Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
File: 1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft (raw, json)
Hash identifier: zIjNOa6HCM5XkpJv7AykkT6hrJDny3h262c4ciU3Iok=
Subject key identifier: 32:88:EA:BC:F5:E6:B4:25:06:41:05:AE:DD:CC:0C:8A:3C:0B:FA:B9
Authority key identifier: D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D
Certificate issuer: /CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d
Certificate serial: 019A7225EC55764493C03829FC9B7212CD26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
Manifest number: 0437
Signing time: Tue 11 Nov 2025 09:01:19 +0000
Manifest this update: Tue 11 Nov 2025 09:01:19 +0000
Manifest next update: Wed 12 Nov 2025 09:01:19 +0000
Files and hashes: 1: 1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl (hash: qBf1C62aXLkN+MBndTIKgAxZULC4mn1zk5vJMoYYF6M=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:25:ec:55:76:44:93:c0:38:29:fc:9b:72:12:cd:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d42cc40267e3592e1b52f0f0096cb1f2f0af167d
Validity
Not Before: Nov 11 09:01:19 2025 GMT
Not After : Nov 12 09:01:19 2025 GMT
Subject: CN=3288eabcf5e6b425064105aeddcc0c8a3c0bfab9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:33:24:0a:90:a1:70:d7:c9:cc:83:90:69:66:
fc:09:53:bd:c8:ad:b6:5c:62:bd:07:ca:d8:b4:d0:
65:f3:25:ea:8d:c3:ff:c8:2b:7f:6d:5b:43:76:5a:
66:d3:a4:0c:d4:17:76:e1:4b:be:12:cb:79:e1:92:
04:f3:9f:c5:e0:be:d3:20:08:c1:c0:f3:65:eb:58:
8e:6c:27:46:d0:23:64:8c:51:2a:ca:60:6f:df:58:
09:46:7e:7a:d9:ec:c5:bb:1d:3b:52:69:10:c0:24:
48:ef:33:70:34:70:da:f9:31:20:47:f7:10:5d:4c:
fc:e6:08:56:88:bb:e4:a9:ea:3d:8a:3f:12:64:fe:
e4:f0:69:76:a5:2d:93:c7:f0:6f:01:c8:42:d8:54:
a7:ba:58:e2:f0:9f:1e:fb:75:72:51:4f:cc:d5:b6:
41:5b:14:ab:55:f5:43:15:fa:91:df:86:6e:db:f2:
8a:cc:75:d3:12:9d:17:db:39:4b:0b:63:5b:e2:47:
1a:25:b1:3e:d3:c8:ac:91:17:01:cb:f5:2b:49:51:
e5:4e:0f:97:d3:88:a5:df:7a:4d:1d:2f:79:b7:5b:
09:54:ff:53:eb:c3:58:45:38:b8:05:77:54:0f:f6:
9e:58:2c:ca:20:13:e8:02:1d:fe:91:a4:b4:b1:73:
3e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:88:EA:BC:F5:E6:B4:25:06:41:05:AE:DD:CC:0C:8A:3C:0B:FA:B9
X509v3 Authority Key Identifier:
keyid:D4:2C:C4:02:67:E3:59:2E:1B:52:F0:F0:09:6C:B1:F2:F0:AF:16:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1CzEAmfjWS4bUvDwCWyx8vCvFn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/71345d-2f2d-4b59-9e67-16e1308737b0/1/1CzEAmfjWS4bUvDwCWyx8vCvFn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9e:95:9f:a7:e4:5b:95:84:3b:bb:e8:b3:93:7f:db:26:7c:32:
c6:01:2c:0a:92:a6:7e:e4:83:cc:6e:90:8d:a5:46:0b:eb:f5:
d9:f4:f1:31:8e:d9:4e:1d:a7:f0:31:fe:e7:92:1c:7b:a2:b6:
6c:21:9b:a1:26:18:b1:65:fe:71:32:8d:f7:8d:4f:6f:df:df:
06:98:83:1b:a8:b6:4e:11:22:47:2a:b2:6e:53:e1:ff:9c:87:
9f:39:b9:ec:55:17:0f:7b:b2:f5:39:c8:78:8b:bd:6d:86:4a:
38:a4:d3:3a:22:7a:d4:25:09:91:9c:6a:5c:6c:6c:8a:64:e7:
68:59:6e:66:cb:a3:29:0c:8d:5b:93:07:7b:27:df:60:e5:52:
7a:e6:4e:c3:6f:da:34:5c:4c:4d:cb:f1:43:6e:27:5a:cc:8a:
81:35:2f:d2:f8:1d:bf:ff:46:6f:1e:73:83:e4:d5:e0:c3:fe:
df:38:98:61:5a:2d:f5:06:91:92:70:a6:51:c3:c5:88:40:1a:
7a:4a:28:bd:9f:fd:63:10:9c:4f:e2:d6:22:5f:df:4b:ca:38:
0a:78:82:17:f0:96:8c:90:1b:44:dc:ba:27:f5:83:40:30:a6:
50:5a:c8:97:3e:9e:e1:53:ac:ae:f6:fd:43:91:b5:00:e4:aa:
02:02:1f:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJexVdkSTwDgp/JtyEs0mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MmNjNDAyNjdlMzU5MmUxYjUyZjBmMDA5NmNiMWYyZjBh
ZjE2N2QwHhcNMjUxMTExMDkwMTE5WhcNMjUxMTEyMDkwMTE5WjAzMTEwLwYDVQQD
EygzMjg4ZWFiY2Y1ZTZiNDI1MDY0MTA1YWVkZGNjMGM4YTNjMGJmYWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzMkCpChcNfJzIOQaWb8CVO9yK22
XGK9B8rYtNBl8yXqjcP/yCt/bVtDdlpm06QM1Bd24Uu+Est54ZIE85/F4L7TIAjB
wPNl61iObCdG0CNkjFEqymBv31gJRn562ezFux07UmkQwCRI7zNwNHDa+TEgR/cQ
XUz85ghWiLvkqeo9ij8SZP7k8Gl2pS2Tx/BvAchC2FSnulji8J8e+3VyUU/M1bZB
WxSrVfVDFfqR34Zu2/KKzHXTEp0X2zlLC2Nb4kcaJbE+08iskRcBy/UrSVHlTg+X
04il33pNHS95t1sJVP9T68NYRTi4BXdUD/aeWCzKIBPoAh3+kaS0sXM+jQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDKI6rz15rQlBkEFrt3MDIo8C/q5MB8GA1UdIwQY
MBaAFNQsxAJn41kuG1Lw8AlssfLwrxZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjct
MTZlMTMwODczN2IwLzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83MTM0NWQtMmYyZC00YjU5LTllNjctMTZlMTMwODczN2Iw
LzEvMUN6RUFtZmpXUzRiVXZEd0NXeXg4dkN2Rm4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnpWfp+Rb
lYQ7u+izk3/bJnwyxgEsCpKmfuSDzG6QjaVGC+v12fTxMY7ZTh2n8DH+55Ice6K2
bCGboSYYsWX+cTKN941Pb9/fBpiDG6i2ThEiRyqyblPh/5yHnzm57FUXD3uy9TnI
eIu9bYZKOKTTOiJ61CUJkZxqXGxsimTnaFluZsujKQyNW5MHeyffYOVSeuZOw2/a
NFxMTcvxQ24nWsyKgTUv0vgdv/9Gbx5zg+TV4MP+3ziYYVot9QaRknCmUcPFiEAa
ekoovZ/9YxCcT+LWIl/fS8o4CniCF/CWjJAbRNy6J/WDQDCmUFrIlz6e4VOsrvb9
Q5G1AOSqAgIflw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:08:47 2025 by rpki-client