Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
File: sgzLpAbArQxb4AB22ZgLNIhWmoo.mft (raw, json)
Hash identifier: NQGMIVbcbSDhE4WEi8ShH7g7aiV8OK+f2M283oulVm0=
Subject key identifier: 43:F9:50:FB:65:16:A2:96:FC:57:08:DD:A1:79:61:95:DB:48:5D:57
Authority key identifier: B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
Certificate issuer: /CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Certificate serial: 019A71B77871509DD54DCC30DE8BDF09510F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
Manifest number: 1204
Signing time: Tue 11 Nov 2025 07:00:40 +0000
Manifest this update: Tue 11 Nov 2025 07:00:40 +0000
Manifest next update: Wed 12 Nov 2025 07:00:40 +0000
Files and hashes: 1: sgzLpAbArQxb4AB22ZgLNIhWmoo.crl (hash: L01qCz1AnrLFQBGRHnPOIa6BXP1tpAFcaACSPHM6f24=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b7:78:71:50:9d:d5:4d:cc:30:de:8b:df:09:51:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b20ccba406c0ad0c5be00076d9980b3488569a8a
Validity
Not Before: Nov 11 07:00:40 2025 GMT
Not After : Nov 12 07:00:40 2025 GMT
Subject: CN=43f950fb6516a296fc5708dda1796195db485d57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:13:3e:c4:a1:87:20:0b:62:ac:05:b6:ac:2e:
8c:88:bb:c3:db:aa:b9:1c:f6:57:67:31:2e:00:60:
8b:80:c0:3a:0b:53:2d:fb:1a:20:85:28:9a:50:4b:
43:70:33:30:49:84:df:67:0f:d8:02:3c:b5:71:2f:
32:95:5d:69:39:83:df:e5:a1:37:db:c4:21:08:04:
e1:f5:f6:ee:b5:cd:3c:01:11:8d:5d:02:eb:da:a0:
c0:ae:f5:c3:0c:94:a3:e5:b7:e7:77:ec:e5:9f:e7:
e8:6c:ca:c3:26:25:67:21:8b:cf:e9:8d:b6:59:52:
59:88:93:61:b8:51:ff:42:54:36:17:f1:9c:86:8f:
fa:2a:65:dc:df:99:eb:8c:e4:13:d0:c2:e2:24:d4:
ad:5f:64:64:a4:b4:a6:b2:ee:b0:99:97:6b:f4:1c:
fc:72:9d:27:6e:72:b1:e3:7e:95:ce:0b:73:1e:f3:
cd:82:d6:ea:4a:68:ed:b8:33:7b:c1:c2:78:f4:dd:
ec:ad:4d:8c:30:36:fa:ca:c2:7f:e3:4e:91:54:90:
4c:21:9d:f2:24:2d:ad:8e:4c:4b:7c:59:14:79:e8:
ee:8c:0d:be:a0:c8:b7:43:3a:13:e7:f4:2f:57:f0:
12:b1:08:10:c7:88:f1:f5:9a:36:d4:2d:b5:1d:32:
5f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:F9:50:FB:65:16:A2:96:FC:57:08:DD:A1:79:61:95:DB:48:5D:57
X509v3 Authority Key Identifier:
keyid:B2:0C:CB:A4:06:C0:AD:0C:5B:E0:00:76:D9:98:0B:34:88:56:9A:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sgzLpAbArQxb4AB22ZgLNIhWmoo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/743a50-d7f4-42d1-a09d-7ca93ecb2234/1/sgzLpAbArQxb4AB22ZgLNIhWmoo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
36:b4:b9:ef:9e:49:9a:78:1e:c3:4a:4f:b2:96:da:b6:8e:5c:
6f:e2:35:2c:af:e8:68:5f:81:ac:c5:c4:d9:6f:0f:ca:c2:6d:
34:a5:11:cd:30:da:28:30:c4:c1:90:1b:48:85:3f:17:44:14:
42:f1:3d:35:39:d6:c5:01:c5:66:42:82:28:e2:d4:da:31:48:
1f:9b:66:d8:fe:2a:6b:99:6a:d5:f9:f6:01:c9:5f:1c:d5:a0:
cc:4c:97:73:fd:20:4c:72:92:0e:27:b5:d0:6e:1f:5c:89:b8:
af:b9:1f:af:20:d4:2f:44:0b:97:2d:b0:d5:9c:f6:93:31:48:
9e:53:ca:22:11:20:35:29:c6:4f:39:7f:89:51:2a:66:74:09:
c0:ad:f8:c3:07:11:39:7f:a8:d7:5c:42:5d:92:be:4c:be:7b:
c2:15:b3:01:38:da:51:22:7a:6d:e8:c9:d1:60:02:bc:52:6c:
60:da:4c:b8:75:63:e9:53:d7:50:89:08:83:be:c1:6a:29:5c:
56:7d:41:8b:7d:87:91:3d:ff:c6:0c:f1:03:86:28:63:98:59:
c0:03:d3:30:4f:7e:08:e5:ae:16:e9:df:bc:67:66:11:2a:88:
4a:2c:4c:d7:f3:c5:f2:15:c5:d6:7a:2e:21:2c:23:a2:d7:63:
aa:5a:da:6c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxt3hxUJ3VTcww3ovfCVEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMGNjYmE0MDZjMGFkMGM1YmUwMDA3NmQ5OTgwYjM0ODg1
NjlhOGEwHhcNMjUxMTExMDcwMDQwWhcNMjUxMTEyMDcwMDQwWjAzMTEwLwYDVQQD
Eyg0M2Y5NTBmYjY1MTZhMjk2ZmM1NzA4ZGRhMTc5NjE5NWRiNDg1ZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBM+xKGHIAtirAW2rC6MiLvD26q5
HPZXZzEuAGCLgMA6C1Mt+xoghSiaUEtDcDMwSYTfZw/YAjy1cS8ylV1pOYPf5aE3
28QhCATh9fbutc08ARGNXQLr2qDArvXDDJSj5bfnd+zln+fobMrDJiVnIYvP6Y22
WVJZiJNhuFH/QlQ2F/Gcho/6KmXc35nrjOQT0MLiJNStX2RkpLSmsu6wmZdr9Bz8
cp0nbnKx436VzgtzHvPNgtbqSmjtuDN7wcJ49N3srU2MMDb6ysJ/406RVJBMIZ3y
JC2tjkxLfFkUeejujA2+oMi3QzoT5/QvV/ASsQgQx4jx9Zo21C21HTJfYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEP5UPtlFqKW/FcI3aF5YZXbSF1XMB8GA1UdIwQY
MBaAFLIMy6QGwK0MW+AAdtmYCzSIVpqKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQt
N2NhOTNlY2IyMjM0LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83NDNhNTAtZDdmNC00MmQxLWEwOWQtN2NhOTNlY2IyMjM0
LzEvc2d6THBBYkFyUXhiNEFCMjJaZ0xOSWhXbW9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrS5755J
mngew0pPspbato5cb+I1LK/oaF+BrMXE2W8PysJtNKURzTDaKDDEwZAbSIU/F0QU
QvE9NTnWxQHFZkKCKOLU2jFIH5tm2P4qa5lq1fn2AclfHNWgzEyXc/0gTHKSDie1
0G4fXIm4r7kfryDUL0QLly2w1Zz2kzFInlPKIhEgNSnGTzl/iVEqZnQJwK34wwcR
OX+o11xCXZK+TL57whWzATjaUSJ6bejJ0WACvFJsYNpMuHVj6VPXUIkIg77Bailc
Vn1Bi32HkT3/xgzxA4YoY5hZwAPTME9+COWuFunfvGdmESqISixM1/PF8hXF1nou
ISwjotdjqlrabA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:46:46 2025 by rpki-client