Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
File: sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft (raw, json)
Hash identifier: SFV6GYUUYk51uCtOUdGOCOQWa+8O53QEg0znvq/2R/M=
Subject key identifier: 79:6B:B1:6F:C4:33:C1:E4:15:AA:6F:7C:0A:A8:6E:84:86:47:E8:DB
Authority key identifier: B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
Certificate issuer: /CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Certificate serial: 019A71B91AC0FD26F3D409DED9C8212572B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
Manifest number: 0473
Signing time: Tue 11 Nov 2025 07:02:27 +0000
Manifest this update: Tue 11 Nov 2025 07:02:27 +0000
Manifest next update: Wed 12 Nov 2025 07:02:27 +0000
Files and hashes: 1: sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl (hash: QUZr3reGOPSPx1yGIvxI5jzfMdBS+trd0LNSZYnkQpc=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:02:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b9:1a:c0:fd:26:f3:d4:09:de:d9:c8:21:25:72:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b172b5bdc754d5f644e4081dbc03b2b40a89f16d
Validity
Not Before: Nov 11 07:02:27 2025 GMT
Not After : Nov 12 07:02:27 2025 GMT
Subject: CN=796bb16fc433c1e415aa6f7c0aa86e848647e8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:12:98:34:67:8c:f5:52:f7:4c:b0:22:b6:26:
fc:a8:a7:4c:69:30:8c:e7:08:59:93:06:12:0f:a4:
29:89:ee:c1:16:e5:66:95:9e:95:fe:c3:c3:66:a2:
48:fb:79:5e:58:cb:83:5c:57:b5:63:d7:3c:38:3e:
f3:9f:bf:c5:63:49:bd:53:8b:a9:3b:eb:44:13:db:
05:98:d1:6a:15:56:44:73:18:b2:8b:f4:67:60:a9:
16:02:01:57:e1:9e:da:f4:a6:42:34:5e:10:a6:de:
93:fb:86:f3:07:d9:17:8a:b0:cd:a3:bb:ba:54:69:
6e:4a:73:33:64:8a:6a:fb:ab:50:2e:73:c5:f2:0d:
76:5c:08:4f:88:fa:6e:b0:58:8b:42:e6:c7:9d:88:
ed:73:f7:94:36:8e:88:e9:ce:f0:ba:e3:08:1a:ad:
bd:36:a3:5f:ce:4f:f9:f7:96:49:a1:23:7e:a2:76:
8d:08:64:6e:fd:eb:cf:70:a8:8e:87:5a:ab:13:34:
c6:61:ca:26:f1:15:c8:59:f4:52:46:72:22:76:44:
ca:30:96:04:4e:24:70:0e:d7:02:68:c8:52:aa:51:
ad:5f:69:63:37:ae:76:7d:80:16:7e:2e:f9:5a:70:
1f:93:b6:f6:07:01:46:71:56:d4:27:56:38:4c:13:
4b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6B:B1:6F:C4:33:C1:E4:15:AA:6F:7C:0A:A8:6E:84:86:47:E8:DB
X509v3 Authority Key Identifier:
keyid:B1:72:B5:BD:C7:54:D5:F6:44:E4:08:1D:BC:03:B2:B4:0A:89:F1:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sXK1vcdU1fZE5AgdvAOytAqJ8W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/500bb7-e554-4b1c-9f43-ea52ae08de9c/1/sXK1vcdU1fZE5AgdvAOytAqJ8W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
98:59:86:04:80:72:cd:11:95:ff:36:31:80:e3:88:13:9d:16:
f7:41:f0:91:e2:dd:31:f4:f6:a3:06:6d:90:ba:93:2e:fa:91:
34:22:ff:eb:a1:7e:19:6c:82:cc:9b:88:8a:54:6c:18:ef:d5:
70:04:de:4b:56:6c:d1:b8:7d:29:fc:34:15:da:fa:f1:36:b0:
0f:f6:e6:be:33:49:29:c1:61:ad:0e:f5:27:15:24:7c:38:c5:
dd:18:a9:1b:c7:30:17:b2:fb:53:15:97:d1:58:f3:a2:8f:14:
67:6b:c3:c3:01:99:cd:15:a3:6c:1d:ce:24:a6:17:e5:c3:50:
04:ec:03:52:54:b8:02:9a:52:a5:cb:ee:f1:d4:0c:dd:70:a2:
94:72:a7:25:ad:e3:3e:3a:4c:15:5f:85:e9:02:fb:4b:89:3e:
5e:b1:48:2e:f6:cf:40:de:d6:9f:14:43:0f:41:a3:0c:a6:1e:
ea:15:15:48:6d:4d:fd:9b:3e:e7:b2:71:7f:f0:81:1d:f3:07:
65:57:2d:6e:cd:9b:1a:ba:fc:14:ad:2a:a8:4c:fe:94:e6:f5:
a2:b4:1c:e0:71:0e:24:38:c6:e6:09:32:58:c7:80:d6:0a:cc:
a0:31:b4:7e:f2:a2:af:4a:d1:fe:6b:f8:29:9f:2f:81:91:54:
7b:88:71:5b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuRrA/Sbz1Ane2cghJXK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNzJiNWJkYzc1NGQ1ZjY0NGU0MDgxZGJjMDNiMmI0MGE4
OWYxNmQwHhcNMjUxMTExMDcwMjI3WhcNMjUxMTEyMDcwMjI3WjAzMTEwLwYDVQQD
Eyg3OTZiYjE2ZmM0MzNjMWU0MTVhYTZmN2MwYWE4NmU4NDg2NDdlOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0BKYNGeM9VL3TLAitib8qKdMaTCM
5whZkwYSD6Qpie7BFuVmlZ6V/sPDZqJI+3leWMuDXFe1Y9c8OD7zn7/FY0m9U4up
O+tEE9sFmNFqFVZEcxiyi/RnYKkWAgFX4Z7a9KZCNF4Qpt6T+4bzB9kXirDNo7u6
VGluSnMzZIpq+6tQLnPF8g12XAhPiPpusFiLQubHnYjtc/eUNo6I6c7wuuMIGq29
NqNfzk/595ZJoSN+onaNCGRu/evPcKiOh1qrEzTGYcom8RXIWfRSRnIidkTKMJYE
TiRwDtcCaMhSqlGtX2ljN652fYAWfi75WnAfk7b2BwFGcVbUJ1Y4TBNLgwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHlrsW/EM8HkFapvfAqoboSGR+jbMB8GA1UdIwQY
MBaAFLFytb3HVNX2ROQIHbwDsrQKifFtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMt
ZWE1MmFlMDhkZTljLzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny81MDBiYjctZTU1NC00YjFjLTlmNDMtZWE1MmFlMDhkZTlj
LzEvc1hLMXZjZFUxZlpFNUFnZHZBT3l0QXFKOFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmFmGBIBy
zRGV/zYxgOOIE50W90HwkeLdMfT2owZtkLqTLvqRNCL/66F+GWyCzJuIilRsGO/V
cATeS1Zs0bh9Kfw0Fdr68TawD/bmvjNJKcFhrQ71JxUkfDjF3RipG8cwF7L7UxWX
0Vjzoo8UZ2vDwwGZzRWjbB3OJKYX5cNQBOwDUlS4AppSpcvu8dQM3XCilHKnJa3j
PjpMFV+F6QL7S4k+XrFILvbPQN7WnxRDD0GjDKYe6hUVSG1N/Zs+57Jxf/CBHfMH
ZVctbs2bGrr8FK0qqEz+lOb1orQc4HEOJDjG5gkyWMeA1grMoDG0fvKir0rR/mv4
KZ8vgZFUe4hxWw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:41:50 2025 by rpki-client