Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
File: 4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json)
Hash identifier: hNmcO83i1O1dPq8ieKRfVrS9u9lF+c02dA0mXTRj2bE=
Subject key identifier: 2B:DD:8B:87:4F:D5:01:35:27:49:3D:45:27:13:C7:70:9F:52:34:7A
Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
Certificate issuer: /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Certificate serial: 019A72266385263CB55D2589EB1A64981C62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
Manifest number: 1721
Signing time: Tue 11 Nov 2025 09:01:49 +0000
Manifest this update: Tue 11 Nov 2025 09:01:49 +0000
Manifest next update: Wed 12 Nov 2025 09:01:49 +0000
Files and hashes: 1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: 3a7/4WL/Ysu//j/yc+tVJ2xrUEb3yASlEXE1z9DK/dg=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:26:63:85:26:3c:b5:5d:25:89:eb:1a:64:98:1c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20
Validity
Not Before: Nov 11 09:01:49 2025 GMT
Not After : Nov 12 09:01:49 2025 GMT
Subject: CN=2bdd8b874fd5013527493d452713c7709f52347a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e1:e1:02:f5:48:f6:ea:93:f7:74:fd:a2:81:
9d:64:ce:dd:d8:55:b3:51:77:6b:6b:87:7d:cb:fe:
b9:db:97:81:82:95:93:0c:0e:c0:ba:40:9a:d2:2c:
8d:58:21:a0:0d:08:4c:2b:c1:b1:c8:16:d4:5b:ec:
34:22:9c:3f:04:8f:9f:26:7d:00:9c:5a:1f:b4:fc:
8b:13:72:19:5a:29:d6:88:2c:c6:b3:b9:c3:1a:e0:
68:0d:b2:1f:16:a8:78:e9:6e:48:37:34:0a:a2:af:
22:18:c1:c0:83:c1:e1:16:8c:fb:fe:80:94:ac:e8:
f4:d6:21:bb:0a:f0:c1:76:dd:45:a3:4b:06:55:26:
9d:06:f8:98:b6:ed:72:82:03:1b:e8:10:7b:05:a8:
77:d3:3c:f0:95:fa:35:d4:fc:1c:64:5a:01:bc:4f:
96:9d:d1:1e:7f:3b:01:8e:38:a5:0c:67:a1:20:98:
1d:71:5b:3d:fb:14:c5:ba:dd:8a:1d:b9:10:23:cf:
18:36:5e:94:24:19:bf:c3:2a:d1:2e:b3:3b:13:8e:
3b:8f:c2:d9:f1:00:75:8b:df:45:07:ad:47:70:89:
8b:98:1e:ed:db:4f:df:7f:4a:e8:cf:41:f1:8c:ee:
6e:2e:14:7f:02:3b:d5:a8:66:d0:9e:8b:2e:04:be:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DD:8B:87:4F:D5:01:35:27:49:3D:45:27:13:C7:70:9F:52:34:7A
X509v3 Authority Key Identifier:
keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
a4:24:15:91:d5:be:27:30:6b:39:84:c8:65:3e:2c:40:dd:8f:
5b:43:b8:78:22:fc:d6:c3:2b:b4:35:a4:37:b1:10:f0:84:27:
46:a0:cf:fe:7e:b1:f7:27:42:15:3b:2f:39:7e:3d:be:98:48:
6f:ca:e1:a2:08:d1:57:01:94:b8:1d:4b:d6:cb:fd:36:16:65:
53:62:26:88:d7:69:9d:4a:75:43:e3:dd:47:82:2d:57:21:54:
62:ba:84:e5:08:b1:5a:eb:a2:30:63:21:23:cc:47:1e:97:e8:
89:0e:25:91:ee:1e:77:5f:ad:b6:d7:ee:77:9e:38:ca:82:1a:
0b:eb:a9:06:54:3b:23:e7:b4:8f:b3:30:cf:de:5a:0e:7b:0c:
11:22:08:f6:25:07:d6:a2:73:8b:e8:07:0b:7f:cd:bd:bc:08:
5f:87:1b:59:13:47:b7:83:2d:6b:bc:b9:1f:c5:0f:1f:27:99:
18:be:84:0c:55:51:2d:6a:03:fd:18:26:39:eb:2d:87:93:94:
3d:5a:62:16:4d:da:4a:28:a4:1e:f2:c0:89:17:0a:d2:fc:4c:
11:29:4b:7b:a9:ff:d0:63:c9:ba:e4:96:47:01:d9:60:b6:d6:
a3:8d:0c:8d:34:8f:64:52:05:c7:4f:6a:8d:f1:b8:20:b0:39:
9d:e1:5a:c6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyJmOFJjy1XSWJ6xpkmBxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh
ODBmMjAwHhcNMjUxMTExMDkwMTQ5WhcNMjUxMTEyMDkwMTQ5WjAzMTEwLwYDVQQD
EygyYmRkOGI4NzRmZDUwMTM1Mjc0OTNkNDUyNzEzYzc3MDlmNTIzNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieHhAvVI9uqT93T9ooGdZM7d2FWz
UXdra4d9y/6525eBgpWTDA7AukCa0iyNWCGgDQhMK8GxyBbUW+w0Ipw/BI+fJn0A
nFoftPyLE3IZWinWiCzGs7nDGuBoDbIfFqh46W5INzQKoq8iGMHAg8HhFoz7/oCU
rOj01iG7CvDBdt1Fo0sGVSadBviYtu1yggMb6BB7Bah30zzwlfo11PwcZFoBvE+W
ndEefzsBjjilDGehIJgdcVs9+xTFut2KHbkQI88YNl6UJBm/wyrRLrM7E447j8LZ
8QB1i99FB61HcImLmB7t20/ff0roz0HxjO5uLhR/AjvVqGbQnosuBL5/swIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCvdi4dP1QE1J0k9RScTx3CfUjR6MB8GA1UdIwQY
MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt
OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy
LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApCQVkdW+
JzBrOYTIZT4sQN2PW0O4eCL81sMrtDWkN7EQ8IQnRqDP/n6x9ydCFTsvOX49vphI
b8rhogjRVwGUuB1L1sv9NhZlU2ImiNdpnUp1Q+PdR4ItVyFUYrqE5QixWuuiMGMh
I8xHHpfoiQ4lke4ed1+tttfud544yoIaC+upBlQ7I+e0j7Mwz95aDnsMESII9iUH
1qJzi+gHC3/NvbwIX4cbWRNHt4Mta7y5H8UPHyeZGL6EDFVRLWoD/RgmOesth5OU
PVpiFk3aSiikHvLAiRcK0vxMESlLe6n/0GPJuuSWRwHZYLbWo40MjTSPZFIFx09q
jfG4ILA5neFaxg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:43:12 2025 by rpki-client