Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
File: MAhC2wg32vMRozS3IjGOcLWIsAk.mft (raw, json)
Hash identifier: meTAk+tQ6H16jWeVr8SsoqJH+ENH/3U/v7VDw1E9MEQ=
Subject key identifier: 3F:2E:B4:7B:A9:A1:FE:69:71:DA:9D:DE:4A:FB:84:2A:BF:8D:E5:E7
Authority key identifier: 30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
Certificate issuer: /CN=300842db0837daf311a334b722318e70b588b009
Certificate serial: 019A71B82CD76CEDBB60D2C5C8D4559DB329
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
Manifest number: 171C
Signing time: Tue 11 Nov 2025 07:01:26 +0000
Manifest this update: Tue 11 Nov 2025 07:01:26 +0000
Manifest next update: Wed 12 Nov 2025 07:01:26 +0000
Files and hashes: 1: MAhC2wg32vMRozS3IjGOcLWIsAk.crl (hash: 47Xuor8nIrcFOfNuXNw7vzf7x0QGaAeouBTRSuFMHvU=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:2c:d7:6c:ed:bb:60:d2:c5:c8:d4:55:9d:b3:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=300842db0837daf311a334b722318e70b588b009
Validity
Not Before: Nov 11 07:01:26 2025 GMT
Not After : Nov 12 07:01:26 2025 GMT
Subject: CN=3f2eb47ba9a1fe6971da9dde4afb842abf8de5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a6:3e:55:a0:38:81:1e:53:a4:e8:24:6d:5e:
bc:82:fc:4b:c1:cf:7c:c5:ea:67:61:95:15:17:81:
f9:3d:46:8b:a5:5b:7f:2a:54:c8:90:b5:49:71:95:
04:9b:f9:fd:a4:60:59:80:7b:c6:47:7c:62:bc:88:
0d:c2:2f:6e:f7:30:34:a7:fe:35:ff:6a:6e:5d:70:
96:d9:b9:6f:97:00:1d:57:b7:01:ca:6d:a5:af:0b:
73:21:43:26:1b:9d:97:a0:1a:1e:12:40:2b:93:e2:
41:6f:3d:ae:67:5e:5c:f7:c7:e0:8a:ba:fe:97:b4:
74:71:00:75:9a:fd:c0:9a:0f:69:ec:05:df:02:84:
b9:c1:3e:8e:a6:bf:67:44:ce:2e:41:39:d1:55:0f:
27:f4:67:b2:f6:8a:4c:ab:dd:d0:53:48:8f:c1:60:
32:92:b4:11:a4:24:c7:b8:03:15:73:17:e2:91:b9:
a3:d3:b8:29:bb:b6:3f:96:bc:18:db:7e:c9:1a:59:
37:ff:fd:26:b1:eb:ae:28:97:54:83:0b:f6:29:42:
3d:62:50:36:81:fd:ef:97:24:a7:6d:1b:c3:a8:34:
c6:e4:70:76:17:04:ed:83:5d:8f:4a:5f:97:f9:b1:
c9:fb:b9:19:6a:5e:72:98:98:be:0d:82:31:fb:df:
bd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2E:B4:7B:A9:A1:FE:69:71:DA:9D:DE:4A:FB:84:2A:BF:8D:E5:E7
X509v3 Authority Key Identifier:
keyid:30:08:42:DB:08:37:DA:F3:11:A3:34:B7:22:31:8E:70:B5:88:B0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MAhC2wg32vMRozS3IjGOcLWIsAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8d64d1-4940-40e7-895c-5312a133b94e/1/MAhC2wg32vMRozS3IjGOcLWIsAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:da:39:bc:89:11:16:36:96:d7:83:18:37:ce:62:cb:da:21:
06:6a:b3:f4:3e:bf:8a:73:66:b6:cd:26:8b:9c:c4:0a:f6:62:
d5:5a:35:63:04:1f:5d:e0:2c:ab:4f:ec:82:0a:1c:bc:19:21:
89:9f:42:84:b9:61:2d:48:8c:10:2f:63:0f:eb:f5:38:7e:28:
3b:cd:03:7e:5c:e6:58:7d:d3:9b:37:5b:ab:01:8a:ee:df:08:
8b:3d:9c:ea:f7:79:b0:8b:45:3a:a0:2a:07:9c:c7:e1:48:49:
e8:f7:2f:1f:25:49:ef:2a:8a:8e:14:7a:f1:ad:0a:d6:38:d7:
f6:b0:da:37:e2:39:6a:ab:76:56:b1:3e:81:9a:3f:3f:71:48:
d7:1b:9a:9c:da:85:7d:e1:cf:6c:5b:b8:12:31:11:67:e2:4f:
d8:dc:1b:16:3c:f8:f6:ab:1c:07:8c:54:88:29:aa:77:30:20:
80:1f:89:b5:ee:5b:32:4d:2c:30:72:ba:9d:82:bd:01:29:bf:
b8:c0:0d:4d:dd:a4:10:df:a6:a3:76:25:40:47:fa:cb:11:04:
83:0b:23:3e:cb:32:33:5d:51:0e:ae:89:a8:60:4b:52:ad:68:
ca:58:01:af:e9:27:c4:ed:bd:49:04:95:b1:50:0a:17:3d:d9:
af:4e:b2:88
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuCzXbO27YNLFyNRVnbMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwMDg0MmRiMDgzN2RhZjMxMWEzMzRiNzIyMzE4ZTcwYjU4
OGIwMDkwHhcNMjUxMTExMDcwMTI2WhcNMjUxMTEyMDcwMTI2WjAzMTEwLwYDVQQD
EygzZjJlYjQ3YmE5YTFmZTY5NzFkYTlkZGU0YWZiODQyYWJmOGRlNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKY+VaA4gR5TpOgkbV68gvxLwc98
xepnYZUVF4H5PUaLpVt/KlTIkLVJcZUEm/n9pGBZgHvGR3xivIgNwi9u9zA0p/41
/2puXXCW2blvlwAdV7cBym2lrwtzIUMmG52XoBoeEkArk+JBbz2uZ15c98fgirr+
l7R0cQB1mv3Amg9p7AXfAoS5wT6Opr9nRM4uQTnRVQ8n9Gey9opMq93QU0iPwWAy
krQRpCTHuAMVcxfikbmj07gpu7Y/lrwY237JGlk3//0mseuuKJdUgwv2KUI9YlA2
gf3vlySnbRvDqDTG5HB2FwTtg12PSl+X+bHJ+7kZal5ymJi+DYIx+9+9TQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFD8utHupof5pcdqd3kr7hCq/jeXnMB8GA1UdIwQY
MBaAFDAIQtsIN9rzEaM0tyIxjnC1iLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMt
NTMxMmExMzNiOTRlLzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84ZDY0ZDEtNDk0MC00MGU3LTg5NWMtNTMxMmExMzNiOTRl
LzEvTUFoQzJ3ZzMydk1Sb3pTM0lqR09jTFdJc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmNo5vIkR
FjaW14MYN85iy9ohBmqz9D6/inNmts0mi5zECvZi1Vo1YwQfXeAsq0/sggocvBkh
iZ9ChLlhLUiMEC9jD+v1OH4oO80DflzmWH3TmzdbqwGK7t8Iiz2c6vd5sItFOqAq
B5zH4UhJ6PcvHyVJ7yqKjhR68a0K1jjX9rDaN+I5aqt2VrE+gZo/P3FI1xuanNqF
feHPbFu4EjERZ+JP2NwbFjz49qscB4xUiCmqdzAggB+Jte5bMk0sMHK6nYK9ASm/
uMANTd2kEN+mo3YlQEf6yxEEgwsjPssyM11RDq6JqGBLUq1oylgBr+knxO29SQSV
sVAKFz3Zr06yiA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:01 2025 by rpki-client