Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
File: r5aNFt0rQdNStf0zxJs-xP2tQlg.mft (raw, json)
Hash identifier: djI9BQ9Ow/Hj2L89m1eHhpDt58L71UhDLE6Y2Gqg81Y=
Subject key identifier: E7:E7:F3:2C:4A:5D:6C:B1:73:9E:AA:47:12:4F:9B:72:FB:14:B9:37
Authority key identifier: AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58
Certificate issuer: /CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
Certificate serial: 019A7301797A2BE7EA2A54F5B6C3210172A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
Manifest number: 1030
Signing time: Tue 11 Nov 2025 13:01:07 +0000
Manifest this update: Tue 11 Nov 2025 13:01:07 +0000
Manifest next update: Wed 12 Nov 2025 13:01:07 +0000
Files and hashes: 1: r5aNFt0rQdNStf0zxJs-xP2tQlg.crl (hash: 3mdqTmpGCnXgTjrdoOU9B9ju1bUI+hB3uOfJ3pQleN4=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:01:79:7a:2b:e7:ea:2a:54:f5:b6:c3:21:01:72:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af968d16dd2b41d352b5fd33c49b3ec4fdad4258
Validity
Not Before: Nov 11 13:01:07 2025 GMT
Not After : Nov 12 13:01:07 2025 GMT
Subject: CN=e7e7f32c4a5d6cb1739eaa47124f9b72fb14b937
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:9e:af:1f:70:6b:5b:a9:5c:ee:b0:ee:7d:22:
4c:bd:c7:b3:10:e1:1b:6c:cf:59:97:31:d0:2a:e0:
d8:5e:7c:87:32:42:44:27:18:9e:a4:d5:4a:40:39:
c4:14:a9:31:5a:4a:45:e9:37:4d:05:91:80:f1:a2:
d7:91:85:27:44:9f:a1:d8:8f:e8:56:47:01:ab:ce:
3d:a4:25:31:22:4a:0e:05:26:40:2d:88:8f:2f:3f:
03:c3:12:2f:40:93:bd:01:be:25:f4:5b:81:b6:71:
23:8f:d9:98:60:c7:48:29:6f:0b:ef:2e:2f:f2:f3:
e2:00:10:b8:0c:9b:23:d3:22:40:25:49:4b:00:c0:
49:9a:93:ec:7b:fc:56:e1:04:2a:21:16:49:b5:b4:
15:e1:2e:be:ba:fc:12:5f:2e:a1:81:bd:73:bd:7c:
e9:1b:ec:e7:6e:0a:bc:c3:e7:70:4e:57:ea:68:bf:
4d:da:88:3f:3a:43:a9:b4:91:1e:84:23:15:78:07:
cc:7e:92:ab:db:ac:6b:7b:f5:60:06:07:f5:33:f0:
9f:fe:d1:bc:b1:1c:ff:d2:c0:46:ac:8e:2b:ab:3f:
af:89:ea:08:35:28:b6:89:b4:0c:45:db:1b:53:2f:
53:34:6a:64:7f:31:5b:2b:fc:d4:a3:7a:b5:76:c0:
4c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E7:F3:2C:4A:5D:6C:B1:73:9E:AA:47:12:4F:9B:72:FB:14:B9:37
X509v3 Authority Key Identifier:
keyid:AF:96:8D:16:DD:2B:41:D3:52:B5:FD:33:C4:9B:3E:C4:FD:AD:42:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r5aNFt0rQdNStf0zxJs-xP2tQlg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/be439e-d3c8-48a1-a7b7-c296ec4b2170/1/r5aNFt0rQdNStf0zxJs-xP2tQlg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
9b:75:67:27:1f:4d:28:36:37:fd:8d:b6:08:cd:36:25:ad:f6:
1a:14:48:e6:07:4c:89:5f:e9:12:a5:81:ee:1c:06:c2:f3:7e:
9a:4b:35:8e:0a:7e:fe:55:51:68:4c:27:9f:12:52:a4:87:8f:
a4:9a:c2:18:3f:dd:4e:8c:7a:ff:62:f6:fe:a9:e4:4b:5e:1a:
f0:e4:3c:b6:e8:c2:c7:0b:cd:5d:4a:6a:9f:60:01:aa:ae:65:
13:95:68:88:48:a3:7b:47:7f:74:34:1a:48:a9:03:de:8a:cd:
dc:39:50:87:92:0d:e5:c5:4e:1b:17:82:d2:ab:b6:03:e2:4e:
26:ca:7b:60:72:e5:68:06:8e:56:ec:ba:a6:a3:67:21:e2:6f:
fc:6d:31:7e:77:e9:b3:dc:7f:80:4c:95:d8:49:58:91:64:89:
56:46:b5:68:76:d9:e3:9e:a9:15:68:c0:94:78:80:2a:ff:f6:
15:33:d7:41:4a:0c:50:bf:46:39:a9:81:5d:2e:12:9c:98:20:
96:6c:24:c6:fa:f3:73:e8:76:f8:63:77:54:6b:02:63:9b:71:
80:5a:80:80:d2:33:3c:fa:32:47:ac:0c:26:38:ab:42:cf:38:
cf:06:5d:af:7b:ac:28:a5:1e:83:7e:cc:00:38:f9:02:dd:c7:
84:c6:3a:c7
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpzAXl6K+fqKlT1tsMhAXKiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmOTY4ZDE2ZGQyYjQxZDM1MmI1ZmQzM2M0OWIzZWM0ZmRh
ZDQyNTgwHhcNMjUxMTExMTMwMTA3WhcNMjUxMTEyMTMwMTA3WjAzMTEwLwYDVQQD
EyhlN2U3ZjMyYzRhNWQ2Y2IxNzM5ZWFhNDcxMjRmOWI3MmZiMTRiOTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Z6vH3BrW6lc7rDufSJMvcezEOEb
bM9ZlzHQKuDYXnyHMkJEJxiepNVKQDnEFKkxWkpF6TdNBZGA8aLXkYUnRJ+h2I/o
VkcBq849pCUxIkoOBSZALYiPLz8DwxIvQJO9Ab4l9FuBtnEjj9mYYMdIKW8L7y4v
8vPiABC4DJsj0yJAJUlLAMBJmpPse/xW4QQqIRZJtbQV4S6+uvwSXy6hgb1zvXzp
G+znbgq8w+dwTlfqaL9N2og/OkOptJEehCMVeAfMfpKr26xre/VgBgf1M/Cf/tG8
sRz/0sBGrI4rqz+vieoINSi2ibQMRdsbUy9TNGpkfzFbK/zUo3q1dsBM8QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOfn8yxKXWyxc56qRxJPm3L7FLk3MB8GA1UdIwQY
MBaAFK+WjRbdK0HTUrX9M8SbPsT9rUJYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3Yjct
YzI5NmVjNGIyMTcwLzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9iZTQzOWUtZDNjOC00OGExLWE3YjctYzI5NmVjNGIyMTcw
LzEvcjVhTkZ0MHJRZE5TdGYwenhKcy14UDJ0UWxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAm3VnJx9N
KDY3/Y22CM02Ja32GhRI5gdMiV/pEqWB7hwGwvN+mks1jgp+/lVRaEwnnxJSpIeP
pJrCGD/dTox6/2L2/qnkS14a8OQ8tujCxwvNXUpqn2ABqq5lE5VoiEije0d/dDQa
SKkD3orN3DlQh5IN5cVOGxeC0qu2A+JOJsp7YHLlaAaOVuy6pqNnIeJv/G0xfnfp
s9x/gEyV2ElYkWSJVka1aHbZ456pFWjAlHiAKv/2FTPXQUoMUL9GOamBXS4SnJgg
lmwkxvrzc+h2+GN3VGsCY5txgFqAgNIzPPoyR6wMJjirQs84zwZdr3usKKUeg37M
ADj5At3HhMY6xw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 15:18:55 2025 by rpki-client