Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
File: Mh6FAflfcDdNRXa5sM1VW68fNas.mft (raw, json)
Hash identifier: hKiNVu9O/+xQOvTllhI4FSEKr98FDiDpTeGrbhX+oi4=
Subject key identifier: B3:EB:4C:97:0E:76:D9:0A:0B:F2:6C:FC:5B:45:CA:74:C2:F0:2E:75
Authority key identifier: 32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
Certificate issuer: /CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Certificate serial: 019A7293E6B18AD297BBBF76A895ABD15E1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
Manifest number: 171D
Signing time: Tue 11 Nov 2025 11:01:26 +0000
Manifest this update: Tue 11 Nov 2025 11:01:26 +0000
Manifest next update: Wed 12 Nov 2025 11:01:26 +0000
Files and hashes: 1: Mh6FAflfcDdNRXa5sM1VW68fNas.crl (hash: 3ByK08Gg83cubka/tmJAo500RfgPdXrEcROTYoyq080=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:93:e6:b1:8a:d2:97:bb:bf:76:a8:95:ab:d1:5e:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321e8501f95f70374d4576b9b0cd555baf1f35ab
Validity
Not Before: Nov 11 11:01:26 2025 GMT
Not After : Nov 12 11:01:26 2025 GMT
Subject: CN=b3eb4c970e76d90a0bf26cfc5b45ca74c2f02e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4d:11:fc:b2:57:5d:2a:50:2e:0c:cd:6a:cb:
ae:b8:cd:45:34:e6:52:54:07:4e:4d:49:88:c1:0f:
3d:22:c2:b1:57:de:48:96:ce:ff:70:36:54:c7:85:
69:a4:3f:9a:db:4f:dc:cc:79:25:d4:6d:e0:77:64:
d8:60:06:0b:43:5f:2f:79:ce:c7:ec:eb:98:15:7c:
84:79:1a:3c:44:7c:6d:05:bd:dc:c6:bb:ed:a3:4d:
55:5f:21:38:c5:60:f6:06:b9:d1:26:5c:ce:39:9b:
55:e4:92:41:aa:eb:d8:c0:a3:10:bc:ee:96:90:53:
d3:c8:26:43:b6:21:96:2c:95:cd:58:2b:6e:cf:c3:
d0:d2:54:b9:9e:b2:75:4e:8c:73:69:5e:44:63:ed:
45:9c:d5:3a:65:46:3f:11:19:57:98:a1:06:6d:c5:
08:26:04:d7:8b:de:57:63:59:8f:aa:73:35:55:8a:
60:c6:c1:98:5e:3d:fe:7b:e3:85:e2:de:c4:e8:55:
25:af:db:17:4c:8b:a3:0f:b1:c1:9b:4d:85:d1:df:
22:a5:81:29:26:9e:08:eb:2b:18:16:56:d8:43:e8:
54:48:e3:24:13:73:6b:62:88:8a:79:f4:4a:51:e2:
d7:e6:ae:e6:7c:17:fb:ba:64:95:3a:96:78:99:ef:
89:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:EB:4C:97:0E:76:D9:0A:0B:F2:6C:FC:5B:45:CA:74:C2:F0:2E:75
X509v3 Authority Key Identifier:
keyid:32:1E:85:01:F9:5F:70:37:4D:45:76:B9:B0:CD:55:5B:AF:1F:35:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh6FAflfcDdNRXa5sM1VW68fNas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/16bf28-842b-48fa-894d-fbf7575aace2/1/Mh6FAflfcDdNRXa5sM1VW68fNas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
79:63:6b:c0:99:e7:eb:4c:20:8a:1c:f1:cb:f3:26:de:0d:52:
93:51:9f:c4:cd:f1:70:6e:a1:8b:f4:92:44:ec:51:28:b3:96:
73:de:e7:63:64:24:7d:df:5d:36:4a:94:82:6c:9f:43:49:6b:
86:c6:41:84:5b:d6:58:09:23:fa:f0:b0:5e:92:5d:07:24:45:
d1:db:15:17:70:e2:df:58:c2:18:93:9e:3a:2a:b5:09:b6:b6:
24:a6:cc:77:c4:47:7c:82:6e:0a:d5:11:fe:7d:10:e2:f3:c3:
7a:5f:29:47:d3:2f:ce:f1:ec:40:47:41:b6:10:48:00:f8:51:
a0:3a:71:84:7f:f8:3a:7c:91:2b:7a:a0:c4:1f:fc:6d:ac:41:
7d:ad:e2:a8:95:e1:c1:15:e4:d5:2b:72:4c:06:84:21:fa:ed:
77:d6:f4:b2:77:f1:3d:3f:62:84:0f:9c:4f:fe:5f:de:80:54:
0a:83:10:98:91:82:96:a3:ca:f4:38:21:82:94:36:08:7d:9c:
85:15:c7:36:f7:1b:8d:3c:fd:13:e8:db:39:d6:41:42:16:47:
65:b2:c7:63:0e:bd:5f:3b:3f:04:7a:54:e9:9e:1f:a4:0a:12:
3c:5b:da:c2:aa:7b:0c:f1:6e:de:47:ba:3b:9d:7f:21:f4:c2:
0c:2f:e7:a0
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpyk+axitKXu792qJWr0V4cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWU4NTAxZjk1ZjcwMzc0ZDQ1NzZiOWIwY2Q1NTViYWYx
ZjM1YWIwHhcNMjUxMTExMTEwMTI2WhcNMjUxMTEyMTEwMTI2WjAzMTEwLwYDVQQD
EyhiM2ViNGM5NzBlNzZkOTBhMGJmMjZjZmM1YjQ1Y2E3NGMyZjAyZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U0R/LJXXSpQLgzNasuuuM1FNOZS
VAdOTUmIwQ89IsKxV95Ils7/cDZUx4VppD+a20/czHkl1G3gd2TYYAYLQ18vec7H
7OuYFXyEeRo8RHxtBb3cxrvto01VXyE4xWD2BrnRJlzOOZtV5JJBquvYwKMQvO6W
kFPTyCZDtiGWLJXNWCtuz8PQ0lS5nrJ1ToxzaV5EY+1FnNU6ZUY/ERlXmKEGbcUI
JgTXi95XY1mPqnM1VYpgxsGYXj3+e+OF4t7E6FUlr9sXTIujD7HBm02F0d8ipYEp
Jp4I6ysYFlbYQ+hUSOMkE3NrYoiKefRKUeLX5q7mfBf7umSVOpZ4me+JOwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFLPrTJcOdtkKC/Js/FtFynTC8C51MB8GA1UdIwQY
MBaAFDIehQH5X3A3TUV2ubDNVVuvHzWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQt
ZmJmNzU3NWFhY2UyLzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS8xNmJmMjgtODQyYi00OGZhLTg5NGQtZmJmNzU3NWFhY2Uy
LzEvTWg2RkFmbGZjRGROUlhhNXNNMVZXNjhmTmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWNrwJnn
60wgihzxy/Mm3g1Sk1GfxM3xcG6hi/SSROxRKLOWc97nY2Qkfd9dNkqUgmyfQ0lr
hsZBhFvWWAkj+vCwXpJdByRF0dsVF3Di31jCGJOeOiq1Cba2JKbMd8RHfIJuCtUR
/n0Q4vPDel8pR9MvzvHsQEdBthBIAPhRoDpxhH/4OnyRK3qgxB/8baxBfa3iqJXh
wRXk1StyTAaEIfrtd9b0snfxPT9ihA+cT/5f3oBUCoMQmJGClqPK9DghgpQ2CH2c
hRXHNvcbjTz9E+jbOdZBQhZHZbLHYw69Xzs/BHpU6Z4fpAoSPFvawqp7DPFu3ke6
O51/IfTCDC/noA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:17:45 2025 by rpki-client