Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
File: bLdrU2M4PWjlVeUnClkx2DQOGA0.mft (raw, json)
Hash identifier: fXdLAN5/OW5t/1NR+Ftd/YtyMYf2xIMB0BPbyTctq6Q=
Subject key identifier: 79:FC:4D:0F:B9:BF:77:1A:A9:82:59:31:2F:8B:0D:2D:2F:F4:A6:8A
Authority key identifier: 6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
Certificate issuer: /CN=6cb76b5363383d68e555e5270a5931d8340e180d
Certificate serial: 019A71B85ACF3BA81AB1A3AF3413843F073B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
Manifest number: 0EAC
Signing time: Tue 11 Nov 2025 07:01:38 +0000
Manifest this update: Tue 11 Nov 2025 07:01:38 +0000
Manifest next update: Wed 12 Nov 2025 07:01:38 +0000
Files and hashes: 1: bLdrU2M4PWjlVeUnClkx2DQOGA0.crl (hash: wlLJ+nC6XubmXwt02i1zsHh0/dXV5G4hs8292ulb8f0=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 07:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:b8:5a:cf:3b:a8:1a:b1:a3:af:34:13:84:3f:07:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cb76b5363383d68e555e5270a5931d8340e180d
Validity
Not Before: Nov 11 07:01:38 2025 GMT
Not After : Nov 12 07:01:38 2025 GMT
Subject: CN=79fc4d0fb9bf771aa98259312f8b0d2d2ff4a68a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ac:82:bc:08:f8:d4:07:11:93:36:74:01:74:
ad:d1:76:a9:c1:04:87:df:67:e6:41:1f:cc:e5:fa:
1f:5d:6a:db:51:b6:8e:7f:28:2e:e7:3b:b6:17:8e:
1c:6e:4f:65:86:1a:3a:c5:87:fc:fa:0d:21:d8:30:
e8:c5:6a:55:f5:4c:ae:8c:d5:b7:c8:67:72:4a:bc:
42:0a:92:89:a9:21:99:9a:e0:45:8c:b1:ed:15:b2:
11:f2:be:ae:c9:72:5f:f7:da:bb:24:03:62:46:1a:
e2:12:12:92:7c:fb:a7:79:f1:90:44:47:e5:2e:b1:
c0:cb:1c:6c:5a:1a:cf:90:0a:a8:de:ae:bd:f6:54:
4e:56:c0:f4:1a:fe:83:a2:88:83:a6:f9:7e:bc:c1:
8a:c1:6e:f0:e0:24:44:cc:1c:6e:b8:d4:47:07:da:
8c:6c:02:7e:f8:12:26:d0:5d:49:03:9a:0a:44:2d:
83:5a:e6:0d:4c:07:0f:2f:da:33:f8:ef:49:13:8b:
cf:20:2c:14:3f:a6:e3:11:32:7b:17:1d:87:2c:62:
0e:94:27:95:92:a7:56:03:b9:2b:dc:04:32:68:c1:
14:ef:72:54:7a:ab:e0:ad:a9:58:b2:3a:fa:3b:8c:
dd:dd:ee:84:56:b6:67:06:8b:6f:7e:60:c9:3b:d2:
8f:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:FC:4D:0F:B9:BF:77:1A:A9:82:59:31:2F:8B:0D:2D:2F:F4:A6:8A
X509v3 Authority Key Identifier:
keyid:6C:B7:6B:53:63:38:3D:68:E5:55:E5:27:0A:59:31:D8:34:0E:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bLdrU2M4PWjlVeUnClkx2DQOGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/6de729-8c2d-4e12-87aa-cb4526fb17d0/1/bLdrU2M4PWjlVeUnClkx2DQOGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
34:8b:ea:93:ae:e6:fe:f9:34:ad:ac:60:2d:60:90:07:d5:03:
f2:f8:b9:d4:55:d5:12:9f:3e:8b:76:dd:28:90:f7:b7:38:d6:
ea:0d:8c:97:cd:47:bc:73:81:58:b3:3d:ec:7c:0d:f4:a8:e6:
f7:b3:39:e4:0d:dd:73:ac:e5:56:e3:a0:62:8c:0f:06:8f:d7:
fa:db:f2:03:e4:2d:8f:b5:90:93:a2:f6:a0:1a:70:0b:ff:be:
e5:83:ce:7f:5d:22:6b:c8:e0:9f:c8:83:2c:d4:49:09:5f:7e:
41:79:be:d4:69:0e:73:38:e2:dc:0b:bf:ef:a9:e7:ff:e2:ee:
37:8a:2b:f0:ce:b3:4e:9a:e4:73:4e:8a:cb:1b:7c:d6:15:a8:
38:7a:7b:1e:77:13:41:18:ff:a9:41:98:89:88:16:16:58:85:
b8:84:37:df:24:70:d2:cb:fb:10:e9:ed:3d:2a:c6:48:c4:c6:
a2:2a:1e:ca:e7:32:07:97:b4:b4:93:0e:db:c7:42:0e:61:83:
66:99:26:32:87:a5:bc:91:be:17:ee:0f:00:62:41:12:b0:ad:
f0:de:f8:a1:ae:f8:db:4a:1b:f9:e0:a9:25:2d:c6:d3:02:72:
6a:87:f8:32:e0:9e:e4:66:c2:20:94:0f:b8:21:c5:bb:79:00:
dd:7b:be:0e
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuFrPO6gasaOvNBOEPwc7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjYjc2YjUzNjMzODNkNjhlNTU1ZTUyNzBhNTkzMWQ4MzQw
ZTE4MGQwHhcNMjUxMTExMDcwMTM4WhcNMjUxMTEyMDcwMTM4WjAzMTEwLwYDVQQD
Eyg3OWZjNGQwZmI5YmY3NzFhYTk4MjU5MzEyZjhiMGQyZDJmZjRhNjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqyCvAj41AcRkzZ0AXSt0XapwQSH
32fmQR/M5fofXWrbUbaOfygu5zu2F44cbk9lhho6xYf8+g0h2DDoxWpV9UyujNW3
yGdySrxCCpKJqSGZmuBFjLHtFbIR8r6uyXJf99q7JANiRhriEhKSfPunefGQREfl
LrHAyxxsWhrPkAqo3q699lROVsD0Gv6DooiDpvl+vMGKwW7w4CREzBxuuNRHB9qM
bAJ++BIm0F1JA5oKRC2DWuYNTAcPL9oz+O9JE4vPICwUP6bjETJ7Fx2HLGIOlCeV
kqdWA7kr3AQyaMEU73JUeqvgralYsjr6O4zd3e6EVrZnBotvfmDJO9KPSwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHn8TQ+5v3caqYJZMS+LDS0v9KaKMB8GA1UdIwQY
MBaAFGy3a1NjOD1o5VXlJwpZMdg0DhgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEt
Y2I0NTI2ZmIxN2QwLzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My82ZGU3MjktOGMyZC00ZTEyLTg3YWEtY2I0NTI2ZmIxN2Qw
LzEvYkxkclUyTTRQV2psVmVVbkNsa3gyRFFPR0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANIvqk67m
/vk0raxgLWCQB9UD8vi51FXVEp8+i3bdKJD3tzjW6g2Ml81HvHOBWLM97HwN9Kjm
97M55A3dc6zlVuOgYowPBo/X+tvyA+Qtj7WQk6L2oBpwC/++5YPOf10ia8jgn8iD
LNRJCV9+QXm+1GkOczji3Au/76nn/+LuN4or8M6zTprkc06Kyxt81hWoOHp7HncT
QRj/qUGYiYgWFliFuIQ33yRw0sv7EOntPSrGSMTGoioeyucyB5e0tJMO28dCDmGD
ZpkmMoelvJG+F+4PAGJBErCt8N74oa7420ob+eCpJS3G0wJyaof4MuCe5GbCIJQP
uCHFu3kA3Xu+Dg==
-----END CERTIFICATE-----
Generated at Tue Nov 11 12:52:04 2025 by rpki-client