:9F:56:1B:AE:0A:82:27:80:FD
X509v3 Authority Key Identifier:
keyid:1B:69:30:1F:A8:D7:88:E0:2F:7E:B2:FA:88:02:10:90:74:20:6C:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G2kwH6jXiOAvfrL6iAIQkHQgbP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5d728a-93da-480b-a735-416c28798fe2/1/G2kwH6jXiOAvfrL6iAIQkHQgbP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
11:c7:ae:eb:11:19:36:8f:c8:68:ec:b7:ef:0d:a7:7c:38:3c:
6c:46:8d:a4:76:2e:d8:b3:94:32:7c:84:e4:cf:a3:66:ca:7b:
a6:b6:02:3c:ed:23:ab:ca:00:21:cd:67:a7:ef:01:30:ed:17:
ad:e5:b8:31:4d:8a:2a:92:2f:1e:76:20:b9:0a:ab:9d:e5:29:
a6:50:31:69:0c:c0:ee:25:51:9f:66:b0:3f:74:80:38:bd:0d:
a4:92:3b:22:d4:b8:31:b9:69:58:69:f5:f5:03:a7:4b:7b:41:
db:11:21:d6:70:0f:bd:8f:03:93:7e:22:7b:a3:af:c9:84:ef:
8f:ec:a6:d2:2f:fe:e1:61:29:3f:e4:a3:48:a3:34:16:5f:3c:
8b:c2:4f:93:c9:6e:9a:1f:d1:17:8a:b5:d8:11:3f:56:74:a7:
bd:a7:47:b4:08:65:9e:40:0c:00:b9:e1:cb:11:8c:e3:d7:78:
87:88:94:73:26:96:43:ac:14:8a:41:8b:89:3b:06:40:22:d4:
e7:4b:05:97:5f:ce:28:73:3d:d4:f3:f7:65:20:df:c7:3a:32:
cb:9b:e8:3b:b6:da:bc:26:9f:19:21:8d:fa:3b:87:8b:d6:38:
83:4c:46:16:3f:4c:18:63:bc:a8:2d:a3:e6:2b:be:61:00:e7:
f1:47:ac:16
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuBrCwNOB+r8InEk41IA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNjkzMDFmYThkNzg4ZTAyZjdlYjJmYTg4MDIxMDkwNzQy
MDZjZmUwHhcNMjUxMTExMDcwMTIyWhcNMjUxMTEyMDcwMTIyWjAzMTEwLwYDVQQD
Eyg0YzQwNmZmNmUyOTNhZjliZGE1MTFkOWY1NjFiYWUwYTgyMjc4MGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3YuTn1IWADBalfWK4jUPAHpGkit
oOPvlMTZ2mJnD3Wl5f7c2khiauNxQ6ChtsaB25rhGEmGdbpfjHT9eldIA7pp7xIL
8SLxlya/B+U3bK5aLb26uiWtMZVd6NxCK+Drols9m4D8Bw2ONS90+LuBh9Fre0zn
oG4m1+QYYg5OzOpkvdgQlDLm843W+Ut3gPZ8mDzAmI9S/cZ/s8fNvF7HdlKc/W1e
LM7EMmw04Me2hrExPPpbd8CLaLcnmNdhLOmw8lpeuSlOMhGXtMMYqd8AkzQAZItM
7aZAaAR7opJXLybkoY0t1rWYmxl9KC24bZU9MFSMMeLfFTM/XYVxmqBC1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFExAb/bik6+b2lEdn1YbrgqCJ4D9MB8GA1UdIwQY
MBaAFBtpMB+o14jgL36y+ogCEJB0IGz+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUt
NDE2YzI4Nzk4ZmUyLzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0Lm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS81ZDcyOGEtOTNkYS00ODBiLWE3MzUtNDE2YzI4Nzk4ZmUy
LzEvRzJrd0g2alhpT0F2ZnJMNmlBSVFrSFFnYlA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEceu6xEZ
No/IaOy37w2nfDg8bEaNpHYu2LOUMnyE5M+jZsp7prYCPO0jq8oAIc1np+8BMO0X
reW4MU2KKpIvHnYguQqrneUpplAxaQzA7iVRn2awP3SAOL0NpJI7ItS4MblpWGn1
9QOnS3tB2xEh1nAPvY8Dk34ie6OvyYTvj+ym0i/+4WEpP+SjSKM0Fl88i8JPk8lu
mh/RF4q12BE/VnSnvadHtAhlnkAMALnhyxGM49d4h4iUcyaWQ6wUikGLiTsGQCLU
50sFl1/OKHM91PP3ZSDfxzoyy5voO7bavCafGSGN+juHi9Y4g0xGFj9MGGO8qC2j
5iu+YQDn8UesFg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:54:55 2025 by rpki-client