Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
File: rfjUKjroBc6WqpT66fW0QG_0VZk.mft (raw, json)
Hash identifier: rH63GPBSvHqkqnBcOLBicVnwo1MZ5dLGYSi5A2aJXKk=
Subject key identifier: 8E:7D:1D:9C:08:8C:6B:D7:17:2D:45:E8:CD:A3:7F:24:28:54:43:8C
Authority key identifier: AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
Certificate issuer: /CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Certificate serial: 019A725CF36DFB4170D220BAD0816124FCA3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
Manifest number: 0486
Signing time: Tue 11 Nov 2025 10:01:25 +0000
Manifest this update: Tue 11 Nov 2025 10:01:25 +0000
Manifest next update: Wed 12 Nov 2025 10:01:25 +0000
Files and hashes: 1: rfjUKjroBc6WqpT66fW0QG_0VZk.crl (hash: eZaDuzfMFmACgvgXNjIrkS3850gJYgQ3WQl/xLow8To=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:5c:f3:6d:fb:41:70:d2:20:ba:d0:81:61:24:fc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf8d42a3ae805ce96aa94fae9f5b4406ff45599
Validity
Not Before: Nov 11 10:01:25 2025 GMT
Not After : Nov 12 10:01:25 2025 GMT
Subject: CN=8e7d1d9c088c6bd7172d45e8cda37f242854438c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:58:f0:22:03:c5:a9:21:41:ca:7f:20:43:ac:
6b:32:52:9b:15:5e:cc:f7:5f:86:82:ec:af:0a:d3:
e0:ce:dc:da:61:1f:75:b0:75:53:62:03:54:83:24:
6d:65:f2:32:58:e3:5f:a0:bb:8f:a2:89:43:77:b3:
51:9c:fc:83:17:70:92:91:58:24:e6:b1:34:71:97:
03:95:b0:d2:4a:52:68:dc:32:bd:ef:99:8b:74:c9:
21:ff:cb:63:03:d0:c0:b1:79:af:f6:6a:b2:d3:f8:
40:6e:21:70:c2:c3:16:92:7f:29:3b:0e:7e:41:f8:
20:76:49:95:48:a7:90:69:2a:2f:f7:89:76:41:a4:
31:dd:82:8e:c1:f2:e4:ef:40:7c:d7:68:21:c2:54:
51:b8:97:77:72:09:76:d0:8b:cd:b3:af:98:77:54:
38:93:d1:2a:b1:42:3a:d0:f9:04:07:8d:a5:53:dd:
a8:39:b6:54:3f:29:b5:a7:92:26:3d:be:a9:74:ca:
3b:ff:73:34:08:67:43:0d:e7:ea:ae:24:58:45:af:
ff:43:f9:e6:3e:a1:91:f0:2e:e4:0e:e7:6e:6f:94:
14:9f:98:f7:30:7d:fa:91:bc:e4:89:98:61:2b:d9:
e5:b4:25:fd:60:e2:6d:0d:d0:ae:e2:59:9b:00:43:
db:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:7D:1D:9C:08:8C:6B:D7:17:2D:45:E8:CD:A3:7F:24:28:54:43:8C
X509v3 Authority Key Identifier:
keyid:AD:F8:D4:2A:3A:E8:05:CE:96:AA:94:FA:E9:F5:B4:40:6F:F4:55:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfjUKjroBc6WqpT66fW0QG_0VZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5b2305-97fd-4730-b1a0-a779b993df58/1/rfjUKjroBc6WqpT66fW0QG_0VZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9a:73:65:4c:60:af:df:83:d5:1e:4d:87:aa:60:1c:17:65:1a:
b2:f4:4d:6a:51:f9:d2:61:a9:2c:34:e9:85:e3:60:5a:da:5d:
f9:3e:36:0b:54:0d:6c:a6:e5:dc:62:e4:6f:e9:42:06:66:ef:
ee:1c:54:ae:58:c4:99:f4:b8:8a:0f:9f:56:fe:ae:71:75:8c:
cf:2f:c7:19:32:dd:6a:b0:d4:e4:b3:60:e5:62:1b:2f:e1:a9:
e8:c9:34:1d:d6:e2:0d:fa:7a:88:93:90:51:f8:ee:a7:9e:11:
c8:0e:ac:49:48:90:07:fa:bf:1c:f9:a2:1c:16:77:12:1c:bd:
d3:7e:55:90:aa:bf:17:9c:25:b7:ee:37:ef:de:b7:db:29:a1:
c7:6e:4d:d7:3f:ad:01:f0:c1:37:72:4f:96:bf:c6:87:78:91:
a2:29:a7:d8:d8:3c:6c:61:3b:3d:d8:8d:83:bc:36:55:ab:90:
06:f4:6c:36:c7:8c:c2:50:d7:e0:60:c5:c6:20:6d:a5:9b:a4:
99:f3:a8:28:0e:4f:81:3b:bd:e6:e5:3d:f3:fe:db:70:dd:12:
d0:bd:94:20:68:28:dc:cf:e3:1e:e8:cc:27:1a:9b:fb:b8:c1:
f4:8f:a6:a2:74:02:0e:df:9d:10:99:72:63:01:fe:b0:e4:35:
7a:cd:46:6d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyXPNt+0Fw0iC60IFhJPyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjhkNDJhM2FlODA1Y2U5NmFhOTRmYWU5ZjViNDQwNmZm
NDU1OTkwHhcNMjUxMTExMTAwMTI1WhcNMjUxMTEyMTAwMTI1WjAzMTEwLwYDVQQD
Eyg4ZTdkMWQ5YzA4OGM2YmQ3MTcyZDQ1ZThjZGEzN2YyNDI4NTQ0MzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVjwIgPFqSFByn8gQ6xrMlKbFV7M
91+GguyvCtPgztzaYR91sHVTYgNUgyRtZfIyWONfoLuPoolDd7NRnPyDF3CSkVgk
5rE0cZcDlbDSSlJo3DK975mLdMkh/8tjA9DAsXmv9mqy0/hAbiFwwsMWkn8pOw5+
QfggdkmVSKeQaSov94l2QaQx3YKOwfLk70B812ghwlRRuJd3cgl20IvNs6+Yd1Q4
k9EqsUI60PkEB42lU92oObZUPym1p5ImPb6pdMo7/3M0CGdDDefqriRYRa//Q/nm
PqGR8C7kDudub5QUn5j3MH36kbzkiZhhK9nltCX9YOJtDdCu4lmbAEPbZwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFI59HZwIjGvXFy1F6M2jfyQoVEOMMB8GA1UdIwQY
MBaAFK341Co66AXOlqqU+un1tEBv9FWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAt
YTc3OWI5OTNkZjU4LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81YjIzMDUtOTdmZC00NzMwLWIxYTAtYTc3OWI5OTNkZjU4
LzEvcmZqVUtqcm9CYzZXcXBUNjZmVzBRR18wVlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmnNlTGCv
34PVHk2HqmAcF2UasvRNalH50mGpLDTpheNgWtpd+T42C1QNbKbl3GLkb+lCBmbv
7hxUrljEmfS4ig+fVv6ucXWMzy/HGTLdarDU5LNg5WIbL+Gp6Mk0HdbiDfp6iJOQ
Ufjup54RyA6sSUiQB/q/HPmiHBZ3Ehy9035VkKq/F5wlt+4379632ymhx25N1z+t
AfDBN3JPlr/Gh3iRoimn2Ng8bGE7PdiNg7w2VauQBvRsNseMwlDX4GDFxiBtpZuk
mfOoKA5PgTu95uU98/7bcN0S0L2UIGgo3M/jHujMJxqb+7jB9I+monQCDt+dEJly
YwH+sOQ1es1GbQ==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:55:06 2025 by rpki-client